Short answer: yes. Electronic signatures have been legally valid in Saudi Arabia since 2007, when Royal Decree No. M/18 enacted the Electronic Transactions Law (ETL). That is eight years before the EU finalised eIDAS. An electronic signature that meets the law's reliability conditions carries the same legal effect and evidentiary weight as a handwritten one — and since 2022, the Kingdom's Law of Evidence makes that admissibility explicit.
The questions that actually matter aren't whether e-signing is legal — they're what you can sign, when you need Nafath-grade signing versus when a standard signature is enough, and whether the document holds up if a counterparty challenges it in a Saudi court. This is that walkthrough, sourced to the statute. For the full institutional picture — NCDC, the commercial CSPs, SAMA and NCA overlays — see our flagship reference, Electronic Signatures in Saudi Arabia.
the year Royal Decree M/18 enacted the Electronic Transactions Law (ETL) — Saudi Arabia's foundational e-signature statute, predating the EU's eIDAS Regulation by eight years
Bureau of Experts at the Council of Ministers, Kingdom of Saudi Arabia
the statutory anchor: an electronic signature is equivalent to a handwritten one when the reliability conditions are met — unique linkage, sole control, tamper-evident binding, detectable post-signing alteration
ETL, Royal Decree M/18, Article 14
the Law of Evidence (Nizām al-Ithbāt) explicitly admits electronic records and electronic signatures as evidence in Saudi courts — closing the last gap between 'legally valid' and 'provable in a dispute'
Law of Evidence, Royal Decree M/43 of 1443 AH (2022)
The two articles that decide it
The ETL does most of its work in two provisions.
Article 9 — general recognition (non-discrimination). An electronic signature, record, or contract cannot be denied legal effect or admissibility solely because it is electronic. This is the same principle as eIDAS Article 25(1) and Qatar's Article 39 — the floor that makes everything else possible.
Article 14 — reliability conditions. This is the one that decides whether your signed PDF survives a challenge. An electronic signature is treated as equivalent to a handwritten signature when:
- it is uniquely linked to the signatory;
- the signatory has sole control of the means used to create it at the moment of signing;
- any alteration after signing is detectable; and
- it is tamper-evidently bound to the record it relates to.
These four conditions are conceptually identical to eIDAS Article 26 and Egypt's Law 15/2004 Article 15. Any properly built signing platform — PAdES-B-T seal, RFC 3161 timestamp, hash-chained audit trail — meets all four.
— Electronic Transactions Law, Royal Decree M/18, Article 14
The three tiers Saudi practice recognises
The ETL has a single legal category with Article 14 as the bar — it does not formally tier signatures the way eIDAS does. But the market (and Saudi procurement) reads three practical levels:
- Basic (SES-equivalent). A typed name, a clicked accept, an OTP-verified email signature. Admissible under general principles, but without the Article 14 presumption. Fine for low-risk internal documents.
- Advanced (AES-equivalent). A signature meeting all four Article 14 conditions — OTP-verified identity, PAdES-B-T seal, trusted timestamp, hash-chained audit. This is the right tier for the overwhelming majority of B2B contracts in the Kingdom and is exactly what SahlSign produces.
- Qualified (QES-equivalent). A signature using a certificate from an NCDC-rooted, licensed CSP (Saudi Post / SPL eSign, Elm) with Nafath-anchored identity. Required only for specific regulated instruments. The full tier-selection argument is in AES vs QES with Nafath.
What you can sign electronically
For day-to-day commerce, the answer is "almost everything":
- Employment contracts and offer letters (incl. Qiwa-flow onboarding)
- NDAs, vendor and supplier agreements, MSAs and SOWs
- Commercial leases and most B2B service contracts
- Board consents, internal approvals, policy acknowledgments
- Quotations, purchase orders, and engagement letters
What still needs a notary or a specific channel
The ETL and its implementing regulations carve out instruments that other laws require to be executed, notarised, or registered in a particular way. Treat these as exceptions, not the rule:
Handle these outside a standard e-signature flow
- Personal-status matters
Marriage, divorce, inheritance and similar family-law instruments fall outside the ETL's scope and follow their own formalities.
- Real-estate title transfers
Property conveyances are registered through the Ministry of Justice channels (Najiz); the registration formality, not a wet signature per se, is the binding step.
- Notarised powers of attorney (Wakala)
A Wakala that another statute requires to be notarised is executed through the MOJ's notarisation channel — increasingly digital via Najiz/Tawthiq, but not a free-form e-signature.
- Instruments a specific law requires to be authenticated
Where a sector statute mandates a particular execution or registration formality, follow that formality. When in doubt for a regulated instrument, confirm with counsel.
Will it hold up in a Saudi court?
This is the question behind the question — and it's where Saudi Arabia got materially stronger recently. The 2022 Law of Evidence (Royal Decree M/43) explicitly recognises electronic records and electronic signatures as admissible evidence, and addresses their probative weight directly. Combined with ETL Article 14, that means a properly sealed electronic signature isn't merely "not excluded" — it has an affirmative statutory basis as evidence.
What a judge (or an opposing counsel's expert) will look for maps exactly to Article 14: can you show the signature was uniquely the signatory's, that they controlled the signing, and that the document hasn't changed since? That is precisely what a tamper-evident audit trail demonstrates — see How to Verify a Signed PDF for the concrete verification routine.
What a defensible Saudi signature actually looks like
To clear Article 14 and the Evidence Law in practice:
The production checklist
- Verify each signer at signing time (OTP)
Email or SMS OTP establishes the "uniquely linked" and "sole control" conditions.
- Seal the final PDF with PAdES-B-T
A cryptographic seal makes post-signing alteration detectable — Article 14(3).
- Attach a trusted RFC 3161 timestamp
Anchors when the signature was applied, independent of your own clock.
- Keep a hash-chained audit trail
Lets any party re-verify the chain — the evidentiary spine if the document is ever challenged.
- Issue a bilingual Certificate of Completion
An Arabic + English certificate citing Royal Decree M/18 is what a Saudi court or counterparty reads first.
The takeaway
Electronic signatures are legal in Saudi Arabia, have been since 2007, and are now explicitly admissible in court under the 2022 Law of Evidence. For nearly all B2B contracts, an OTP-verified, PAdES-B-T-sealed signature with a trusted timestamp and a hash-chained audit trail clears Article 14 and holds up in a dispute. Reserve Nafath-anchored qualified signing for the narrow set of regulated instruments that actually require it — and keep personal-status, notarised, and registered documents in their own statutory channels.
Electronic signatures are legally valid in Saudi Arabia under Royal Decree M/18 (Article 14), and admissible as court evidence under the 2022 Law of Evidence (Royal Decree M/43). For most B2B documents an Advanced Electronic Signature — OTP identity, PAdES-B-T seal, RFC 3161 timestamp, hash-chained audit — is sufficient and defensible. Nafath-anchored QES via a licensed CSP is required only for specific regulated instruments.
Electronic Transactions Law (Royal Decree M/18 of 2007) + Law of Evidence (Royal Decree M/43 of 2022)
Frequently asked questions
Is electronic signature legal in Saudi Arabia?
+
Is a digital signature the same as an electronic signature in KSA?
+
Do I need Nafath or a qualified certificate to sign in Saudi Arabia?
+
What documents cannot be signed electronically in Saudi Arabia?
+
Will an electronically signed contract hold up in a Saudi court?
+
What law governs electronic signatures in Saudi Arabia?
+
Related reading
- Electronic Signatures in Saudi Arabia — the complete institutional reference: M/18 in depth, NCDC, the licensed CSPs, Nafath, the NCA cybersecurity overlay, and SAMA's framework for financial institutions.
- Best E-Signature Software in Saudi Arabia (2026) — the buyer's evaluation framework and how the main options compare for Saudi needs.
- DocuSign Alternative in Saudi Arabia — the Saudi-specific case for a GCC-native alternative.
- AES vs QES with Nafath: Why Most Saudi Business Signing Doesn't Need Qualified — when Nafath-anchored qualified signing is genuinely required versus when Advanced is the right answer.
- NCA Cybersecurity Controls and E-Signing in Saudi Arabia — what Saudi enterprise and banking procurement audits a signing platform against.
- ZATCA Phase 2 E-Invoicing and Electronic Signing — where the ZATCA cryptographic stamp intersects with the underlying contract signature.
- How to Verify a Signed PDF — Article 14's "uniquely linked" and "tamper-detectable" conditions turned into a concrete verification routine.
Sources
- Electronic Transactions Law — Royal Decree No. M/18 of 1428 AH (2007 AD) — Bureau of Experts at the Council of Ministers, Kingdom of Saudi Arabia
- Law of Evidence — Royal Decree No. M/43 of 1443 AH (2022) — Bureau of Experts at the Council of Ministers
- National Center for Digital Certification (NCDC) — Digital Government Authority
- Nafath digital identity service — SDAIA / DGA
- Communications, Space & Technology Commission (CST) — regulator for the ETL implementing regulations
- eIDAS Regulation (EU) 910/2014 — for cross-border comparison
- ETSI EN 319 142-1 — PAdES baseline signature profiles