Security & Risk Control

Technology &
Risk Management

Sanders integrates advanced technology and deep data intelligence to secure your transactions, protect sensitive information, and actively mitigate credit risks across our ecosystem.

Risk Disclaimer

Information Technology-Based Borrowing and Lending Services are civil agreements between Lenders and Borrowers, so that all risks arising from these agreements are borne entirely by each party.

Credit risk or default is fully borne by the Lender. No state institution or authority is responsible for this default risk.

Lenders who do not have knowledge and experience in borrowing and lending are advised not to use this service.

Certifications & Compliance

Our technological infrastructure is built on the highest national and international security standards to ensure complete regulatory compliance.

ISO 27001

ISO 27001:2013

Certified international standard for information security management systems (ISMS).

Komdigi

Registered PSE

Registered Electronic System Operator (PSE) under the Ministry of Communication and Digital Affairs.

AFPI

AFPI Member

Full member complying with the Indonesian Joint Funding Fintech Association (AFPI) code of conduct.

Digisign
Xignature

Digital Signature

Secure, legally binding electronic signatures powered by certified registration authorities.

5+
Years Operating
3
Security Standards
100%
Compliance Rate
Top 5
AFPI Standing

Credit Risk Mitigation Flow

We implement a rigorous Double-Layer Credit Assessment framework to minimize credit defaults (NPL) and maintain an industry-leading 90-Day Success Rate (TKB90).

Step 01

Biometric e-KYC

Step 02

Data Validation

Step 03

Credit Scoring

Step 04 (Core)

AI Decision Engine

Step 05

Active Monitoring

99.8%
Decision Accuracy
0.1%
Fraud Prevention
24/7
Real-time Monitoring

Performance & System Health

Monitor our risk management effectiveness and system reliability in real-time.

90-Day Success Rate (TKB90)

TKB90 measures the success rate of loan settlements within 90 days of maturity. A higher percentage indicates stronger repayment reliability.

Regulatory Tolerance Limit
Current Status
0.00%
High Reliability
System Availability

99.99%

Enterprise-grade infrastructure ensuring continuous uptime and seamless service operations.

System HealthExcellent

Multi-Layer Security Stack

Our advanced, layered security architecture safeguards your transactions and data at every touchpoint.

Application Security

Web and mobile interfaces protected by Web Application Firewalls (WAF), active DDoS protection, and SSL/TLS encryption.

Risk Intelligence Engine

AI-driven credit scoring models, real-time identity verification, and advanced behavior analytics.

Data Protection & Privacy

AES-256 encryption at rest, secure key management lifecycle, and strict logical data isolation.

Compliance & Auditability

Immutable audit trails for all operations, alignment with ISO 27001, and automated regulatory reporting.

Risk Governance Framework

Our comprehensive control framework ensures operational resilience and robust compliance.

Preventive Controls

  • Strict identity & access management
  • Pre-disbursement automated verification
  • Secure software development life cycle (SSDLC)

Detective Controls

  • 24/7 Security operations (SIEM)
  • Automated anomaly & threat alerts
  • Regular third-party penetration testing

Corrective Controls

  • Rapid incident response playbooks
  • Regular disaster recovery simulation
  • Automated system rollback mechanisms

Regulatory Framework

Precise, Measured, Supervised

PT Satustop Finansial Solusi ("SANDERS") is registered and licensed by the Financial Services Authority ("OJK") as an Information Technology-Based Co-Funding Services (LPBBTI) Provider with Business License Number KEP-40/D.05/2021 dated May 11, 2021, such that the conduct of its business activities is strictly supervised by OJK in accordance with Financial Services Authority Regulation Number 10/POJK.05/2022 concerning Information Technology-Based Co-Funding Services (LPBBTI).

SandersOJK Disclosure
01

This Information Technology-Based Co-Funding Service (LPBBTI) constitutes a civil agreement and consensus between the Lender and the Borrower, such that all risks shall be borne by each respective party.

02

Credit risk or default and all losses arising from or related to the borrowing and lending agreement shall be borne entirely by the Lender. No state institution or authority is responsible for such default risk and losses except through insurance coverage in accordance with applicable terms and conditions.

03

The Provider, with the consent of each respective User (Lender and/or Borrower), accesses, obtains, stores, manages, and/or uses User personal data ("Data Utilization") on or within physical objects, electronic devices (including smartphones or mobile phones), hardware or software, electronic documents, applications, or electronic systems owned or controlled by the User, by informing the purpose, limits, and mechanisms of such Data Utilization to the relevant User prior to obtaining the required consent.

04

Lenders who do not yet have sufficient knowledge and experience regarding this co-funding service are advised not to use this co-funding service.

05

Before using this service, Borrowers must consider the loan interest rate as well as other associated fees in accordance with their ability to repay the loan.

06

Any fraudulent acts are digitally recorded in cyberspace, may become known to the wider public on social media, and can serve as valid legal evidence according to laws and regulations concerning electronic information and transactions in dispute resolution and law enforcement processes.

07

Members of the public using this service must read and understand all information regarding this service before deciding to become a Lender or Borrower. A User's decision to utilize this Service constitutes proof and acknowledgment of understanding such information.

08

The Government, in this case the Financial Services Authority, is not responsible for any violations or non-compliance committed by Users, whether Lenders or Borrowers (due to intentional wrongdoing or negligence), against statutory regulations or agreements between the Provider and the Lender and/or Borrower.

09

Users agree that borrower credit records will be reported periodically to the Financial Services Authority and/or the Joint Funding Fintech Association (AFPI) for the purposes of the Fintech Lending Data Center (Fintech Data Center), which will be shared among providers, national banking industry actors, and other financial industry participants.

10

Every borrowing and lending transaction, activity, or execution of an agreement between or involving the Provider, Lenders, and/or Borrowers must be conducted through escrow accounts and virtual accounts as mandated under Financial Services Authority Regulation Number 10/POJK.05/2022 concerning Information Technology-Based Co-Funding Services (LPBBTI), and any violation or non-compliance with these provisions constitutes evidence of unlawful acts committed by the Provider, such that the Provider shall be obligated to indemnify any losses suffered by respective Users as a direct consequence of the aforementioned unlawful acts without prejudice to the rights of the injured Users under the Civil Code.

Attention: Financing Risk

This information technology-based financing service involves risks. Make sure you read and understand the terms and conditions before making a financial decision.

Learn Our Technology & Risk