Indonesia’s Stock Exchange Warns of Systemic Security Gaps as Digital Threats Rise
Key Takeaways
|
JAKARTA, Investortrust.id — The Indonesia Stock Exchange is pressing brokerage firms to modernize their trading systems and strengthen cybersecurity protocols, warning that uneven technology standards across the market have become a growing source of vulnerability. The message, delivered by Broto Endianto, Head of IT Development at the exchange, comes as Indonesia grapples with rising digital threats and seeks to establish a more resilient foundation for its expanding capital market.
Broto said the exchange has committed itself to bolstering investor protection, but he emphasized that the responsibility can no longer rest solely with IDX. Ninety-three brokerage firms operate their own trading applications, infrastructure and security practices, a patchwork that Broto described as increasingly difficult to defend in a world of accelerating cyber risks. “We are committed to protecting our investors” he said at the Investortrust Capital Market Forum 2025. “But we cannot walk alone. Strengthening the system is a major task, and every participant must play a role.”
The exchange has urged brokers to adopt more disciplined maintenance routines, apply consistent software-development standards and treat cybersecurity as a daily operational obligation rather than an occasional intervention. Broto said many firms still operate systems that have not kept pace with the volume of today’s trading activity or the sophistication of recent attacks. “They must ensure that every device they use and every application they run is maintained properly” he said. “This cannot be done only once in a while.”
His remarks came as the government outlined its own expansive vision for the financial sector. Arief Wibisono, Special Advisor to the Minister of Finance for Financial Services and Capital Markets, said Indonesia will need a far deeper and more technologically robust financial system if it hopes to reach its 2045 target of market capitalization equal to one hundred twenty percent of GDP. Today, the ratio stands near fifty percent. “A modern market requires a system capable of supporting long-term growth” he said.
The warnings shared by Broto reflected a broader unease expressed throughout the forum. Several speakers described an ecosystem marked by uneven security standards and fragile connective tissue, where weaknesses in a single brokerage system can ripple across the market. Lily Widjaja, Executive Director of the Indonesian Securities Companies Association, said many brokerage firms lack the capital to build adequate defenses and often operate at risk by relying on outdated or lightly protected applications. “Strong technology is not cheap” she said. “We cannot expect brokers with small capital bases to match the standards of banks. The ecosystem needs shared solutions.”
That vulnerability has been laid bare in recent fraud cases that, according to market experts, did not require breaching IDX or OJK’s core infrastructure. Shuvam Misra, a veteran technologist whose systems underpin major components of India’s capital-market plumbing, said the attacks exploited gaps in broker applications and investor interfaces rather than the central trading engine. “These cases happened without breaching the core infrastructure” he said. “They exploited the wider ecosystem. That shows where work must be done.”
Industry participants repeatedly invoked India as a reference point. Sundararaman Ramamurthy, Chief Executive of the Bombay Stock Exchange, said India’s rapid expansion to more than two hundred million retail investors was possible only because of strict security standards and digital systems that allowed new investors to participate safely. “Technology must protect investors as much as it empowers them” he said.
Robust infrastructure will also be essential to draw global institutional capital. Kartika Sutandi of Jarvis Asset Management said foreign asset managers evaluate not only liquidity and regulatory clarity but also the reliability of the systems running beneath the market. “Active managers look for liquidity and reliability” she said. “The quality of our systems influences that.”
For Primus Dorimulu, Chief Executive of Investortrust, the debate over cybersecurity touches directly on Indonesia’s broader economic ambitions. He argued that the country cannot reach its goal of eight percent annual growth without a strong, technologically secure capital market capable of mobilizing investment at scale. “If Indonesia wants to move forward, the capital market must be strengthened” he said. “Security is part of that strength.”
Broto’s comments ultimately placed the spotlight on Indonesia’s fragmented technological landscape and the challenge of maintaining market integrity when each brokerage builds and manages its own systems. The exchange can upgrade its core infrastructure, he said, but the market remains exposed if a single member firm fails to meet minimum standards.
“We must improve our rescue engine” Broto said. “But every member must ensure their applications and systems meet the standards needed to protect this market. Only then can our infrastructure truly be reliable.”
In a market aspiring to become one of Asia’s most dynamic financial centers, Broto’s message was unmistakable. A resilient capital market cannot be built at the core alone. It must be reinforced at every connection point—one broker, one application, one line of code at a time.