Obligations of Electronic Commerce Operators to Provide Periodic Data to the Central Statistics Agency

Explore the obligations of electronic commerce operators in providing regular data submissions to Central Statistics Agency (BPS) under the BPS Regulation No. 4/2023, which focuses on the compliance and risks faced by businesses operating in the electronic commerce sector, including recommended steps to ensure adherence to the regulations in mitigating legal risks and building consumer trust in the electronic commerce market.

The Central Statistics Agency (“BPS”) has recently issued BPS Regulation No. 4 of 2023 concerning the Submission and Management of Data and/or Information on Trade through Electronic Systems (“BPS Regulation No. 4/2023”) on March 9, 2023. BPS Regulation No. 4/2023 is a new regulation issued by BPS to implement the provisions of Article 21 paragraph 4 of Government Regulation No. 80 of 2019 concerning Trade through Electronic Systems. This regulation focuses on the risks and compliance that companies with electronic commerce business models (“PMSE”) must adhere to.

BPS Regulation No. 4/2023 applies in relation to several relevant laws and regulations, including:

1. Law No. 16 of 1997 on Statistics;
2. Law No. 7 of 2014 on Trade;
3. Law No. 27 of 2022 on Personal Data Protection (“Data Protection Law”);
4. Government Regulation No. 51 of 1999 on Statistics;
5. Government Regulation No. 80 of 2019 on Trade through Electronic Systems (“PP No. 80/2019”); and
6. Presidential Regulation No. 86 of 2007 on the Central Statistics Agency.

BPS Regulation No. 4/2023 obliges electronic commerce operators (“PPMSE”) to submit data and/or information through the portal provided by BPS. This is based on the mandate given by PP No. 80/2019 to BPS as the institution responsible for recording online transactions.

To fulfill the obligation of submitting data and/or information online, PPMSE needs to access the portal provided by BPS to create an account and obtain information related to the data and/or information that must be submitted according to their business activities, including general company information, workforce, income and expenses, product categories, regional categories, transactions, payment methods, and the number of sellers and buyers. The technical instructions and details of the data and/or information are determined by the decision of the Head of BPS. The received data and/or information by BPS can only be used for statistical purposes.

BPS is authorized to add and/or modify the requested data and/or information from PPMSE according to the needs of the data and/or information. If the type of data and/or information submitted by PPMSE is deemed insufficient by BPS, BPS may request clarification to further clarify the data.

Risks and Compliance

With the issuance of BPS Regulation No. 4/2023, every company with a PMSE business model needs to comply with the obligation to submit data. Compliance with this regulation is crucial to avoid legal risks and administrative sanctions.

Some compliance risks that PPMSE companies may face are as follows:

1. failure to provide periodic data: PPMSE is required to provide their trade data and/or information to BPS periodically according to the established schedule. If a company fails to fulfill this obligation, BPS can report the deficiency to the Ministry of Trade and impose administrative sanctions;
2. non-compliance with technical requirements and data details: PPMSE must ensure that the data they submit to BPS complies with the technical requirements stipulated in this regulation. If a company fails to comply with these requirements, BPS may reject the submitted data or consider it invalid; and
3. failure to protect personal data: PPMSE must ensure that the personal data they collect or that is related to PMSE transactions is protected in accordance with the provisions of Data Protection Law. Violations of personal data protection can result in serious sanctions.

Sanctions

This regulation provides an opportunity for BPS to report non-compliant PPMSE to the Ministry of Trade. The Ministry of Trade can impose administrative sanctions for such violations. Administrative sanctions can include warnings, fines, revocation of permits, or other actions determined by the Ministry of Trade.


Steps to be Taken

It is crucial for PPMSE companies to pay serious attention to these provisions to avoid administrative sanctions and potential legal risks that may arise in the future due to non-compliance. Some steps that can be taken to ensure compliance with BPS Regulation No. 4/2023 include:

1. reviewing and understanding each provision stated in this regulation to ensure full compliance. This includes understanding the data submission procedures, technical standards to be met, personal data protection, and others;
2. developing internal policies that align with this regulation and communicating them to all employees and relevant parties. Additionally, companies should establish clear and structured procedures for managing PMSE data and information;
3. ensuring that the electronic systems used for data submission and management meet the technical standards specified in this regulation. This may include using appropriate file formats, ensuring system security, and protecting data appropriately; and
4. prioritizing consumer interests in every aspect of their electronic trade. This includes protecting consumers' personal data and ensuring the reliability and integrity of the data submitted to BPS.

By following these steps, PPMSE companies can ensure compliance with this regulation, avoid administrative sanctions and potential legal risks resulting from violations. Additionally, by conducting business in accordance with applicable rules, companies can build customer trust and strengthen their position in the electronic commerce market.