Penelitian ini mengkaji pertanggungjawaban bank dalam konteks pelindungan data nasabah pada pertukaran informasi dalam konglomerasi sektor jasa keuangan. Latar belakang penelitian didasari oleh meningkatnya kompleksitas pertukaran informasi nasabah dalam konglomerasi keuangan yang memerlukan kerangka hukum yang komprehensif untuk melindungi kepentingan nasabah. Penelitian ini mengajukan dua rumusan masalah: pertama, bagaimana harmonisasi regulasi sektor perbankan dan jasa keuangan mengakomodir pelindungan data nasabah dalam pertukaran informasi antar entitas konglomerasi keuangan; kedua, bagaimana implikasi hukum dari pertukaran informasi nasabah antara bank dan perusahaan jasa keuangan lainnya dalam satu konglomerasi keuangan. Penelitian ini menggunakan metode doktrinal dengan pendekatan deskriptif analitis. Hasil penelitian menunjukkan bahwa harmonisasi regulasi pelindungan data nasabah telah terbentuk melalui UU PDP, POJK 22/2023, dan UU P2SK, yang secara komprehensif mengatur mekanisme pengelolaan data pribadi nasabah. Implikasi hukum pertukaran informasi nasabah mencakup aspek perdata dan pidana, dengan konsekuensi yang signifikan terhadap operasional bank, termasuk sanksi administratif hingga pidana sesuai UU PDP dan peraturan terkait.

---

This research examines bank accountability in the context of customer data protection during information exchange within financial services sector conglomeration. The research background is based on the increasing complexity of customer information exchange within financial conglomerates, which requires a comprehensive legal framework to protect customer interests. This study addresses two research questions: first, how the harmonization between banking and financial services sector regulations accommodates customer data protection in information exchange between financial conglomerate entities; second, what are the legal implications of customer information exchange between banks and other financial service companies within a financial conglomeration. This research employs a doctrinal method with a descriptive-analytical approach. The findings indicate that harmonization of customer data protection regulations has been established through the Personal Data Protection Law, POJK 22/2023, and the Financial Services Consumer Protection Law, which comprehensively regulate customer personal data management mechanisms. The legal implications of customer information exchange encompass both civil and criminal aspects, with significant consequences for bank operations, including administrative and criminal sanctions in accordance with the Personal Data Protection Law and related regulations.