Indonesia’s Finance Ministry sees digital transformation as never-ending story

Digital transformation in government is often described as a technology project, involving building new applications or migrating services to the cloud. 

For the Indonesian Ministry of Finance’s Financial Technology, Information and Intelligence Agency (BATII)’s Head of Infrastructure, Services and Information Security, Ircham Habib, it was something more. 

“Digital transformation was a never-ending story: and the real challenge went far beyond the technology itself,” he said.  

The larger task was bringing together business processes, workplace culture, and digital security into one coordinated effort. 

While delivering a keynote speech in Jakarta on May 7, Habib said: “As long as public needs continue to evolve, the digital transformation process will never truly be finished”. 

He was speaking at the event, From Compliance to Resilience: Building Sustainable Cyber Resilience in the Public Sector organised by GovInsider and TrendAI Indonesia. 

Since the turn on the millennium, the ministry has been gradually digitalising its systems and processes starting with the development of state payment systems, revenue management systems, and then the integration of budgeting and budget execution systems, Habib noted. 

Its digitalisation efforts were aimed at ensuring government and business processes operate in a more integrated and sustainable manner. 

“If you finish one system but still have to carry paper documents to another unit, then there’s no point,” he said.  

Orchestrating digital transformation 

According to Habib, digital transformation required strong orchestration to ensure all units moved in the same direction. 

“It’s like a music concert. We may have excellent guitarists and pianists, but if they all play separately, the music won’t sound good”.  

Talking about the Financial Technology, Information and Intelligence Agency (BATII) within the Ministry of Finance, Habib said the department consolidated various transformation functions under a single body. 

BATII acts as the “conductor” of the ministry’s digital transformation, not only managing information technology but also ensuring cross-unit efforts remained coordinated. 

In addition, the agency has strengthened its financial intelligence function to help the government monitor economic dynamics and global risks that might affect the country’s fiscal conditions. 

Breaking down silos and integrating business processes 

Digitalisation would not have a significant impact if each unit continued operating in its own silo, Habib noted.  

He added that the Ministry of Finance was not simply building new applications but integrating entire business processes so they could operate more seamlessly across units and institutions. 

One example highlighted by Habib was the integration between the Krisna application owned by the Ministry of National Development Planning (Bappenas) and the Ministry of Finance’s SAKTI system.

This integration allowed planning and budgeting processes to operate without relying on manual document exchanges between agencies. 

The ministry’s next major transformation initiative was the development of the APBN, a state budget core system as an integrated platform connecting the entire state financial management cycle, from planning to budget reporting. 

“In the future, the state budget process, from planning through to reporting, will become one integrated process,” he said. 

This initiative aimed to simplify the bureaucracy surrounding budget management, which has long been known for its complexity, particularly in information and communications technology (ICT) projects.  

Security challenges were ultimately about people 

Habib highlighted that digital transformation challenges were becoming increasingly complex as governments now manage data on a much larger and more sensitive scale.

This required stronger digital security and resilience systems.  

To address this, the Ministry of Finance has adopted a layered security approach, ranging from physical protection of data centres and logical security for technological infrastructure to security measures at the user level. 

However, the biggest challenge lay in the people. 

“Information security threats do not always come from ransomware or sophisticated cyberattacks. In many cases, vulnerabilities emerge from internal user habits,” he warned.  

He cited the practice of password sharing among public officers to speed up work processes. Even senior leaders sometimes shared passwords with staff to get work done more quickly. 

To reduce these risks, the Ministry of Finance has implemented various security policies, including mandatory multi-factor authentication (MFA) and restrictions on devices that can access internal systems.  

Habib acknowledged that user resistance remained a major challenge, particularly when security measures were perceived as disrupting day-to-day work convenience. 

“Once you start talking about security, convenience and workflow usually get disrupted,” he said, adding that security and convenience should not be treated as opposing priorities, but rather as part of everyday workplace habits.  

AI as both opportunity and risk 

Talking about the growing use of artificial intelligence (AI) in the public sector, Habib said “AI is like a double-edged sword”. 

He added that government organisations needed to carefully identify opportunities to use AI in strengthening their digital resilience.  

While AI offers major potential to improve the effectiveness of government services, it also introduces new challenges related to privacy, personal data protection, and the ethics of information use, he added.  

Habib warned that security should no longer be treated as a secondary component in government digitalisation projects. 

“We can build systems that make many things easier. But if security is ignored, it’s like planting a time bomb,” he noted. 

Amid the growing number of data breaches and cyberattacks, Habib encouraged closer collaboration between government agencies to share experiences and strengthen digital resilience collectively. 

“It doesn’t have to be overly formal. What matters is that we can sit together and learn from each other,” he concluded.