Ethic And Coporate Governance In Islamic Financial Institutions

ETHICS AND COPORATE GOVERNANCE IN ISLAMIC FINANCIAL INSTITUTIONS

CHAPTER 1 : BANKING ETHICS

1.1.1 Ethics in a global context

Definition Ethics

• Moral philosophy.
• Determining rights and wrongs, selecting actions to achieve good results, evaluating motives.
• The achievement of wisdom, choosing actions that are benefical and acceptable long term; or sustainable. This implies a society focus.

Definition Morals

· Beliefs and behaviour of group. The group can be:

• Nation, or geographical area

• Group of nations

• Religious or life view groups, and subgroups

• Profession or similar

• Other organisation, e.g. sports, clan, NGO

Differences between ethic and moral

ETHICS

MORAL

• Ethics is the rules for deciding proper conduct. While not absolutely timeless, ethical principles change very little though the ages

• Morality is the standards for behavior that exist at some point in time.

• Compared to ethics, morality undergoes changes frequently

• Compared with ethics, morality is more like a snapshot taken of something moving

• Since the principles of ethics are more fundamental and stable, ethics is bigger than morality

• Ethics is able to call morality - the existing standards for conduct - into question, and cause morality to change

1.1.2 Components of ethical behavior

• Moral Sensitivity-Recognition that an ethical problem exists

• Moral Judgement-decision makers choose among the courses of action identified in component Make judgements about what is wrong/right

• Moral Motivation-People are more likely to act ethically when evaluated on how well they adhere to important values

• Moral Character-Executing a plan requires character. Persistence is Key, complemented with competence.

1.1.3 Difference of management between conventional and Islamic point of view

CULTURE

The purpose is to see whether management application is universal. The thesis of this paper

is that there are contrasts in management practices across the cultures.

1. Islamic management

– No demarcation between the secular and the religious; human life is an organic whole; All human activity can be Ibadah provided they are guided by Allah’s commandments. (Islamic Belief System)

1. Conventional management

• Clear demarcation between the secular and the religious; human activities are separated; spiritual or religious aspect is a private matter of individuals while work is in public domain. (Non-Islamic in Approach)

Implication (s)

• Thus purpose of human existence is to obey and fulfill Allah’s commandments and act as the vice-regent of Allah on earth. (Seeking Pleasure of Allah- Al-Deen)

• Purpose of human existence is to utilize natural resources to satisfy one’s needs, wants and desires and to remain happy.

(Seeking Sensual Pleasure- Al-Dunya

OBJECTIVES

1. Islamic management

• Organizational objectives are both economic and non-economic and are subservient to larger purpose of human existence. (Maqasid Shariah)

2. Conventional management

Organizational objectives are both economic and non-economic in nature and are sub servient

to organizational interests. (Loyalty to Boss)

Implication (s)

• Organizations are meant to be groups of people coming together for attaining the purpose of human existence. (Human welfare as motivational drive)

• Organizations are meant to be groups of people coming together to attain the organizational goals. (Profit maximization as source of motivation).

SOURCES OF MANAGEMENT

1. Islamic management

• The revealed knowledge and the traditions of the Prophet (SAW) constitute the ultimate source of business ethics and personal values.

(Prophet: The Source of Hidayah)

2. Conventional management

• Ethics is relative and values are derived from multiple sources such as upbringing, society, and experiences. Ethics could be relative as in utilitarian theory. (End Justifies the Means)

Implication (s)

• Human being has choice, free will and freedom of action therefore is responsible and accountable for all actions.

(No Compulsion in Deen/Accountability in Life-hereafter)

• Responsibility and accountability vested in the chief executive who delegates it. Employees controlled through organizational systems to ensure responsibility and accountability.

(Accountable only to Boss)

ORGANIZATIONAL

1. Islamic management

• Organizational control has to operate in a way designed to make the human being subservient to the will of Allah.

(Comprehensiveness of Islam and the Shariah)

2. Conventional management

• Organizational control has to operate in a way designed to align human objectives with the organizational objectives.

(Cascading of Objectives)

Implication (s)

• The locus of control is internal. Each person is responsible and accountable for his actions. (Shariah compliance)

• The locus of control is external and lies in the realm of the organization.

(Market Driven)

1.2.1 An abuse of position and misuse of information

Define misused of position

• Misuse of position is the improper use of official time and authority, and of information and resources to which an employee has access because of his/her positions in the organizations. Eg: ‘CABLE’

Define misused of information

• Misuse of information is the way use of information from FI for illegal activities

• EG: Sell customer information

1.2.2 The completeness and accuracy of record

• Completeness and accuracy of records

– All the customers and organizations documents must be proper completeness and accuracy for recording by FI

– EG: Make sure all the customers record are update and complete with the prior documentation

1.2.3 The confidentially of communication and transaction

• A registered person should take every precaution to protect and preserve the confidentiality of customer information communicated to him in the course of everything. He must not in any way use such information for personal or another person's gain. Under this principle all customers communication and transaction must be keep confidentially by FI. Example : all staffs bank are prohibited to communicate customers information to publics

1.2.4 The relevant treatments for:

• Releveant Equitable treatment:

–Unethical behavior: Unethical behavior is any action that is aimed at taking advantage of another without their knowledge or consent. Most define this as manipulating someone without their persmission. Unethical actions are not necessarily illegal.

–Ethical behavior : acting consistantly with the ‘personal values’

– Test of ethical behavior: to measure and to reveal the ethical and unethical behavior. Eg:Audit

–Customer complaint : express of customers guts or feeling regarding ethic and unethical behavior

1.3.1 Understand the banking ethical system from Islamic point of view

Islamic ethical approach to business social responsibility

Western Guidelines

Evidence

Human Rights Dimension

• “Allah said, ‘I have made oppression unlawful for Myself and for you, so do not commit oppression against one another’” Sahih Muslim, vol. 3, hadith no. 6254.

• “Help your brother whether he is the oppressor or the oppressed....If he is an oppressor, prevent him from doing it, for that will be helping him, and if he is oppressed he should be helped (against the oppressor)” Sahih Muslim, vol. 3, hadith no. 6246.

Human Resource Dimension

• “Your employees are your brethren over whom Allah has given you authority. So if one of you has his brother under his control, you should feed him with the like of what you eat and clothe him with the like of what you wear. You should not overburden him with what he cannot bear, and if you do so, help him in his job” Sahih Muslim vol. 3, hadith no. 4093.

• “Allah (SWT) says: “I will be an opponent to three persons on the Day of Judgement: one who makes a covenant in My Name but proves treacherous; one who sells a free person (as a slave) and consumes the price; and one who employs a labourer and receives his full labour but does not pay his wages” Sahih al-Bukhari, vol. 3, hadith no. 2.

Environmental Dimension

“And when he turns away, he strives throughout the land to cause destruction therein and destroy crops and animals. And Allah does not like mischievous acts” (Al-Qur’an 2:205).

• “And do no mischief on the earth after it has been set in order, but call on Him with fear and aspiration. Indeed the mercy of Allah is near to the doers of good” (Al-Qur’an 7:56).

Philanthropic Dimension

• “And fear Allah as much as you can, listen and obey; and spend in charity for the benefit of your own souls. And those saved from the covetousness of their own souls, they are the ones who achieve prosperity” (Al-Quran 64:16). !

• “Every Muslim must pay sadaqah (charity).” A companion asked, “What about someone who has nothing to give?” The Prophet replied, “Then let him do something with his two hands and benefit himself. That will be charity.” A companion asked, “But what if he cannot do that?” The Prophet replied, “Then he can help someone who is needy.” They asked, “What if he cannot do even that?” The Prophet replied, “Then he should enjoin the doing of good.” Still again they asked, “But what if he cannot do that?” The Prophet replied, “Then he should refrain from evil, for that is a form of charity.” Al-Bukhari’s al-Adab al-Mufrad, hadith no. 225

1.3.2 Principles of Islamic ethics

First

• Islamic ethics is transcendental; this is so, because the determination of what is ethical and what is not or what is proper and what is improper, all comes from Allah (s.w.t). In Islam, the source of morality transcends human desires and culture.
• It is a divine code which descended from the divine realms. Legislation of moral conducts or otherwise, depends on the divine scripture (al-wahy al-Ilahiyi) which transcends the limits (changes) of time and culture.
• This make Islamic ethics vary from conventional ethics in which ethical conducts are characterized as bad or good based on their utilitarian outcome and gains.

Second

• In the Islamic ethical system, man‟s nature is not evil nor graceless, but good (fitrah).

Man is born with good natural disposition; evil traits are acquired and additional to the human nature.

• Upon birth, man is innocent and his nature is not ungracious which requires redemption or baptism to wash his original sin; every person begins his life ethically sane and sound, not weighed down by any original sin.
• In fact, at birth man is already above the zero point in that he has the revelation and his rational equipment ready for use, as well as a world all too ready to receive his ethical deed.
• In this understanding, man and the world are either positively good or neutral, but not evil.

In due time, this good character might become obscured by envy, hate, ego, jealousy, utilitarian and prejudice.

Third

• As a universal code of conduct, Islamic moral standards teach universal justice and human equality. First of all, ethical propositions do reflect universal moral truths regardless of culture, race, religion, nationality, or any other distinguishing feature; thus moral relativism has no place in Islam.
• Second, human beings are equal and there is no favouritism of any ethnic groups over another; no individual is closer or nearer to Allah (s.w.t) except through good deeds. As such, discrimination and division of mankind into good or bad, intelligent and less intelligent, privileged or otherwise, based on ethnicity and kinship, have no place in the Islamic ethical system.
• Moral quality (taqwa) and educational qualifications (ilm) are what differentiate man. In this conception, tribalism is replaced with ummatism, while ethno-centrism is replaced with universalism.
• Concepts like Cast System of Hinduism, Original Sin of Christianity and Chosen Community of Judaism have no place in the Islamic ethics. In this understanding, regardless of race, skin color, language, region, age and social class, man and woman are good only when they command good and prohibit evil (al-amr bi al-ma‟ruf wa al-nahy an al-munkar).

Fourth

• Human conducts are judged to be ethical or otherwise, depending on the intention of the individual and in accordance with the divine texts (nusus al-shari‟ah).
• Human conduct is considered morally good (amal salih) by fulfilling two conditions. First, the conduct must be done with good motives (niyyyah hasanah).
• Second, must be in accordance with the norms of the shari‟ah. In this case, both the motive and means (way) of conduct must be good. Good intentions cannot turn immoral actions into good, while good outcomes cannot justify the morality of immoral means; as such, Islamic ethical system is neither consequential nor utilitarian.
• Thus, a person‟s behavior can be wrong even if it results in the best possible outcomes. For instant, stilling or roping the wealthy of others to feed needy people is immoral.
• The reason is because, though feeding needy people is good, however, stilling is immoral in itself and nothing can justify it. Similarly, an act can be righteous even if it results in a negative outcome. For instant, to defend your wealth and family is morally good even if that results your death.

1.3.3 Model of Islamic ethics

Shariah provides a concrete framework to determine the optimal way to balance

the rights and responsibilities of various stakeholders. In particular, the principles of maslahah have been used throughout Muslim history to prevent and resolve problems arising from potentially conflicting rights and responsibilities in different fields.

CHAPTER 2 : INTERNAL CONTROL AND CONFLICTS

2.1.1 Internal control in banking system

· Internal control is a process effected by the board of directors, senior management and all levels of personnel. It is not solely a procedure or policy that is performed at a certain point in time, but rather it is continually operating at all levels within the bank. The board of directors and senior management are responsible for establishing the appropriate culture to facilitate an effective internal control process and for continuously monitoring its effectiveness; however, each individual within an organisation must participate in the process. The main objectives of the internal control process can be categorised as follows:

1. Efficiency and effectiveness of operations (operational objectives).

2. Reliability and completeness of financial and management information

(information objectives).

3. Compliance with applicable laws and regulations (compliance objectives).

2.1.2 The major elements of an internal control process

Management oversight and the control culture

Board of directors

Principle 1: The board of directors should have responsibility for approving strategies and policies; understanding the risks run by the bank, setting acceptable levels for these risks and ensuring that senior management takes the steps necessary to identify, monitor and control these risks; approving the organisational structure; and ensuring that senior management is monitoring the effectiveness of the internal control system.

Senior management

Principle 2: Senior management should have responsibility for implementing strategies approved by the board; setting appropriate internal control policies; and monitoring the effectiveness of the internal control system.

Control culture

Principle 3: The board of directors and senior management are responsible for promoting high ethical and integrity standards, and for establishing a culture within the organisation that emphasises and demonstrates to all levels of personnel the importance of internal controls. All levels of personnel at a banking organisation need to understand their role in the internal controls process and be fully engaged in the process.

Risk recognition and assessment

Principle 4

Senior management should ensure that the internal and external factors that could adversely affect the achievement of the bank's objectives are being identified and evaluated. This assessment should cover all the various risks facing the bank (for example, credit risk, country and transfer risk, market risk, interest rate risk, liquidity risk, operational risk, legal risk and reputational risk)

Principle 5

Senior management should ensure that the risks affecting the achievement of the bank's strategies and objectives are continually being evaluated. Internal controls may need to be revised to appropriately address any new or previously uncontrolled risks.

Control activities and segregation of duties

Principle 6

Control activities should be an integral part of the daily operations of a bank. Senior management must set up an appropriate control structure to ensure effective internal controls, defining the control activities at every business level. These should include: top level reviews; appropriate activity controls for different departments or divisions; physical controls; periodic checking for compliance with exposure limits; a system of approvals and authorisations; and, a system of verification and reconciliation. Senior management must periodically ensure that all areas of the bank are in compliance with established policies and procedures.

Principle 7

Senior management should ensure that there is appropriate segregation of duties and that personnel are not assigned conflicting responsibilities. Areas of potential conflicts of interest should be identified, minimised, and carefully monitored.

Information and communication

Principle 8

Senior management should ensure that there are adequate and comprehensive internal financial, operational and compliance data, as well as external market information about events and conditions that are relevant to decision making. Information should be reliable, timely, accessible, and provided in a consistent format.

Principle 9

Senior management should establish effective channels of communication to ensure that all staff are fully aware of policies and procedures affecting their duties and responsibilities and that other relevant information is reaching the appropriate personnel.

Principle 10

Senior management must ensure that there are appropriate information systems in place that cover all activities of the bank. These systems, including those that hold and use data in an electronic form, must be secure and periodically tested.

Monitoring activities and correcting deficiencies

Principle 11

Senior management should continually monitor the overall effectiveness of the bank's internal controls in helping to achieve the organisation's objectives. Monitoring of key risks should be part of the daily operations of the bank and should include separate evaluations as required.

Principle 12

There should be an effective and comprehensive internal audit of the internal control system carried out by appropriately trained and competent staff. The internal audit function, as part of the monitoring of the system of internal controls, should report directly to the board of directors or its audit committee, and to senior management.

Principle 13

Identified internal control deficiencies should be reported in a timely manner to the appropriate management level and addressed promptly. Material internal control deficiencies should be reported to senior management and the board of directors.

2.1.3 The evaluation of internal control system by supervisory authorities

Principle 14: Supervisors should require that all banks, regardless of size, have an effective system of internal controls that is consistent with the nature, complexity, and risk of their on- and off-balance-sheet activities and that responds to changes in the bank's environment and conditions. In those instances where supervisors determine that a bank's internal control system is not adequate (for example, does not cover all of the principles contained in this document), they should take action against the bank to ensure that the internal control system is improved immediately.

1.1.4 The roles and responsibilities of external auditors

The roles and responsibilities of external auditors

• Although external auditors are not, by definition, part of a banking organisation and therefore, are not part of its internal control system, they have an important impact on the quality of internal controls through their audit activities, including discussions with management and recommendations for improvement to internal controls. The external auditors provide important feedback on the effectiveness of the internal control system

• While the primary purpose of the external audit function is to give an opinion on, or to certify, the annual accounts of a bank, the external auditor must choose whether to rely on the effectiveness of the bank's internal control system. For this reason, the external auditors have to conduct an evaluation of the internal control system in order to assess the extent to which they can rely on the system in determining the nature, timing and scope of their own audit procedures

• The exact role of external auditors and the processes they use vary from country to country. Professional auditing standards in many countries require that audits be planned and performed to obtain reasonable assurance that financial statements are free of material misstatement. Auditors also examine, on a test basis, underlying transactions and records supporting financial statement balances and disclosures. An auditor assesses the accounting principles used and significant estimates made by management and evaluates the overall financial statement presentation. In some countries, external auditors are required by the supervisory authorities to provide a specific assessment of the scope, adequacy and effectiveness of a bank's internal control system, including the internal audit system

2.2.1 The conflicts at workplace

• A conflict of interest may exist even if there are no improper acts as a result (“Conflict of Roles” and Conflict of Interest)

• A person with two roles (e.g. a stockholder and government official) may experience situations where those two roles conflict

•Having two roles is not illegal, but the differing roles may provide an incentive for improper acts in some circumstances

• The conflict can be mitigated- but it still exists

• A conflict of interest may exist even if there are no improper acts as a result (“Conflict of Roles” and Conflict of Interest)

• A person with two roles (e.g. a stockholder and government official) may experience situations where those two roles conflict

• Having two roles is not illegal, but the differing roles may provide an incentive for improper acts in some circumstances

• The conflict can be mitigated- but it still exists

2.2.2 The matters which can prevent conflicts at workplace (the do’s and don’ts for the staff)

• Do

– Integrity and honest

– Sense of belonging

– Responsible

– Keep org. secret

– Respect and others

• Don’t

– Cheat

– Fraud

– Hoarding

– Rob and others

2.2.2 The matters which can prevent conflicts at workplace (the do’s and don’ts for the staff)

The best way to handle conflicts of interest is to avoid them entirely

• Short of avoiding conflicts of interest, the best way to deal with them is one or more of the following (mitigation) measures…

• Disclosure or “remedies”:

• Severity of Conflict of Interest:

• Likelihood that professional judgment will be influenced, or appear to be influenced, by the secondary interest, and

• The seriousness of the harm or wrong likely to result from such influence or its appearance

• Recusal

– To minimize any conflict, the board member should not participate in any way in the decision, including discussions

• Third-party evaluations

– Audit the operation of the management by third party such as SIRIM, BNM or others

2.2.3 The conflicts of interest in a banking system

• Conflict of Interest

Staff will not place themselves in positions where their own interests could conflict with those of the bank or any of the bank’s clients or customers.

• Conflicts of interest could arise in dealings :-

a. between the bank and its staff; eg: bank foreclosing property belonging to staff family

b. between the bank and its customers; eg: customer asking bank to accept third party cheques

c. between bank staff and bank customers eg: customers business and staffs family business are in direct competition

• Staff will not assume any such position where a possible conflict of interest with the bank could arise

• Staff will not derive any improper benefits at the expense of the bank or its clients

CHAPTER 3 : MALAYSIA CODE ON CORPORATE GOVERNANCE

3.1.1 The principle of Corporate Governance

Principles

Descriptions

ESTABLISHED CLEAR ROLES AND

RESPONSIBILITIES

The responsibilities of the board, which should be

set out in a board charter, include management

oversight, setting strategic direction premised on

sustainability and promoting ethical conduct in

business dealings.

STRENGTHEN COMPOSITION

The board should have transparent policies and

procedures that will assist in the selection of board

members. The board should comprise members

who bring value to board deliberations.

REINFORCE INDEPENDENCE

The board should have policies and procedures to

ensure effectiveness of independent directors.

FOSTER COMMITMENT

Directors should devote sufficient time to carry

out their responsibilities, regularly update their

knowledge and enhance their skills.

UPHOLD INTEGRITY IN FINANCIAL

REPORTING

The board should ensure financial statements are a

reliable source of information.

RECOGNISE AND MANAGE RISKS

The board should establish a sound risk management

framework and internal controls system.

ENSURE TIMELY AND HIGH QUALITY

DISCLOSURE

Companies should establish corporate disclosure

policies and procedures to ensure comprehensive,

accurate and timely disclosures.

STRENGTHEN RELATIONSHIP BETWEEN

COMPANY AND SHAREHOLDERS

The board should facilitate the exercise of ownership

rights by shareholders.

3.1.2 The significance of the importance of good Corporate Governance for Islamic Banks

• sets out the broad principles and specific recommendations on structures and processes which companies should adopt in making good corporate governance an integral part of their business dealings and culture.

• advocates the adoption of standards that go beyond the minimum prescribed by regulation

• clarifying the role of the board in providing leadership, enhancing board effectiveness through strengthening its composition and reinforcing its independence.

• Also encourages companies to put in place corporate disclosure policies that embody principles of good disclosure

3.1.3 Corporate Governance

• Governance structure

components that focus on the following tasks: providing project leadership, defining the business of justice, and analyzing technical environment, policies and solutions EG: power of chain in org.

The process and structure used to direct and manage the business and affairs of the company towards enhancing business prosperity and corporate accountability with the ultimate objective of realizing long-term shareholder value, whilst taking into account the interests of other stakeholders.”

• External regulatary

Auditor from outiside the company, such as SIRIM, LHDN, SPRM or others

Others body that regulate the corporate goverance regulation

• Internal regulatary system

Internal Audit unit or division, corporate department or Laws department of company eg: code of ethics, governance code of company.

• Internal control system

Governance monthly report, risk management, financial, organisational, operational and compliance control.

3.1.4 The component of Corporate Governance In Malaysia

• LIST COMPANY

Companies listed in Bursa Malaysia (PETGAS, NESTLE and others)

· BANK AND FINANCIAL INSTITUTION

Bank or FI that operates in Malaysia (BIMB, CIMB and others)

· INSURANCE COMPANY

- Insurance or takaful provide (Takaful Ikhlas, Bsn Prudential and others)

· INVESTMENT MANAGER OR FUND MANAGER

- Person that manage the fund that has been invested (ITTIKAL, ASB, and others)

· FAMILY ENTERPRISES

- Company or enterprises that belong to family legacy (NAZA)

· STATE ENTERPRISES

- Company that belong to state government (Matrix concept, Syabas, SAJ)

CHAPTER 4 : SHARIAH GOVERNANCE FRAMEWORK

4.1.1 The essential key functions of Shariah Governance Frameworks

• It is the duty and responsibility of an IFI to establish a sound and robust Shariah governance framework with emphasis placed on the roles o f key functionalities in ensuring effective implementation of the Shariah governance framework.

• An IFI shall set out the accountability and responsibility of every key functionary involved in the implementation of Shariah governance framework.

•Independence of the Shariah Committee shall be observed at all times in exercising their duties to make objective and informed judgment.

• Any person bearing responsibilities outlined in the Shariah governance framework for an IFI shall possess the necessary competency and continuously enhance their knowledge and understanding on the Shariah as well as keep abreast on the latest developments in Islamic finance.

• Internal and privileged information obtained by the Shariah Committee members in the course of their duties shall be kept confidential at all times and shall not be misused.

• Professional ethics, judgment and consistency shall be maintained in ensuring Shariah compliance.

• There shall be a robust Shariah compliance function, comprising review and audit functions, supported by risk management control process and internal research capacity.

4.1.2 The roles, functions and level of accountability and responsibility of:

Board of Directors

• The board is ultimately accountable and responsible on the overall Shariah governance framework and Shariah compliance of the IFI, by putting in place the appropriate mechanism to discharge the aforementioned responsibilities. The board is also expected to perform diligent oversight over the effective functioning of the IFI’s Shariah governance framework and ensure that the framework commensurate with the size, complexity and nature of its business.
• The board, upon consultation with the Shariah Committee shall approve all policies relating to Shariah matters and is expected to ensure that such policies are implemented effectively.
• The Shariah Committee members shall be appointed by the board upon the recommendation of its Nomination Committee. The number of Shariah Committee members to be appointed must not be less than five (5), the majority of whom must possess strong knowledge in Shariah and backed bythe appropriate qualifications in that area.6 The board must ensure that the Shariah Committee members are aware of their fiduciary responsibilities indischarging their duties.
• The board may consider appointing at least one (1) member of the Shariah Committee as a member of the board that could serve as a ‘bridge’ between the board and the Shariah Committee. The presence of a director with sound Shariah knowledge would foster greater understanding and appreciation amongst the board members on the decisions made by the Shariah Committee.
• The board must ensure that an effective communication policy among the key functions of the IFI is in place to facilitate smooth escalation of material matters relating to Shariah to the board. The communication policy should also ensure that staff in the IFI is fully aware on the need to observe the Shariah requirements at all times.
• The board shall remunerate the Shariah Committee members appropriately as advised by its Remuneration Committee. Such remuneration shall reflect, and be commensurate with, the accountability, duties and responsibilities ofthe Shariah Committee.

Management

• The management shall be responsible for observing and implementing Shariah rulings and decisions made by the SAC and the Shariah Committee respectively. The management is also responsible to identify and refer any Shariah issues to the Shariah Committee for decisions, views and opinions.
• Given that the accountability of Shariah decisions rests with the Shariah Committee, the management is expected to provide information and disclosure which are complete and accurate to the Shariah Committee in a timely manner, and shall be transparent on any areas that need clarification by the Shariah Committee to enable the Shariah Committee to discharge its duties effectively.
• It is the responsibility of management to allocate adequate resources and manpower to support the Shariah governance framework that commensurate with the size, complexity and nature of the IFI’s business. The infrastructure and resources to be provided shall include, among others, budget allocation, reference and research materials, trainings and development, etc.
• The management is responsible to provide continuous learning and training programs to the key internal stakeholders including the board, the Shariah Committee, and the relevant staff in Shariah and finance matters. This is to ensure that every function in the Shariah governance framework is sufficiently exposed to current developments in Shariah related matters.
• It is the responsibility of the management to develop and adopt a holistic culture of Shariah compliance within the organisation. A holistic culture of Shariah compliance refers to the way in which the IFI complies with Shariah principles in its overall Islamic financial business operations. For example, the management should regularly remind the frontline staff on the importance of Shariah and the impact to the IFI if Shariah principles and practices are not observed, and to always place the Shariah as the overarching requirement in the formulation of any procedures and activities relating to Islamic financial business carried out by the IFI. In addition, all relevant staff are expected to be conversant on Islamic products offered by the IFI, as well as the underlying Shariah concepts and the similarities and differences with conventional products and concepts.
• The management must ensure that Shariah policies and procedures are accessible at all times to those involved in the implementation of Shariah governance and the Shariah policies and procedures shall provide clarification on matters related to the end-to-end process of Shariah governance in the IFI.
• In the event the management becomes aware that certain operations are found to be carrying out business(es) which is(are) not in compliance with Shariah, or against the advice of its Shariah Committee or the rulings of the SAC, the management shall:

(i) immediately notify the board and Shariah Committee as well as the Bank of the fact;

(ii) immediately cease to take on any new business related to the Shariahnon-compliant business; and

(iii) within thirty (30) days of becoming aware of such non-compliance or such further period as may be permitted by the Bank, furnish a plan torectify the state of non-compliance with the Shariah, to be duly approved by the board and endorsed by the Shariah Committee

• In cases where the Bank has reason to believe that an IFI is carrying on operations that are non-compliant with Shariah, the Bank may direct and require rectification measures to be instituted by the IFI.

·

Shariah Committee

1. Responsibility and accountability

The Shariah Committee is expected to understand that in the course of discharging the duties and responsibilities as a Shariah Committee member, they are responsible and accountable for all Shariah decisions, opinions and views provided by them.

2. Advise to the board and IFI

The Shariah Committee is expected to advise the board and provide input tothe IFI on Shariah matters in order for the IFI to comply with Shariah principles at all times.

3. Endorse Shariah policies and procedures

The Shariah Committee is expected to endorse Shariah policies and procedures prepared by the IFI and to ensure that the contents do not contain any elements which are not in line with Shariah.

4. Endorse and validate relevant documentations

To ensure that the products of the IFI comply with Shariah principles, the Shariah Committee must approve:

i) the terms and conditions contained in the forms, contracts, agreements or

other legal documentations used in executing the transactions; and

ii) the product manual, marketing advertisements, sales illustrations and

brochures used to describe the product.

5. Assess work carried out by Shariah review and Shariah audit

To assess the work carried out by Shariah review and Shariah audit in order to ensure compliance with Shariah matters which forms part of their duties in providing their assessment of Shariah compliance and assurance information in the annual report.

6. Assist related parties on Shariah matters

The related parties of the IFI such as its legal counsel, auditor or consultant may seek advice on Shariah matters from the Shariah Committee and the Shariah Committee is expected to provide the necessary assistance to the requesting party.

7. Advise on matters to be referred to the SAC

The Shariah Committee may advise the IFI to consult the SAC on Shariah matters that could not be resolved.

8. Provide written Shariah opinions

The Shariah Committee is required to provide written Shariah opinions in circumstances where the IFI make reference to the SAC for further deliberation, or where the IFI submits applications to the Bank for new product approval.

4.1.3 The independence of Shariah Committee

Under Essential 3

Independence of the Shariah Committee shall be observed at all times in exercising their duties to make objective and informed judgment.

• The board shall recognise the independence of the Shariah Committee and ensure that the committee is free from any undue influence that would hamper the Shariah Committee from exercising objective judgment in deliberating issues brought before them. Correspondingly, the Shariah Committee is expected to make sound decisions on Shariah matters in an independent and objective manner.

• The Shariah Committee shall report directly to the board and regularly inform the board on relevant Shariah matters.

• The board shall ensure that decisions made by the Shariah Committee are duly observed and implemented by the IFI. Decisions made by the Shariah Committee should not be set aside or modified without its consent.

• The Shariah Committee shall have access to accurate, timely and complete information from the management. If the information provided is insufficient, the Shariah Committee may request for additional information which shall be duly provided by the management.

• In the event where the Shariah Committee is not provided with the required information, the board shall be informed of the fact and appropriate action shall be taken to rectify the situation. Where appropriate, the board shall consider taking the necessary punitive measures against parties who intentionally failed to extend the required information.

• Where the Shariah Committee has reason to believe that the IFI has been carrying on Shariah non-compliant activities, the Shariah Committee shall inform the board and to recommend suitable measures to rectify the situation.

• In cases where Shariah non-compliant activities are not effectively or adequately addressed or no rectification measures are made by the IFI, the Shariah Committee shall inform the Bank of the fact.

• All appointment including reappointment, resignation and removal of the Shariah Committee members shall be made by the board, subject to the approval by the Bank and the SAC.

4.1.4 The requirements of competency to implement Shariah governance

• Under Essential 4

Any person bearing responsibilities outlined in the Shariah governance framework for an IFI shall possess the necessary competency and continuously enhance their knowledge and understanding on the Shariah as well as keep abreast on the latest developments in Islamic finance.

• The board and management are expected to have reasonable understanding on the principles of the Shariah and its broad application in Islamic finance. The Shariah Committee is expected to have sufficient knowledge on finance in general, and Islamic finance in particular, to enable the Shariah Committee to comprehend Shariah issues brought before them. The Shariah Committee members are expected to constantly equip themselves with relevant knowledge on Shariah and finance as well as attend relevant training programs.

• The IFI shall develop a set of fit and proper criteria for the appointment of any Shariah Committee member, using the minimum criteria set by the Bank as a base to ensure that only competent persons are appointed as Shariah Committee members. The competency and credibility of the Shariah Committee members provide the assurance that the IFI’s operations are being monitored by a credible and competent committee. The Bank may prescribe other criteria or requirements in addition to those set by the IFI, as and when the Bank considers it necessary.

• The IFI shall engage other professionals such as lawyers, accountants and economists to provide appropriate assistance and advice to the Shariah Committee, especially regarding issues on law and finance.

• The IFI is required to adopt a formal process of assessing the performance of the Shariah Committee members. The assessment should be designed to evaluate individual performance based on the competence, knowledge, contribution and overall effectiveness of the Shariah Committee members on Shariah deliberations. The process should also identify relevant gaps to enable proper training and exposure for the Shariah Committee members.

• The IFI should develop a succession planning program for the Shariah Committee members by identifying, hiring and nurturing new members with the view to entrusting them with greater responsibilities as and when appropriate.

4.1.5 The importance of observing and preserving confidentiality by Shariah Committee

Under essential 5

• Internal and privileged information obtained by the Shariah Committee members in the course of their duties shall be kept confidential at all times and shall not be misused.

•The Shariah Committee shall be given the necessary access to files, records, draft materials and conversations, including those categorised as confidential, so long as the information is related to the work undertaken by the committee. The relevant information must be that which is critical for the Shariah Committee to form its decisions, views and opinions on matters brought to its attention. In this regard, it is the responsibility of the individual Shariah Committee to observe the principle of confidentiality at all times. Confidential or sensitive information obtained by any member of the Shariah Committee while serving his or her duties shall not be used in any manner that could be detrimental to the IFI.

• Confidential information is information received by members of the Shariah Committee that is not public in nature and has not been authorised to be made public. Confidential information includes, but is not limited to the following:

(i) information on the development of new products and services;

(ii) decisions of the board or management;

(iii) internal memorandums or reports prepared in connection with matters presented, or to be presented to the Shariah Committee.

(iv) the content or occurrence of conversations among members of the Shariah Committee concerning matters deliberated in the meeting andrepresentatives of the IFI.

(v) the progress status on a business transaction or action that has not been made public.

(vi) views expressed by various parties in the course of discussions on a particular matter deliberated by the Shariah Committee.

(vii) any subject matter that the IFI has indicated should not be revealed, such as internal policies and procedures.

• Notwithstanding the above, the Shariah Committee will not be regarded as breaching the confidentiality and secrecy code if the sensitive information were disclosed to the Bank in good faith when reporting serious breaches of Shariah by the IFI.

• IFI shall not appoint any member of its Shariah Committee from a Shariah Committee of another IFI within the same industry. This is to ensure that the committee member would be more focused, avoiding conflict of interest and maintaining the confidentiality of information.

CHAPTER 5: REGULATORY AND SUPERVISORY FRAMEWORK

5.0 REGULATORY AND SUPERVISORY FRAMEWORK

5.1 The Regulatory and Supervisory Framework in Islamic Finance

5.1.1 The financial system

5.1.2 The Acts that Regulate Financial Institutions

a. Banking Act 1973

b. Finance Companies Act 1969

c. BAFIA (Banking And Financial Institution Act 1989)

5.1.3 The regulatory authorities

a. The Securities Commission

b. International Business Financial Centre (IBFC)

c. Self Regulatory Organizations (SROs)

i. BURSA MALAYSIA

ii. Kuala Lumpur Options And Financial Future Exchange (KLOFFE)

iii. Malaysian Exchange Of Securities Dealing And Automated Quotati Bhd (MESDAQ)

5.1.4 The common law and financial fraud

5.1.5 The Legal Frameworks of Islamic Banking

a. Licensing Of Islamic Banks

b. Business of Islamic Banking

c. Government Investment Act 1983

d. Islamic Financing Contract

e. Islamic Financial Service Board (IFSB)

Act or Legislation

Descriptions

Banking Act 1973

• (Repealed by the Banking and Financial Institutions Act 1989 [Act 372].

Finance Companies Act 1969

• Finance companies were initially governed by BNM through the Finance Companies Act 1969.
• This was replaced in 1989 with the Banking and Financial Institutions Act 1989.

BAFIA ACT 1989

• The Banking and Financial Institutions Act, 1989 (BAFIA) was passed in Parliament and came into force on October 1, 1989. The BAFIA has effectively replaced the Banking Act 1973 and the Finance Companies Act 1969. The Islamic Banking Act 1983, however, is not affected. The BAFIA is a comprehensive act and extends comprehensive powers to Bank Negara Malaysia (BNM) to supervise a larger spectrum of financial institutions, with the direct responsibilities to regulate and supervise all licensed institutions (commercial banks, finance companies, merchant banks, discount houses and money brokers) and also regulate scheduled and non-scheduled institutions. BAFIA 1989 is divided into 16 parts and covers a wide spectrum of subject matters related to the banking industry in Malaysia. The Act provides a framework that enables BNM to supervise and regulate three broad groups of financial institutions:

• Licensed institutions comprising the commercial banks, merchant banks, finance companies, discount houses, money brokers and foreign exchange brokers.

• Scheduled institutions comprising non-bank sources of credit and finance, which include issuers of charge/credit cards and travellers’ cheques, operations of cash dispensing machines, development finance institutions, building societies and housing credit institutions, factoring companies and leasing companies. Also included under this group are representative offices of foreign banks or foreign institutions which carry out the business or activities similar to the scheduled institutions.

• Non-scheduled institutions comprising all other statutory bodies and institutions involved in the provision of finance and credit.
• The Act also provides BNM the regulatory power to regulate the following:

1. Control of establishment or acquisition of subsidiaries or opening of offices in Malaysia by a local or foreign licensed institutions
2. Maintenance of reserve fund, capital, net working funds, liquid assets by the financial institution
3. Appointment of auditors, submission of financial statement, exhibition of financial statements, submission of statistics to BNM.

5.1.3 The regulatory authorities

• SECURITY COMMISSION

The Securities Commission (SC) is a statutory body entrusted with the responsibility of regulating and systematically developing Malaysia’s capital markets. It has direct responsibility in supervising and monitoring the activities of market institutions and regulating all persons licensed under the Securities Industry Act, 1983 and Futures Industry Act, 1993. Its two main roles under the Securities Commission Act 1993 are:

• To act as a single regulatory body to promote the development of capital markets;

• To take responsibility for streamlining the regulations of the securities market, and for

speeding up the processing and approval of corporate transactions. Its mission is to promote and maintain fair, efficient, secure and transparent securities and futures markets; and to facilitate the orderly development of an innovative and competitive capital market in Malaysia. Among SC's many regulatory functions include:

Registering the prospectuses for all securities except those issued by unlisted recreational clubs;

• Regulating all matters relating to securities and futures contracts;

• Regulating the take-over and mergers of companies;

• Regulating all matters relating to unit trust schemes;

• Licensing and supervising all licensed persons;

• Supervising exchanges, clearing houses and central depositories; and

• Encouraging self-regulation and ensuring proper conduct of market institutions and licensed persons.

Underpinning this is the ultimate responsibility for the protection of investors. SC is a self funding statutory body incorporated under the provisions of the Securities Commission Act 1993

with investigative and enforcement powers. It reports to the Minister of Finance and its accounts are tabled in Parliament annually.

• International Business Financial Centre (IBFC)

The island of Labuan located off the Borneo coast is home to Malaysia's International Business and Financial Centre (IBFC). Since declared an international business and financial centre in 1990, Labuan IBFC has steadily grown in reputation and financial standing over the years.

Labuan IBFC's position – strategically located between the two giant economies of China and India – as well as our proximity to several other regional financial centres, puts us in a unique position to tap the many investment opportunities in Asia and beyond. Sharing a common time zone with many large Asian cities makes Labuan convenient for business dealings.

A re-branding and re-positioning exercise of the IBFC was conducted in January 2008 to reflect the jurisdiction's burgeoning international status, followed by an aggressive marketing exercise. This included the setting up of Labuan IBFC Incorporated Sdn. Bhd. in May of the same year with a mandate by the Malaysian government to market and promote Labuan as the premier International Business and Financial Centre in Asia Pacific.

Activties:

• Labuan Financial Services Authority or Labuan FSA is a statutory body set up under provisions of the Labuan Financial Services Authority Act 1996, as a one stop supervisory and regulatory body for Labuan International Business and Financial Centre, Labuan IBFC.

Labuan FSA’s key role is to license and regulate entities operating within Labuan IBFC and to ensure all licensed entities remain in compliance with internal and international best standards adopted by the jurisdiction. Labuan FSA, in close cooperation with Labuan IBFC Incorporated, is also responsible for product research and market development, aimed at further developing the jurisdiction via the introduction of new products and services.

Self Regulatory Organizations (SROs)

• Bursa Malaysia (Before knows as KLSE)

KLSE is the first stock exchange in Malaysia, governed by the Security Industry Act 1983 and supervised by the Security Commission (SC). It commenced public trading of shares on 9 May 1960. The KLSE is the legal and formal institution for securities trading in Malaysia. Like any other stock exchange, the KLSE provides and maintains a central market-place or facility for buyers and sellers to transact business in the shares, bonds and different types of securities of companies which are listed on the exchange.

Kuala Lumpur Options and Financial Future Exchange (KLOFFE)

• The Kuala Lumpur Options and Financial Futures Exchange Bhd (KLOFFE), Malaysia's first financial derivatives exchange was launched on 15 December 1995. KLOFFE was established to provide for the growing needs of investors, offering both domestic and international investors and portfolio managers access to effective risk and portfolio management tools not available before.

• Despite only moderate volumes at inception, average daily volume at the exchange has now risen to close to 4,311 contracts in June 1998. The highest daily volume of 8,557 contracts and highest daily open interest of 33,243 contracts was achieved in June 1998. The Derivatives Liquidity Ratio, representing the ratio of the turnover value of the futures to the turnover value of the component stock, also rose from 11% in July 1996 to 119% in June 1998.

• On the home front, KLOFFE has expanded much effort in the areas of marketing and education of the exchange and its products to the public. Among the steps taken include holding regular educational symposiums and presentations for the public as well as companies, and participating in local and international derivative exhibitions.

• Internationally, KLOFFE was awarded "Derivatives Exchange of The Year 1996" by the UK-based World Equity Magazine in recognition of its progress despite the challenges faced in the first year of operations. In December 1996, KLOFFE also became a signatory to the Windsor Agreement, upon which KLOFFE is now in a position to apply to be a Recognized Futures Exchange pursuant to the rules of other foreign futures exchanges. KLOFFE has also recently received approval to have its products traded in Australia and Taiwan and is in the process of establishing its distribution channels in the relevant countries.

MESDAQ

• MESDAQ offers listing and funding opportunity for high potential companies that does not meet KLSE basic requirements. It was approved as a stock exchange on October 1997 and specializes in bringing high growth, high-tech or knowledge-based companies that do not have sufficient profit track records to be listed on the stock exchange and raise capital. Normally, these companies are newly set-up but with high growth potential.

5.1.4 The common law and financial fraud

1) Common law adjudication

• In a common law jurisdiction several stages of research and analysis are required to determine "what the law is" in a given situation

• In a common law jurisdiction several stages of research and analysis are required to determine "what the law is" in a given situation. First, one must ascertain the facts. Then, one must locate any relevant statutes and cases. Then one must extract the principles, analogies and statements by various courts of what they consider important to determine how the next court is likely to rule on the facts of the present case.

2) The common law evolves to meet changing social needs and improved understanding

• The common law is more malleable than statutory law.

• Common law courts are not absolutely bound by precedent, but can (when extraordinarily good reason is shown) reinterpret and revise the law, without legislative intervention, to adapt to new trends in political, legal and social philosophy.

• Common law evolves through a series of gradual steps, that gradually works out all the details, so that over a decade or more, the law can change substantially but without a sharp break, thereby reducing disruptive effects.

Why is common law important ?

• Judicial Decision

– When judges make new decisions based on case differences, it becomes a new precedent to be followed in the future on similar cases. In these cases the precedent is made by the judge based on the differences identified during trial, instead of legislative statues.

• Regulatory Power

– Common law carries the same regulatory significance as legislative statues, particularly where there is no legislative statue authority in existence. One of the characteristics of common law is that it evolves as society changes, making it more flexible than statutory laws. These changes in society allow common law to be reinterpreted without legislative intervention.

• Revision Process

– Common law is permitted to revise since the progress occurs through a series of gradual steps, with each step providing details to justify or defend the modification. The time process is remains lengthy but accepts change without upsetting the process of law.

• Governing Principle

– The basic purpose of common law is to establish the facts, locate related statues and past cases that pertain. In most states, statues do not preside over basic laws of contracts, torts or properties.

• Governing Body

– Common law is the governing body used in tort law for cases meant to compensate for wrongful acts, whether the acts are intentional of caused by negligence. Property controversies are also governed by common law. The common law courts were established to protect our property rights, intending to make it difficult to take property from someone without due process of law.

What is Financial Fraud

• Financial fraud can be broadly defined as an intentional act of deception involving financial transactions for purpose of personal gain. Fraud is a crime, and is also a civil law violation. Many fraud cases involve complicated financial transactions conducted by 'white collar criminals' such as business professionals with specialized knowledge and criminal intent.

Types of Fraud and How to Protect Yourself

• Illegal Deposit Taking

• Illegal Internet Investment Scheme

• Illegal Foreign Exchange Trading Scheme

• Unauthorised Withdrawals

1. Illegal Deposit Taking

• Illegal Deposit Taking is an act of receiving, taking or accepting of deposits (moneys, precious metals, precious stones, any other article etc.) from members of the public that promises a repayment with interest or returns in money or money's worth without a valid license under the Banking and Financial Institutions Act 1989 (BAFIA).

2. Illegal Internet Investment Scheme

• Illegal Internet Investment Scheme is a variation of illegal deposit taking activities which employs the use of internet (e.g: through emails and websites) as a primary channel for interaction, communication and transaction of business engaged in fund management and investment advice without any licence.

3. Illegal Foreign Exchange Trading Scheme

• Illegal Foreign Exchange Trading Scheme refers to:
• · Buying or selling of foreign currency by an individual/company who is not an authorised dealer, or by an individual/company that has not obtained the permission of the Controller of Foreign Exchange under the Exchange Control Act 1953 (ECA).
• · Buying or selling of foreign currency by a resident who is not an authorised dealer, with a person outside Malaysia, or by a resident who has not obtained the permission of the Controller of Foreign Exchange under the ECA.

4 . Unauthorised Withdrawals

• Unauthorised Withdrawal involves the withdrawal or transfer of funds from an individual's banking account without proper authorisation or consent by the individual. Such incidents are normally the result of an individual knowingly, or unknowingly, divulging their personal information such as personal identification numbers (PIN) and password to fraudulent or third parties.

5.1.5 The Legal Frameworks of Islamic Banking

a. Licensing Of Islamic Banks

b. Business of Islamic Banking

c. Government Investment Act 1983

d. Islamic Financing Contract

e. Islamic Financial Service Board (IFSB)

CHAPTER 6 BANK NEGARA SYARIAH ADVISOR COUNCIL

• Understand Shariah Advisory Council

– Function of Shariah Advisory Council

– Roles of Shariah Advisory Council

UNDERSTAND SHARIAH ADVISORY COUNCIL

Malaysia has dedicated Shariah Advisory Councils for the Islamic banking and takaful sectors, as well as for the Islamic Capital Market (ICM).

The Shariah Advisory Council of Bank Negara Malaysia (BNM) is responsible to advise on matters in relation to Islamic banking and takaful businesses or any other Islamic finance area that is supervised and regulated by BNM.

The Shariah Advisory Council of the Securities Commission Malaysia (SC) is responsible to advise on matters pertaining to the ICM.

Consisting of prominent Shariah scholars, jurists and market practitioners, members of the two SAC are qualified individuals who can present Shariah opinions and have vast experience in banking, finance, economics, law and application of Shariah, particularly in the areas of Islamic economics and finance.

In executing its duties and responsibilities, both SAC examine and endorse the validity of application of Shariah in Islamic financial products which are submitted by Islamic financial institutions.

The SAC would also issue Shariah resolutions and decisions relating to their relevant jurisdictions from time to time. Both SAC have published their resolution, which have been translated into various languages and is being used as a reference point by industry and academia around the world.

The SAC, in their respective capacity as advisory bodies, can make pronouncements; respond to inquiries and proposals from the industry as well as encourage innovation through progressive guideline formulation.

The progressive approach of the SAC has allowed the banking and takaful and ICM sectors to flourish by cultivating an environment for product innovation and flexibility while ensuring compliance with Shariah principles.

FUNCTION SAC

• Since a decade ago, the SAC functions as reference body and the main authority on the issue of shariah compliance in Islamic banking and finance in Malaysia.

• . BNM Shariah Advisory Council is in general function in giving fatwas related to Islamic banking and takaful, to syariah compliance monitoring and auditing. This is because the current development of Islamic finance industry witnessed innovation of Islamic financial products in an increasingly complex and diverses.

• In addition to the SAC of BNM also need to carry out cooperation and communication among members and practicing shariah through the sharing of industry knowledge, experience and information and continuing support. This will improve the effectiveness of the process of monitoring and supervision to ensure compliance with Shariah.
• Roles and duties of SAC

CHAPTER 7: AUDIT AND COMPLIANCE

AGENDA

7.1 Audit and Compliance for Islamic Financial Institutions

7.1.1 Condition of auditing for Islamic Financial Institutions

a. S.O.P (Standard Operating Procedures)

b. S.L.A (Service Level Agreement)

c. Outsourcing in Financial Services

7.1.2 Functions of the internal Shariah review, Shariah audit, Shariah risk management process and Shariah research functions.

7.1 Audit and Compliance for Islamic Financial Institutions

• Financial products and services designed especially for the Islamic financial marketplace are distinguished from their conventional counterparts by their compliance with Shariah precepts and requirements. While these products and services may appear similar to conventional financial products and services, particularly from an economic perspective, the philosophical, contractual, and structural underpinnings of these products and services comply with the Shariah.

• Shariah compliance is what lends a financial product or service its legitimacy in the Islamic marketplace. Ultimately, Muslim consumers, investors and clients are concerned with compliance because the religion restricts consumption to that which is halal and toyyib, while prohibiting what is foul, harmful, unjust and sinful.

• A Shariah approval or fiqh resolution immediately relieves the ordinary consumer of the burden of having to make that determination for himself. It is from this perspective that the Shariah Adviser/s may be viewed as both a Shariah compliance auditor (for the company offering the financial service or product) and a Shariah consumer advocate (for the company‘s client).

Objectives

• The objectives of this Shariah compliance audit are to provide assurance that all financial institution‘s (FI) activities, transactions and governance are conducted in compliance with Shariah requirements and to make recommendations to improve control activities when Shariah compliance is not assured.

7.1.1 Condition of auditing for Islamic Financial Institutions

S.O.P (Standard Operating Procedures)

• SOPs are detailed written instructions to achieve uniformity of the performance of a specific function.
• A well-written SOP can be used to satisfy compliance requirements. SOPs are recommended for all procedures that pose a potential risk to the health and safety of personnel.

Standard Operating Procedures (SOPs)

• lets you operationalize documents such as plans, regulation, compliance, and policies. SOPs distil requirements contained in these documents into a format that can be used by staff members in their work environment.
• Standard Operating Procedures (SOPs) should be transferred without every modification to insure the expected results. Every modification or divergence of a given standard, the Procedure should being served, while an investigation and results of the investigation documented according to the internal divergence procedure. All high-class processes and procedures should be put on in a Standard Operating Procedure.
• This Standard Operating Procedure should be the base for the everyday training programme of every employee. The Standard Operating Procedure should be often updated to insure of obedience to the realisation conditions and the working practise.
• A minimum review list of 3 years is recommended. Changes of the Standard Operating Procedure are activated generally by the process or the procedure changes or the adaptations. These changes should be led by the internal site controlling procedure. A part of the activity list of such changes should be to update the coherent standard operating procedure. Standard operating procedure should be in the place for all high-class systems plus the specific operational activities on the side.

S.L.A (Service Level Agreement)

• A service-level agreement (SLA) is simply a document describing the level of service expected by a customer from a supplier, laying out the metrics by which that service is measured, and the remedies or penalties, if any, should the agreed-upon levels not be achieved. Usually, SLAs are between companies and external suppliers, but they may also be between two departments within a company.

• An SLA pulls together information on all of the contracted services and their agreed-upon expected reliability into a single document. It clearly states metrics, responsibilities and expectations so in the event of issues with the service, neither party can plead ignorance. It ensures both sides have the same understanding of requirements.

• Any significant contract without an associated SLA (reviewed by legal counsel) is open to deliberate or inadvertent misinterpretation. The SLA protects both parties in the agreement.

Outsourcing in Financial Services

• Outsourcing has the potential to transfer risk, management and compliance to third parties who may not be regulated, and who may operate offshore.

• Today outsourcing is increasingly used as a means of both reducing costs and achieving strategic aims. Its potential impact can be seen across many business activities, including information technology (e.g., applications development, programming, and coding), specific operations (e.g., some aspects of finance and accounting, back-office activities and processing, and administration), and contract functions (e.g., call centres). Industry reports and regulatory surveys of industry practice indicate that financial firms are entering into arrangements in which other firms - related firms within a corporate group and third-party service providers - conduct significant parts of the enterprise's regulated and unregulated activities.

7.1.2 Functions of the internal Shariah review, Shariah audit, Shariah risk management process and Shariah research functions

• SHARIAH REVIEW

– The Shariah review function refers to regular assessment on Shariah compliance in the activities and operations of the IFI by qualified Shariah officer(s), with the objective of ensuring that the activities and operations carried out by the IFI do not contravene with the Shariah.

– The function involves the examination and evaluation of the IFI’s level of compliance to the Shariah, remedial rectification measures to resolve non compliances and control mechanism to avoid recurrences.

– The scope shall cover the IFI’s overall business operations, including the end to- end product development process, which start from product structuring to product offering.

– The review process shall cover, but is not limited to the following:

• Planning the review program which includes the objectives, scope, reporting, rectification and follow-up actions followed by the execution of the program;

• Documentation of the processes involved in the review;

• Communicating the outcome of the review and highlighting any noncompliance to the Shariah Committee and the management.

• Rectifying any instances of non-compliance with the Shariah to prevent such events from recurring.

• SHARIAH AUDIT

– Shariah audit refers to the periodical assessment conducted from time to time, to provide an independent assessment and objective assurance designed to add value and improve the degree of compliance in relation to the IFI’s business operations, with the main objective of ensuring a sound and effective internal control system for Shariah compliance.

– The function shall be performed by internal auditors, who have acquired adequate Shariah-related knowledge and training. In addition, the internal auditors may engage the expertise of the IFI’s Shariah officers in performing the audit, as long as the objectivity of the audit is not compromised.

– The scope of Shariah audit shall cover all aspects of the IFI’s business operations and activities, including:

• (i) audit of financial statements of the IFI14;

• (ii) compliance audit on organisational structure, people, process and information technology application systems; and

• (iii) Review of adequacy of the Shariah governance process.

• SHARIAH RISK MANAGEMENT

– Shariah risk management is a function to systematically identify, measure, monitor and control of Shariah non-compliance risks to mitigate any possible of non-compliance events. The systematic approach of managing Shariah non-compliance risks will enable the IFI to continue its operations and activities effectively without exposing the IFI to unacceptable levels of risk.

– The Shariah risk management control function shall form as part of the IFI’s integrated risk management framework.

– Shariah risk management function involves:

• (i) facilitating the process of identifying, measuring, controlling and monitoring Shariah non-compliance risks inherent in the IFI’s operations and activities;

– Identifying and understanding the inherent Shariah non-compliance risks15 in the IFI, taking into account existing controls that have been put in place and their effectiveness in mitigating such risks;

– Measuring the potential impact of such risks to the IFI, based on the historical and actual de-recognition of income derived from Shariah non-compliant activities;

– Monitoring of Shariah non-compliance risks to facilitate efficient and effective management of such risks. A report on the Shariah noncompliance risks indicators shall be escalated to the board, Shariah Committee and management periodically; and

– Controls to avoid recurrences. This involves keeping track of income not recognised arising from Shariah non-compliant activities and assessing the probability of similar cases arising in the future. Based on historical reviews and potential areas of Shariah noncompliance, the IFI may assess potential profits that cannot be recognised as eligible.

(ii) Formulating and recommending appropriate Shariah non-compliance risk management policies and guidelines; and

(iii) Developing and implementing processes for Shariah non-compliance risk awareness in the IFI.

• Shariah research

– A part from institutionalising a robust Shariah compliance function, there shall be an internal unit comprising qualified Shariah officers to conduct pre-product approval process, research, vetting of issues for submission, and undertake administrative and secretarial matters relating to the Shariah Committee.

– This function refers to the conduct of performing in-depth research and studies on Shariah issues, including providing day-to-day Shariah advice and consultancy to relevant parties, including those involved in the product development process(es).

– The function shall be performed by qualified Shariah officers and the scope of work shall predominantly cover aspects of the Shariah. However, the function also requires experts on legal, operational, and other related aspects or issues to form part of the presentation to the Shariah Committee. For example, a thorough research may be needed to review new products and business developments.

– In undertaking such research, advice and input from experts on technical matters e.g. actuaries, accountants may be sought to ensure comprehensiveness and completeness in ensuring sound understanding of the relevant concepts and approaches.

– In terms of advisory and consultancy roles, the function shall assist and provide advice to the relevant parties based on the decision of the Shariah Committee. For example, advice may be offered on the list of permissible investments, e.g. selection of permissible shares or stocks in the Bursa Malaysia stock market.