Importance of Shari’ah audit in financial statements of Islamic banks
Shari’a auditing and shari’a review and internal shari’a control system.
Shari’a Auditing or Islamic Auditing can be defined as a systematic process of obtaining sufficient and appropriate evidence to form an opinion as to whether the subject matter (processes, personnel, financial and non-financial performance, financial position, systems, marketing, products, transactions, contracts etc) corresponds with the criteria (the shari’a rules and principles) which is broadly accepted by the Islamic community and to report to stakeholders thereon.
Some of the things to note from the above definition :
(i) shari’a auditing is a process i.e. a series of steps or work.
(ii) Sufficient and appropriate (reliable and good quality) evidence needs to be collected.
(iiI) The subject matter of the shari’a audit should be wider than a financial statement audit. In line with the broader ambit of the shari’a including akhlaq, not only should the financial statements, but the banks internal processes, personnel, financial and non-financial performance, financial position, information and IT systems, marketing of the bank’s product and of course, the financial contracts employed by the bank.. This has implications for cost and time. However, this can be agreed with the client in case of agreed upon procedures based assignment. However, a minimum scope needs to be decided upon for regulatory shari’a auditing.
(iv)The criteria normally are the shari’a principles and rules developed by the Shari’a Supervisory Board. However, due to reasons we will consider later, I suggest shari’a principles broadly accepted by the Islamic community to avoid banks from fatwa shopping.
Shari’a audit is not defined anywhere by AAOIFI. However, GSIFI No. 2 defines shari’a review as “an examination of the extent of an IFI’s compliance, in all its activities, with the Shari’a. This examination includes contracts, agreements, policies, products, transactions, memorandum and articles of association, financial statements, reports (especially internal audit and central bank inspection), circulars, etc.
GSIFI further states that “The objective of a Shari’a review is to ensure that the activities carried out by an IFI do not contravene the Shari’a. And in order to achieve this objective unencumbered, GSIFI requires the SSB to have “complete and unhindered access to all records, transactions, and information from all sources including professional advisers and the IFI employees.”
It can be seen that the scope of activities is very wide, i.e. shari’a compliance must be in “all its activities”, not just products and contracts. The list of subject matter to be examined is very wide ranging from products to transactions and financial statements.”
In paragraph 1 to the standard, the responsibility of the review is placed by GSIFI on the Shari’a Supervisory Board. Paragraph 2 notes the relationship between the external audit of financial statements and the shari’a review by insisting that “this standard should be read in conjunction with ASIFI No.1: Objective and Principles of Auditing with particular reference to paragraph 7, and ASIFI No.2: The Auditor’s Report with particular reference to paragraph 17. It follows that the objective of this standard as well as those of ASIFIs No.1 and No.2 requires close coordination between the SSB and the external auditor.
GSIFI No. 2 places the responsibility for shari’a compliance squarely on the management of the IFI. However, unlike the role of the external auditor, the SSB is supposed to play a role in advising, providing guidance and training the management of IFI to ensure shari’a compliance. The management is also required to provide all information relating to the IFI’s compliance with the shari’a. To ensure a measure of independence, the scope of work of shari’a review cannot be restricted. And if such restrictions are imposed by the IFI on the SSB, such will be reported to the shareholders.
Looking at the scope of the shari’a review, I do not think it is a limited assurance engagement where a negative assurance can be given. Looking at the shari’a reports provided by SSB’s, they are worded positively. Hence, perhaps shari’a review is actually a shari’a audit or assurance.
Compared to the shari’a review, the internal shari’a review is conducted to “to examine and evaluate the extent of compliance with Islamic Shari’a rules and principles, fatwas, guidelines, and instructions issued by the IFI’s Shari’a supervisory board (SSB), hereafter referred to as Shari’a rules and principles” according to GSIFI 3, Internal Shari’a Review.
Whereas, the responsibility for the shari’a review is placed on the Shari’a supervisory Board, the internal shari’a review should “be carried out by an independent division/department or part of the internal audit department, depending on the size of an Islamic financial institution (IFI). It shall be established within an IFI.”
It can thus be seen that the internal shari’a review is an internal auditing activity of the IFI management forming part of what GSIFI 3 terms as “ internal shari’a control system designed to ensure that “that the management of an IFI discharge their responsibilities in relation to the implementation of the Shari’a rules and principles as determined by the IFI’s SSB.
The role, functions and composition of the Shari’a Supervisory Board
A unique corporate governance mechanism of Islamic financial Institutions is the shari’a supervisory board (SSB) which is theoretically an independent external body akin to external auditors. Consisting of at least 3 scholars in fiqh muamalat, who may be supported by experts in Islamic banking with knowledge of fiqh muamalat, the board play multifarious roles which are sometime inconsistent for an independent body ( I will have more to say on this in section 17.5). The board is supposed to direct, supervise and review the activities of the Islamic Financial Institution to ensure shari’a compliance in all its activities. The SSB is known under various names. In Malaysia, Bank Negara calls it shari’a committee, although Bank Islam Malaysia Bhd., uses the term Shariah Supervisory Council, whereas Meezan Bank of Pakistan has both a Shari’a Advisor (who issued the Shari’a Report) and a SSB, Shamil Bank of Bahrain uses Religious Supervisory Board, and al Baraka Bank uses the term Shari’a Board.
I think the confusion in terminology is perhaps due to the different and evolving perceived roles of the SSB. To me, AAOIFI’s definition is the best and most appropriate to give it a high enough status and role. The word Board rhymes with the Board of Directors (implying that the SSB should be as powerful in status and authority as the board of directors). The word supervisory defines its management and review role as opposed to a consultant/advisor whose advice may not be heeded. Of course the word shari’a as opposed to religious is better as the word shari’a is now synonymous with the Islamic shari’a not another religion’s shari’. Supervisory means that the board has power to direct and implement its decisions. The term Shariah advisor or advisory committee looks too timid and restricted in its role. BNM’s definition of Shariah committee is not too good as a committee’s advice need not be followed, although GPS1 insists that the IFI must follow the SC’s advice.
The SSB normally consist of renowned and learned Islamic scholars who are well known and trusted in their communities and they add credibility to the word Islamic in the IFI. Recently, in some cases, in their zest to mobilize more funds and provide more investment opportunities, some Islamic banks have gone fatwa shopping employing some dubious Islamic scholars who may hurt the reputation of the bank and the industry in the long run. These scholars are not careful in giving fatwas which the collective ummatic consciousness would not accept. Examples include some fatwas permitting tawarruq, bai bithamin ajil, premium saving bonds, and also passing contracts where some conditions lead to zulm on the part of the bank’s customers.
An Islamic bank found to be in breach of its fiduciary duties, or in contravention of the covenants of the Shari’ah could potentially expose itself to litigation from its investors as well as from third parties. In order to ensure that Islamic banks comply with the requirements of the Shari’ah as well as in the performance of their fiduciary duties and obligations, close co-operation is required between Shari’ah Boards and external auditors to ensure compliance in these respects.
The introduction of the concept of the “Shari’ah audit” would ensure Shari’ah and fiduciary compliance and would also assign formal responsibility to ensure such compliance.
The Shari’ah audit could be performed either by the Islamic bank’s external auditors or by its Shari’ah Board.
The performance of the Shari’ah audit by the bank’s external auditors would ensure that adequate independence was maintained. However, the external auditors would require to have the necessary competence and expertise to deal with Shari’ah and fiduciary compliance issues.
On the other hand, if the Shari’ah Board of an Islamic bank were carrying out a Shari’ah audit, it would have to be sufficiently independent in order to ensure an effective audit. Additionally, the Shari’ah Board would also require the requisite skills and expertise to address and resolve the resultant accounting issues and implications. Some Islamic banks have “Shari’ah internal auditors” who are also members of the bank’s Shari’ah Board. These “auditors” monitor Shari’ah and fiduciary compliance on an on-going basis and report their findings to the full Shari’ah Board.
Under either of the above scenarios, and Islamic bank’s Religious (Shari’ah) Supervisory Board and its external auditors will require liaising closely with each other on an on-going basis in order to ensure that potential Shari’ah and fiduciary compliance issues, which the Islamic bank may be exposed to, are addressed and resolved on a timely basis.
The establishment of rules and regulations as well as a code of practice, for the performance of a Shari’ah audit is essential in effectively ensuring that Islamic banks comply with the covenants of the Shari’ah as well as perform their fiduciary duties and obligations to their depositors (investment account holders) with regard to both general and additional disclosure requirements in their financial statements, such as disclosure requirements of the:
Disposal of non-Shari’ah compliance earnings
Profit distribution policy