Vietnam's First AI Law Puts People First with Open, Risk-Based Rules

Vietnam's First AI Law: What Legal Teams Need Ready by March 1, 2026

On December 10, the National Assembly passed the Law on Artificial Intelligence with 90.70 percent approval. It takes effect on March 1, 2026. For counsel and compliance leaders, the clock has started.

This is Vietnam's first standalone AI statute. It sets a development-first posture with guardrails: AI serves people, does not replace people, and critical decisions require human oversight.

Structure and core principles

• 35 Articles built on a "manage for development" principle.
• Human-centric: AI augments people; high-stakes outcomes need human review.
• Risk-based: obligations scale with potential impact.

Risk-based management: what changes for high-impact use

The law classifies AI systems by risk and maps duties to each tier. Applications with high impact on lawful rights and interests-finance, healthcare, justice, labor, education-face tighter controls.

• Stronger data and documentation requirements.
• Auditing and ongoing supervision.
• Clear human-in-the-loop checkpoints for significant decisions.
• Transparency on system purpose and limitations.

Expect stricter scrutiny where decisions affect access to services, safety, or livelihoods.

National infrastructure and market access

The law backs AI autonomy end to end: computing, data, and research capacity. The State can invest in a national AI computing center and a controlled open-data system. That aims to lower compute costs, reduce entry barriers, and increase competition.

Development mechanisms include:

• National AI Development Fund.
• AI Voucher scheme to help enterprises adopt AI.
• Controlled sandboxes for testing sensitive AI solutions with temporary relief from certain liabilities.

Cross-border providers and AI-generated content

The statute sets expectations for providers offering AI services into Vietnam and addresses AI-generated content and algorithmic ethics. Legal teams should prepare for local accountability, disclosures, and complaint handling that meet Vietnam's standards.

Public sector adoption and demand creation

The State will push AI application across agencies and industries. The National Technology Innovation Fund is set to direct 30-40% of its resources into support programs, including AI vouchers for SMEs. This creates near-term demand and a proving ground for compliance and procurement terms.

Human capital: long-term obligations

The law calls for a national AI workforce strategy, AI literacy in general education, new AI majors at universities, broader academic autonomy, and incentives to bring in international experts. Organizations should plan for internal training and role definitions for AI governance.

Statements from leadership

Deputy Minister of Science and Technology Bui The Duy noted Vietnam is building a national AI supercomputing center, an open data ecosystem, and domestic AI infrastructure for autonomy. The goal: make AI a "smart assistant" accessible to all citizens to raise productivity and widen access to knowledge.

Vietnam commits to openness-open standards, open data, open source-as a path to absorb global knowledge, develop "Make in Vietnam," and ensure safety and transparency.

How it fits globally

• Risk-based approach and lifecycle duties echo major frameworks such as the EU's AI Act. See the European Commission's overview here.
• Human-centric and trustworthy AI principles are consistent with the OECD AI Principles.

Action list for legal and compliance teams

• Map AI use: inventory systems, their purposes, data flows, and affected rights/interests.
• Classify risk: tag use cases against the law's risk tiers; flag high-impact domains (finance, healthcare, justice, labor, education).
• Design controls: human oversight points, appeal paths, and escalation criteria for significant decisions.
• Data governance: ensure lawful sourcing, quality controls, retention rules, and traceability for training and operational data.
• Audit readiness: logging, testing protocols, bias and performance evaluations, and third-party audit support.
• Transparency: user notices, capability and limitation disclosures, and AI-generated content labeling where required.
• Contracts: update vendor and customer terms for warranties, model changes, data rights, incident reporting, and local obligations for cross-border services.
• Sandbox strategy: identify candidates for sandbox testing and define risk mitigation while relief applies.
• Public procurement: prepare compliance packs for bidding into State projects (risk classification, oversight plan, audit artifacts).
• Training: brief product, risk, and legal teams on the law; assign accountable owners.

Key date

Effective March 1, 2026. Build your compliance roadmap now so policy, contracts, and technical controls can be in place before go-live.

Optional resources

• Skill up legal and governance teams on practical AI adoption and oversight: courses by job.