Up next
Tags

By Prof Dr Zurina Shafii and Dr Nurazalia Zakaria

In recent years, as governance and compliance in public and private institutions evolve, the need for a multi-dimensional audit approach has never been more pressing. A significant amount of public money is invested in Government-linked investment companies (GLICs) and Government-linked companies (GLCs). Therefore, there is a need to monitor the management of these entities to assess whether they are effectively achieving their key performance indicators (KPIs) and intended outcomes, executing their strategic plan as well as properly carrying out corporate governance at the senior management level. 

In light of this, the introduction of an enhancement of audit beyond traditional performance audits by the Jabatan Audit Negara (National Audit Department) in GLCs in February 2025 warrants an ample response. This newly proposed audit focuses on the accountability of public resources with the tagline “Follow the Public Money Audit” (The Star 2025). The call for a more inclusive audit framework, particularly one that integrates Shariah compliance assurance, stems from the increasing complexity of governance structures of organisations, and the rising importance of ethical, religious, and social responsibility.

The new performance audits are to be piloted in six GLICs, namely, Khazanah Nasional Berhad (Khazanah), the Employees Provident Fund (EPF), Kumpulan Wang Persaraan (Diperbadankan) [KWAP], Permodalan Nasional Berhad (PNB), Lembaga Tabung Haji (TH), and Lembaga Tabung Angkatan Tentera (LTAT). This exercise will be a game changer for public accountability with the pool of public money valued at over RM1.8 trillion as at August 2024 (Ministry of Finance, 2024). 

The application of Shariah-compliant values in institutions in Malaysia has become more sophisticated. Thus, there is an increasing demand for an expanded scope of audits on Public Trust Entities (PTEs) that are involved in Shariah-compliant financial services, Islamic banking, or other Islamic-based industries. In addition to the new enhancements to the audits of PTEs, there is also a critical need for a new dimension of audit to cater for Shariah assurance scopes that could include the assurance of Shariah governance, risk and compliance —GRC-i. 

This article looks at the rationale behind the proposal of this new dimension of audit and will examine the need for incorporating Shariah assurance in Shariah-compliant Institutions, including PTEs.  

The Current Audit Landscape in PTEs 

The PTE sector has emerged as a significant Shariah-compliant category. PTEs are institutions that manage public funds, which are collected from investors, depositors, and taxpayers, established for specific purposes. PTEs are government-established entities created under specific Acts of Parliament to achieve well-defined objectives. PTEs collect and manage funds from the public for the benefit of depositors and society at large. These Acts outline their roles and responsibilities, often focused on addressing societal needs such as poverty alleviation, affordable healthcare, education, and housing. PTEs are entrusted with the collection of public funds to provide such services, operating under regulatory requirements although not as stringent as those of regulated financial institutions. Notable examples of PTEs that are deeply engaged in Shariah-compliant transactions in Malaysia include TH, Yayasan Pembangunan Ekonomi Islam Malaysia (YaPEIM), EPF and GLCs. 

The scale of assets and income managed by PTEs is significant. For instance, TH reported managing RM82.54 billion in assets with a net income of RM3.42 billion (2020), while YaPEIM managed assets worth RM1.24 billion with revenue of RM53.77 million (2019). The EPF oversees RM1.01 trillion in assets with a net income of RM42.08 billion (2020). Additionally, the Ministry of Finance (MoF) reported in August 2024 that the combined Assets Under Management (AUM) of GLCs were valued at over RM1.8 trillion (Ministry of Finance, 2024). 

PTEs generally adhere to the Malaysian Code on Corporate Governance (MCCG) 2017 to ensure sound governance. They are not regulated by a Shariah Governance requirement, for instance, the Shariah Governance Framework (SGF) 2010, as they are not classified as Islamic financial institutions (IFIs). Most PTEs operate as GLCs established under specific legislative frameworks. Hence, similar governance requirements may be considered to further enhance the Shariah compliance aspect of PTEs.

GLCs play a pivotal role in the economy and public welfare in Malaysia. As entities that often combine public and private interests, GLCs are subjected to various forms of audits. Traditionally, the Jabatan Audit Negara conducts performance audits in GLCs to evaluate the effectiveness, efficiency, and economy of their operations. Performance audits typically assess whether organisations are achieving their objectives, using resources effectively, and complying with regulations.

The Emergence of Shariah Assurance

The need to venture into Shariah audit research stemmed from a recognition of the gap and divergence in the practices of Shariah assurance in Shariah-compliant institutions. Over time, many of these organisations have faced increasing scrutiny not only for their financial performance but also for their adherence to Islamic principles in their operations.

Shariah-compliant entities, such as Islamic banks, takaful providers, PTEs and investment funds, are required to ensure that their business activities align with the tenets of Shariah law. This includes aspects such as the prohibition of interest (riba), avoiding investments in prohibited (haram) industries, and ensuring transparency in all dealings. Given the complexity of Shariah principles and the growing demand for accountability in the Islamic finance sector, there is an urgent need for a specialised audit dimension that focuses solely on ensuring Shariah compliance.

The Gap in Current Auditing Practices

While traditional performance audits are valuable for assessing operational efficiency, they fall short in addressing Shariah compliance. An organisation can be financially sound and efficient in its operations, but if it does not adhere to the principles of Islamic law, it may compromise the ethical and religious aspects of its business.

This gap is particularly important for PTEs involved in Islamic finance, where the core of their business model is rooted in Shariah principles. For instance, Shariah Boards that govern these organisations need to be assured that all activities and transactions are free from haram elements. Additionally, regulators and stakeholders need assurance that these companies are not only delivering financial returns but also upholding the moral and ethical standards expected of them.

Thus, a performance audit alone is not sufficient to address this need. What is required is the introduction of comprehensive Shariah assurance that goes beyond assessing financial performance and looks into compliance with Shariah guidelines, governance structures, and risk management procedures.

The Proposed Dimension: Shariah Assurance

Effective Shariah governance drives adherence to Shariah principles while promoting economic stability, ethical business conduct, and social responsibility. The primary objective is to achieve Shariah compliance, which is a prerequisite for success in an Islamic governance framework. This approach integrates Shariah as a way of life (Deen) and fosters continuous improvement to achieve a state of Ihsan (excellence in faith and practice).

Risk management plays a critical role in Shariah governance by establishing a robust check-and-balance system that includes self-assessment, risk validation, mitigation, and monitoring. This process is essential in preventing deviations from Shariah principles and financial regulations. The concept of Hisbah (Islamic auditing) is applied to institutional governance, ensuring continuous improvement (Islah) through risk review and audit mechanisms. 

An early concept of governance frameworks that incorporate financial and non-financial performance indicators to assess institutional effectiveness was proposed by Santos & Brito (2004). Their framework comprised a two-dimensional performance model that consists of i. financial performance and ii. strategic performance (non-financial aspects). According to Cumby & Conrod (2001), sustainable shareholder value is significantly influenced by non-financial factors, particularly in knowledge-based industries. 

From an Islamic perspective, performance is not solely judged by financial success but also by the pursuit of Al-Falah (prosperity in this life and the Hereafter). Islam encourages achieving Al-Falah both in this world and in the afterlife.  

Shariah governance is rooted in the role of humans as vicegerents (Khalifatullah fil Ardh), as stated in Surah Al-Baqarah (2:30-31). Scholars like Nasr (1987) and Mirakhor and Askari (2010) emphasise that humans, endowed with physical, mental, and spiritual faculties, must uphold governance as part of their divine responsibilities. Prophets, from Adam to Muhammad (peace be upon them), provided guidance on managing risks and ensuring ethical governance in both worldly affairs and the Hereafter.

Shariah assurance is an audit process aimed at evaluating and providing credence that an organisation’s operations and activities are in full compliance with Shariah law. This includes a thorough review of business operations, investment portfolios, financing structures, and corporate governance practices to ensure that they align with Islamic ethical standards.

The key features of Shariah assurance should include:

By integrating Shariah assurance into PTE audits, organisations can bolster their reputation, trustworthiness, and accountability. Moreover, stakeholders can have a higher level of confidence that these organisations are not only effective and efficient in their operations but also aligned with the ethical and religious standards that define their purpose. The need for such an audit dimension has grown due to the following key factors:

Using Shariah Assurance to address Governance, Risk and Compliance (GRC-i)

Governance, Risk and Compliance (GRC) are critical for the sustainability and resilience of any financial system. In Islamic finance, these elements must align with Shariah principles, ensuring transparency, fairness, and ethical conduct. While conventional ratings such as those by Standard & Poor’s or Moody’s provide assessments for PTEs, they do not cater to the unique requirements for Shariah compliance. 

Performance of PTEs from the perspective of GRC (Governance, Risk, and Compliance) indicates the degree of adoption of a strategic framework that helps organisations navigate complex challenges, manage risks, and ensure compliance with regulations. It provides a structured approach for making informed decisions, mitigating risks, and enhancing overall performance. A strong Governance, Risk and Compliance Framework is essential for modern organisations to thrive in today’s dynamic and complex business environment. It provides a solid foundation for managing risks, ensuring compliance with regulations, and maintaining stakeholders’ trust. 

Hence, a proposed enhancement to the existing rating is to consider having a holistic index that includes the assessment of Shariah governance (G), Shariah specific risks (R), Shariah compliance (C) and Maqasid Shariah (i). The proposed index could enhance investment decision-making by providing a transparent and structured approach to assessing Shariah adherence by having access to information regarding the level of Shariah governance, risk management, compliance and the organisation’s contribution towards Maqasid Shariah implementations. The proposed GRC-i rating consists of the following components: 

Figure 1: Components of GRC-i Rating

The GRC-i Rating represents an innovative approach of addressing Shariah governance, risk and compliance by integrating them into a single framework to provide a comprehensive assessment that aligns with Shariah principles. This rating system offers actionable insights for PTEs to improve their practices. In the long run, it would alleviate information asymmetry, enhance market transparency, and promote ethical finance. 

Conclusion

The proposed addition of a Shariah assurance dimension in the audit processes of PTEs is a timely and necessary move. It complements the traditional performance audit by providing a comprehensive framework for assessing the ethical, legal, and religious dimensions of an organisation’s operations. This approach would not only safeguard the integrity of Shariah-compliant institutions but also strengthen public trust and align business operations with the Islamic values. 

The governance, risk management, and compliance practices of Shariah-based PTEs in Malaysia play a crucial role in ensuring accountability, transparency, and adherence to Islamic principles. Despite the importance of PTEs to the socio-economic well-being of the Muslim community, gaps in governance, risk management, and Shariah compliance continue to present challenges that must be addressed to strengthen public trust and institutional sustainability.  

This article highlights the necessity of enhancing Shariah governance mechanisms, ensuring the effective implementation of risk management strategies, and reinforcing compliance measures through independent auditing and regulatory oversight. 

The adoption of a Governance, Risk, and Compliance (GRC-i) rating system provides a promising avenue for measuring the performance of these institutions in achieving their dual objectives—financial sustainability and ethical accountability. By implementing structured frameworks that align with Maqasid Shariah, these institutions can better fulfil their role as custodians of public trust while serving as models for Islamic finance and governance.  

Moving forward, continued collaboration between regulators, policymakers, and stakeholders is essential to refining governance structures, developing robust Shariah assurance frameworks, and fostering innovation in Islamic finance. Strengthening PTEs will not only enhance Malaysia’s position as a global leader in Islamic finance but also ensure that PTEs uphold the principles of justice, fairness, and accountability in their financial and social responsibilities.

Prof. Dr Zurina Shafii is Professor, Faculty of Economics and Muamalat, Universiti Sains Islam Malaysia (USIM); and Dr Nurazalia Zakaria is Senior Lecturer, Faculty of Economics and Muamalat, Universiti Sains Islam Malaysia (USIM)

References:

Print Friendly, PDF & Email