Chapter Summary

This chapter addresses the internal sharī‘ah control system of an Islamic bank. More specifically, it explores the system’s six components: (a) sharī‘ah control culture; (b) sharī‘ah risk identification and assessment; (c) sharī‘ah control activities; (d) sharī‘ah associated information and communication; (e) sharī‘ah monitoring of activities; (f) evaluation of internal sharī‘ah control system by banking supervisors. The chapter discusses the importance of drafting a charter for the internal sharī‘ah audit function (ISAF), which is identified as a cornerstone of the internal sharī‘ah control system. Such a charter would, among other things, elaborate on the purpose, responsibility, and authority of the ISAF. The chapter examines the disagreement in industry on the reporting line of the head of the ISAF. It also discusses the planning process for sharī‘ah audit, execution of an engagement program, communication of findings, follow-up and post-engagement activities, and the sharī‘ah quality assurance program. A novel sharī‘ah risk assessment grid is devised to assist banks in evaluating their sharī‘ah risk profile. The grid builds upon the identified sharī‘ah risk causes and events highlighted in Chapter 2. The chapter further discusses proficiency and due professional care that defines ISAF staff responsibility and behavior. It ends by providing a sample sharī‘ah governance manual and sharī‘ah audit checklists.