In the UAE, the principal forms are: public joint stock companies, joint stock companies, limited liability companies, professional licences and free zone entities.

Corporate governance requirements in the UAE primarily emanate from the following regulations:

• the Central Bank of UAE’s Corporate Governance Regulations and Standards, issued on 18 July 2019, which aimed to standardise corporate governance practices for banks in the UAE;
• the Securities & Commodities Authority’s Decision No 3 (Chairman) of 2020 concerning the Joint Stock Companies Governance Guide;
• the UAE Cabinet’s Decision No 2 (9w) of 2020 on the Governance System for Federal Government Boards;
• the Dubai International Financial Centre’s Rulebook (Chapter 2);
• Abu Dhabi Global Market’s Rule Book (Chapter 2).

Listed companies that are not regulated by specific financial regulators and or other regulators (such as the Central Bank, DIFC and ADGM) are governed by the Securities & Commodities Authority’s Decision No 3 (Chairman) of 2020 concerning the Joint Stock Companies Governance Guide. These regulations are mandatory to listed companies in the UAE.

Said regulations are mandatory in nature to listed companies as they preview certain sanctions for breaches to the regulations that can also have a criminal aspect, since the SCA (Securities and Commodities Authority), the regulator, has the authority to refer breaches to the public prosecutor. Applicable sanctions are as per the following:

• addressing a warning to the company, board member, managers and/or accounting auditors;
• imposing a financial fine that does not exceed the maximum mentioned in the Companies Law;
• referring the breach to the public prosecution.

There are no other key corporate rules and requirements in the UAE.

Environmental and social corporate responsibility are governed by the SCA’s Chairman Decision No 3 related to corporate governance, as well as the UAE Cabinet Resolution No 2/2018. The key issues and requirements for companies are as follows.

• The General Assembly of listed companies shall, in the light of a board recommendation, set a policy to ensure a balance between the objectives of the company and those of the community in order to promote the socio-economic conditions of the community.
• The board shall develop the programmes and determine the means necessary for proposing socio-economic initiatives by the company, including:
1. developing indicators that link the company performance with its socio-economic initiatives, and comparing them with other companies involved in similar activities;
2. disclosing social responsibility objectives of the company to its employees and raising their awareness and knowledge of social responsibility;
3. disclosing the plan of achieving social responsibility in periodic reports on the activities of the company;
4. developing awareness programmes for the community to introduce the company's social responsibility initiatives.

It is worth noting that the above is to be also included within the audit programmes of each listed company, and it is the internal audit’s responsibility to ensure that these requirements are being adhered to.

The General Assembly, the board and its committees, the company secretary and the chairman of the board have ultimate responsibility for the governance and management of a company.

The General Assembly is responsible for setting the corporate governance framework and electing the board.

The board is responsible for drafting and approving the corporate governance policies and for the formation of the board's sub-committees (ie, audit, nomination and remuneration, and risk).

The sub-committees are required to have their charters approved by the board and are required to act upon these charters.

The General Assembly should have on its agenda at the end of each term (or upon the constitution of the company) an item pertaining to the election of the board of directors, as per the articles of association of the company. Thereafter the General Assembly members (shareholders) will vote on the election of the board. The vote is secret and cumulative. If a government entity is a holder of 5% or more of the shares of a company, it may appoint its board representatives (pro rata).

The majority of the board members and the chairman must be UAE nationals. 

The board, upon constitution/election, shall approve and adopt the corporate governance policies and appoint the sub-committees; such decisions are taken by a majority.

A board of directors shall be composed of a minimum of three members and a maximum of 11 members, provided the number of members is always an odd number.

The board may be composed of executive, non-executive, independent and non-independent members, provided that the majority of board members shall be non-executive independent board members. A recent amendment to the Corporate Governance Framework in the UAE made it mandatory by 2022 for all listed companies to have 20% female representation on the board.

The roles of boards of directors are as follows.

• Taking the necessary procedures to ensure compliance with applicable laws, regulations and resolutions, as well as the requirements of the supervisory authorities.
• Adopting the strategic approaches and main objectives of the company, and supervising implementation thereof. This includes:
1. setting the company's comprehensive strategy and main work plans and reviewing thereof constantly;
2. setting risk management strategy and reviewing thereof constantly;
3. specifying the best capital structure, strategies and financial objectives of the company, and approving the annual budgets;
4. supervising the company's main capital expenses and ownership and disposal of assets;
5. setting performance objectives and monitoring implementation and the overall performance of the company;
6. conducting periodic reviews of the company's organisational and occupational structures and adopting these structures.
• Taking the necessary procedures to ensure efficient internal auditing of the work flow in the company, including:
1. setting a clear policy approved by the board to ensure efficient internal auditing of the work flow in the company;
2. setting written and detailed regulations and procedures for internal auditing, which determines the duties and responsibilities in compliance with the policy approved by the board and the general requirements and objectives stipulated in the applicable legislations.
• Establishing an internal auditing department to follow up compliance with the applicable laws, regulations, resolutions and requirements of the supervisory bodies, the internal policy, regulations and procedures set by the board.
• Setting written procedures to manage and address conflict of interests and dealing with potential cases of such conflict for board members, the senior executive management and shareholders, and setting the procedures to be taken in cases of misuse of the company assets and facilities or misconduct resulting from transactions with related parties.
• Ensuring the soundness of administrative, financial and accounting systems, including the systems related to preparation of financial reports.
• Ensuring the use of appropriate regulatory systems for risk management by outlining potential risk and discussing it with transparency.
• Setting clear and precise standards and procedures for board membership and putting them in force subsequent to approval by the general assembly.
• Setting a clear delegation policy in the company to determine delegated persons and the powers assigned thereto.
• Setting a policy regulating the relationship with stakeholders in a manner ensuring the company's fulfilment of its obligations towards them, preserving their rights, providing them with required information, and establishing sound relations with them. Such policy shall cover the following aspects:
1. mechanisms for indemnifying stakeholders in the event of violation of their rights approved by laws and protected by contracts;
2. mechanisms for settling complaints or disputes that may arise between the company and stakeholders;
3. maintaining confidentiality of the information related to them;
4. the company policy towards the local community and environment.
• Setting a code of conduct for the board members, the staff, auditor and persons to whom some of the company works are assigned.
• Setting procedures to apply governance rules in the company, review of such procedures and assessment of compliance thereto on annual basis.
• Establishing appropriate development programmes for all board members to develop and update their knowledge and skills, ensure effective involvement in the board and ensure implementing any training or qualification programmes as determined by the Authority or the market.
• Familiarising a newly appointed board member with all the company departments and sections and providing them with all the information required to ensure correct understanding of the company activities and works and full realisation of their responsibilities, all that enables them to perform their duties duly in accordance with the applicable legislations, all other regulatory requirements and the company policies in its field of business.
• Setting procedures to prevent insiders in the company from using the confidential internal information to make tangible or intangible gains.
• Setting a mechanism for receiving shareholders’ complaints and proposals, including their proposals to add particular issues in the general assembly agenda in a manner that ensures studying such proposals and making the right decisions about them.
• Adopting criteria for granting incentives, bonuses and privileges to board members and senior executive management in a manner that serves the company interest and realises its objectives.
• Setting the company disclosure and transparency policy and following up its implementation in accordance with the requirements of the supervisory authorities and applicable legislations. Such policy shall include the following:
1. a commitment to disclose periodic reports, material information, insiders and their relatives’ ownership of securities issued by the company, related parties transactions performed with the company, and the benefits of the board members and senior executive management;
2. providing information to shareholders and investors precisely, clearly and punctually so as to enable them to make their decisions;
3. using the company website to enhance disclosure and transparency;
4. setting a clear policy for distribution of the company profits in a manner that serves the interests of both the shareholders and the company; such policy shall be displayed to shareholders in the general assembly meeting and mentioned in the board report.
• Ensuring the availability of resources required to achieve the company's objectives.
• Ensuring the protection of shareholders' interests and the company's assets.
• Ensuring the establishment of a compliance function to follow the compliance with applicable laws, regulations and decisions, as well as regulatory requirements, internal policy, regulations and procedures established by the board.
• Determining the extent of the company-wide risk appetite, including specific targets, maximum limits or indicators of risk appetite.
• Supervising the company's human resources polices.
• Ensuring the accuracy and validity of the disclosed data, statements and information according to the applicable policies and regulations in relation to disclosure and transparency.
• Determining and recommending potential new board members for election by shareholders.
• Recommending the remuneration policy of the board for approval by shareholders.
• Evaluating the overall performance and effectiveness of the board, its committees and members and taking corrective actions as appropriate.
• Ensuring that the board communicates with stakeholders through the investor relationships function.
• Forming specialised committees from the board according to the resolutions that determine the duration of these committees and their powers, functions and responsibilities, as well as the method used by the board for monitoring these committees. Such resolutions shall determine names, duties, rights and obligations of the members.
• Evaluating the performance and works of the board and its members.

It is recommended that a board of directors, in addition to the above criteria, be composed of a homogenous member with enough experience (ie, subject matter experts with business acumen) to lead listed companies along a successful path.

Appointment of directors is done via election by the General Assembly; the vote is secret and cumulative. If a government entity is a holder of 5% or more of the shares of a company, it may appoint its board representatives (pro rata).

The majority of the board members and the chairman must be UAE nationals. 

The General Assembly may dismiss the board chairman or any board member or all the board members. In this case, the General Assembly shall authorise those it deems appropriate to chair the meeting of the General Assembly and take the procedures for opening the nomination and invite the General Assembly to elect new board members instead of those who have been dismissed.

It is not permissible to re-nominate those who have been dismissed for membership of the board before the lapse of three years from the date of issuance of the decision of dismissal.

In the event of a judicial judgment proving that the chairman or any of the board members or any of its executive management have concluded deals or transactions involving conflicts of interest, they shall be dismissed from their position and shall not be nominated for the chairmanship or membership of the board or to perform any duties in the executive management in any joint stock company until the lapse of three years at least after the date of his dismissal, and Article 145 of the Companies Law on occupying the new position on the board shall apply.

If all the board members are dismissed, SCA or its delegate shall conduct the management of the company until the first general assembly is held.

In the event of issuing a judgment of imprisonment and/or fine due to a complaint of a shareholder against the chairman or any member of the board or the executive committee, including dismissal or removal from office, the member shall not remain in office or run for board membership of this company or any other company until expiry of three years from the date of the judgment.

For a board member to be qualified as independent, the member should have no relationship with the company, any of its senior executive management persons or its auditor, parent company, subsidiaries, sister company, or affiliate company in a manner that may lead to financial or moral benefit that may affect its decisions.

Board members shall act at all times in the interest of the company, regardless of the interests of any other parties. Board members shall perform their duties and conduct the affairs of the company in a manner that supports the confidence of the general public in the company. They shall also refrain from actions that lead or may lead to a conflict of interest with the company. In the event of a conflict of interest, the board members shall disclose the same immediately to the chairman and remove themselves from any position of decision-making authority in respect of any such conflict of interest involving the company.

A board member shall, upon assuming the office, disclose to the company all interests and relationships that may, or may be deemed to, affect their ability to perform their duties as a board member. Any such declared interests shall be recorded by the board secretary.

In particular, board members shall disclose partnerships, related employment or the main interests of relatives that may create a conflict or potential conflict in interests. Each board member shall notify the company of any changes in their interests and shall complete a form prepared by the company for this purpose on a quarterly basis and as may be necessary to determine specifically their interests.

The board secretary shall request the board members to review the form on a quarterly basis to verify its accuracy and completeness.

At the beginning of each board meeting, each board member shall declare their interests, if any, to avoid any possible conflict of interests.

If a board member or a person representing a body in the board has a joint interest or a conflict of interest with the company in a deal or transaction submitted to the board for a resolution, they must inform the board and record the same in the minutes. Furthermore, they shall not participate in the voting on the decision relating to the deal or transaction.

If a board member fails to inform the board, the company or any of its shareholders may resort to the competent court to invalidate the contract or order the member who acted in contravention of these provisions to return to the company any profit or benefit obtained as a result of entering into this contract.

If it is not entirely clear that there is a conflict of interest, the board member who is the subject of the potential conflict shall disclose these circumstances to the chairman or its designee, who decides whether or not there is a conflict of interest.

The company shall maintain a special register for conflicts of interests in which the cases are recorded in details together with the measures taken in this regard.

A board secretary shall record the interest conflict in the related board minutes. In this case, the remaining board members presenting shall consider whether it is appropriate for the board member involving in the conflict issue to participate in discussing that agenda item or not before the board after reviewing whether the conflict may affect the objectivity of the member and/or their ability to properly perform their tasks/duties towards the company. If they decide that it is not appropriate for the member to participate, they may ask the board member to leave the meeting room during these discussions. The board member is not entitled to use their personal influence in issue, whether in or outside the meeting. The board member shall not vote on the decision.

The legal duties of board members are to have a fiduciary responsibility towards the company and to act within the best interest of the company (for further details, please refer to 4.2 Roles of Board Members).

The directors owe their duties to the company, and its shareholders must take into account the interests of the company exclusively.

Shareholders can enforce any breaches of the directors' duties; internal audit can also investigate any breach by any board member and has the duty to report the same to the board and/or the chairman of the board.

The SCA has also the authority to investigate any breach of the corporate governance rules by any director and to impose adequate sanctions accordingly.        

Members of the board of directors shall be liable towards the company, shareholders and third parties for fraudulent acts and misuse of power, as well as for any violation of the law or the company's articles of association, mismanagement, and any provision made to the contrary hereof shall be null and void.

Liability stated above shall apply to all board members, if such error arises from a decision taken by unanimous agreement.

However, if the decision in question was issued by majority vote, members who objected to the same shall not be held liable, so long that their objections have been established in minutes of the meeting. A member's absence from the session in which the decision in question was issued shall not relieve them from liability, unless proven unaware of such decision or unable to object to the same.

The board can recommend a remuneration policy applicable for its members to be approved by the General Assembly.

In general, the remuneration of the board chairman and members shall consist of a percentage of the net profit, provided that it may not exceed 10% of the net profits for such fiscal year after deducting all consumption and reserves.

The company may also pay expenses, fees, additional bonus or a monthly salary to any board member, consistent with the polices suggested by the nomination and remuneration committee, reviewed by the board and approved by the general assembly.

If such member serves in any committee, makes special efforts or performs additional work to serve the company in excess of their regular duties as a member of the company board, attendance allowance may not be paid to the chairman or a board member for attending board meetings.

Fines that may have been imposed on the company by the Authority or the relevant competent authority due to violations by the board of the law or the articles of association during the previous fiscal year shall be deducted from the remuneration.

The General Assembly may decide not to deduct such fines, or some of them, if it deems that such fines were not the result of default or error of the board.

The company shall submit a governance report signed by the chairman in accordance with the form prepared by the Authority and available on the Authority's website.

The annual report shall include a corporate governance report which features the following, at least:

• the names of board members, chairman, vice-chairman and other persons occupying main jobs in the company, a brief biography of each member including their qualifications and experience, and the identification of the independent member(s) as well as other positions in the board or senior management they hold in other companies or institutions;
• committee and board members, the authorities and assignments entrusted thereto and activities carried out during the year;
• the number of meetings held by board and board committees as well as names of the attendees;
• the names of the major shareholders who directly or indirectly own more than 5% of the company shares, in addition to a brief summary of the changes in the company capital structure;
• a report on the risk management framework and internal controls, including the following:
1. the applicable corporate governance rules;
2. the self-evaluation approach of the board performance;
• internal audit procedures and the scope of their full application by the board, and details and reasons for any compensation and allowances received by each board member and board committees for the financial year;
• a statement of the company directors and the first and second grades as stated in the organisational structure of the company and their functions, dates of appointment, details of salaries, bonuses received by each of them separately and any other compensation received from the company, clarifying the consideration for these compensations;
• compensation of the board members and all members of the company administrative body, including remuneration and any incentive programmes related to securities issued or guaranteed by the company.

The board shall make this report available to all company shareholders before submitting an application to the Authority to approve holding of the Annual General Meeting.

The Corporate Governance Framework in the UAE sets the rules for the company accountability towards all shareholders and stakeholders, and directs the board to develop strategy, perform supervision and guide and control the administration.

The company shall oblige itself to protect shareholders' rights, ensure fair treatment for all shareholders, including minority shareholders, and give all shareholders enough compensation for any damage caused by the board to shareholders' rights.

The company shall ensure that accurate and timely disclosures are made on all material matters related to the company, including its financial affairs, performance, ownership of its shares and governance in an accessible manner by all concerned parties.

The company shall recognise the rights of other stakeholders in accordance with laws and regulations, and encourage co-operation between the company and stakeholders in establishing a sustainable and solvent company.

The company shall ensure it applies the investor relationships policy to support regular, effective and fair communication with shareholders.

In general the shareholders of a company have no control or interference in management of a company. The General Assembly of shareholders play the following part in annual meetings:

• receive and approve board of directors' report on company's activities and financial standing during the last fiscal year, auditor's report and report of internal sharia control board, if the company exercises any activity according to sharia;
• set and approve balance sheet and profit and loss account;
• elect board members whenever required;
• appoint members of sharia control board, if the company exercises any activity according to sharia provisions;
• appoint auditors and determine their remunerations;
• consider proposals submitted by the board of directors in relation to distribution of profits, whether in cash or bonus shares.

Shareholder meetings are required at least once a year to conduct business as per 5.2 Role of Shareholders in Company Management. However a general assembly may be called to conduct business that requires special resolutions, namely when it comes to a decision to merge, dissolute, increase or decrease the capital, amendment of the articles of association.

A shareholder in the company may file a lawsuit against the company, its board chairman, any board member, or its executive management for breach of the company’s bylaws and/or the Corporate Governance Rules, as well as for fraud or mismanagement. If a case is filed before a competent court, the shareholder shall have the right to obligate the defendant (s) to do the following:

• provide the information which the defendant has based their defence thereon before the court, the information that directly proves specific facts of the claim which the plaintiff shareholder has filed with the court, and any other information relevant to the claim subject;
• a shareholder who files a liability lawsuit against the board or any board member shall be entitled to question the defendant and/or defendants and their testimonies directly during the court sessions.

The company has obligation to disclose withholding of 5% or more of shares by a given shareholder, in addition to disclosure related to the Ultimate Beneficial Ownership.

Listed companies are under the obligation to announce their quarterly, semi-annual and annual financial performance, in addition to disclosing any information that is or might be price-sensitive information.

Please refer to 4.11 Disclosure of Payments to Directors/Officers.

Each emirate in the UAE has its own Department of Economy where companies incorporated on that respective Emirate have to file the incorporation. This information is available for the public. Further, each listed company is under the obligation to have its articles of association filed and registered with SCA.

The company shall assign the function of auditing its annual accounts to an independent external auditor having the necessary experience and qualifications to prepare an objective and independent report to the board and shareholders, indicating whether the financial statements of the company clearly and impartially reflect the financial position and performance of the company in key areas.

The board shall nominate one or more auditor(s) upon the recommendation of the audit committee. The auditor shall be appointed and their remuneration shall be fixed under a resolution of the general assembly of the company. Such auditor shall be recorded in the Authority's register of professional auditors. The auditor shall be selected based on criteria of efficiency, reputation and experience.

None of the employees of the auditing office may be appointed at the company senior executive management before the lapse of two years at least as of the date of such employee leaving the auditing of the company accounts.

Management of risk and internal control is normally within the scope of the audit and risk committee, that is either a combined committee or segregated committees. In any case, whether combined or segregated, the directors' audit and control management shall be performed via the committee and will be directed towards the following tasks and duties.

• To review the company's financial and accounting policies and procedures. To monitor and review the integrity of the company's financial statements and reports (annual, semi-annual and quarterly) and its control regulation as part of its normal operation during the year. It shall concentrate in particular on the following:
1. note any changes in accounting policies and practices;
2. ensure that the company annually updates its policies, procedures and control systems;
3. make substantive amendments resulting from the audit;
4. assumption of business continuity;
5. compliance with the accounting standards established by the Authority;
6. compliance with listing and disclosure rules and other legal requirements related to financial reporting.
• Co-ordinate with the company board, senior executive administration, the financial manager or the manager delegated with the same duties in the company, in order to perform its duties.
• Consider any significant and unusual terms contained or to be contained in such reports and accounts, and give due consideration to any matters raised by the company's chief financial officer, the manager delegated with the same duties, the compliance officer or the auditor.
• Raise recommendations to the board regarding the selection, resignation or dismissal of the auditor. In case the board does not approve the audit committee recommendations in this regard, the board shall attach to the governance report a statement explaining the audit committee recommendations and the reasons why the board has not followed them.
• Develop and implement the policy of contracting with the auditor, and submit a report to the board, outlining the issues that it deems necessary to be taken, along with providing recommendations for steps to be taken.
• Ensure that the auditor meets the conditions stated in the applicable laws, regulations and decisions and in the company articles of association, along with following up and monitoring its independence.
• Meet the auditor of the company, without the presence of any of the senior executive management personnel or its representatives, and discuss the same with regard to the nature and scope of the audit process and its effectiveness in accordance with the audited standards.
• Approve any additional works made by an external auditor for the company and the fees received in consideration for that work.
• Examine all matters related to the auditor's work, their work plan, correspondence with the company, observations, suggestions and reservations, and any substantial queries raised by the auditor to the senior executive management regarding the accounting records, financial accounts or control systems, in addition to following up the response of the company management and provision of the necessary facilities to do their work.
• Ensure that the board responds in a timely manner to the clarifications and substantive issues raised in the auditor letter.
• Review and evaluate the company's internal auditing and risk management systems.
• Discuss the internal auditing system with the board, and make sure it performs its duty with regard to establishing an effective internal control system.
• Consider the results of the main investigations regarding the internal auditing matters assigned to it by the board or at the initiative of the committee and the approval of the board.
• Review the auditor evaluation of the internal control procedures and ensure that there is co-ordination between the internal and external auditors.
• Ensure of the availability of necessary resources for the internal auditing department, review and monitor the effectiveness of such department.
• Examine internal auditing reports and follow up implementation of corrective actions of the observations contained therein.
• Establish controls that enable the company's employees to report confidentially on any potential violations in the financial reports, internal auditing or other matters, and the steps to ensure making an independent and fair investigation of such violations.
• Monitor the company's compliance with the rules of professional conduct.
• Review related party transactions with the company, ensure that there are no conflicts of interest and raise recommendations about them to the board before concluding them.
• Ensure the application of the business rules of its functions and the powers entrusted to it by the board.
• Submit reports and recommendations to the board on the above matters.

As per risk management, the directors will undertake the following.

• Develop a comprehensive risk management strategy and policies that are consistent with the nature and volume of the company's activities, monitor its implementation, review and update it, based on the company's internal and external changing factors.
• Identify and maintain an acceptable level of risk that the company may face, and ensure that the company does not exceed such level.
• Supervise the risk management framework of the company and evaluate the effectiveness of the framework and mechanisms of identifying and monitoring the risks that threaten the company, in order to identify areas of inadequacy and adequacy.
• Provide guidance to management, as needed, to assist them in improving their risk management practices and/or mitigating certain risks, including the presence of qualified management personnel to carry out risk management activities effectively.
• Obtain assurance from the executive management and internal audit that the risk processes and systems operate effectively with appropriate controls, in addition to compliance with approved policies.
• Prepare detailed reports on the level of exposure to risks and recommend procedures for managing such risks, along with submitting them to the board.
• Make recommendations to the board on matters relating to risk management.
• Ensure the availability of adequate resources and systems for risk management.
• Report regularly to the board on the company's risk profile and promptly inform the board of any significant changes in the volume of the risk.
• Verify that the risk management personnel are apart from the activities that may expose the company to risks.
• Review any matters raised by the audit committee that may affect the company's risk management.
• Review appointment, performance and replacement of the chief risk officer and monitor the effectiveness of the risk management unit in general.