Policies

Policies

Complementary Business Relationship Management and Collaboration Policy

The Securities and Commodities Authority confirms its commitment to entering into productive business relationships to ensure effective implementation by introducing the Complementary Business Relationship Management and Collaboration Policy to determine and manage outcomes and returns and ensure the following:

  1. Demonstration of commitment to creating and sustaining fruitful business relationships with partners, in line with the best international practices and the requirements specified by the international standard for collaborative business relationship management systems—namely, ISO 44001.
  2. Development of objectives and action plans to support the business relationship management policy; improvement of the practice of measuring the impact of business relationships; and review of the business relationship management policy, procedures, and objectives on an annual basis to ensure ongoing improvement.
  3. Provision of the appropriate resources for the management of business relationship systems to ensure process improvement and provide training to the SCA staff.
  4. Establishment of effective communication channels with business partners to share knowledge and expertise.
  5. Development of business relationships with distinct partners specifically selected with the aim of bringing benefit to the SCA and its existing partners.
  6. Understanding and responding to stakeholder needs in a manner that exceeds expectations and ensures happiness.
  7. Overseeing the implementation and measuring the impact of the signed agreements and MoUs to help enhance processes and services. Keeping pace with the latest technological developments and creative approaches used as catalysts for innovation, continuous improvement, effective leadership in the workplace, and the setting of proper performance indicators to measure business relationship performance.
  8. Implementation of the requirements specified in business relationship agreements and any other ISO 44001 requirements.
  9. Utilization of various media outlets to publish the Complementary Business Relationship Management and Collaboration Policy and make it accessible to the SCA staff, vendors, and stakeholders. This policy will be reviewed periodically to ensure that it is on par with international practices and that it meets the objectives of the integrated business relationship.
Information Security Management System (ISMS) Policy

1.1. Overview

  • In line with SCA's mission to enhance the principles of fair trading practices and improve the efficiency of UAE capital markets, SCA has embarked upon many initiatives to improve the quality of services delivered.
  • THE SCA IT department has initiated the implementation of the Information Security Management System (ISMS) in alignment with the ISO 27001:2013 standard to support the strategic vision of the SCA IT Department and ensure that the information security practices are in line with the industry-wide best practices for information security. This project assists SCA IT to improve the information availability, integrity and confidentiality and put in comprehensive approaches to assess information risks and define a comprehensive treatment plan. As part of this journey, the SCA IT Department also intends to achieve the ISO/IEC 27001:2013 Certification, the only auditable standard available for information security.
  • The ISMS implementation has been currently planned for the management of the SCAIT Department. In this regard, the development of ISMS policy is regarded as one of the most important steps as it provides vital principles and directions based on organizational requirements and Information Security priorities.

1.2. Purpose

The purpose of the ISMS policy is to demonstrate and express the intention and commitment of SCA to:

  • Protect information assets from all threats, whether internal or external, deliberate or accidental, thereby ensuring uninterrupted services to Employees, Customers and Stakeholders; and
  • Manage the risks to an acceptable level through design, implementation and maintenance of an effective Information Security Management system.

This policy forms the basis and identifies vital principles for all Information Security initiatives in SCA.

1.3. Scope

This document defines SCA ISMS policy and principles.

1.4. Applicability

The ISMS Policy applies to all SCA Staff, SCA Contractors and Third-Party Organizations involved in the management of Information Security at SCA.

1.5. Responsibilities

1.5.1. The SCA Information Security Management System (ISMS) Forum is responsible for developing, maintaining, and distributing SCA Security Policies.

1.5.2. The ISMS Forum is responsible for auditing and reporting compliance to SCA Security Policies.

1.5.3. Department Heads / Section Heads are responsible for compliance to SCA Security Policies within their area(s) of concern.

1.5.4. All Employees, Contractors and Third Parties are responsible for reading and understanding the application of the SCA Security Policies.

1.5.5. ISMS Forum is responsible for reviewing SCA Security Policies on a scheduled and ongoing basis to ensure their continuing suitability, adequacy, and effectiveness.

1.6. Key Objectives

The Primary Objectives of this policy are:

1.6.1. SCA shall develop an ISMS framework containing policies, procedures. To establish, implement, operate, monitor, review, maintain and improve a documented Information Security Management System (ISMS) within the organization's overall business activities relating to regulating the capital market sector in the United Arab Emirates.

1.6.2. The SMS framework shall consider business and legal or regulatory requirements and contractual security obligations. (Ref: ISMS Manual).

1.6.3. SCA shall develop a Risk management framework establishing criteria against which risk will be evaluated against business, legal and regulatory requirements. (Ref document on Information Security Risk Management Framework).

1.6.4. Establish a consistent, comparable, and repeatable approach to perform risk assessment and select appropriate controls to mitigate the risk arising from business, legal and regulatory requirements.

1.6.5. Establish a process to classify information assets based on the criticality and develop policies and procedures to assist SCA's IT Department in accomplishing its Security objectives.

1.6.6. ISMS framework also contains procedures to monitor and measure control effectiveness based on continual improvement methods while safeguarding SCA IT information processing systems

The SCA assets shall be protected from threats to Confidentiality, availability and Integrity. This policy also intends to create a secure business environment by developing awareness and imparting education.

Knowledge Management Policy

The Securities and Commodities Authority is committed to applying the principles of implicit and explicit knowledge management efficiently and effectively in implementing initiatives aimed at producing and sharing knowledge through:

  1. Developing and implementing a knowledge management strategy according to a clear and defined vision and goals according to the directions of the Federal Government.
  2. Ensuring that the knowledge management policy is available & widely understood by all employees and all SCA's employees are actively and efficiently involved in SCA's identity and culture that embraces global best practices in knowledge management.
  3. Ensuring the sustainability of knowledge management initiatives and projects through initiatives that include the preservation, deployment, participation, knowledge development and innovation in the authority.
  4. Compliance with organizational and other requirements related to the knowledge management system, and work continuously to improve the methodology by constantly reviewing performance levels and achieving goals to contribute to developing knowledge management performance.
Sustainable Procurement Policy

The Securities and Commodities Authority (SCA) confirms its commitment to sustainable procurement by policy to ensure effective and quality implementation and to determine and manage the environmental, social, and economic impacts within its supply chain to:

  1. Identify goals and develop action plans to support the sustainable procurement policy and monitor the ongoing improvement in sustainable procurement practices.
  2. Supply SCA with its needs of quality, timely-delivered, and competitively-priced goods and services to ensure procurement efficiency in line with federal legislation and rules.
  3. Meet the principles of sustainable procurement, wise governance, integrity, equality, and transparency in all procurement and contractual arrangements.
  4. Provide equal contracting opportunities to vendors, perform quotation evaluations, and evaluate vendor performance.
  5. Give priority to quotations/proposals submitted by small and medium enterprises (SMEs) registered with authorities responsible for supporting youth business projects to help develop the SME sector in the country. In addition, provide facilities to vendors who embed sustainability practices and standards and follow codes of ethical conduct in their work and supply chain.
  6. Investigate and handle complaints made by vendor partners professionally and transparently.
  7. Ensure the continuity of business and the availability of services and goods needed to manage SCA's operations by entering into strategic partnerships with vendors, identifying high-risk areas, making an impact within SCA's supply chain, and engaging vendors in the risks.
  8. Rationalize expenses, promote concepts of reasonable spending in managing SCA's procurement process, and prevent the waste of public funds.
  9. Displaying commitment to the best international standards and practices in preserving the environment, reducing carbon footprint, and maintaining public funds to achieve sustainable economic growth rates and ensure fair procurement, thus maintaining the rights of the society.
  10. Control the quality of procurement and contractual arrangements and procedures and make ongoing improvements in line with best practices (ISO 20400).
  11. Vendors selected to supply SCA with goods and services must display the following characteristics:

a. Work to reduce carbon footprint by:

  • Conserving resources, including energy, water, and materials.
  • Keeping waste to a minimum, whether in operations or otherwise.
  • Mitigating the impact of delivery and transportation and increasing reliance on local resources.

b. Provide services and benefits to the society by:

  • Complying with the International Labor Organization's principles on human rights and working conditions.
  • Ensuring the elimination of human trafficking and child labour practices in any supply chains or any part of their business if executed by a third party.
  • Prohibiting discrimination and legal harassment to ensure an inclusive and safe business environment.

c. Work on boosting economic growth by:

  • Supporting job creation and facilitating access to opportunities for SMEs, corporations, and community organizations.
  • Considering the cost of the product life cycle.
  • Paying wages (minimum requirements) to personnel and contractors.
  • Implementing procedures and practices related to anti-money laundering, fraud, bribery, corruption, conflict of interest, and data security issues.

The senior management is committed to communicating the sustainable procurement management system policy to all employees, vendors, and concerned parties using available means and methods. The policy must be reviewed regularly to ensure that it aligns with the best international practices to support sustainability goals.


SCA’s Risk Management Policy
  • The Securities and Commodities Authority (SCA) aims to become a model to emulate and the leading supervisory authority across the United Arab Emirates in applying the Business Continuity, Risk Management, and Institutional Crisis Framework. It seeks to do so by developing administrative approaches to address institutional challenges, taking advantage of available opportunities, and applying best practices in this area—all of which will help it to strengthen the confidence of related parties, mitigate risks that affect business continuity and sustainability, and realize its strategic objectives.
  • This policy governs the rules, regulations, and actions taken to address the risks associated with SCA's wide range of activities. To achieve sustainable development in line with the rules and powers provided for in SCA's establishing law and the relevant policies.
  • This policy aims to ensure that all related parties understand the concept of business continuity, risk management, and institutional crisis and that they are aware of their obligations when it comes to managing business continuity, risks, and crises that accompany all of SCA's institutional activities.
  • This comes as part of the efforts to assess and improve the effectiveness of internal supervision and audit and institutional governance, which will result in high and sustained achievement rates.
  • The Regulatory Policies & Future Foresight Section, in collaboration with concerned departments, are responsible for identifying, classifying, and assessing risks; presenting options to handle risks; and reviewing the effectiveness of the framework regularly using sound professional approaches, thus ensuring the implementation of the above and adding sustainable value to SCA's activities and operations.
SCA'S Innovation policy
  • The Securities and Commodities Authority (SCA) is working to create an environment that fosters innovation by developing a supportive infrastructure—focusing on developing human resources and smart, sophisticated electronic systems and the utilization of modern innovation tools in everyday business, thus encouraging the introduction of innovative services and achieving customer and employee happiness.
  • The SCA has been keen to pursue a proactive rather than a reactive innovation strategy. With a proactive innovation strategy, the SCA will have a strong research orientation and first-mover advantage and a leader in the capital markets sector.

The proactive innovation strategy depends on the following types of innovations:

  • Radical: breakthroughs that change the nature of products and services.
  • Incremental: the constant technological or process changes that lead to improved performance of products and services.
SCA'S Corporate Governance Policy

SCA is committed to:

  1. Implement best practices in governance to underpin SCA's performance.

  2. Create work culture characterized by integrity, fairness, transparency and accountability.

  3. Develop a directive and supervision framework across all SCA's activities.

Corporate Governance Principles adopted by SCA:

  1. Stakeholders focus oriented.

  2. Partnership and cooperation.

  3. Integrity, moral values and sovereignty of law.

  4. Fairness and equality.

  5. Independence.

  6. Discloser and transparency.

  7. Liability and accountability.

  8. Sustainable development.

  9. Control and discipline.

  10. Innovation.

Securities and Commodities Authority Feedback management policy

The SCA believes in the right of customers and community members to provide feedback in case of dissatisfaction with the quality and efficiency of the services provided. The SCA undertakes to apply the highest quality standards in carrying out its duties towards clients in line with its role in supporting and protecting investment in the capital and commodity markets. Accordingly, the SCA’s senior management is committed to activating and providing all resources to ensure the efficiency and effectiveness of the feedback management process, dealing with them in a fair and effective manner and within the specified time, and benefiting from them as much as possible in improving services.

The SCA confirms that the processes related to the feedback management system are designed, implemented and improved in accordance with the it’s feedback management policy, the “National Customer Relations Management Program - NCRM” system, the charter for customer service in federal institutions, the requirements of ISO 10002:2018, and the regulations and laws that regulate the work of the authority.

The SCA provides the following channels for receiving feedback:

  • The National Program for Customer Relationship Management - NCRM
  • SCA's website www.sca.ae - email: contact us
  • Social media platforms (Facebook, twitter, LinkedIn, YouTube)
  • Call center 971 2 80072282300 - fax 00971 2 6274600
  • Live chat.
  • Mail to the following address: Securities and Commodities Authority, PO Box 33733 Abu Dhabi - United Arab Emirates
  • SCA’s reception desk in the main building of or one of its branches.

The SCA deals with any note received using the methods it provided, according to the following procedures:

  1. The SCA records and documents all the observations it receives from channels other than the "National Program for Customer Relationships - NCRM" system, and the note submitter is notified of receipt and provides the identification number immediately, not exceeding 2 working days from the date of receiving the note.
  2. SCA investigates and investigates the observations submitted to it and communicates with the submitter to inform him of the measures taken, not exceeding 2 working days in the case of emergency observation and 6 working days from the date of receipt in the case of normal observation and 11 working days in the case of complex observation. The complainant shall be notified at In case a longer time is needed to investigate and inform him of any developments.
  3. The "National Program for Customer Relationships Management - NCRM" system provides alternatives to respond in the event that the note-taker is not satisfied with the response sent as follows:
  • The observer can request a re-study in light of the availability of new information, and within (7) days from the date of the response, the re-study can be requested for one time only.
  • The note submitter can request to review the notes and escalate it to a higher party to reach another solution in the event of dissatisfaction with the response sent and within (7) days from the date of the response.



Share this page Share Print