SHARI’AH AUDIT: FROM COMPLIANCE TO
ASSURANCE
From 2012, all Islamic
financial institutions (IFIs) in Malaysia are required by Bank Negara Malaysia
(BNM) to observe and comply with the Shari’ah Governance Framework (SGF). The
SGF is a set of organisational arrangements through which IFIs ensure effective
oversight, responsibility and accountability of the board of directors, the management
and the Shari’ah Committee. Ultimately, the SGF serves as a guide towards
ensuring an operating environment that is compliant with Shari’ah principles.
The SGF, to a certain
extent, has successfully reinforced the Shari’ah compliance functions, internal
Shari’ah review and audit requirements, supported by an appropriate risk
management process and research capability. The implementation of the SGF so
far has contributed towards Shari’ah compliance process. However, currently,
the Islamic financial industry lacks a robust Shari’ah assurance process.
Shari’ah audit is
essentially an assurance process as it should be conducted by independent
auditors. Shari’ah audit is needed to fill the gap of Shari'ah compliant
activities and services of the IFIs. The stakeholders need to be assured that
the institutions that offer Islamic financial services have sufficient levels
of Shari’ah assurance processes and controls. Today, mere claims by the IFIs
that they are fully Shari’ah compliant may no longer be sufficient. Independent
assurance through Shari’ah audit is essential to enhance the integrity and the
accountability of the IFIs.
Pitfalls of the SGF
The SGF requires all IFIs
to establish Shari’ah audit function that performs annual audits in order to
provide an independent assessment of the adequacy and compliance with
established policies and procedures, and the adequacy of the Shari'ah
governance process. Closer scrutiny of the SGF indicates that the Framework did
not sufficiently explain the requirements and the functions of Shari’ah audit.
The best example would be the crucial relationship between the Shari’ah audit
and the Shari’ah risk management which was not clearly spelled out.
There is also a lack of
guidance as to the level of appropriateness of Shari’ah risk management
framework. Instead the SGF expects the IFIs to develop their own risk
management framework. Realising the uniqueness and complexities of Shari’ah
non-compliance risks, Shari’ah risk management function should be properly
developed before the IFIs can effectively undertake Shari’ah audit. Shari’ah
non-compliance risk indicators and measurement should be clearly identified. In
addition, the line of reporting and responsibility on Shari’ah risk management
should also be clearly expounded.
On another note, the SGF
specifies that the Shari’ah audit shall be performed by the internal auditors,
whom are trained and have adequate knowledge of Shari’ah. However, the SGF did
not specify the level of Shari’ah knowledge and the specific areas of Shari’ah that
they need to equip themselves. The nature of their work requires specialised
knowledge of Shari’ah essential for them to carry out their work effectively.
The IFIs should also be required to create special positions of Shari’ah
auditors within their internal audit division.
The SGF has also
purposely excluded the function of external Shari’ah audit. External audit, in
contrast to internal audit, represents the third party role to provide check
and balance of the Shari’ah assurance requirements. Similar to external financial
audit, the absence of external and independent audit reports by qualified
Shari’ah auditors will certainly affect the credibility of IFIs in the eyes of
stakeholders.
One important governance
concern is on the line of authority of Shari’ah audit function. As per the SGF,
Shari’ah audit is directly answerable to the audit committee. Unfortunately,
the audit committee’s present scope of work is already very demanding. To
expect them to plan and to scrutinise the Shari’ah audit would be an additional
burden and responsibility that may affect the overall efficiency of audit
committee.
Another
taken for granted issue is on the role of Shari’ah committee with regards to
Shari’ah audit function. There is a dire need for a comprehensive guideline in the
case where there is a dispute or different of opinion between the management
and the Shari’ah auditors on matters relating to Shari’ah interpretation. By
right, all disputes or differences shall be referred to the Shari’ah committee
of the IFIs.
In theory, the Shari’ah
committee and the Shari’ah auditors should be responsible to jointly plan the
Shari’ah audit. Once the Shari’ah audit function is performed by the auditors
then it must be reported directly to the Shari’ah committee and the audit
committee for deliberations and remedial actions. The final report must then be
tabled to the board of directors for their attention and further action.
The
Urgent Need for Shari’ah Audit Framework
The above arguments indicate
an urgent need for the Shari’ah Audit Framework that should complement the SGF.
The primary objective of this elusive Framework is to provide guidelines for
the management to properly discharge their responsibilities according to
Shari’ah rules and principles. In addition, the purpose of the Framework is to
ensure that the system of internal control for Shari’ah compliance is conceptually
sound and effective in its implementation.
The
Shari’ah Audit Framework is needed to clearly specify the roles and functions
of both the internal and the external Shari’ah auditors. Shari’ah auditors should
have direct and regular communications with all levels of management and the
Shari’ah committee. Knowing the sensitivity of some Shari’ah issues, there
should not be any scope limitation and restriction of access to evidences, documents,
reports etc. in order for the Shari’ah auditors to undertake their work. This
is to ensure the efficiency and the effectiveness of Shari’ah audit function.
The
need for a more robust Shari’ah assurance function – not just Shari’ah
compliance - should be considered seriously by BNM. The need for a comprehensive
Shari’ah Audit Framework to guide the industry is long overdue. The issues raised above
are only `tips on the iceberg’ and certainly there are many other outstanding
issues facing the Islamic financial industry. The imperative next step is the need for a comprehensive
guideline on Shari’ah audit to
ensure that all activities and operations of the IFIs truly in compliance with
Shari’ah.
Shariah Audit Conference
2014
This article has argued
for the need of a more robust Shari’ah audit function and guidelines. Realising
the increasing demand for greater integrity and transparency of IFIs, the
Institute of Internal Auditors Malaysia (IIAM) will organise a Shariah Audit
Conference 2014 after a successful inaugural event organised by the industry’s
association in 2011. IIAM in collaboration with the Islamic Banking and Finance
Institute Malaysia (IBFIM) will organise this important event on 20th
and 21st May 2014 at Hotel Istana, Kuala Lumpur. This event will
hopefully be able to discuss the pertinent issues of Shari’ah audit and to
explore future direction of this nascent industry. The shift of focus from
Shari’ah compliance to Shari’ah assurance is indeed crucial to enhance the
public confidence of the IFis which in turn contributes toward sustainable
growth of the Islamic financial industry.
No comments:
Post a Comment