Indonesia 2026: Permenkum No.49 & Law No.1/2026, Corporate Administration, Compliance & M&A Checklist

Two regulatory instruments are reshaping corporate administration in Indonesia in 2026, and every company with an Indonesian entity, whether a domestic PT, a publicly listed Tbk or a foreign-owned PMA, needs to act now. Permenkum No.49/2025 (Minister of Law and Human Rights Regulation No. 49 of 2025) overhauls how limited liability companies maintain registers, file annual reports and evidence beneficial ownership through the SABH online system. Separately, Law No.1 of 2026 (Undang-Undang No. 1 Tahun 2026) recalibrates Indonesia’s criminal-law framework, broadening corporate culpability and raising the stakes for directors, commissioners and compliance officers who fail to maintain accurate corporate records. Together, these instruments demand immediate changes to day-to-day governance, M&A transaction processes and insurance-sector compliance workflows.

This guide is written for in-house counsel, M&A deal teams, insurers and external corporate advisers who need a practical, step-by-step implementation roadmap rather than a high-level summary. Below is the five-step quick-reference checklist, each item is unpacked in detail in the sections that follow:

1. Audit and certify your shareholder register, directors/commissioners list and articles of association (AOI) data within 30 days.
2. Collect, verify and file beneficial-ownership evidence for every holder above the control/ownership threshold.
3. Map your entity’s exposure under Law No.1/2026’s expanded corporate criminal liability provisions.
4. Update M&A due diligence scopes, warranty schedules and closing-deliverable lists to address both instruments.
5. For regulated entities (insurers, banks, finance companies): reconcile licensing records, policyholder data and OJK submissions with the new administrative requirements.

1. What Permenkum No.49/2025 Changes, Immediate Company Actions

Permenkum No.49/2025 replaces and consolidates earlier ministerial regulations governing the administrative life-cycle of limited liability companies (Perseroan Terbatas). The regulation tightens the standards for corporate data accuracy, mandates digital submissions through the Legal Entity Administration System (SABH), and imposes a more rigorous sequence for recording changes to company data, from amendments to the AOI through to annual reporting.

Summary of Core Obligations

The regulation’s key requirements can be grouped into four pillars that directly affect corporate administration in Indonesia:

• Company data accuracy. Every PT must ensure that its registered data, legal name, domicile, authorised and issued capital, shareholding structure, and board composition, matches the information held in the SABH. Discrepancies must be corrected by filing an updated notarial deed and obtaining fresh ministerial approval or acknowledgement, depending on the type of change.
• Annual report submission. Companies are required to submit annual reports to the Ministry of Law through the SABH portal within a prescribed period following each financial year-end. The report must include confirmation that the company’s general meeting of shareholders (GMS/RUPS) has been validly convened and that the financial statements have been approved.
• Prescribed sequence of filings. Permenkum No.49 establishes a mandatory order for processing certain corporate actions. AOI amendments that require ministerial approval must be filed and approved before related company-data changes (such as a new board composition flowing from a capital restructuring) can be recorded. Filing out of sequence may result in rejection.
• Supporting documents and beneficial-ownership evidence. The regulation expands the list of supporting documents that must accompany filings, including identification documents for shareholders and beneficial owners, share transfer deeds, powers of attorney and, for foreign shareholders, legalised or apostilled corporate documents.

Step-by-Step Corporate Administration Checklist (30 / 60 / 90 Days)

Industry observers expect that companies treating this as a simple paperwork exercise will encounter rejected filings and potential regulatory scrutiny. The following timeline provides a structured approach:

• Within 30 days, Audit phase. Pull certified copies of the current SABH extract for each entity. Compare against the most recent notarial deed, board resolutions and share register. Flag every discrepancy in a tracker spreadsheet.
• Days 31–60, Remediation phase. Instruct the company notary to prepare corrective deeds where data mismatches exist. Gather all missing supporting documents (BO evidence, legalised foreign documents, updated KTP/passport copies for directors and shareholders). Submit corrective filings through SABH in the correct sequence.
• Days 61–90, Confirmation and embedding phase. Confirm that ministerial approvals or acknowledgements have been received for all corrective filings. Update internal registers and board packs. Embed a recurring quarterly review cycle so that the corporate secretary or general counsel verifies SABH data against internal records before the next annual report deadline.

For a broader perspective on how global corporate law trends are driving similar compliance tightening across jurisdictions, see our dedicated overview.

2. Beneficial Ownership in Indonesia, Documenting and Verifying Control

Beneficial ownership disclosure has moved to the centre of corporate administration in Indonesia. Under Permenkum No.49/2025, beneficial-ownership data is no longer a “nice to have” annex, it is a mandatory component of the filing package for new incorporations, share transfers and annual reports.

Typical BO Evidence by Ownership Structure

The type and depth of evidence required varies depending on the complexity of the ownership chain. The table below summarises the expected documentation for three common structures:

Additional supporting documents that strengthen a BO filing include certified copies of trust instruments, shareholders’ agreements containing control provisions, voting agreements and any side letters that confer economic or governance rights disproportionate to shareholding.

When to Escalate to Forensic Review

Not every beneficial-ownership question can be resolved through document collection alone. The following triggers should prompt escalation to external counsel or a forensic due diligence provider:

• The ultimate beneficial owner cannot be identified after tracing two or more tiers of corporate holding.
• Nominee or trust arrangements exist without clear, documented underlying principals.
• Conflicting documents, for example, a shareholders’ agreement that allocates control differently from the share register, cannot be reconciled internally.
• A shareholder or director refuses to provide identification or supporting evidence within a reasonable timeframe.
• The company is the subject of a pending M&A transaction, regulatory investigation or licensing renewal, where incomplete BO evidence could delay or block the process.

For further context on what corporate services entail and how they support BO compliance, see our practical explainer.

3. Law No.1/2026, Corporate Criminal Liability, Penalties & Board Exposure

Law No.1 of 2026 introduces significant changes to Indonesia’s criminal-law architecture. For the corporate-administration community, the most consequential reform is the broadening of corporate criminal liability in Indonesia. Under the new framework, a company can be held criminally liable where an offence is committed by, for, or on behalf of the corporate entity, and where the company’s internal controls, policies or oversight were inadequate to prevent it.

The likely practical effect is that boards and senior officers face greater personal exposure. Sanctions available to courts now include enhanced monetary penalties against the corporate entity, disgorgement of proceeds, and, in serious cases, restrictions on business activities or dissolution. Individual officers may face custodial penalties where their personal involvement or gross negligence is established. The interplay with Permenkum No.49’s record-keeping requirements is direct: failure to maintain accurate registers and BO evidence could be cited as evidence of inadequate internal controls in a criminal proceeding.

Practical Board-Level Mitigations

Boards and commissioners should treat Indonesian corporate governance enhancements not as aspirational best practice but as a defensive necessity. The following mitigations directly reduce exposure under the new regime:

1. Adopt a written BO verification and record-accuracy policy, board-approved, with named responsible officers and defined review cycles.
2. Implement an incident-escalation protocol, any suspected inaccuracy in corporate data, BO records or regulatory filings must be escalated to the general counsel and, if material, to the board within a defined timeframe.
3. Enable a confidential internal reporting channel, employees and officers must be able to report concerns about data integrity, potential fraud or regulatory non-compliance without retaliation.
4. Conduct annual compliance audits, engage internal audit or an external adviser to verify that SABH records, notarial deeds and BO evidence remain accurate and complete.
5. Document board deliberations, ensure that board and commissioner meeting minutes record discussions of compliance risks, remedial actions taken and decisions on resource allocation for governance functions.

For a deeper exploration of governance challenges, including how other jurisdictions are addressing similar issues, see our analysis of the challenges facing corporate governance globally.

Insurance Considerations (D&O, PI and Transactional Indemnities)

Early indications suggest that the expanded criminal-liability framework will have a direct impact on insurance compliance in Indonesia. Directors’ and officers’ (D&O) insurance policies should be reviewed to confirm that coverage extends to defence costs arising from regulatory investigations linked to administrative non-compliance. Professional indemnity (PI) policies for external advisers, notaries, corporate secretaries and law firms, may also need to be adjusted. In M&A contexts, transactional indemnity insurance (warranty & indemnity cover) should be scoped to include breaches of representations relating to Permenkum No.49 compliance and BO accuracy.

4. M&A Due Diligence, Warranties & Closing Deliverables, Practical Checklist for Corporate Administration in Indonesia

The combined effect of Permenkum 49 and Law No.1/2026 is to raise the bar for M&A due diligence in Indonesia. Transaction teams that rely on pre-2025 DD scopes risk missing material compliance gaps that could crystallise into post-closing liabilities or, in the worst case, criminal exposure for incoming directors.

For Buyers, Enhanced DD Scope and Templates

Buyers should add the following items to their standard Indonesian DD request list:

• SABH extract (current). Obtain a fresh extract from the SABH system and compare it against the target’s internal shareholder register, latest notarial deed and board composition records.
• BO evidence package. Request the target’s complete beneficial-ownership file, including KTP/passport copies, chain-of-ownership charts, trust documents and any nominee arrangements. Verify that the evidence meets the standards set out in Permenkum No.49.
• Filing sequence audit. Review the chronological sequence of all AOI amendments and company-data changes filed in the preceding three years. Identify any filings that may have been submitted out of the required order.
• Annual report compliance. Confirm that the target has submitted annual reports to the Ministry of Law for each financial year as required, and that AGM/RUPS minutes supporting those reports are on file.
• Criminal-liability risk assessment. Assess whether the target has adopted the governance mitigations recommended above. The absence of a written BO policy, internal reporting channel or compliance audit trail is a material red flag under the new framework.

For Sellers, Remedial Steps Pre-Sale

Sellers who address compliance gaps before launching a sale process will achieve cleaner DD reports, faster deal timelines and stronger negotiating positions on indemnity caps. Priority remedial steps include:

• Complete the 30/60/90-day audit-and-remediation cycle described in Section 1 before the data room opens.
• Obtain a notarial certificate confirming that all AOI amendments have been filed and acknowledged in the correct sequence.
• Prepare a BO evidence binder, indexed and cross-referenced to the shareholder register, ready for buyer review.
• Adopt (or update) the board-level governance mitigations from Section 3 and document the adoption in board minutes.

Understanding why disclosure letters are crucial in M&A deals is also essential, sellers should use the disclosure letter to flag any residual Permenkum compliance gaps that remain at signing.

Sample Warranty Wording and Escrow/Indemnity Approach

Transaction lawyers should consider including specific warranties that address the new regulatory landscape. A model warranty clause might read:

“The Company has complied in all material respects with the requirements of Permenkum No.49/2025, including without limitation the maintenance of accurate shareholder registers, the timely submission of annual reports through SABH, the collection and verification of beneficial-ownership evidence, and the filing of AOI amendments and company-data changes in the sequence prescribed by the regulation.”

Where the seller cannot give this warranty unqualified, the buyer should negotiate a specific indemnity, ideally backed by an escrow holdback, covering losses arising from administrative non-compliance discovered post-closing. Industry observers expect that W&I insurers will begin requiring confirmatory DD on Permenkum compliance as a condition of cover for Indonesian targets.

5. Insurance Sector & Regulated Entities, Extra Steps and Examples

Insurers, banks and other OJK-regulated entities face a double compliance burden: they must satisfy both Permenkum No.49’s general corporate-administration requirements and their sector-specific licensing and reporting obligations. For the insurance industry in particular, insurance compliance in Indonesia now requires closer coordination between the corporate secretary function (responsible for SABH filings and BO evidence) and the compliance/legal function (responsible for OJK licensing conditions and policyholder data governance).

Example Case, Insurer Acquiring or Investing in a PT with Complex Shareholding

Consider an Indonesian insurer acquiring a minority stake in a technology PT held through a three-tier corporate chain involving a Singapore holding company and a Cayman Islands fund vehicle. Under the new framework, the insurer-buyer must:

• Trace and document the BO chain from the fund vehicle’s limited partners through to the ultimate individual beneficial owners, a process that may require cooperation from the fund manager and legal opinions from offshore counsel.
• Verify that the target PT’s SABH records accurately reflect the incoming shareholder structure before the share transfer deed is executed, filing a transfer against inaccurate base data risks rejection.
• Confirm that the insurer’s own OJK investment-approval conditions are satisfied and that the acquisition does not trigger a change-of-control notification at the regulator level.
• Update the insurer’s own BO registers and internal records to reflect the new investment, and ensure that the next annual report to the Ministry of Law captures the change.

The OJK’s Indonesia Corporate Governance Manual provides additional guidance on governance expectations for regulated entities navigating complex ownership structures.

6. Implementation Checklist: Registers, Minutes, Filings and Who Signs What

A successful implementation programme requires clear ownership of each task. The checklist below assigns responsibility and sets escalation triggers.

Template Titles and Required Signatures

• Shareholder register reconciliation report, prepared by: corporate secretary; reviewed and signed by: a director; escalation trigger: any unresolved discrepancy after 14 days.
• BO evidence binder (indexed), prepared by: corporate secretary with legal counsel input; certified by: external notary (where required); escalation trigger: missing BO evidence for any holder above the threshold.
• Board resolution adopting BO verification policy, drafted by: general counsel; signed by: president director and president commissioner; escalation trigger: failure to adopt within 30 days of programme launch.
• SABH corrective filing package, prepared by: company notary; submitted by: authorised SABH user (typically the notary); escalation trigger: rejection by the Ministry.
• Annual report submission confirmation, prepared by: corporate secretary; signed by: a director; escalation trigger: missed filing deadline.

Record Retention and Evidence Storage Best Practices

All corporate-administration records, notarial deeds, SABH extracts, BO evidence, board minutes and filing confirmations, should be retained for a minimum period consistent with the applicable statute of limitations for corporate and criminal proceedings. Store originals in a secure physical location and maintain verified digital copies in an access-controlled document management system. Assign a named records custodian and conduct an annual retention review. For guidance on structuring corporate support functions, see our overview of international commercial best practices.

7. Comparison Table: Obligations by Entity Type

Conclusion, Embedding Compliance into Business as Usual

The convergence of Permenkum No.49/2025 and Law No.1/2026 marks a turning point for corporate administration in Indonesia. Companies that treat these reforms as a one-off filing exercise will find themselves exposed, to rejected filings, stalled transactions and, under the new criminal-law framework, potential personal liability for directors and commissioners. The organisations that will navigate this landscape successfully are those embedding compliance into their governance DNA: quarterly register reconciliations, standing BO verification protocols, and transaction-ready documentation maintained as standard practice.

Whether you are a company secretary preparing for your next annual report, a buyer launching DD on an Indonesian target, or an insurer reviewing your portfolio’s administrative health, the checklists and frameworks in this guide provide a concrete starting point. For tailored advice on your specific structure, consult a qualified Indonesian corporate lawyer through the Global Law Experts lawyer directory.

Sources

1. Ministry of Law and Human Rights (Kemenkumham), JDIH
2. Peraturan.go.id, Official Legislation Repository
3. PwC Indonesia, Legal Alert No.49
4. EY Indonesia, Regulatory Alert (Permenkum 49 Coverage)
5. Budiarto Law Partnership, Streamlining Corporate Administration Under the New Regulation
6. OJK, The Indonesia Corporate Governance Manual (First Edition)