📋 Compliance Overview
BayanCore incorporates Saudi Arabian regulatory requirements directly into its technical architecture. Every workflow, transactional log, and data storage design aligns with local laws by default.
1. Compliance Matrix & Implementation Status
Below is the master matrix mapping regulations to system implementations and statuses:
| Regulation | Enforcing Authority | Key Requirement | Implementation Status | Target Module |
|---|---|---|---|---|
| ZATCA Phase 2 | ZATCA | Real-time XML clearance (B2B) & reporting (B2C) within 24h | 🟡 In Testing (Sandbox) | Billing & Invoicing |
| VAT Rules | ZATCA | Standard 15% VAT calculation, invoice display, returns | 🟢 Fully Supported | Accounts Receivable/Payable |
| PDPL | SDAIA | Data residency, consent logging, right to erasure | 🟢 Fully Supported | System Infrastructure / Core DB |
| Wage Protection (WPS) | MHRSD | Monthly payroll banking export in SIF format | 🟢 Fully Supported | HRMS & Payroll |
| GOSI Insurance | GOSI | Automatic calculation of employee & employer GOSI percentages | 🟢 Fully Supported | HRMS & Payroll |
| NCA Cybersecurity | NCA | Zero-trust RBAC, encrypted secrets, inactivity timeouts | 🟡 Implementation Phase | API Gateway & Operations |
| Saudi Labor Law | MHRSD | Overtime calculations, EOSB gratuity, Nitaqat tracking | 🟢 Fully Supported | HRMS & Payroll |
2. Key Compliance Principles
- Sovereignty First: All production data, search indices, backups, and AI embeddings remain strictly within the geographical borders of the Kingdom of Saudi Arabia.
- Immutability: Transaction records, particularly financial postings and ZATCA compliance stamps, are write-once, append-only objects with cryptographic tamper-evident hashes.
- Bilingual Generation: Customer-facing documents (invoices, receipts, contracts) are generated in both Arabic and English natively.
- Audit Readiness: The system provides built-in reports, Excel exports, and audit trails explicitly structured for government auditors (ZATCA, GOSI, MHRSD).
3. Compliance Documentation Index
To explore specific implementation details, refer to the following specifications: