COB 8.9.1

A Credit Rating Agency must have policies, procedures and controls to ensure that it and its Employees do not:

(a) use any information given to or obtained by the Credit Rating Agency on a confidential basis ("Confidential Information") for a purpose other than that for which it was given or obtained;
(b) disclose the Confidential Information to any other Person, except:
(i) in accordance with (a);
(ii) with the prior written consent of the Person to whom a duty of confidentiality in respect of such Confidential Information is owed; or
(iii) where obliged to do so by any legislation applicable to the Credit Rating Agency; and
(c) disclose any pending Rating Action except to the Rating Subject or as agreed with the Rating Subject.
[Added] DFSA RM97/2012 (Made 24th July 2012) [VER20/07-12]