Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Companies shall establish data and information security protection controls for the information they have or obtain, and they shall:
1.
record, maintain, reconcile, collect, process and classify credit information in a proper and suitable manner to facilitate reference to such information;
2.
protect information from loss, which includes the adoption of backup systems and the development of contingency recovery plans as well as business continuity plans;
3.
protect credit information from unauthorized access, usage, modification, or disclosure in violation of the Law and its Implementing Regulations;
4.
establish controls and procedures to be applied upon members' request to check credit records;
5.
review the company’s staff confidentiality controls regularly;
6.
review usage patterns of information systems regularly to detect and investigate any unusual usage patterns;
7.
maintain records for all access, modification and audit cases of credit information database, including previous enquiry records as well as all incident records that imply confirmed or suspected violations; and
8.
provide sufficient knowledge to the authorized member representatives concerning the international best security practices relating to the working rules.
