Business licensing serves as official legal authorization granted to business actors to commence and operate business activities in Indonesia.
Since the enactment of Government Regulation Number 28 of 2025 (“PP 28/2025”) on the Implementation of Risk-Based Business Licensing, all business licensing applications are now required to be submitted through the Online Single Submission (OSS) system.
Article 1 point 21 of PP 28/2025 stipulates that OSS is an integrated electronic platform administered by the OSS Authority to facilitate risk-based business licensing. Two primary parameters which determine the required license are:
A Standard Certificate is a form of business license that serves as a declaration and/or proof that a business entity has fulfilled the applicable operational and compliance standards. This certificate is mandatory for business activities categorized under medium-low risk and medium-high risk.
For medium-low risk businesses, the OSS Standard Certificate is issued based on the business actor’s self-declaration through the OSS system. Once submitted, the business may immediately operate commercially without requiring prior government verification.
For medium-high risk activities, the OSS Standard Certificate only becomes valid after verification is conducted by the relevant authority. Before verification is completed, the business is only allowed to prepare operational activities and is not yet permitted to conduct commercial operations.
Therefore, medium-high risk business operators must have the following two legal documents before operating fully:
Pursuant to Article 128 paragraph (2) of PP 28/2025, the required business legality documents are as follows:
| Risk Category | Required Legal Document |
|---|---|
| Low | NIB |
| Medium-Low | NIB + Standard Certificate (self-declaration) |
| Medium-High | NIB + Verified Standard Certificate |
| High | NIB + Business License |
According to Article 132 paragraph (2) of PP 28/2025, verification of the OSS Standard Certificate for medium-high risk activities is carried out by the Central Government, Regional Government, Special Economic Zone (SEZ) Administrator, or KPBPB Authority, depending on the sectoral mandate and regulatory jurisdiction.
Based on implementation practices, the required steps for business actors include:
These serve as prerequisites for Standard Certificate verification.
Once all requirements are submitted, the Standard Certificate will be issued with the status “not yet verified.”
The verification process includes administrative assessment and, if required, an on-site inspection by the relevant technical authority.
Results will be issued through OSS notifications as follows:
| Status | Outcome |
|---|---|
| Meets requirements | Standard Certificate status updated to Verified |
| Does not meet requirements | Business actor must revise or complete the submission |
Once verified, the business is permitted to operate fully, both commercially and operationally.
PP 28/2025 grants authority to the OSS Institution to impose administrative sanctions if inconsistencies are found between submitted declarations and actual business conditions. Sanctions may include:
For violations posing significant risks to public safety, health, or the environment, sanctions may be imposed without prior warning.
PP 28/2025 introduces a more structured approach to business licensing through OSS, particularly concerning Standard Certificate verification for medium-high risk activities. With integration through SIINAS, verification procedures are now centralized and digitally processed.
Business actors must ensure that all requirements and standards are fulfilled before the Standard Certificate obtains verified status. Without verification, business operations—both commercial and operational—are not legally permitted.
Permitindo provides end-to-end assistance — Fill out the form below, and we will assist you with your needs.