Career Biography

Ibrahim AlQusayer is the Chief Legal & GRC Officer of Lean Business Services, where he leads the legal, governance, compliance, and risk functions. With a background that bridges law, public policy, and business strategy, AlQusayer is known for bringing clarity, structure, and foresight to complex regulatory and organisational challenges.

He believes that a modern legal department should act as a designer or architect of legal solutions, not merely an after-the-fact inspector. This philosophy has shaped how he leads legal teams: embedding them early into strategic decisions, product design, and innovation processes to ensure the law functions as an enabler, not a barrier.

AlQusayer’s leadership style is grounded in integration. He has worked to align legal with governance, risk, and compliance functions in a way that creates a unified approach to decision-making, accountability, and resilience. His ability to connect legal thinking to institutional goals has made him a key contributor to building internal structures that are both agile and principled, ensuring that legal work reinforces institutional clarity and long-term value.

In parallel, AlQusayer engages with regulators and public entities to support the development of effective legal and regulatory frameworks. His work in this space focuses on aligning policy objectives with regulatory tools and legislative drafting — particularly in sectors shaped by rapid innovation and public interest. He brings a nuanced understanding of how regulation intersects with emerging technologies, such as artificial intelligence, and works to ensure that legal frameworks remain adaptive, coherent, and enabling.

In addition to local qualifications, AlQusayer holds two law degrees from the University of the Pacific – McGeorge School of Law, and has completed executive education at Harvard Business School, the London School of Economics, and INSEAD. He is regarded for his ability to bridge legal insight with institutional purpose, and for fostering legal teams that are responsive, thoughtful, and deeply embedded in strategic execution.

Team size: ~30

Significant Work from the Past Year

Over the past year, I have led the legal and governance function at Lean Business Services, a national digital health enabler contributing to Saudi Arabia’s healthcare transformation. A core part of my role has been the legal protection of our technological IP, including software platforms, AI algorithms, and proprietary data sets. This has required us to navigate complex gaps in global IP law, particularly around copyright in AI training data and the patentability of algorithms—challenges that are becoming increasingly relevant as our digital offerings scale.

Additionally, I’ve played a central role in M&A activity, advising on deals where Lean was both acquiring and being acquired. These transactions involved government-linked entities, strategic technologies, and sector-specific regulatory approvals, requiring precise legal structuring and risk management.

We have also been actively engaged in responding to data privacy regulations, especially in light of evolving requirements from SDAIA, DGA, and SAIP. The implications of data localisation mandates on AI model deployment and cross-platform data flows have been a major legal focus—particularly in the context of AI-driven healthcare solutions.

Beyond compliance, we’ve provided regulatory advisory support to health regulators to help enable telehealth, digital health infrastructure, and e-government services — aligning regulatory intent with technical and legal feasibility.

What innovations have you made to the way your legal team works in the past year?

Our legal team has undergone a shift from being a traditional back-office function to a strategic partner embedded within the business. We now participate early in product development, public tenders, and strategic planning — allowing us to shape direction rather than just review outcomes.

One of the key structural developments has been the activation and harmonisation of our Governance, Risk, and Compliance (GRC) functions. By aligning Legal with Risk and Internal Audit, we’ve created a more cohesive view of our exposure landscape and embedded risk ownership across the organisation.

We also introduced a dashboard system to track contract lifecycles, regulatory filings, and risk indicators—bringing transparency to legal workflows and enabling data-driven decision-making.

Internally, we’ve launched an initiative to explore the use of AI-powered legal agents — essentially virtual colleagues that assist with document review, legal research, and risk flagging. While still in early stages, this innovation reflects our belief that AI can extend legal capacity without compromising judgment or accountability.

Which political, economic, or regulatory changes have impacted your work the most in the past year?

Saudi Arabia’s regulatory environment continues to evolve at an unprecedented pace, especially in the digital and healthcare sectors. New mandates from emerging regulators such as SDAIA, SAIP, and the DGA have reshaped how we think about licensing, data governance, and cross-border operations. These changes have had a direct impact on how we design and deploy health tech products, manage stakeholder expectations, and structure contracts.

Our team has also had to closely monitor data privacy frameworks and digital infrastructure policies, which influence everything from consent mechanisms to system architecture. The tension between global innovation and national data protection is especially sharp in our sector, and it requires continuous legal adaptation.

Finally, we’ve been asked by regulators to provide policy input and legal interpretation in the roll-out of telehealth and e-health frameworks. This role — at the intersection of legal counsel and regulatory strategy — has required both technical fluency and regulatory diplomacy.

Are the effects of AI on the legal world overplayed, or underplayed?

AI’s effects on the legal profession are frequently misunderstood. While automation tools are already delivering real value in contract review, risk triage, and compliance monitoring, the broader implications lie in areas that current legal frameworks are ill-equipped to handle.

From an IP standpoint, we are seeing serious global challenges: Who owns AI-generated output? Can algorithms be patented? What rights exist in training data? These are unresolved legal frontiers that directly impact our ability to protect core technologies.

At the same time, privacy and data localisation laws are already restricting the use of many cloud-based AI models — particularly in sensitive sectors like healthcare. These constraints require in-house teams to re-evaluate how AI tools are integrated within enterprise systems.

Despite these hurdles, we are moving forward. At Lean, we’re developing internal AI agents to augment our legal operations — not to replace lawyers, but to support them with speed, precision, and context awareness. AI’s role in legal functions will grow, but only alongside well-defined accountability and ethical oversight.