What is AI regulation in the Comoros?
AI regulation: countries and regions
The Comoros has no dedicated AI law, no AI-specific regulator and no published national AI strategy. AI use is shaped indirectly by general digital policy, led by the national digital development agency ANADEN under the "Comores Numerique 2028" strategy, by the telecoms regulator ANRTIC, and by the African Union Continental AI Strategy that the Comoros is expected to follow as an AU member. Data protection arrangements exist on paper but the supervisory authority is not yet fully operational.
Reviewed by Jackie, Head of Learning & Development, Levellers · Last reviewed 8 June 2026
What this means
There is no statute in the Comoros that names or governs artificial intelligence. Anyone deploying AI in the country is therefore working within general law and digital policy rather than any AI-specific rulebook. This is common for small island states that are still building basic digital infrastructure and connectivity before turning to advanced technology rules. What does exist is a digital governance scaffold. The Agence Nationale de Developpement du Numerique (ANADEN) was created by decree in January 2019 to design and run national digital policy, including the "Comores Numerique 2028" strategy adopted in December 2018. The telecoms and ICT regulator, ANRTIC, created by decree in 2009, supervises electronic communications under a 2024 electronic communications law. These bodies set the environment in which AI will eventually be governed, even though neither has an explicit AI mandate today. On the regional level, the Comoros sits inside the African Union framework. The AU endorsed its Continental AI Strategy in July 2024, encouraging member states to build national AI strategies and strengthen data governance. The Comoros is also an Indian Ocean and East African state engaging with continental digital initiatives, so its eventual approach is likely to track AU and African guidance rather than develop in isolation.
Why it matters
For organisations deploying or governing AI touching the Comoros, the practical point is that there is no local AI compliance regime to satisfy, but also no local clarity to rely on. You cannot point to a Comorian AI statute, a risk classification scheme or an AI regulator's guidance, because none exists. That places more weight on general obligations: contract terms, sector licensing under ANRTIC where electronic communications are involved, consumer protection, and whatever data protection duties apply. It also means foreign frameworks (the AU Continental AI Strategy, partner-country expectations and the standards of any international funders involved) often carry more practical force than domestic AI rules. Treat the Comoros as an early-stage jurisdiction: low local regulatory burden, but high uncertainty, and a real chance that rules arrive during the life of a long project.
How it works
No dedicated AI law or regulator
The starting point is plain: the Comoros has not enacted any law that defines, licenses or restricts artificial intelligence, and it has not designated any authority to supervise AI specifically. There is no AI act, no AI bill confirmed in official sources, and no AI risk-tiering scheme. Claims by some commercial directories that the Comoros has bespoke AI rules are not supported by official material and should be treated with caution.
The digital policy backbone: ANADEN and Comores Numerique 2028
National digital direction sits with ANADEN, the Agence Nationale de Developpement du Numerique, established by decree number 19-014/PR of 10 January 2019. Its remit is to develop and implement national digital strategy, run e-government services, set technical norms for digital services and put in place cybersecurity arrangements for the country's digital assets. The governing strategy is "Comores Numerique 2028", framed around making the Comoros an information society, and aligned with the broader national ambition of becoming an emerging economy by 2030. AI is not the centre of this strategy, but it is the policy vehicle most likely to carry future AI initiatives.
The telecoms and ICT regulator: ANRTIC
ANRTIC, the Autorite Nationale de Regulation des Technologies de l'Information et de la Communication, was created by decree number 065/PR of 23 May 2009. It regulates electronic communications, licenses operators, manages spectrum (including recent 5G frequency assignments) and enforces market rules. A new electronic communications law was promulgated in January 2024, replacing the previous 2014 law and expanding the regulator's powers. ANRTIC does not regulate AI as such, but AI services delivered over electronic communications networks fall within the connectivity and licensing environment it supervises.
Data protection: provisions on paper, authority not yet operational
Data protection is the area most relevant to AI governance, and it is also where the picture is least settled. Secondary sources disagree sharply on what data protection law is actually in force in the Comoros, citing different statutes and dates, which means the precise current legal status cannot be stated with confidence from reliable sources. What is clearer is institutional: a National Authority for the Protection of Personal Data is intended to exist, and a 2024 African Development Bank financed digital project explicitly funds the establishment and operationalisation of such an authority alongside access to information. The reasonable conclusion is that supervisory capacity is still being built rather than fully running.
The regional layer: African Union and the Malabo Convention
The Comoros is an AU member, and the AU's Continental AI Strategy, endorsed in July 2024, sets the regional direction: an Africa-centric, development-focused approach urging member states to adopt national AI strategies and strengthen data governance, with a phased plan running from 2025 to 2030. Separately, the AU Convention on Cyber Security and Personal Data Protection (the Malabo Convention) entered into force in June 2023. Official and treaty-tracking sources list the Comoros as having signed the Malabo Convention; its ratification status should be checked against the current AU treaty list before being relied on, as some commercial sources overstate it.
Examples
A fintech company offering an AI-driven credit or fraud tool to Comorian customers finds no AI licence to obtain and no AI regulator to notify. Its real constraints are operator and connectivity rules under ANRTIC, anti-money-laundering and know-your-customer duties, and whatever data protection obligations apply, plus the contractual and reputational expectations of any international partner or funder. A government modernisation programme building e-government services works through ANADEN under the Comores Numerique 2028 strategy. If AI features such as automated triage or chatbots are added, governance flows through the digital agency and the relevant data centre and data protection arrangements being financed under the African Development Bank digital project, not through a standalone AI law. A regional NGO running an AI literacy or agricultural AI pilot across Indian Ocean states treats the Comoros as a low-formal-regulation environment but aligns its design with the African Union Continental AI Strategy's emphasis on inclusion, capability building and data governance, since that continental direction is the most concrete reference point available.
Common misunderstandings
"The Comoros has its own AI law." It does not. No official source supports a dedicated AI statute, bill or regulator; directory pages suggesting otherwise are unreliable. "No AI law means no rules at all." Incorrect. General law, telecoms regulation under ANRTIC, data protection duties and AU-level commitments all still apply to AI use. "The Comoros has ratified the Malabo Convention, so a full data protection regime is in force." Treat this with care. Official sources show the Comoros as a signatory, and the supervisory authority is still being established, so domestic enforcement capacity should not be assumed. "The African Union Continental AI Strategy is binding law in the Comoros." It is a strategy, not a directly enforceable statute. It guides national policy but does not by itself create enforceable AI obligations on companies. "There is no digital governance in the Comoros." Untrue. ANADEN, ANRTIC, the Comores Numerique 2028 strategy and a 2024 electronic communications law form a real, if early-stage, framework.
Risks and boundaries
This article describes a jurisdiction with no dedicated AI framework, so it cannot tell you how to comply with one. The main boundary is uncertainty: the exact data protection statute currently in force in the Comoros cannot be confirmed from reliable official sources, and reputable secondary sources conflict on it. The status and operational reality of the National Authority for the Protection of Personal Data is in transition, financed but not demonstrably fully running. The Comoros position on the Malabo Convention is recorded as signature in the sources reviewed, and ratification should be verified directly against the current AU treaty list rather than assumed. None of this is legal advice; anyone with a live deployment should obtain qualified local counsel. Finally, because this is a developing area, new rules or a national AI strategy could appear, so the status here should be rechecked periodically.
What to do next
Map your real obligations rather than looking for an AI law: identify telecoms and licensing touchpoints with ANRTIC, applicable data protection duties, sector rules and any funder or partner standards. Build your AI governance to a recognised external benchmark (the African Union Continental AI Strategy direction, and mature data protection principles) so you are credible and portable even without a local AI statute. Treat data governance as the priority control, since that is where Comorian institutions are actively building capacity. Confirm the current status of the data protection authority and the Malabo Convention before relying on either. Engage early with ANADEN for public-sector or strategic projects. Document your AI risk approach now, so you can adapt quickly if the Comoros issues a national AI strategy or law during your project.
Have a question or a suggestion, or want to understand how we research and review these guides? Read about our editorial standards and how to reach us.
FAQs
Does the Comoros have a dedicated AI law?
No. There is no AI-specific statute, no confirmed AI bill and no AI regulator in the Comoros according to official sources.
Who governs digital and technology policy in the Comoros?
ANADEN, the national digital development agency created by decree in January 2019, leads digital strategy, while ANRTIC, created in 2009, regulates telecoms and electronic communications.
Is there a national AI strategy?
Not as a standalone published document. The relevant policy is the broader "Comores Numerique 2028" digital strategy, and the country is expected to align with the African Union Continental AI Strategy.
What data protection law applies to AI in the Comoros?
This is uncertain. Reliable sources conflict on the precise statute in force, and the National Authority for the Protection of Personal Data is still being established with donor support, so capacity is limited.
Has the Comoros ratified the African Union Malabo Convention?
The sources reviewed list the Comoros as a signatory of the Malabo Convention. Verify ratification against the current AU treaty list before relying on it.
Does the African Union Continental AI Strategy apply to the Comoros?
As an AU member, the Comoros falls within the strategy's scope. It is policy guidance encouraging national AI strategies and stronger data governance, not directly enforceable law.
What rules apply to a company deploying AI in the Comoros today?
General law, telecoms and licensing rules under ANRTIC where relevant, applicable data protection duties, and the expectations of any international partners or funders, rather than any AI-specific regime.
Could AI regulation change soon?
Yes. Given AU momentum and ongoing digital projects, the Comoros could adopt new digital, data protection or AI policy during a long project, so the position should be rechecked.