In December 2025, Saudi Arabia introduced a pivotal reform to its financial oversight regime, enacting the Financial Oversight Law through Royal Decree. The move is part of the Kingdom’s broader Vision 2030 reforms, aimed at enhancing transparency, institutional accountability, and operational efficiency within public financial management.
At AHYSP Law Firm, we work closely with both government bodies and private clients navigating this shift. This law changes not just how public funds are monitored, but also who falls under the financial microscope — including certain private entities.
From Static Control to Risk-Based Oversight
The new Law replaces the older model of embedded financial representatives with a more agile, risk-based system. Rather than applying the same set of rules to every transaction, the Ministry of Finance (MoF) will now tailor its oversight based on actual financial exposure and institutional risk profiles.
This modern framework gives the Ministry of Finance broad supervisory authority, but it’s designed to be proportionate — focusing on protecting public funds while avoiding unnecessary red tape that could stifle legitimate business activities.
Private Sector: When Does the Law Apply?
Targeted Oversight, Not Blanket Regulation
One of the most notable features of the Financial Oversight Law is its conditional application to non-government entities.A private entity may be subject to MoF oversight where it is engaged in public finances through one or more of the following situations:
- Received direct financial support from the State Treasury such as grants or subsidies;
- Carrying out works or procurement on behalf of a government body;
- Collecting public revenues under a law or government contract.
Importantly, the oversight is activity specific. It only applies to the funds, transactions and records related to the public role or financing – not the whole business.
Exemptions for Key Institutions
The law doesn’t override the mandates of existing regulatory bodies. The Saudi Central Bank, Oversight and Anti-Corruption Authority, and General Court of Audit continue to operate under their own frameworks, preserving institutional independence and avoiding regulatory overlap.
What the Oversight Process Actually Looks Like
No On-Site Controllers — But Expect Reporting Duties
Unlike past systems that placed MoF controllers inside government bodies, the new model relies on data-driven reporting and documented compliance.
Entities subject to the law are expected to:
- Submit regular reports on how public funds are used;
- Allow MoF access to relevant documents, systems, and records;
- Maintain strong internal internal controls and clear audit trails;
- Take and document corrective action when requested.
Failure to cooperate, providing inaccurate information, or neglecting required remedial measures may constitute regulatory violations and expose the entity to further scrutiny.
Focus Areas: Contractors, PSP Projects, and SPVs
The law has direct implications for government contractors, Public-Private Partnerships (PSPs), and Special Purpose Vehicles (SPVs) — especially those engaged in infrastructure, utilities, and service delivery.
If your entity:
- Receives direct government funding;
- Handles delegated purchasing or spending functions;
- Collects tolls, taxes, or fees for the state;
In such cases, compliance depends on disciplined financial structuring: segregation of accounts, clear documentation of public funds, and demonstrable control mechanisms aligned with MoF requirements.
Effective Date and What’s Still to Come
The law comes into effect in April 2026, 120 days after being officially published. However, a number of details – including reporting formats, thresholds, and procedural rules – will get worked out in forthcoming implementing regulations.
Until then, organizations are encouraged to be conservative and prepare early by getting their systems in line with the law’s intent and anticipated direction.
AHYSP Law Firm’s Practical Recommendations
Here’s how we’re advising our clients to prepare:
- Identify all activities that involve public funds or delegated public responsibilities;
- Create separate accounts and clear records for in-scope financial flows;
- Appoint a compliance liaison to interface with the MoF;
- Update contracts to include clauses on reporting, audits, and cooperation obligations;
- Set up an internal escalation process for addressing MoF queries or findings.
Final Thoughts: A Legal Shift with Broad Impact
This new law represents more than just a procedural change — it’s a recalibration of how financial integrity is maintained in the Kingdom. While its primary aim is to safeguard public funds, its ripple effects will be felt across the private sector, particularly among those working closely with the government.
At AHYSP Law Firm, we stand ready to support clients as they adapt — providing not only legal insight but also operational strategies to ensure smooth, compliant engagement in Saudi Arabia’s evolving public finance ecosystem.
Key Takeaways
- The Saudi Financial Oversight Law, effective April 2026, aims to enhance transparency and efficiency in public financial management.
- It introduces a risk-based oversight system, focusing on actual financial exposure rather than a one-size-fits-all approach.
- Private entities may fall under MoF oversight only when engaged in specific public finance activities, not blanket regulation.
- Entities must maintain reporting duties, clear records, and internal controls to comply, avoiding regulatory violations.
- AHYSP Law Firm recommends early preparation, including identifying public fund activities and appointing compliance liaisons.
