SHARIA AUDIT IN ISLAMIC FINANCIAL INSTITUTIONS.

INTRODUCTION

Sharia compliance audit or Sharia Audit is an important function within the Sharia Governance Framework of Islamic Banks. The audit is carried out to assess adequacy and efficiency of internal Sharia controls as well as assessing Sharia compliance status of the activities conducted by the bank.

SHARIAH AUDIT

Shariah Audit is a periodic activity. It is designed as a formal, structured process based on standard operating procedures and programs. It involves review of documents which entails going over a checklist to see whether or not documents are genuine and their entries are correct. The aim of the Shariah Audit is not to penalize for mistakes but in fact to ensure mistakes are learned from and improvements made accordingly and timely.

The Shariah Audit includes an evaluation of the product offerings, process flows, bank’s branch and head office environment, customer reading materials, staff knowledge, bank's communication channels and staff dress-code to see if it all complies with the Shari'ah guidelines issued by the Sharia supervisory board or Sharia Department. It entails staff interviews, particularly the branch staffs and operation manager’s to determine their knowledge and understanding of Islamic banking.

It also include a check on the methods of profit distribution and assigning weightages. At a financing/credit department, the audit determines the degree of Shariah compliance of financing transactions mainly execution of various Sharia'h documentations related to financing. At branch level, the audit focus on customer stransactions executed at branches, branch environment, customer reading materials, customer complaints and resolutions, staff knowledge and awareness with regards to function related Sharia guidelines and Islamic banking in general. Where need arises, the audit team may visit clients to determine whether or not customer are made aware of proper procedures which are in place and relates to Sharia'h.

Errors or weaknesses spotted during the audit if any are presented in the Shariah Audit Report. Errors or weaknesses or failure to comply with relevant Sharia guidelines when spotted by staffs prior to audit must also be reported to the Product Development and Shariah Compliance team which will examine the cases and report accordingly and timely to relevant authority. If Staffs are not able to freely communicate to errors or weaknesses to Sharia Department, then it is likely that the problem never may get to be resolved and the bank may suffer strategic and reputation risk.

Once reported, the error or weaknesses serves as a precedent to help avoid similar mistakes in the future and whenever it is shared to other branches it informs other branches on measures to prevent them from repeating the same errors.

This is the synergy required between the different teams within the departments that enables the Islamic bank to function effectively as a whole — its perspective, objectives and activities directed to one goal — ensuring 100% Shariah compliance and ultimately 100% customer satisfaction.

As an industry best practice and as guideline given by top scholars in the field, it is strongly recommended that every year a Shariah Audit must be conducted for all the financing units, departments or branches in a bank. Transactions or activities within each unit must be checked via sampling. It is also recommended that a Shariah review is conducted at the time when the financing limits are renewed annually.

The Product Development and Shariah Compliance unit has responsibility to check on selected sample transactions for each client to determine their conformity to Shari'ah guidelines. This process of review exists to avoid mistakes that would otherwise show up in an audit.

Post Audit Corrective Measures

If the Shariah Audit report discloses a serious error or weakness that requires fixing, the transaction should be stopped or put on hold. The transaction may be allowed to continue but only after the correction of error or with a revised process flow as advised by Product Development and Sharia'h compliance Department.

The cause of the error or weakness must be investigated by respective staff/manager/ head of the department to determine the appropriate course of action — was it the bank officer’s mistake? Was the financing mode prescribed inappropriate? Was there inadequate descriptions on the process to be followed?

If the transaction is impermissible and confirmed to be so by the Sharia Supervisory Board (or Sharia Advisor with such a mandate), the corresponding income should be transferred to the charity account. Ideally, disciplinary measures must be prescribed if the mistake is intentional. In case the error is the client’s, it should be investigated whether it occurred out of a lack of awareness or the client’s indifference to Shariah prescriptions.

Disclosures & Annual Shariah Report

All the major activities of the bank’s audited by Shariah department and the results of the Shariah audit are disclosed to the management and in the Shariah Board’s or Shariah Advisor’s which later on issue Shariah report published within the bank’s Annual Report. The format of such report is provided by Auditing and Accounting Organization for Islamic Financial Intitutions (AAOIFI) Governance Standard No 1.

However, Sharia Supervisory Board or Sharia'h Advisor may construct this report in a different format as it deems fit or based on best practices. For example, the Shariah Report may state the number of Department and branches audited and the resultant findings. It may also mention the amounts transferred to the charity account owed to flawed transactions and where the charity is distributed. Major errors too may be disclosed along with the actions recommended to rectify them. The report may also disclose the research undertaken, the new products developed, the number of employee and client training sessions conducted. It may also disclose the scope of the audit; the transactions covered. It may include an overall branch assessment and a review of how profit was distributed and the employees’ level of Islamic banking knowledge.

All these disclosures offer transparency and keep the bank’s clients and shareholders informed of the bank’s activities and the measures it takes to ensure continued Shariah-compliance. The Sharia Department is responsible to follow up on his recommendations or agreed actions in the subsequent audit.

Rating

As part of the industry best practice an Islamic bank must have two rating processes Shariah Audit rating and employee rating.

Shariah Audit Rating

The bank’s branches/departments/functions must be rated after Shariah Audits using an efficient rating system, like a five tier rating system (e.g. Excellent, Above Average, Good, Below Average, Poor) and the result of the Shariah audits should be linked to the annual appraisal of the branch and concerned staff.

For instance if a unit is rated “Poor” it affects its appraisal, promotions and increments and if a unit is rated “Excellent” it earns some type of reward or other performance enhancement incentive. A unit rated “Poor” is also given extra support to bring it up-to-date with the latest training and performance improving activities.

Employee Rating

Starting from the CEO to the cashier at the front desk, ensuring Shariah-compliance is everyone’s job. And it is strongly suggested that in the employees’ annual appraisals due weightage must be given to the Shariah compliance mindset, knowledge and commitment to Shariah compliance. Institutionalizing a penalty and reward system is a must to ensure good performance at both the branch and employee level.

Note:
This article was written with inputs from Sharia Compliance Report published by Ethica Institute of Islamic Finance.