Skip to main content
NOPE
In Effect Guidance AI Safety

Colombia SIC AI Circular

Colombia SIC Circular Externa 2 de 2024 (AI Data Processing)

10-point checklist for AI data processing. Mandatory PIAs for high-risk AI. Note: Separately, Colombia's Consejo Superior de la Judicatura adopted UNESCO AI Guidelines for judiciary (Dec 16, 2024).

Jurisdiction

Colombia

Enacted

Pending

Effective

Aug 21, 2024

Enforcement

Superintendencia de Industria y Comercio (SIC)

SIC

Why It Matters

Most specific AI data processing guidance in Latin America. PIA requirement creates documentation obligation.

At a Glance

Requires

Transparency

Who Must Comply

  • Data controllers using AI in Colombia

Obligations fall on:

Safety Provisions

  • 10-point AI data processing checklist
  • Privacy Impact Assessments for high-risk AI
  • Transparency for AI decisions
  • Human oversight for significant automated decisions

Compliance & Enforcement

Penalties

Enforced under existing data protection law. Fines up to 2,000 monthly minimum salaries (~$520,000 USD). Fines may be successive while non-compliance continues.

View on map

Colombia

Focus Areas

Algorithmic accountability
Active safeguards required

Compliance Help

Requires documented 10-point checklist compliance; PIA for high-risk AI; transparency; human oversight.

See how NOPE helps

Cite This

APA

Colombia. (2024). Colombia SIC Circular Externa 2 de 2024 (AI Data Processing).

Related Regulations

In Effect PE

Peru AI Regulations

Peru's first comprehensive AI regulatory framework, inspired by EU AI Act. Establishes three-tier risk-based approach: prohibited uses, high-risk systems (including healthcare), and low-risk/acceptable AI. First general AI regulation in Latin America. Requires human oversight, transparency, and risk assessments for high-risk AI including healthcare applications.

In Effect SV

El Salvador AI Law

First comprehensive AI law in Latin America. Promotes AI development while establishing ethical principles and governance framework. Creates the National Agency for Artificial Intelligence (ANIA) to oversee AI development and regulation.

In Effect CA-ON

Ontario Bill 194

Ontario's first AI-specific legislation regulating public sector use of AI systems. Requires accountability frameworks, risk management, disclosure, and human oversight. Also addresses cybersecurity and digital information affecting minors under 18.

Failed CA

C-63

Would have established Digital Safety Commission with platform duties for seven harmful content categories including content inducing children to harm themselves. Required 24-hour CSAM takedown.

In Effect CARICOM

CARICOM CCSCAP 2025

CARICOM's 2025 regional cyber security framework establishing digital safety culture and coordinated incident response across 18 member states.

In Effect CL

Chile Cybersecurity Law

First cybersecurity framework law in Latin America (Law 21,663 promulgated Mar 26, 2024; published Apr 8, 2024). Creates National Cybersecurity Agency (ANCI), mandatory incident reporting, and encryption rights.

All regulations Check if this applies to you

Last updated February 17, 2026. Verify against primary sources before relying on this information.