Under the new criminal law regime, investors are no longer fully protected by corporate structures. Investors who serve as controlling shareholders and beneficial owners may now be held criminally liable even if they are not directly involved in the company’s day-to-day operations.

These changes were introduced in response to the increasing complexity of corporate crime. In practice, corporations are often used to conceal the principal perpetrators through the use of shell companies, nominee directors, or multi-layered ownership structures. To address these issues, Law No. 1 of 2023 on the of Criminal Law (“New Criminal Code”) and Law No. 20 of 2025 on the Code of Criminal Procedure (“New Criminal Procedure Code”) have expanded criminal liability to include those who issue orders, those in control, and beneficial owners. The New Criminal Code and the New Criminal Procedure Code further reinforce the recognition that corporations are subjects of criminal law, a recognition that actually began with Supreme Court Regulation No. 13 of 2016 on Procedures for Handling Criminal Cases Involving Corporations (“Perma 13/2016”).

On the one hand, this expansion represents a progressive step in combating corporate crime. On the other hand, however, these provisions also pose the risk of criminalizing investors who hold controlling positions or are beneficial owners, even if they are not directly involved in the day-to-day management of the company. This issue has become increasingly prominent and widely discussed in the enforcement of corporate criminal law, particularly following several major corruption cases in the mining and oil and gas sectors, such as the tin corruption case and the Pertamina case.

In fact, criminal law still requires the presence of criminal intent (mens rea), effective control, and a meeting of minds. Without clear parameters, the expansion of criminal liability risks shifting the principle of criminal punishment from one originally based on criminal intent to one based solely on status or position. Therefore, this article discusses the legal parameters for criminal liability of controlling shareholders and beneficial owners, while also examining fiduciary duty and the Business Judgment Rule as legal safeguards against the risk of criminalization.

 

The New Regime of Corporate Criminal Liability

Article 45(1) of the New Criminal Code stipulates that a corporation is a legal entity that may be held criminally liable for criminal offenses committed for, on behalf of, or in the interest of the corporation. This provision is further expanded upon in Article 46 of the New Criminal Code, which states that corporate criminal offenses encompass not only the acts of directors but also those of individuals with an employment relationship, a functional relationship, or any other party acting within the corporate environment. Furthermore, Article 47 of the New Criminal Code explicitly states that corporate criminal offenses may also be committed by:

1. the person giving the order;
2. the person in control; and
3. the beneficial owner.

This provision indicates that corporate criminal liability no longer stops at the company’s formal structure, but can extend to parties who actually exercise control over the corporation. Although the term “beneficial owner” originates from the anti-money laundering regime, specifically Presidential Regulation No. 13 of 2018 on the Implementation of the Know Your Beneficial Owner Principle for Corporations in the Context of Preventing and Eradicating Money Laundering and Terrorist Financing Offenses (“Perpres 13/2018”) and in the New Criminal Code, the beneficial owner is essentially positioned as the party exercising actual control over the corporation.

However, Article 47 of the New Criminal Code still imposes an important limitation: a beneficial owner may only be held liable if it is proven that they possess the actual ability to control the corporation. Thus, the status of being a shareholder or an economic beneficiary alone cannot serve as a basis for criminal liability without proof of involvement or actual control over the corporation’s actions, including within the scope of the corporation’s business operations.

In addition to expanding the scope of legal entities, the New Criminal Code also broadens the parameters of corporate criminal liability. Article 48 of the New Criminal Code stipulates that a corporation may be held liable if:

1. it benefits the corporation unlawfully;
2. it is adopted as corporate policy;
3. the corporation fails to take necessary preventive measures; or
4. the corporation allows a criminal act to occur.

The phrases “failing to take necessary preventive measures” and “allowing a criminal act to occur” leave considerable room for interpretation in law enforcement practice. In certain contexts, these conditions have the potential to serve as a basis for holding controlling shareholders or beneficial owners criminally liable, even if they are not directly involved in the company’s day-to-day operations.

This expansion of criminal liability is not only regulated at the substantive law level in the New Criminal Code but is also reinforced through procedural law mechanisms in the New Criminal Procedure Code. Article 326 of the New Criminal Procedure Code classifies parties that may be held liable into four categories: directors, those who issue orders, those in control, and beneficial owners. Furthermore, law enforcement authorities are granted the authority to unilaterally designate a corporate representative if the corporation fails to appoint its own representative. This situation poses a serious risk, as the designated representative may be subject to various coercive measures, ranging from designation as a suspect, detention, seizure, account freezing, to travel bans.

 

Issues with Indictments Against Beneficial Owners

In law enforcement practice, the greatest challenge regarding the criminal liability of beneficial owners lies in the formulation of indictments by the Public Prosecutor. In several corporate corruption cases, the PPO frequently refers to the defendant as a beneficial owner without clearly outlining the legal basis or the form of actual control exercised over the corporation.

For example, in Court Decision No. 102/PID.SUS-TPK/2025/PN.JKT.PST regarding Defendant Kerry Adrianto Riza. In the indictment, the Prosecutor did not elaborate on the basis or parameters used to hold the defendant criminally liable as a beneficial owner.

A similar issue is evident in Court Decision No. 23/Pid.Sus-TPK/2025/PN Jkt Pst regarding Defendant Hendry Lie, where the Prosecutor referred to the defendant as the beneficial owner of PT Tinindo Inter Nusa. However, neither in the indictment nor in the prosecution’s arguments did the Prosecutor explain whether the defendant met the criteria for a beneficial owner as defined in Presidential Regulation No. 13/2018, nor how the actual control over the corporation was exercised.

In fact, Perpres 13/2018 has provided several parameters for determining whether an individual qualifies as a beneficial owner, including holding more than 25% of the shares or voting rights, having the authority to appoint or dismiss the Board of Directors and Commissioners, having the ability to control the corporation without authorization from another party, or being the primary beneficiary of the corporation.

Furthermore, Article 47 of the New Criminal Code explicitly requires the existence of actual control over the corporation. Thus, the status of being a shareholder, an economic beneficiary, or a party deriving benefits from the corporation cannot automatically serve as a basis for criminal prosecution without proof of actual control or involvement in unlawful acts.

This situation indicates that the formulation of charges against beneficial owners still raises serious issues, particularly regarding the requirements of clarity, precision, and accuracy in the description of criminal acts as stipulated in Article 75(2) of the New Criminal Procedure Code. Without an explanation regarding the form of control, instructions, or active involvement of the beneficial owner in the actions of the Board of Directors in the field, criminal liability risks shifting to being based solely on a person’s economic status or position. Such an approach deviates from the fundamental principle of criminal law, which continues to require the presence of fault (mens rea) in every criminal conviction.

 

Reconstructing Criminal Liability Criteria Based on the Principles of Mens Rea and Meeting of Minds

To avoid the expansion of criminal liability based solely on a person’s ownership of capital or position within a corporation, law enforcement must shift from a status-based approach toward proving actual guilt (mens rea) and a meeting of minds.

This issue is evident in Judgment No. 23/Pid.Sus-TPK/2025/PN Jkt Pst regarding Defendant Hendry Lie. In the indictment and prosecution’s arguments, the Public Prosecutor stated that the defendant was aware of the provision of funds disguised as Corporate Social Responsibility (“CSR”) expenses, as follows:

“The collection of security funds, ostensibly CSR expenses from PT Tinindo Inter Nusa, was carried out by ROSALINA with the knowledge of Defendant HENDRY LIE.”

However, the phrase “with the defendant’s knowledge” was not further elaborated upon by the prosecutor. It was not explained whether such knowledge pertained specifically to the unlawful act, whether there was active consent or explicit instructions, or whether it was merely limited to knowing about a specific allocation of funds without understanding its unlawful nature. In fact, in prosecutorial practice, beneficial owners are often drawn into cases because funds flowed to them or because they are deemed to hold strategic authority within the company. The issue is that the flow of funds does not automatically prove the existence of criminal intent (mens rea). Similarly, holding strategic authority does not necessarily indicate involvement in a specific criminal act.

Therefore, the construction of “with knowledge” is not sufficient if merely stated narratively in the indictment. Such knowledge must be proven as “criminal-quality knowledge,” that is, knowledge accompanied by the awareness that the act violates the law and the intent to carry it out.

This view aligns with the opinion of Criminal Law Expert from the University of Islam Indonesia, Arif Setiawan, who explains that participation in a criminal act must be based on a “meeting of minds,” that is, a shared understanding or common intent to commit a criminal offense. In the concept of complicity (medeplegen), differences in technical roles are not an issue as long as there is a shared intent to commit the criminal act. Conversely, a person who is merely present at the scene of the incident without sharing that common intent cannot automatically be prosecuted as a participant. In the corporate context, to hold a beneficial owner or controlling shareholder criminally liable as a participant (medeplegen), the prosecutor must prove at least four cumulative elements, namely:

1. knowledge of the unlawful nature of the act committed;
2. consent to or intent regarding the commission of the act;
3. a meeting of minds with the operational perpetrators on the ground; and
4. active involvement that goes beyond a mere formal structural position or passive receipt of benefits.

Without proof of these elements, criminal liability risks violating the principle of “no punishment without fault” (geen straf zonder schuld) as stipulated in Article 37 of the New Criminal Code. Specifically in corruption offenses, the principle of fault remains the primary requirement for criminal liability as long as the law does not explicitly provide for strict liability or vicarious liability. Therefore, criminal fault cannot be assumed solely based on a person’s economic status, ownership of capital, or position within a corporation.

 

Fiduciary Duty and the Business Judgment Rule as Protections

Legal protection for investors and beneficial owners can actually be seen in the clear separation of the functions of the Board of Directors and shareholders under Law No. 40 of 2007 on Limited Liability Companies (“Company Law”). In the dissenting opinion of the Kerry Riza case, the Associate Judge conveyed an important philosophical point:

“If there is a rotten fruit, it does not necessarily mean the entire tree is rotten.”

The meaning of this view is that operational errors by the Board of Directors cannot automatically be attributed to the beneficial owner or controlling shareholder. As long as the Board’s decisions are made lawfully, rationally, and in accordance with sound business principles, such matters should be viewed as business risks, not criminal acts.

This view is reinforced by Prof. Dr. Yetty Komalasari, Professor of Economic and Technology Law at the Faculty of Law, University of Indonesia, who emphasized that Articles 92 and 97 of the Company Law regarding fiduciary duty apply only to the Board of Directors.  Beneficial owners, by nature, do not perform day-to-day management functions; therefore, the parameters of the Board of Directors’ liability cannot be applied to them outright. In this context, the Business Judgment Rule (“BJR”) serves as the decisive boundary for criminal liability. If the Board of Directors acts in good faith, with due care, without a conflict of interest, and based on adequate information, then the company’s losses must be viewed as business risks. If there is no criminal offense at the Board of Directors level, then there is no legal basis to hold beneficial owners or top-level controlling shareholders criminally liable.

 

The Tiered Test as a New Standard for Assessing Corporate Criminal Liability

The dissenting opinion in the Kerry Riza case also introduced the important concept of the Tiered Test, which was subsequently validated academically by a number of legal experts from the University of Indonesia and Gadjah Mada University. This method consists of three stages:

1. Corporate Test

The first stage is to assess whether business decisions were taken in accordance with the principles of Good Corporate Governance (GCG) and meet the requirements of the Business Judgment Rule. The judge must examine whether the company has an effective corporate compliance system in place. If the Board of Directors has acted with due care and based on adequate risk analysis, the element of negligence is automatically negated.

2. Fiscal Test

If negligence is suspected, the examination continues to distinguish whether the losses incurred are:

1. purely business losses resulting from market dynamics; or
2. losses to the state resulting from unlawful acts.

In sectors such as oil and gas and mining, loss calculations must not be based on assumptions. The assessment must be carried out through a Scientific Proof of Loss by an independent body.

3. Criminal Test

Criminal liability can only be imposed if evidence of bad faith, fraud, or a conflict of interest is found. At this stage, law enforcement authorities must prove the existence of a meeting of minds between the beneficial owner and the operational perpetrator.

Thus, a beneficial owner can only be held criminally liable if it is proven that they knowingly participated in planning, approving, or benefiting from the criminal acts committed by the corporation.

 

Conclusion

The new Criminal Code and Criminal Procedure Code do indeed extend corporate criminal liability to include those in control and beneficial owners. However, criminal liability must not be based solely on a person’s shareholding status, the flow of funds, or their economic position. Law enforcement authorities remain obliged to prove the existence of actual control, actual knowledge, consent to unlawful acts, and a meeting of minds with the operational perpetrators. Without such proof, the extension of criminal liability risks leading to the criminalisation of investors.

In the context of legal protection, the doctrines of fiduciary duty and the Business Judgment Rule serve as crucial instruments for limiting criminal liability. Provided that the Board acts lawfully and reasonably in accordance with the principle of prudence, any resulting losses must be regarded as purely business risks. Therefore, the application of the Tiered Test (through the Corporate Test, the Fiscal Test, and the Criminal Test) is essential as an objective standard to ensure that the enforcement of law against corporate crimes remains consistent with the principles of legal certainty and ‘no criminal liability without fault’.

 

Recommendations

1. For Business Entities, Investors, and Beneficial Owners

a. Maintaining boundaries on operational involvement

Investors and beneficial owners should avoid direct involvement in the company’s day-to-day operations. All strategic decisions should be made through the company’s formal mechanisms to avoid any interpretation of illegal direct control.

b. Strengthening documentation of business decisions

Business decisions must be supported by adequate documentation and an effective corporate compliance system to demonstrate the application of the principle of prudence and good corporate governance.

c. Strengthen due diligence and corporate compliance systems

In transactions with SOEs/ROEs or high-risk sectors, companies must conduct independent audits and establish effective corporate compliance programmes as preventive measures and to mitigate criminal risks.

 

2. For the Government and Law Enforcement Authorities

The government, law enforcement authorities, and state auditors need to develop joint guidelines for handling corporate cases, particularly regarding the parameters for criminal liability of beneficial owners and the application of the Corporate Test, Fiscal Test, and Criminal Test. These standards are essential to distinguish purely business risks from state losses resulting from unlawful acts, whilst preventing the criminalisation of business decisions that remain within the scope of the Business Judgment Rule.