NCA Compliance for AI Companies in Saudi Arabia 2026

Saudi Arabia is positioning itself as one of the most ambitious AI ecosystems in the world. Project Transcendence, the PIF-backed Humain, Aramco's AI initiatives, and SDAIA's national programmes have moved the Kingdom from an AI-curious market to an AI-first one under Vision 2030 and the regulatory architecture is moving with it. Any company building or deploying AI in Saudi Arabia, whether a local startup or a foreign entrant, now operates inside a stack of overlapping rules that few have mapped clearly.

There is one common misconception to clear at the start: there is no single "Saudi AI law" yet, and the NCA does not run a dedicated AI framework. What exists, and what applies, is a stack the Saudi Data and AI Authority (SDAIA) for AI-specific guidance, the Personal Data Protection Law (PDPL) for the personal data your AI systems consume and produce, and the National Cybersecurity Authority's standards for the security of those systems. Each layer brings real obligations, and together they form the compliance baseline for any AI company in the Kingdom.

This guide maps the whole stack: which regulators apply, what SDAIA's AI Ethics Principles, Generative AI Guidelines, and AI Adoption Framework require, what PDPL means for AI training and inference, how the Essential Cybersecurity Controls and NCNICC reach AI systems, what AI-specific penetration testing looks like, and how a Vision 2030 AI company should build its compliance posture from day one. If you need the broader regulatory context first, start with our guide to what the NCA is.

1. What Regulations Apply to AI Companies in Saudi Arabia
2. SDAIA — The AI Authority in Saudi Arabia
3. PDPL and AI — What It Means for Training and Inference
4. NCA Cybersecurity Requirements for AI Companies
5. Penetration Testing for AI Systems
6. Vision 2030 AI Companies — The Stack From Day One
7. How SecurityWall Supports Saudi AI Companies

What Regulations Apply to AI Companies in Saudi Arabia

An AI company in Saudi Arabia answers to three overlapping regimes at once, even though no single AI statute exists yet.

The architecture matters because each layer has a different question. SDAIA asks whether your AI is built and used responsibly. PDPL asks whether the personal data inside it is handled lawfully. The NCA asks whether the systems running it are secure. A complete compliance posture answers all three.

SDAIA — The AI Authority in Saudi Arabia

The Saudi Data and Artificial Intelligence Authority is the national reference body for data and AI in the Kingdom. It is the source of the country's AI-specific guidance, and while many of these instruments are formally non-binding, they are the de facto governance architecture that sector regulators, public bodies, and increasingly enterprise procurement look to.

Three SDAIA instruments matter most for an AI company:

• AI Ethics Principles (2023). Five principles fairness, accountability, transparency, safety, and sustainability that set the moral and operational compass for AI development. SDAIA expects entities to adopt internal governance structures: senior leadership engagement, ethics committees, Responsible AI Officers, and accountability up to the head of the organisation.
• Generative AI Guidelines (2024). Two versions one for government and one for the public covering transparency, accountability, fairness, privacy, and human oversight of generative AI, with specific attention to watermarking, content authenticity, and deepfake risks.
• AI Adoption Framework (September 2024). A structured maturity methodology with four levels, plus enablers across data, technology, human capability, and responsible use. It pushes organisations to establish an "AI unit" and apply maturity-based controls.

SDAIA itself achieved ISO/IEC 42001 certification in 2024 the international standard for AI management systems which is increasingly being treated as the GCC benchmark. For an AI company building governance from scratch, mapping early to ISO/IEC 42001 and SDAIA's principles is a defensible foundation.

PDPL and AI — What It Means for Training and Inference

The Personal Data Protection Law, administered by SDAIA and fully enforceable since September 2024, is where AI compliance most often gets concrete because almost every meaningful AI system in production processes personal data of Saudi residents.

PDPL applies across the lifecycle. At training, it asks where the data came from, on what lawful basis, with what consent, and whether it was minimised to what the model actually needed. At inference, it asks how the personal data being fed into your model is handled, what is logged, and what is shared with downstream parties. It also addresses automated decision-making and profiling directly data subjects have rights when algorithms make decisions about them, including the right to information and, where relevant, to challenge those decisions.

Two practical PDPL items catch AI companies out:

• Cross-border transfers. Saudi Arabia operates an adequacy regime with risk-assessment and safeguard requirements when personal data leaves the Kingdom. For AI companies running models in foreign clouds or sending data to overseas processors, this is rarely an afterthought it sits on the critical path.
• Vendor and processor oversight. PDPL extends to your supply chain. If your AI relies on third-party processors model providers, labelling services, monitoring tools you carry the obligation to ensure they handle Saudi personal data lawfully.

PDPL enforcement stepped up through 2025, with real penalties for failures. For an AI company, treating PDPL as a privacy team's side project rather than an engineering and product requirement is the most expensive miscalculation available.

NCA Cybersecurity Requirements for AI Companies

The NCA does not run an AI-specific framework, but its cybersecurity standards apply fully to AI systems they are IT systems, processing data, exposed to attack. Which NCA framework reaches you depends on classification: government entities and critical infrastructure operators fall under the Essential Cybersecurity Controls, and the rest of the private sector which captures most AI companies fall under NCNICC-1:2025, the binding standard the NCA introduced for the non-CNI private sector in January 2026.

For an AI company, NCA compliance is mostly recognisable IT cybersecurity applied to a new attack surface: identity and access management with multi-factor authentication, encryption of data in transit and at rest, vulnerability management, logging and monitoring, third-party oversight, and penetration testing. The novelty is in where those controls land. Model training pipelines, model registries, inference APIs, and the vector databases that feed retrieval-augmented systems are all NCA-relevant assets that did not exist a few years ago and that a generic security baseline often misses.

For early-stage AI companies, our NCA compliance for startups guide covers the right-sized baseline. AI fintechs face an additional layer through NCA and SAMA dual compliance.

Penetration Testing for AI Systems

Conventional penetration testing network, web, API is necessary but not sufficient for an AI company. The systems themselves introduce attack surfaces that a generic test will not exercise. An AI-aware penetration test should cover four distinct areas, in addition to the standard infrastructure scope.

• Adversarial input testing. Probing how your models respond to prompt injection, jailbreaking, evasion, and crafted inputs that subvert intended behaviour. This is where AI-specific risk lives, and it is invisible to a network scan.
• Data pipeline security. Testing the ingestion, transformation, and storage paths that move data into training and inference training-data poisoning, supply-chain tampering, and access to staged data are real risks.
• API and endpoint security. AI is consumed through APIs, and those APIs concentrate value and risk: authentication, authorisation, rate-limiting, and abuse-prevention testing all apply, often with model-specific abuse cases (output extraction, model cloning, denial of wallet).
• Model access control and audit logging. Who can call the model, retrain it, or modify its weights and is every action logged in a way that supports investigation? This is where the NCA's monitoring expectations meet AI-specific governance.

The penetration testing the NCA requires under its Cybersecurity Defence domain provides the framework what changes for AI is the scope inside it. SecurityWall scopes AI engagements to cover both the conventional and the AI-specific surface in one programme.

Vision 2030 AI Companies — The Stack From Day One

If you are building an AI company under Vision 2030 whether founded in the Kingdom or entering it the cheapest time to put the compliance stack in place is at the start, before product complexity, data volume, and customer commitments make it expensive.

A defensible posture from day one looks like this:

1. Set up AI governance early. Appoint a Responsible AI Officer (or equivalent), establish an internal ethics review, and align your principles to SDAIA's AI Ethics Principles. This is the SDAIA-side foundation.
2. Build PDPL into your data pipeline. Map personal data flows from collection through training to inference and output. Bake consent, minimisation, and cross-border safeguards into the architecture, not the documentation.
3. Implement the NCA cybersecurity baseline. Classify yourself under NCNICC-1:2025 or the ECC, get the foundational controls in place, and document the evidence.
4. Plan for AI-specific testing. Schedule penetration testing that covers adversarial inputs and the AI surface as well as the conventional one, with retesting that closes findings.
5. Map upward to ISO/IEC 42001. As the GCC benchmark for AI management systems, ISO/IEC 42001 is the structure the Kingdom is moving toward building to it now spares you a rebuild later.

The companies that win the next phase of Saudi AI will be the ones treating governance, privacy, and security as product features rather than after-launch chores.

How SecurityWall Supports Saudi AI Companies

SecurityWall is an NCA-registered cybersecurity firm helping Saudi AI companies local and foreign handle the whole stack: SDAIA-aligned governance support, PDPL data-protection posture, and the NCA cybersecurity baseline, with AI-aware penetration testing built in. Our team holds OSCP, OSWE, CREST, CRT, CISM, and CISSP credentials and approaches AI security from an offensive perspective.

AI Compliance Scoping and Gap Assessment

• Identify the SDAIA, PDPL, and NCA obligations that genuinely apply to your AI products
• A single gap assessment mapped across all three, prioritising what serves more than one regulator
• Classification under NCNICC-1:2025 or the ECC, scoped to your environment

AI-Aware Penetration Testing

• Adversarial input testing, data pipeline security, API and endpoint testing, model access controls
• Scoped alongside conventional penetration testing so one engagement covers the full attack surface
• Reports formatted for the NCA and your enterprise customers' diligence

Governance and Evidence

• SDAIA-aligned policies, Responsible AI Officer structures, and ethics-review processes
• PDPL data mapping, consent flows, and cross-border transfer safeguards
• Evidence packs that hold up under regulator and enterprise scrutiny

NCA-Registered and Vision 2030-Ready

• A recognised provider within the Kingdom's regulated cybersecurity ecosystem
• See our Saudi cybersecurity services
• A single partner for NCA compliance across AI companies, fintechs, and startups

Related reading:

• What Is the NCA? Saudi Arabia's Cybersecurity Authority
• NCA ECC 2:2024 Requirements: Every Control Domain Explained
• NCNICC-1:2025: Every Saudi Private Company Now in Scope
• NCA Compliance for Startups in Saudi Arabia
• NCA Compliance for Fintech and BNPL in Saudi Arabia
• NCA Penetration Testing Requirements in Saudi Arabia
• NCA and SAMA Dual Compliance for Banks and Fintech
• PDPL Compliance in Saudi Arabia

Frequently Asked Questions

What regulations apply to AI companies in Saudi Arabia?

AI companies operate under three overlapping regimes: SDAIA's AI-specific guidance (the AI Ethics Principles, Generative AI Guidelines, and AI Adoption Framework), the Personal Data Protection Law for personal data processed by AI systems, and the NCA's cybersecurity standards (ECC or NCNICC-1:2025) for the security of those systems. There is no dedicated AI law in force today.

Does the NCA have an AI governance framework?

No. The NCA does not run a dedicated AI governance framework. Saudi Arabia's AI-specific guidance comes from SDAIA the AI Ethics Principles, Generative AI Guidelines, and AI Adoption Framework. The NCA contributes cybersecurity standards that apply to AI systems alongside any other IT systems.

Does PDPL apply to AI model training?

Yes. The Personal Data Protection Law, administered by SDAIA and fully enforceable since September 2024, applies to personal data used in training and inference covering lawful basis, consent, data minimisation, automated decision-making, cross-border transfers, and vendor oversight.

Do AI companies need penetration testing in Saudi Arabia?

Yes, and conventional testing is not enough. An AI-aware penetration test should cover adversarial input testing, data pipeline security, API and endpoint security, and model access control and audit logging, in addition to the standard infrastructure scope. The NCA's penetration testing requirement applies under its Cybersecurity Defence domain.

Which NCA framework applies to an AI company?

It depends on classification: government entities and Critical National Infrastructure operators fall under the Essential Cybersecurity Controls (ECC), while most AI companies in the private sector fall under NCNICC-1:2025, the binding standard the NCA introduced for non-CNI private sector entities in January 2026.

Is ISO/IEC 42001 required in Saudi Arabia?

Not formally required yet, but increasingly treated as the GCC benchmark for AI management systems SDAIA itself achieved ISO/IEC 42001 certification in 2024. Aligning to it early gives an AI company a defensible governance posture and prepares it for the binding AI rules expected to follow.