<![CDATA[As financial institutions, banks are required to have customer data protection mechanisms. This is for the sake of the banking busines’ continuity that is being undertaken. The sustainability of a bank's business is largely determined by the trust of the customers to save funds and use bank services. The customer data protection mechanism is one of a risk management form that is primarily aimed at protecting customer personal data, which is useful for preventing the risk of misuse of bank customer data by irresponsible persons. This study aims to discuss the provisions regarding the protection of customer data by banks in Indonesia in order to prevent banking crimes, especially embezzlement of customer funds. In order to conduct this study's normative legal research, secondary data sources were examined by collecting legal materials by means of a literature search supported by interviews. Based on the results of the research, it was found that although banks have their own protection mechanisms following the provisions stipulated by the Financial Services Authority (OJK) and Bank Indonesia (BI) as part of risk management, each bank has a system that is not necessarily the same as other banks. By reviewing the implementation of PT. Bank X and PT. Bank Y, Banks in general have an IT system to store customer data which can only be accessed by certain bank employees with an interest, and the opening of this data can be done in accordance with banking regulations. For fraud prevention mechanisms, banks enforce various kinds of internal and external protection in accordance with OJK and BI regulations.]]>
