<![CDATA[Personal data protection currently has a significant impact on the development of the digital economy in every country in the world, including Indonesia, especially in the financial industry. The Indonesian Financial Services Authority or Financial Services Authority (OJK) is the authorized body tasked with protecting financial services customers. However, OJK's regulations, roles and functions are limited and varied and seem ambiguous in protecting customer data. Even though various laws, policies and guidelines have been enforced, leakage or theft of financing customer data still occurs. This study uses a normative legal method with a statutory approach. Data was collected by studying literature in the form of legal rules and regulations, articles and studies related to the research focus. This article concludes that the OJK has not been able to overcome the increasing cases of personal data breaches and has not been able to protect the personal data of its customers. As such, this article aims to analyze the OJK’s role and function in protecting and maintaining the confidentiality of the customers' data. Furthermore, there will be an analysis of dispute resolution mechanisms in personal data leakages due to the lack of knowledge and references regarding the litigation process and its consequences, it is tough to assess the efficiency of the legal actions taken by the financial institution to establish a balance between the use of personal data and the rights of individuals to privacy. This study uses a normative juridical method with a statutory approach and utilizes a literature study. As a result of this analysis and evaluation, it recommends that the Regulation of OJK No. 77/POJK.01/2016 be revised because it is no longer compatible with current financial technology development. ]]>
