KSA

Subscribe to KSA via RSS
Flowing particle lines

Organizations should prioritize compliance efforts in light of mounting regulatory scrutiny and potential fines.

By Brian A. MeenaghDanielle van der Merwe, and Faisal Imam*

The Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL) is now firmly in its active enforcement phase. The one-year grace period granted to organizations to achieve compliance ended on September 14, 2024, and the Saudi Data and Artificial Intelligence Authority (SDAIA) has moved from awareness-building and guidance to regulatory action. Businesses operating

Credit card detail photo focused on raised printed numbers

The updates are part of SAMA’s efforts to promote an innovation-based financial technology ecosystem in the KSA.

By Salman Al-Sudairi, Brian A. Meenagh, and Homam Khoshaim

Last month, the Saudi Arabian Monetary Authority (SAMA) issued an update to the recently implemented Payment Services Provider Regulations (PSPR), which was introduced in January 2020 to regulate Payment Services Providers (PSPs) operating in the Kingdom of Saudi Arabia (KSA). The PSPR provides a clear path for PSPs to obtain SAMA-issued licenses to provide payment services in the KSA. Notably, the PSPR applies concepts implemented by the European Union’s Payment Services Directive (PSD2). This should remove some of the friction involved in international PSPs launching operations in the KSA by allowing them to apply the same business models and operating processes already applied in the jurisdictions in which they operate.