Skip to main content
Entire section Custom print Text Only Rich Text Print / Save as PDF
Download Original PDF

Emphasis on Compliance with Customer Personal Data Protection Instructions

No: 44043873 Date(g): 18/12/2022 | Date(h): 24/5/1444 Status: In-Force

Translated Document

Based on the powers vested in SAMA under the relevant laws and regulations, and with reference to SAMA Circular No. (43045328) dated 19/5/1443 H regarding the Adherence to the Personal Data Protection Law and Data Governance Policies, Regulations and Rules, and given the observation of certain practices that require individual customers to disclose some of their personal data before providing the service or product, whether directly or through a third party, without necessity.

Therefore, SAMA emphasizes to all financial institutions the strict compliance with the protection of customers' personal data in accordance with the regulations and instructions issued by the Saudi Data and Artificial Intelligence Authority and the National Data Management Office, and what is issued by SAMA in this regard. Financial institutions should review their current procedures related to the practices of disclosing customers' personal data and take necessary measures to protect it. They must establish the necessary procedures and controls to ensure its security and integrity and its use for the purposes for which it was collected. Financial institutions are required to provide SAMA with a report outlining the measures taken in this regard by no later than 31/12/2022 via email.

For your information and to act accordingly as of this date.