My Article Published in the Edge

SHARI’AH AUDIT: FROM COMPLIANCE TO ASSURANCE

From 2012, all Islamic financial institutions (IFIs) in Malaysia are required by Bank Negara Malaysia (BNM) to observe and comply with the Shari’ah Governance Framework (SGF). The SGF is a set of organisational arrangements through which IFIs ensure effective oversight, responsibility and accountability of the board of directors, the management and the Shari’ah Committee. Ultimately, the SGF serves as a guide towards ensuring an operating environment that is compliant with Shari’ah principles.

The SGF, to a certain extent, has successfully reinforced the Shari’ah compliance functions, internal Shari’ah review and audit requirements, supported by an appropriate risk management process and research capability. The implementation of the SGF so far has contributed towards Shari’ah compliance process. However, currently, the Islamic financial industry lacks a robust Shari’ah assurance process.

Shari’ah audit is essentially an assurance process as it should be conducted by independent auditors. Shari’ah audit is needed to fill the gap of Shari'ah compliant activities and services of the IFIs. The stakeholders need to be assured that the institutions that offer Islamic financial services have sufficient levels of Shari’ah assurance processes and controls. Today, mere claims by the IFIs that they are fully Shari’ah compliant may no longer be sufficient. Independent assurance through Shari’ah audit is essential to enhance the integrity and the accountability of the IFIs.

Pitfalls of the SGF

The SGF requires all IFIs to establish Shari’ah audit function that performs annual audits in order to provide an independent assessment of the adequacy and compliance with established policies and procedures, and the adequacy of the Shari'ah governance process. Closer scrutiny of the SGF indicates that the Framework did not sufficiently explain the requirements and the functions of Shari’ah audit. The best example would be the crucial relationship between the Shari’ah audit and the Shari’ah risk management which was not clearly spelled out.

There is also a lack of guidance as to the level of appropriateness of Shari’ah risk management framework. Instead the SGF expects the IFIs to develop their own risk management framework. Realising the uniqueness and complexities of Shari’ah non-compliance risks, Shari’ah risk management function should be properly developed before the IFIs can effectively undertake Shari’ah audit. Shari’ah non-compliance risk indicators and measurement should be clearly identified. In addition, the line of reporting and responsibility on Shari’ah risk management should also be clearly expounded.

On another note, the SGF specifies that the Shari’ah audit shall be performed by the internal auditors, whom are trained and have adequate knowledge of Shari’ah. However, the SGF did not specify the level of Shari’ah knowledge and the specific areas of Shari’ah that they need to equip themselves. The nature of their work requires specialised knowledge of Shari’ah essential for them to carry out their work effectively. The IFIs should also be required to create special positions of Shari’ah auditors within their internal audit division.

The SGF has also purposely excluded the function of external Shari’ah audit. External audit, in contrast to internal audit, represents the third party role to provide check and balance of the Shari’ah assurance requirements. Similar to external financial audit, the absence of external and independent audit reports by qualified Shari’ah auditors will certainly affect the credibility of IFIs in the eyes of stakeholders.

One important governance concern is on the line of authority of Shari’ah audit function. As per the SGF, Shari’ah audit is directly answerable to the audit committee. Unfortunately, the audit committee’s present scope of work is already very demanding. To expect them to plan and to scrutinise the Shari’ah audit would be an additional burden and responsibility that may affect the overall efficiency of audit committee.

Another taken for granted issue is on the role of Shari’ah committee with regards to Shari’ah audit function. There is a dire need for a comprehensive guideline in the case where there is a dispute or different of opinion between the management and the Shari’ah auditors on matters relating to Shari’ah interpretation. By right, all disputes or differences shall be referred to the Shari’ah committee of the IFIs.

In theory, the Shari’ah committee and the Shari’ah auditors should be responsible to jointly plan the Shari’ah audit. Once the Shari’ah audit function is performed by the auditors then it must be reported directly to the Shari’ah committee and the audit committee for deliberations and remedial actions. The final report must then be tabled to the board of directors for their attention and further action.  

The Urgent Need for Shari’ah Audit Framework

The above arguments indicate an urgent need for the Shari’ah Audit Framework that should complement the SGF. The primary objective of this elusive Framework is to provide guidelines for the management to properly discharge their responsibilities according to Shari’ah rules and principles. In addition, the purpose of the Framework is to ensure that the system of internal control for Shari’ah compliance is conceptually sound and effective in its implementation.

The Shari’ah Audit Framework is needed to clearly specify the roles and functions of both the internal and the external Shari’ah auditors. Shari’ah auditors should have direct and regular communications with all levels of management and the Shari’ah committee. Knowing the sensitivity of some Shari’ah issues, there should not be any scope limitation and restriction of access to evidences, documents, reports etc. in order for the Shari’ah auditors to undertake their work. This is to ensure the efficiency and the effectiveness of Shari’ah audit function.

The need for a more robust Shari’ah assurance function – not just Shari’ah compliance - should be considered seriously by BNM. The need for a comprehensive Shari’ah Audit Framework to guide the industry is long overdue. The issues raised above are only `tips on the iceberg’ and certainly there are many other outstanding issues facing the Islamic financial industry. The imperative next step is the need for a comprehensive guideline on Shari’ah audit to ensure that all activities and operations of the IFIs truly in compliance with Shari’ah.

Shariah Audit Conference 2014

This article has argued for the need of a more robust Shari’ah audit function and guidelines. Realising the increasing demand for greater integrity and transparency of IFIs, the Institute of Internal Auditors Malaysia (IIAM) will organise a Shariah Audit Conference 2014 after a successful inaugural event organised by the industry’s association in 2011. IIAM in collaboration with the Islamic Banking and Finance Institute Malaysia (IBFIM) will organise this important event on 20^th and 21^st May 2014 at Hotel Istana, Kuala Lumpur. This event will hopefully be able to discuss the pertinent issues of Shari’ah audit and to explore future direction of this nascent industry. The shift of focus from Shari’ah compliance to Shari’ah assurance is indeed crucial to enhance the public confidence of the IFis which in turn contributes toward sustainable growth of the Islamic financial industry.

Accountability: An Islamic Theory?

The word accountability is derived from the root word "account". In Arabic, "account" means Hisab. That is why accounting in Arabic can be translated as Muhasabah i.e. the process of Hisab. How about the Arabic meaning of accountability? The process of Muhasabah is ensure accountability.

There is another Arabic word Taklif which refers to that "personal accountability". In Islam, once we reach the age of puberty we are Mukallaf i.e. we are personally accountable to Allah for our deeds and misdeeds.

In Islam, there is a concept Habluminallah or our relationship with God. As human beings we have "covenant" with our creator. It means we rely on God for our existence. We are not omnipotent like God. Our "covenant" with God means we have to be accountable to God. Otherwise, the "covenant" has no purpose. On one hand we have to rely on God but on another hand we are also accountable to God.

Hablumminallah as a concept that distinguish Islamic accountability process from the Western counterpart that is purely agent-principal relationships. Islamic accountability process to God is our multidimensional and transcendental relationship to God (Hablumminallah).

On the other hand, Hablumminannass is our social relationship to other human beings. Our covenant with other human beings requires us to respect, work together, and cooperate on the basis of mutual respect and justice. Hence, we are also accountable to other human beings to ensure our covenant to other human beings is fulfilled. The relationship, in the conventional sense, is a horizontal relationship instead of a transcendental relationship.

Why are discussing all the above concepts? To me, it could help us to conceptualise the nature of Islamic accountability concepts (Muhasabah or Taklif) and relationships (Habluminallah wa Hablumminannass). Hence, it should guide us to develop "what should be" the Islamic accounting objectives that consequently guide the Islamic accounting theory to be developed.    

Is accounting a purely technical and value free discipline?

Accounting is not a science like physics as accounting rules are man-made and not the results of natural phenomena. Accounting is also not purely technical and value free discipline like computing as accountants used judgements in their works. Accounting is not merely bookkeeping and only recording of financial transactions as accountants also measures and values assets and liabilities. Accounting process also communicates financial information and interpreted by users of information, who are also human beings.

So what really is accounting?

Accounting, most likely, is a social science. The accounting rules are determined by accountants and regulators. Accountants and regulators are human beings and need to be understood. Accountants used judgements in measuring and valuing assets and liabilities. As human being, accountants are not value free. Accountants will be influenced by their background, education and some time culture. How about the religion or belief of the accountants. Will religion or belief influenced accountants' rules and judgements?

Many past studies have proved that accountants' works and judgements are being influenced by their beliefs, values or/and religion. If you are keen to know this fact you can google some of the past studies including my PhD thesis and my other papers on this subject matter. However, some studies have proven that beliefs, values and religion did not influence accountants. Could it be that human beings including accountants now are more secularised? Could it be that accountants have been trained to follow rules and used less judgements? Are accounting policies today are highly regulated and less opportunities for accountants to reflect?

On another note, in developing Islamic accounting theory, we need to explore many possibilities. One of my PhD student is trying to prove that the religiosity of Muslim accountants influence accountants' judgements. She examined the religiosity using questionnaire survey and examined the intention of accountants in potential fraudulent financial reporting. Let us wait for her findings soon.

Who said Islamic accounting theory development is purely qualitative? We can study using quantitative method on many potential accounting problems to develop Islamic accounting theory. As I mentioned in my earlier posting Islamic accounting theory can be "what it should be" (normative and qualitative) or "what it is" (quantitative and positivist). The study on the impact of religious values and culture can be done qualitatively and as well quantitatively. Methodologies do not matter. What really matter is to find the truth in whatever way possible. Are we ready?