The UAE private sector companies including those in DIFC don’t, in principle, approve remote working or WFH for their employees. Many employers also negate this idea considering only a short distance that employees normally commute for attending their offices with minimum possibility of exposure of covid 19 viral infections.
It was an exception and not a rule when the UAE Government enforced pandemic restrictions from March 2020 till July 2020 to minimize the spread of the virus by breaking the chain. Both employers and employees in the DIFC readily rose to the occasion and adapted to the new norm of WFH. The fast and successful transition from an office environment to remote working from home only signalled that this new WFH culture will be there to stay amongst the corporates.
Neither the UAE Labour Law nor the DIFC Employment Law provides any legal right to the private sector employees for WFH. It was only because of the pandemic that the government-imposed restrictions on movement and limited the workplace capacity. Employee health and safety obligations forced employers to implement WFH wherever possible.
Articles 43 to 54 of the DIFC Employment Law mandates employers to provide a safe working system to the employees. However, with the lifting of the DIFC directive on restrictions beyond August 2020, these obligations can not be extended to a WFH environment anymore.
Employers and compliance officers willing to ensure business continuity and data security must carry out a WFH risk assessment and provide some basic equipment to enable the employee to perform their duties remotely. Information can be sought from the employees about the WFH environment whether it is a dedicated space or a shared one.
The compliance officers in consultation with the top management must document and introduce certain work instructions for WFH employees concerning dress, working hours and methods and usage of remote working tools. As home computers are more susceptible to security risks, usage of a Virtual Private Network can be a preferred choice. For the WFH employees, the documented work instructions must be made mandatory to effectively address compliance with the DIFC Data Protection rules, Law no 5/2020 enforced on July 1st, 2020.
Two factors and two levels of authentication, OTP based login and Google authenticator can be of great help to ensure data breaches. Private and secure video conferencing platforms must also be made mandatory with End to be End encryption and advanced features e.g., Microsoft Team.
DFSA makes it obligatory for DIFC firms to deploy adequate cybersecurity measures in place for WFH. The employees also need to be notified that while on WFH, the IT systems and equipment may be under surveillance. Some other mandatory measures also need to be taken such as blocking of USB booting, no USB drive, restricted URLs etc.
Regular training sessions must also be conducted on home network security encompassing areas of default users, password protection, SSID, wireless encryption etc.
WFH policy needs to be transparent and acceptable behaviours must be clearly stated and updated if required to reflect working methods including meetings, webinars and interviews through video conferencing.
Similar guidelines on employee productivity assessment, as provided by the DIFC directive during the period of emergency and restrictions must be followed by the compliance officers. They should also refer to the guidelines set by the UAE onshore companies during lockdowns on various other aspects such as performing duties within specified timeframes, being available over the phone and email, presenting objective evidence on achievements and productive time spent on jobs etc.
Compliance officers must take the responsibility to effectively and transparently communicate top management’s expectations to WFH employees and accordingly revise the WFH policies as and when necessary.
Unsupported WFH conditions including inadequate IT systems and equipment must also be carefully considered when carrying out employee performance appraisals. Certain issues such as family distractions, sickness and stressful situations need to get a human touch as well.
Compliance officers must appraise the top management on the nuances of remote working and how this could lead to some additional costs for software infrastructure and other resources.
Top management must also be made aware that WFH policies, procedures and work instructions must be included in Management Review Meetings and shall be subjected to yearly internal audits.
Book a consultation appointment with our professionals now.
Book a consultation appointment with our professionals now.
Book a consultation appointment with our professionals now.
