We do not outsource customer service to third party providers. All our staffs are trained in-house so that we have tighter controls over the onboarding process, and our Client Experience team does not forward customer documents to any other department in the company.
Access to our corporate network is only for authorized personnel and specific devices. We practice the Principle of Least Privilege, where we only assign just enough access for a staff to perform his or her job. Hence, only very limited staff has access to customer information.
We have to be compliant with the Dubai International Financial Centre (DIFC) Data Protection Law and Dubai Financial Services Authority’s (DFSA) Conduct of Business Module Rulebook to attain and maintain our DIFC license and DFSA authorisation.