Islamic financial institutions (IFIs) are under a significant degree of pressure to increase their risk management capabilities, as a recent study of IFIs in the GCC and South East Asia from Deloitte's Islamic Finance Knowledge Center found.
Deloitte found that the primary driver of risk management activities (which should include Shariah risk management) within IFIs was regulatory compliance, not public image or compliance with international standards setting organizations like AAOIFI, IIFM or IFSB. Standard setting compliance and public image were listed as fifth and sixth most important, respectively, (out of six) as drivers for risk management by IFIs.
Deloitte describes the Shariah risk management function as one split between the Shariah board and the external auditors, who are intended to coordinate with the internal audit department, with external auditors acting as the "Shariah Compliance Inspectors", in addition to their primary responsibility for reviewing practices, transparency and information disclosure.
This description conflicts with the findings of a survey conducted by PricewaterhouseCoopers of Malaysian IFIs, which found that most IFIs were overseen by internal Shariah auditors who did not interact significantly with either the independent Shariah board or the risk management department.
The problem facing Islamic financial institutions, under either the auditing regimes found by PwC and Deloitte (which each conducted surveys of IFIs) is that their auditing and risk management departments are set up and staffed in many cases with individuals (primarily those from accounting and auditing backgrounds) as conventional banks, and the audits are weighted towards accounting reviews. It is certainly necessary for an IFI to implement just as strict risk management and financial auditing controls as conventional banks, but the Shariah review needs to incorporate more than just financial reporting.
Shariah audits are different from financial audits, so having Shariah auditors with a different set of training is important. Under AAOIFI standards, Shariah auditors need to have training in Shariah, but are not expected to be as knowledgeable as the Shariah board, highlighting the importance of interaction between the auditors and the board.
At the annual AAOIFI Shariah conference, one of the presenters, Mufti Aziz Ur Rahman, recommended that the industry needs "proper official training of Shariah auditors" and the "strengthening of the certification process".
The survey results described above may support this point by highlighting how, in the absence of proper official training, auditors who may be earnest in fulfilling their roles, would benefit from additional training in Shariah and more interaction with their IFI's Shariah board.
Deloitte. 2012. Empowering Risk Intelligence in Islamic Finance: Managing risk in uncertain times. Manama: Deloitte & Touche (M.E.), June 21, 2012.
PricewaterhouseCoopers. 2011. Shariah Audit: Industry insights. Kuala Lumpur: PwC Malaysia.
Rahman, Mufti Aziz Ur. 2012. Presentation before the 2012 AAOIFI Annual Shariah Conference, May 7, 2012.
Blake Goud is the founder of Sharing Risk, a think tank on Islamic finance based in Portland, Oregon. He writes the widely followed Sharing Risk blog and previously covered the Americas for The Islamic Globe. Blake is also the chief compliance officer for Marquam Capital, a registered investment advisor, and chief compliance officer for HP Securities, Inc, a FINRA-member broker/dealer.
© Zawya 2012
© Copyright Zawya. All Rights Reserved.