Mandatory Legal Audit is Set to Shake Business Practice

In late July 2024, the Indonesian government released a draft Presidential Regulation on Legal Compliance in the Formation and Implementation of Law (“Draft Regulation”). The Draft Regulation is a reflection of the government’s effort to ensure effective implementation and compliance of laws by legal entities (badan hukum), business entities (badan usaha), and public institutions (badan publik) in fulfilling their legal obligations. The National Legal Development Body (Badan Pembinaan Hukum Nasional or BPHN) explained the rationale behind this effort, stating that “this Draft Regulation is designed to address gaps in legal compliance regulation that have not been covered by other ministries or agencies.”

To this effect, one key aspect of the Draft Regulation is the introduction of mandatory annual legal audits for businesses, legal entities, and public institutions as part of the framework aimed at enhancing legal awareness and compliance. The purpose of the annual audit is to evidence the compliance of legal entities, business entities, and public institutions with the laws and good governance practices. The audit process will involve the appointment of a certified auditor, who will identify and analyse issues, perform a legal analysis, and evaluate compliance. At the end of the audit, the auditor will issue an opinion that includes recommendations for corrective actions. Entities will be responsible for implementing these recommendations to ensure full compliance with the laws and regulations.

Although the Draft Regulation has not yet been enacted, we believe it is important to provide an overview now, given its potential impact.

Mandatory Audit

The key obligation under the Draft Regulation is that a business entity, legal entity, or public institution must conduct an audit annually. The Draft Regulation defines a ‘business entity or legal entity’ broadly, and it includes both corporate and unincorporated entities that conduct any form of business activities in Indonesia. On the other hand, the term ‘public institution’ covers the executive branch of the government under the President and any non-government organisations that are funded by the state or regional budget.

1. Legal and business entities

   With respect to the audit for a business entity or legal entity, such business entity or legal entity must appoint a certified legal auditor to assess the legality and compliance of its business activities with existing laws and regulations. A legal auditor, by definition, is a specialised professional certified by the Minister of Law and Human Rights (“Minister”) to perform an audit involving the following process:

   1. The identification of the objectives of the audit and the appropriate planning of the audit;

   2. The confirmation of the objectives and planning of the audit by collecting relevant data and information;

   3. The assessment and analysis of the collected data and information; and

   4. The preparation of the audit report and submission of the audit’s results.

   If a business entity or legal entity does not conduct an annual audit, the Minister may appoint a legal auditor to carry out the audit. Moreover, if the audit results in recommendations, the business or legal entity must address such recommendations, and failure to do so will result in sanctions.

   By the end of each year, the audit report and the remedial actions taken by the business or legal entity in accordance with the report must be reported to the Minister, other relevant ministries responsible for their specific business area, and the regional authorities managing business licensing and government affairs.

2. Public institutions

   Unlike business or legal entities, which are audited by certified legal auditors, public institutions are audited by legal analysts. Legal analysts are civil servants who are responsible and authorised to conduct a legal analysis and evaluation on public institutions to ensure that these institutions comply with legal norms and effectively implement the laws and regulations.

   In this case, the audit findings will consist of actionable opinions and recommendations that the public institution must comply with. The Minister is responsible for monitoring the follow-up actions taken by the public institution, ensuring that issues identified in the audit are addressed. Failure to do so will result in sanctions.

3. Timing

   With respect to the timing of the audit, the current Draft Regulation has not made it clear. Nonetheless, the result of the audit, as well as the remedial actions to the findings of the audit, must be reported to the Minister by the end of the year.

Role of the Minister

Other than receiving and monitoring the audit reports submitted to it, the Minister also plays a crucial role in monitoring and supporting the legal auditor profession by:

1. Developing regulations and policies to enhance professional competence of legal auditors through training, education, and other activities;

2. Establishing rules that define the roles and responsibilities of legal auditors; and

3. Evaluating service standards in line with legal regulations and policies. This includes registering and accrediting training institutions, certifying individual auditors, accrediting legal audit firms, and issuing operational licenses for these firms, or recommending the establishment of a certification body for the legal auditor profession.

The Minister also provides accreditation for legal auditor institutions to ensure compliance and maintain service standard. There are three levels of accreditation:

1. Accreditation A is awarded to institutions demonstrating exceptional quality and full compliance with established standards, recognising their outstanding performance;

2. Accreditation B is awarded to institutions with good quality but requiring improvements in certain areas to meet higher standards; and

3. Accreditation C is awarded to institutions needing significant improvements, where substantial corrective actions are necessary to align with the required standards.

Key Takeaways

By mandating annual audits for every business, legal entity, and public institution, the Draft Regulation is a bold step towards enhancing compliance and strengthening regulatory enforcement. To meet these ambitious goals, the Minister will need substantial resources. On the other hand, an understanding of the new audit requirement is crucial for business entities, legal entities, and public institutions to ensure compliance with existing laws and avoid possible sanctions.

As the Draft Regulation undergoes revisions, it is essential for business entities, legal entities, and public institutions to stay informed and prepare for its eventual enforcement. We advise clients to enhance their compliance efforts, particularly regarding their current activities, in anticipation of the Draft Regulation. While the exact scope of the audit is still unclear, clients should begin strengthening their compliance practices now.

If you have any queries on the above, please feel free to contact our team members below who will be happy to assist.