A Member Firm of Andersen Global
IMC Group Companies
Forum - Q&A
Articles 43 to 54 of the DIFC Employment Law mandates employers to provide a safe working system to the employees. However, with the lifting of the DIFC directive on restrictions beyond August 2020, these obligations can not be extended to a WFH environment anymore.
Employers and compliance officers willing to ensure business continuity and data security must carry out a WFH risk assessment and provide some basic equipment to enable the employee to perform their duties remotely. Information can be sought from the employees about the WFH environment whether it is a dedicated space or a shared one.
The compliance officers in consultation with the top management must document and introduce certain work instructions for WFH employees concerning dress, working hours and methods and usage of remote working tools. As home computers are more susceptible to security risks, usage of a Virtual Private Network can be a preferred choice. For the WFH employees, the documented work instructions must be made mandatory to effectively address compliance with the DIFC Data Protection rules, Law no 5/2020 enforced on July 1st, 2020.
Two factors and two levels of authentication, OTP based login and Google authenticator can be of great help to ensure data breaches. Private and secure video conferencing platforms must also be made mandatory with End to be End encryption and advanced features e.g., Microsoft Team.
DFSA makes it obligatory for DIFC firms to deploy adequate cybersecurity measures in place for WFH. The employees also need to be notified that while on WFH, the IT systems and equipment may be under surveillance. Some other mandatory measures also need to be taken such as blocking of USB booting, no USB drive, restricted URLs etc.
Regular training sessions must also be conducted on home network security encompassing areas of default users, password protection, SSID, wireless encryption etc.
As WFH employees in DIFC will have similar expectations as the regular office employees, the performance monitoring and review system must be addressed carefully.
WFH policy needs to be transparent and acceptable behaviours must be clearly stated and updated if required to reflect working methods including meetings, webinars and interviews through video conferencing.
Similar guidelines on employee productivity assessment, as provided by the DIFC directive during the period of emergency and restrictions must be followed by the compliance officers. They should also refer to the guidelines set by the UAE onshore companies during lockdowns on various other aspects such as performing duties within specified timeframes, being available over the phone and email, presenting objective evidence on achievements and productive time spent on jobs etc.
Compliance officers must take the responsibility to effectively and transparently communicate top management’s expectations to WFH employees and accordingly revise the WFH policies as and when necessary.
Unsupported WFH conditions including inadequate IT systems and equipment must also be carefully considered when carrying out employee performance appraisals. Certain issues such as family distractions, sickness and stressful situations need to get a human touch as well.
Remote working comes with several advantages and is gradually becoming a norm and in all probability, is here to stay. The employers and their compliance officer must formulate and implement a WFH Policy documenting rules, guidance and methods for reaching employee-employer expectations and achieving employee productivity.
Compliance officers must appraise the top management on the nuances of remote working and how this could lead to some additional costs for software infrastructure and other resources.
Top management must also be made aware that WFH policies, procedures and work instructions must be included in Management Review Meetings and shall be subjected to yearly internal audits.
We appreciate your interest in IMC and are eager to address your needs.
To ensure we address your needs accurately and promptly, please fill out this form. This will help us in identifying and connecting you with the appropriate team of experts in our organization.
We take pride in our responsiveness and aim to get back to you within a span of 1-2 business days. Your journey towards solutions starts here.
© 2023 IMC Group. All Rights Reserved.