New Law of the Republic of Kazakhstan on Artificial Intelligence: What Will Change for Businesses

New Law of the Republic of Kazakhstan on Artificial Intelligence: What Will Change for Businesses

Kazakhstan has adopted its first comprehensive Law “On Artificial Intelligence,” which establishes a new regulatory framework for the development and use of AI technologies. For businesses, this is not just another regulatory act — it marks the beginning of a transition toward a transparent, controlled, and secure digital ecosystem. Below we outline the key changes introduced by the law, the opportunities it creates, and what companies should prepare for.

 New Risk Classification and Increased Requirements for AI Systems

One of the fundamental innovations is the classification of AI systems by risk level: minimal, medium, and high. Medium- and high-risk systems include those that influence human safety, legal decision-making, personal data processing, or recommendations that may affect the rights of individuals and companies.

Such systems must comply with additional obligations: auditing and assessing the impact of AI on users’ rights and interests; logging decision-making processes and key technical parameters; documenting system architecture, algorithms, and data sources; implementing risk-management procedures and regular model reviews.

This increases the regulatory burden for sectors such as HR, fintech, healthcare, logistics, insurance, and telecom. At the same time, companies that establish transparent AI-risk management processes and ensure proper legal support for business operations can significantly reduce the likelihood of penalties and legal disputes.

 Transparency and labeling of AI-Generated Content

The law requires informing users when they interact with AI — chatbots, voice assistants, recommendation engines, and automated evaluation systems.

Another requirement is mandatory labeling of synthetic content (texts, images, audio, and video created by AI). This will require:

• updating user agreements and public offers;
• interface modifications (notices, icons, disclaimers);
• implementing internal guidelines on the creation and use of synthetic content.

Companies that ensure transparency and proper labeling in advance gain a competitive advantage. Professional legal services help structure these processes in compliance with the law.

 Data, Copyright, and Legality of Datasets

For the first time, the law introduces direct liability for using copyrighted materials to train AI models without the copyright holder’s consent. This applies to: texts (books, articles, posts); images and illustrations; audio and video materials; software code and other copyrighted works.

Businesses must now: verify the legal status of data sources; record data-usage terms; avoid “grey” or unverifiable datasets.

Companies that invest in licensed datasets and maintain proper legal services support receive protection against unfair competition and stronger legal standing in case of disputes.

National AI Platform — Access to Data and Infrastructure

The law provides for the creation of a national artificial intelligence platform — a single center for infrastructure, libraries, and data sets. For businesses, this means access to government and industry data, pilot projects, development tools, and innovation support.

This is especially important for SMEs, which previously did not have the opportunity to work with big data or train models due to the high cost of infrastructure.

 New Approach to Liability

Liability for AI deployment and operation lies with the operator and owner of the system. Companies will no longer be able to attribute issues to “algorithmic error.” This encourages:

• internal AI-governance policies;
• risk-management committees;
• quality-control procedures;
• regular model updates

The law also allows AI-related liability insurance. Proper contract drafting and risk assessment require professional legal services and expert negotiation support.

 What Businesses Should Do Now

Before the law enters into force (60 days), companies must:

• audit all AI solutions, including third-party systems;
• classify AI systems by risk level;
• update internal policies and data-processing agreements;
• implement risk-assessment and documentation procedures;
• ensure labeling of synthetic content;
• verify dataset legality and switch to licensed sources if needed;
• establish continuous legal support for business in AI and data-protection matters.

Our highly qualified specialists are ready to help your business adapt to the new requirements. We develop and implement internal policies, procedures, contracts, and compliance mechanisms that reduce legal and regulatory risks and ensure the safe and lawful use of AI solutions.

How FChain Can Help

FChain provides comprehensive legal support for businesses in the field of AI — from initial audits and legal document adaptation to ongoing full-service legal maintenance. We will help you build a compliant and transparent AI framework, protect your company’s interests, and minimize risks in the new regulatory environment.

 

For professional support, please contact us at almaty@f-chain.com or via WhatsApp at +7 771 214 1820

Prepared by:
Sergey Gaidarov and Dinara Kalizharova
Legal Department of FChain Kazakhstan
November 24, 2025