How Does It Get Here?

10 Questions & Answers with a Regulations Specialist

Many of you are enjoying browsing this blog and the internet from your phone over a Wi-Fi connection at home or at work. Have you ever wondered how the Wi-Fi product got here? Whether you have bought and installed it yourself or a professional services provider would have done either of those (eg: at work, or also at home from your ISP),  wireless vendors strive to have the latest and greatest technologies ingrained into their products and later on stamped and sealed with the Wi-Fi Alliance Logo and other regulatory organizations (FCC, EU…etc). Have you ever thought about how do new Wi-Fi products get to your country so they are available to buy and use?

To answer this, we had a short Q&A session with one of our colleagues and unknown soldiers, Junaid Loonat, whose continuous work makes it possible to answer the above question.

Let’s dive in:

Q1: Tell us a bit about yourself. What do you do at HPE and how did you get into it?

I’m a Technical Regulations Specialist for the Middle East and Southern Africa. I have started my regulations career in Africa in Telecoms, working with companies like Samsung and HTC. I used to do hardware and software testing to prove product interoperability for ISPs and Telcos. I  had joined HP before the split and I run my job function for HPE now. I take care of compliance of our products so HPE can import them into the region’s different countries. I also help with lobbying, and address customs clearance, and spare parts provisioning which also requires technical regulation compliance.

Q2: Why do we need products to be regulated?

Each country has its own set of rules related to product operation and safety. These cover RF planning and limits, Restriction of Hazardous Substances (RoHS), and safety from radiation.

Q3: So, based on what you do, it sounds like a product needs to be locally certified to comply with regulations so we can ship it and sell it in a respective country. What kind of certification(s) are we talking about, and who are the certifying bodies? And is any different for Enterprise or SOHO-grade products?

These certifications vary from country to country. In the UAE, it’s both the TRA and ESMA (Emirates Authority for Standardization and Metrology) for RoHS.

The KSA has 3 regulators: CITC (The Communications and Information Technology Commission) for spectrum regulation, SASO (Saudi Arabia Safety Organization) for safety, and the TRA combined with the Telecom Operators’ requirements. We also have active programs in Bahrain, Kuwait, Jordan, Oman and Qatar.

Some countries have a label/mark of compliance e.g. CE in Europe

SOHO products have to go through the same process as Enterprise products. In the UAE, one difference for SOHO products is that the UAE TRA have a label as well which is for retail-focused products only.

Retail-focused Product (SOHO) Label, UAE TRA

Q4: How does the product certification process get started? Can anyone go through the process?

No, not anyone can go through the certification process. As a registered user, you have to know the products and its capabilities.

UAE TRA’s Product Registration Process (

First, the company needs to be registered. It goes back to the company trade registration and what kind of business it does: Enterprise, IT, Installation…etc and this needs to be registered with the TRA on their online portal. There is a registration fee to issue the CR (company registration) for HPE as a dealer. Depending on what is on our CR they would give us certain functionalities. In our case, we care about HPE being listed as a dealer for type approvals of wireless products. Vendors must renew their registration every 5 years. Each country has penalties and fines for non-compliance which are also published on the TRA portal.

The CR will allow us to register the equipment as “wireless equipment” under WLAN/Wi-Fi. In other cases, it could fall under other wireless technologies (eg: wireless sensor, LTE-enabled device…etc).

After that, the product documents are uploaded:

  • Picture
  • Datasheet
  • Compliance Reports: RF, EMC, energy, safety, and other compliance reports
  • COO (original HQ location)
  • And a couple of other values that we need to go through.
Product Required Documents (

Each embedded technology, like Wi-Fi, Bluetooth, and Zigbee will require its own EMC and ETSI standard documentation.

At the end, we accept the terms and conditions and declaration of conformity before being redirected to payment.

Every product certification would last for 3 years. An additional payment has to be made to acquire the certificate for each product.

Q5: Back to the certification process. You mentioned that specific values and limits are required for certification. What are these values and how are they determined?

These values are the frequency ranges, the power outputs, and the SAR (Specific Absorption Rate). The SAR is a measure of the rate of RF energy absorption by the body from the source being measured. We put in the values and we support it with a report for validation. These reports must be sourced from a valid test laboratory that needs to be ILAC (International Laboratory Accreditation Cooperation) approved.

ILAC is a body that regulates the test laboratory which authenticates the lab setup’s compliance with global standards, and that it’s following the correct procedures to test the values. The reports will be ILAC-stamped to prove their validity and authenticity.

Q6: How do you send the hardware samples?

Our regulatory head office sets up and configures demo units according to the UAE specs, specifically for shipping, and we drop them off at the TRA office once received. These are later on used in R&D or learning environments such as local universities in the country.

Q7: Everyone is talking about the “new-norm” of doing things in business. Did the pandemic change anything to the regulatory certification process?

Pre-COVID, the process required 2 samples for each product. Regulators are now streamlining the process. Any required meeting is held online, and hardware samples are not mandatory given paperwork is proper and complete. Costs, however, are increasing.

Q8: You mentioned that certification renewal is usually due after 3 years. What happens then?

We get a reminder to renew the expiring certificate if we are still selling the same equipment. We usually have a new product on the roadmap after 3 years, but we get feedback from the local team on whether or not we want to maintain an already certified product. In this case, we just have to make a new payment for the certificate renewal to say that the product will still be imported and sold in the country.

Q9: Does a certified product in the UAE make it easier to get it certified elsewhere?

UAE has one of the most streamlined processes in getting the product to the market. This does not mean it gets certified everywhere. In the Middle East, every country has its own process. But the plan is to have one approval structure. The GSO (Gulf Standards Organization) for the gulf countries (GCC), is working to get one body to regulate everything. A GCC TRA is there but not enforced. However, this being a revenue stream for the different countries, it’s going to be difficult.

Q10: What are your thoughts about new technologies? How would technologies like 5G and WiFi 6E (6GHz) be incorporated into the TRA regulations and product certification process?

New technologies require awareness that is delivered through different events and channels. For 6GHz, public comments will be checked and awareness will be required. the TRA and standards committee will publish Technical Specifications documentation for any technology that gets added to the spectrum and updates the certification process and requirements to reflect the same.

If you are interested to check the UAE’s Regulatory domain published for the Wi-Fi spectrum, you can check their regulations document here:

Want to know more? Please leave us your questions and/or comments.

Leave a Reply