ATU-CPAC Registry and Verification Policy

ATU-CPAC Registry and Verification Policy

Arab Trainers Union Council for Professional Accreditation and Certification

Version 1/2026

Effective Date: 1 June 2026

Controlled Policy Document

1. Document Control

Document Title: ATU-CPAC Registry and Verification Policy
Document Owner: ATU-CPAC Digital Verification and Registry Committee
Issuing Authority: Arab Trainers Union
Policy Authority: ATU-CPAC Governing Council
Approval Authority: Arab Trainers Union Board of Directors, where required
Effective Date: 1 June 2026
Review Date: Every three years, or earlier where required
Applicability: ATU-CPAC, Arab Trainers Union, approved providers, accredited providers, authorized assessment centers, certified professionals, candidates, learners, partners, registry users, and verification stakeholders

2. Introduction

The Arab Trainers Union Council for Professional Accreditation and Certification, referred to as ATU-CPAC, is a specialized council operating within the Arab Trainers Union.

ATU-CPAC regulates, monitors, quality assures, and verifies professional accreditation, professional certification, assessed training certificates, provider status, program approval, and related registry records under the authority of the Arab Trainers Union.

All certificates, professional certifications, assessed certificates, accreditation certificates, digital badges, registry confirmations, and verification records governed by ATU-CPAC are issued in the name and under the authority of the Arab Trainers Union.

The registry and verification system provides an official method to confirm the authenticity, status, scope, validity, and expiry of ATU-issued credentials and ATU-CPAC-governed approvals.

3. Purpose

This policy sets out how ATU-CPAC shall create, maintain, update, protect, correct, publish, and verify registry records.

The policy aims to:

  1. Protect the credibility of ATU-issued certificates and professional certifications.
  2. Provide reliable verification of providers, programs, certificates, and certified professionals.
  3. Prevent misuse, falsification, alteration, or misrepresentation of credentials.
  4. Ensure registry information is accurate, secure, current, and traceable.
  5. Support public trust through transparent verification.
  6. Define responsibilities for registry data entry, approval, correction, suspension, and removal.
  7. Support quality assurance, accreditation, certification, renewal, and compliance decisions.

4. Scope

This policy applies to registry and verification activities related to:

  1. Approved providers.
  2. Accredited providers.
  3. Premier accredited providers.
  4. Authorized assessment centers.
  5. Accredited training programs.
  6. Accredited professional programs.
  7. Authorized delivery partners.
  8. Professional certifications.
  9. Assessed training certificates.
  10. Certificates of achievement.
  11. Approved trainers.
  12. Approved assessors.
  13. Approved IQAs and EQAs where applicable.
  14. Digital badges.
  15. QR-code verification.
  16. Certificate numbers.
  17. Registry status updates.
  18. Partner-endorsed or jointly supported credentials where applicable.
  19. Arab Experts Portal profiles where applicable.

5. Registry and Verification Principles

ATU-CPAC registry and verification shall be guided by the following principles.

5.1 Accuracy

Registry records shall be correct, complete, verified, and based on approved source documents.

5.2 Authenticity

Verification shall confirm whether a certificate, certification, provider status, or program approval is genuine and issued under the authority of the Arab Trainers Union.

5.3 Transparency

Approved public registry information shall be clear and accessible to learners, employers, providers, partners, and stakeholders.

5.4 Security

Registry systems, certificate numbers, QR codes, digital badges, and verification links shall be protected against unauthorized access, misuse, alteration, or fraud.

5.5 Data Protection

Personal data and confidential records shall be processed only for approved purposes and protected according to applicable data protection requirements.

5.6 Traceability

Each registry entry shall be linked to source evidence, approval records, certificate records, and status history.

5.7 Timeliness

Registry records shall be created, updated, corrected, suspended, expired, withdrawn, or revoked within reasonable timeframes.

5.8 Controlled Access

Only authorized persons may create, edit, approve, or remove registry records.

5.9 Public Trust

The registry shall protect the reputation of ATU, ATU-CPAC, providers, certified professionals, and valid credential holders.

6. Registry Categories

ATU-CPAC may maintain internal and public registry records for the following categories:

  1. Provider accreditation registry.
  2. Professional certification registry.
  3. Certificate of achievement registry.
  4. Accredited program registry.
  5. Authorized assessment center registry.
  6. Authorized delivery partner registry.
  7. Approved trainer registry.
  8. Approved assessor registry.
  9. Approved IQA and EQA registry where applicable.
  10. Partner-endorsed credential registry.
  11. Suspended, expired, withdrawn, revoked, or under-review records where publication is legally and operationally permitted.

7. Registry Record Fields

Registry records may include the following information, according to credential type and approved disclosure rules.

7.1 Provider Registry Fields

Provider registry records may include:

  1. Provider name.
  2. Country.
  3. Accreditation category.
  4. Approved scope.
  5. Approved programs.
  6. Approved delivery mode.
  7. Certificate or accreditation number.
  8. Issue date.
  9. Expiry date.
  10. Status.
  11. Conditions or limitations where applicable.
  12. Verification link or QR code.

7.2 Professional Certification Registry Fields

Professional certification registry records may include:

  1. Certified professional name.
  2. Certification title.
  3. Certification level.
  4. Scope or specialization.
  5. Certificate number.
  6. Issue date.
  7. Expiry date.
  8. Status.
  9. Country.
  10. Digital badge status where applicable.
  11. Verification link or QR code.

7.3 Program Registry Fields

Program registry records may include:

  1. Program title.
  2. Program category.
  3. Approved provider.
  4. Approved level.
  5. Approved delivery mode.
  6. Approval number.
  7. Issue date.
  8. Expiry date.
  9. Status.
  10. Conditions or limitations where applicable.

7.4 Certificate Registry Fields

Certificate registry records may include:

  1. Certificate holder name.
  2. Certificate title.
  3. Certificate type.
  4. Program title.
  5. Provider name where applicable.
  6. Certificate number.
  7. Issue date.
  8. Expiry date where applicable.
  9. Status.
  10. Verification link or QR code.

8. Registry Status Categories

Registry status may include:

  1. Active
    The record is valid and currently recognized within the approved scope.
  2. Conditional
    The record is valid subject to defined conditions.
  3. Pending
    The record is awaiting final approval, evidence, quality assurance, payment confirmation, or certificate release.
  4. Expired
    The validity period has ended and renewal has not been completed.
  5. Suspended
    The record is temporarily restricted due to investigation, non-compliance, risk, or pending corrective action.
  6. Withdrawn
    The credential or approval has ended due to voluntary withdrawal, non-renewal, or failure to maintain requirements.
  7. Revoked
    The credential or approval has been cancelled due to serious breach, fraud, malpractice, misuse, or reputational risk.
  8. Under Review
    The record is being reviewed due to complaint, appeal, correction request, quality assurance concern, or compliance issue.
  9. Replaced
    The record has been replaced by a corrected or updated version.

9. Verification Methods

ATU-CPAC may use one or more approved verification methods.

Verification methods may include:

  1. Online registry search.
  2. Certificate number search.
  3. QR-code verification.
  4. Digital badge verification.
  5. Official verification letter.
  6. Employer verification request.
  7. Provider status verification.
  8. Partner verification confirmation where applicable.
  9. Arab Experts Portal profile verification where applicable.

Verification shall confirm only the information approved for disclosure.

10. Certificate Numbering and Digital Verification Controls

Each ATU-issued certificate or certification governed by ATU-CPAC shall have a controlled identification number.

Certificate numbering controls shall include:

  1. Unique certificate number.
  2. Link to certificate holder or provider record.
  3. Link to certificate type.
  4. Link to issue date.
  5. Link to expiry date where applicable.
  6. Link to status.
  7. Version control for corrected certificates.
  8. Prevention of duplicate numbering.
  9. Audit trail for changes.
  10. Secure verification link or QR code where applicable.

QR codes and digital badges must connect only to approved verification systems and must not be altered, copied, reused, or issued outside approved procedures.

11. Registry Entry Approval

A registry record may only be created after the required approval process is completed.

Before creating an active registry entry, ATU-CPAC shall verify:

  1. Identity of the certificate holder or provider.
  2. Approved certificate, certification, provider, or program decision.
  3. Correct title and category.
  4. Correct scope and level.
  5. Correct issue date.
  6. Correct expiry date where applicable.
  7. Correct certificate or approval number.
  8. Completion of required assessment or accreditation requirements.
  9. IQA and EQA confirmation where required.
  10. Authorized signatory approval where applicable.
  11. Payment confirmation where applicable.
  12. Partner approval where applicable.

12. Registry Updates and Corrections

Registry records shall be updated when status, scope, validity, or information changes.

Updates may be required due to:

  1. Renewal.
  2. Expiry.
  3. Suspension.
  4. Withdrawal.
  5. Revocation.
  6. Reinstatement.
  7. Scope change.
  8. Name correction.
  9. Certificate replacement.
  10. Appeal outcome.
  11. Quality assurance finding.
  12. Registry error.
  13. Partner requirement.
  14. Data protection request.

Corrections shall be documented, approved, and traceable. No unauthorized person may change registry data.

13. Registry Error Management

Where a registry error is identified, ATU-CPAC shall:

  1. Record the error.
  2. Confirm the source of the error.
  3. Secure supporting evidence.
  4. Review the impact.
  5. Approve correction.
  6. Correct the registry record.
  7. Update certificate or verification data where required.
  8. Notify affected parties where appropriate.
  9. Record the correction history.
  10. Review whether corrective action is required.

Errors affecting certificate integrity or public trust shall be escalated immediately.

14. Public Registry Information

ATU-CPAC may publish registry information where disclosure is approved and lawful.

Public registry information may confirm:

  1. Whether a provider, program, certificate, or professional certification is valid.
  2. The title and category of the credential.
  3. The approved scope or specialization.
  4. The issue date.
  5. The expiry date where applicable.
  6. The current status.
  7. Conditions or limitations where appropriate.

Sensitive personal data, assessment results, internal reports, complaints, appeals, and investigation records shall not be published unless legally required or formally approved.

15. Confidential Registry Information

Some registry information shall remain internal and confidential.

Confidential registry information may include:

  1. Candidate identity documents.
  2. Assessment evidence.
  3. Scores and detailed results.
  4. IQA and EQA records.
  5. Complaints and appeals.
  6. Investigation records.
  7. Malpractice evidence.
  8. Internal decision notes.
  9. Personal contact details.
  10. Data protection records.
  11. Partner-restricted information.

Access to confidential registry information shall be limited to authorized persons with a valid operational need.

16. Data Protection and Privacy

ATU-CPAC shall protect personal data and registry information.

Data protection controls shall include:

  1. Lawful collection and processing.
  2. Purpose limitation.
  3. Data minimization.
  4. Secure storage.
  5. Controlled access.
  6. Data accuracy checks.
  7. Retention and disposal rules.
  8. Breach reporting.
  9. Consent management where required.
  10. Protection of candidate and professional records.
  11. Secure sharing with partners where approved.
  12. Response to valid correction or access requests.

Providers and partners must also protect registry-related data and must not disclose certificate or candidate information without authorization.

17. Use and Misuse of Verification Records

Registry and verification records must be used honestly and only for approved purposes.

Misuse may include:

  1. Altering a certificate or verification record.
  2. Using another person’s certificate number.
  3. Claiming active status after expiry.
  4. Claiming certification outside the approved scope.
  5. Claiming provider accreditation outside approved category.
  6. Copying or falsifying a QR code.
  7. Creating false digital badges.
  8. Misusing ATU or ATU-CPAC logos.
  9. Publishing misleading verification screenshots.
  10. Claiming government licensing or academic equivalence without authority.
  11. Using suspended, withdrawn, or revoked status as active.

Misuse may result in correction notice, suspension, withdrawal, revocation, registry update, public clarification, or referral to ATU leadership or legal channels.

18. Verification Requests

ATU-CPAC may receive verification requests from employers, providers, partners, government entities, educational institutions, certificate holders, or the public.

Verification requests shall be handled according to:

  1. Approved verification method.
  2. Data protection requirements.
  3. Identity or authorization checks where required.
  4. Approved disclosure rules.
  5. Response timeframe.
  6. Record of request and response.
  7. Applicable fees where approved.

ATU-CPAC shall not disclose confidential personal, assessment, or investigation information through public verification.

19. Registry and Verification Responsibilities

19.1 Responsibilities of ATU-CPAC

ATU-CPAC shall:

  1. Maintain registry and verification procedures.
  2. Control certificate numbering.
  3. Maintain registry accuracy.
  4. Approve registry entries and updates.
  5. Protect registry data.
  6. Monitor misuse of certificates and verification records.
  7. Correct registry errors.
  8. Update status after suspension, withdrawal, revocation, renewal, or appeal.
  9. Maintain audit trails.
  10. Support public trust through reliable verification.

19.2 Responsibilities of Providers

Providers shall:

  1. Submit accurate learner and certificate data.
  2. Verify spelling, identity, program title, and completion evidence before submission.
  3. Submit certificate requests only for eligible candidates.
  4. Report errors immediately.
  5. Protect candidate and certificate data.
  6. Avoid misleading registry or accreditation claims.
  7. Stop using expired, suspended, withdrawn, or revoked status.
  8. Cooperate with registry audits and verification checks.

19.3 Responsibilities of Certified Professionals and Certificate Holders

Certified professionals and certificate holders shall:

  1. Use only valid certificate and certification titles.
  2. Use registry status honestly.
  3. Report errors in their records.
  4. Avoid altering certificates, badges, QR codes, or verification links.
  5. Stop using expired, suspended, withdrawn, or revoked credentials.
  6. Cooperate with verification or investigation requests where required.

19.4 Responsibilities of Partners

Partners shall:

  1. Use registry and verification data only as authorized.
  2. Protect shared data.
  3. Follow approved branding and verification rules.
  4. Report suspected misuse.
  5. Avoid public claims beyond approved agreement scope.

20. Registry Audit and Quality Assurance

ATU-CPAC shall conduct registry quality assurance to confirm accuracy and integrity.

Registry audit may include:

  1. Certificate number checks.
  2. Duplicate record checks.
  3. Name and title accuracy review.
  4. Issue and expiry date review.
  5. Status review.
  6. Scope accuracy review.
  7. Provider record review.
  8. Professional certification record review.
  9. Digital badge review.
  10. QR-code functionality check.
  11. Registry correction log review.
  12. Suspended and revoked records review.
  13. Public verification testing.
  14. Data access log review.

Registry audit findings shall be used for corrective action and continuous improvement.

21. Suspension, Withdrawal, Revocation, and Registry Status

Where a certificate, certification, provider approval, program approval, or partner status is suspended, withdrawn, or revoked, the registry shall be updated according to approved procedures.

Registry updates shall include:

  1. Status change.
  2. Effective date.
  3. Reason category where appropriate.
  4. Scope affected.
  5. Conditions for reinstatement where applicable.
  6. Public visibility decision.
  7. Internal evidence record.
  8. Appeal status where applicable.

ATU-CPAC may publish limited status information where necessary to protect public trust and prevent misuse.

22. Appeals and Correction Requests

Certificate holders, certified professionals, providers, or partners may submit a correction request or appeal related to registry status.

Requests may relate to:

  1. Name spelling.
  2. Certificate number.
  3. Issue date.
  4. Expiry date.
  5. Certification title.
  6. Provider status.
  7. Scope information.
  8. Incorrect suspension or expiry.
  9. Registry omission.
  10. Verification link error.

Appeals should be submitted within 15 days from notification of the registry-related decision unless another approved procedure applies.

All appeals shall be reviewed impartially by persons not involved in the original decision.

23. Partner Registry and Joint Verification

Where ATU-CPAC credentials involve international, regional, or professional partners, registry and verification shall follow approved agreement conditions.

Partner registry requirements may include:

  1. Joint verification statement.
  2. Partner reference number.
  3. Partner logo or endorsement rules.
  4. Data sharing limitations.
  5. Partner confirmation before publication.
  6. Partner certificate wording rules.
  7. Partner status update procedures.
  8. Joint suspension or withdrawal notice where applicable.

No partner name, logo, endorsement, approval number, or registry link may be used unless formally authorized.

24. Records Retention

Registry and verification records shall be retained according to ATU policy, ATU-CPAC requirements, legal requirements, and partner requirements where applicable.

Records may include:

  1. Certificate data.
  2. Registry entries.
  3. Verification requests.
  4. Status changes.
  5. Correction requests.
  6. Appeal outcomes.
  7. Audit records.
  8. QR-code records.
  9. Digital badge records.
  10. Partner verification records.
  11. Suspension and revocation records.
  12. Data protection records.

Records shall be stored securely and disposed of only through approved procedures.

25. Review of Policy

This policy shall be reviewed every three years or earlier where required due to:

  1. ATU Board decision.
  2. Legal or regulatory change.
  3. ATU-CPAC standards update.
  4. Registry audit findings.
  5. Data protection requirements.
  6. Certificate misuse cases.
  7. Verification system changes.
  8. Partner requirements.
  9. Complaints or appeals trends.
  10. Digital badge or QR-code incidents.
  11. Stakeholder feedback.
  12. Operational need.

26. Definitions

Term

Meaning

Arab Trainers Union

The issuing authority for ATU certificates, professional certifications, accreditation certificates, and related credentials.

ATU-CPAC

Arab Trainers Union Council for Professional Accreditation and Certification, a specialized council within ATU responsible for regulation, quality assurance, registry, and verification.

Registry

The official record used to verify provider, program, certificate, certification, professional, or partner status.

Verification

The process of confirming authenticity, status, scope, issue date, expiry date, and validity of a credential or approval.

Certificate Number

A unique number assigned to an ATU-issued certificate or certification.

QR Code

A digital code linked to an approved verification record.

Digital Badge

A controlled digital representation of a credential that may link to verification data.

Active Status

A registry status showing that the credential or approval is currently valid.

Suspended Status

Temporary restriction due to risk, investigation, or non-compliance.

Withdrawn Status

Ending of status due to expiry, voluntary withdrawal, non-renewal, or failure to maintain requirements.

Revoked Status

Cancellation due to serious breach, fraud, malpractice, misuse, or reputational risk.

Registry Correction

Approved update to correct inaccurate registry information.

Public Registry

Registry information approved for public verification.

Confidential Registry Data

Data restricted to authorized internal use only.

Final Policy Statement

ATU-CPAC Registry and Verification Policy exists to protect the authenticity, credibility, and public trust of credentials issued under the authority of the Arab Trainers Union.

Through accurate records, controlled certificate numbers, secure QR codes, verified registry entries, responsible data protection, misuse prevention, and transparent status updates, ATU-CPAC ensures that providers, programs, certificates, and professional certifications can be trusted and verified across Arab countries.