Compliance Manager  

The Compliance Manager is responsible for building, implementing, and maintaining the company's compliance framework across regulatory, legal, and operational dimensions. This role sits within the Legal & Compliance Division under People & Legal Governance, and serves as the primary point of accountability for ensuring the company's adherence to applicable Indonesian laws, regulations, and internal policies. The role works closely with Legal, Internal Audit & Risk Management, as well as external regulators and government bodies.

Key Responsibilities

1. Compliance Ownership - Build the Foundation

• Design and operationalize a Compliance Management System (CMS): policies, SOPs, risk register, governance structure
• Build and own compliance obligations register and calendar across all regulatory filings, license renewals, and reporting deadlines
• Run periodic compliance risk assessments across, including but not limited to, Operations, Technology, Finance, and Commercial
• Maintain audit ready documentation and compliance records at all times

2. Regulatory & Licensing Management - Know the Rules, Own the Permits

• E-Commerce & Consumer Protection: PMSE, UU Perdagangan, consumer protection regulations; monitor Kemendag updates and assess business impact
• Food Safety & Distribution: BPOM compliance on labelling, storage, and distribution; halal certification under BPJPH.
• Data Privacy & Digital Platform: lead full UU PDP implementation including privacy policy, consent management, data subject rights, DPIA for new features, and breach response; also covers Komdigi electronic system regulations and privacy-by-design with the Technology team
• Logistics: understanding of operational permits (NIB, IMB/PBG, UKL-UPL)
• Licensing Integrity: centralized license register, OSS compliance new location applications in coordination with Operations & Legal

3. Government & External Relations - Regulatory Face of Astro

• Primary point of contact for all regulatory bodies and government agencies
• Coordinates and manages regulatory inspections and audits
• Monitors Indonesian regulatory landscape and translates changes into business impact assessments
• Represents Astro in industry working groups and regulatory consultations
• Builds and maintains working relationships with Kemendag, Kominfo, BPOM, BPJPH, and/or other relevant agencies

4. Internal Controls & Monitoring - Stay Ahead of Risk

• Conducts regular internal compliance reviews across operations, logistics, and the digital platform
• Operates a compliance monitoring mechanism to detect and remediate potential breaches early
• Tracks remediation of audit findings and escalates unresolved issues appropriately
• Delivers bi-weekly compliance status updates and quarterly risk reports to senior leadership

5. Cross Functional Enablement - Make Compliance Stick

• Designs and delivers compliance training/updates for teams
• Develops practical compliance guides for non-legal audiences across the business
• Partners with Legal on contracts and commercial arrangements with regulatory implications
• Collaborates with Technology on platform and data compliance; supports Finance on tax-adjacent regulatory obligations

General Requirements

Education & Knowledge

• Bachelor's Degree in Law (S.H.) from a reputable Indonesian university; postgraduate qualification or compliance certification is a plus
• Strong working knowledge of Indonesian law and government policy, with specific expertise in:
  • Corporate Law and Regulatory Compliance
  • E-Commerce Regulations (PP PMSE, UU Perdagangan)
  • Financial Technology and Digital Banking Regulations
  • Personal Data Protection (UU PDP and Kominfo regulations)
  • Anti-Money Laundering (AML) and KYC requirements
  • Logistics and supply chain regulatory requirements

Experience

• Minimum 5-8 years of relevant experience in compliance, regulatory affairs, or legal with a strong compliance component
• Background in one or more of the following industries: E-Commerce, Retail, Financial Technology, Digital Banking, or Logistics
• Demonstrated experience dealing directly with Indonesian regulators
• Experience building or formalizing a compliance function is a strong advantage
• Proficiency with business applications including Microsoft Office and Google Workspace