1-3 The department must develop the following policies:

- A policy for analyzing complaints and their patterns, addressing their causes and sources (Root Cause Analysis), and obtaining approval from the authorized person in the bank. This policy should also include measuring its effectiveness in addressing the sources of recurring complaints.

- A policy for protecting customer rights and ensuring their care throughout all stages of their interaction with the bank (e.g., marketing and sales procedures, post-sale service quality

assurance procedures, complaint handling procedures, customer communication procedures, and credit advisory services procedures).

- A policy for financial awareness and education for the bank’s customers that aligns with the products and services offered by the bank. This policy should include at least the role of the employee responsible for providing a comprehensive explanation of the product or service to the customer, including all obligations associated with that service or product.

2-3 The department manager, or their delegate, must have full authority to make decisions regarding the resolution of complaints with amounts not exceeding SAR 20,000. The bank must establish policies and procedures to organize and monitor this process.

3-3 The department must develop and periodically update (at least once every two years) its operational mechanisms with relevant departments, including service level agreements and escalation processes, to ensure that complaints are handled within regulatory time frames. This mechanism should be technically activated and used to measure compliance, including escalation to the highest executive level.

4-3 To ensure the efficiency and effectiveness of handling complaints, inquiries, and requests, the department should include the following definitions in its internal policies related to customer rights protection and ensure compliance with them: (complaint, inquiry, request, customer), in line with the definitions provided in these regulations.