The Shariah Audit Framework from Practitioners’ Perspective: A Mirage or Fact?

- The positive development of Islamic financial system nowadays leads to the growth of products and services offered by Islamic financial institutions. However, some of them may have overlooked certain aspects that could affect Shariah-compliancy of the products and services. The occurrence of Shariah non-compliance risk may would adversely affect the reputation of Islamic finance and the confidence of market participants among depositors and investors. This scenario calls for a systematic check-and-balance functions within the institution. Shariah auditor being one of the components of Shariah governance plays an important role in ensuring the effectiveness of internal control system for Shariah compliance. Prior research reveals that the standard Shariah audit framework has not been developed yet; thus, the present practice is carried out by the internal institutional effort which heavily relies on the conventional audit system. The aim of this study is to explore the relevancy of Shariah audit framework from the eyes of practitioners of various Islamic financial institutions, whether it is a new innovative discipline or merely replicating the conventional audit structure. Ten semi-structured interviews were conducted involving selected auditors, Shariah compliance officers and Shariah committee members. Thematic analyses were adopted to analyze the data. It can be deduced that there is a need for a specific Shariah audit framework as a benchmark but with certain requirements and limitations. This study may provide relevant guidelines especially for policymaker in developing a standardized specific framework for Shariah audit.


INTRODUCTION
Islamic finance is inspired by the religion and is based on sacred texts (Moisseron & Moschetto, 2015).It is also based upon a commerce law known as fiqh al-mu'amalat.This law considers issues of social justice, equity, and fairness in all business transactions, and promotes the entrepreneurship, protects the property rights and emphasizes the transparency of contractual obligations according to the divine law of Allah and his last messenger Muhammad (PBUH) (Salman & Nawaz, 2018).Among the characteristics of Islamic financial system are prohibition of riba', gharar and maysir, profit and loss sharing, overriding principles of Islamic law, no involvement in any activities pertaining to prohibited goods or services by Islam and finally must have Shariah committee and Shariah board for Islamic financial institutions (IFI).
Malaysia can be considered as the leading country in the development of Islamic finance.In any context whether it is research, product development, regulatory frameworks or practical steps, Malaysian Islamic finance industry is always a step ahead from the rest of the world.Generally, the development of Islamic financial system in Malaysia started with the establishment of pilgrimage fund (Tabung Haji) in 1963 as the first Islamic savings institution.After a few years of break, the first full-fledged Islamic bank was established in 1983 with the name of Bank Islam Malaysia (Islamic Bank of Malaysia).As for the non-banking financial service institution, it began with the establishment of the first Takaful or Islamic insurance company under the Takaful Act in 1984.
The motivation of the study is to avoid the occurrence of Shariah non-compliance risk among IFIs which could lead to the reputational risk.According to Laldin (2008), among the key challenges to succeed in the Islamic finance industry is to ensure greater Shariah compliant.In relation, Bank Negara Malaysia (BNM) has developed Shariah Governance Framework (SGF) in 2011.Generally, the term "Shariah Governance" refers to structures and processes adopted by an institution to ensure compliance with Shariah rules and principles in its business operations (Ismail et al., 2016).In addition to ensure Shariah compliance, it is very important to gain trust and confidence from stakeholders and to promote financial stability.
There is a provision in Shariah governance for IFI to provide a Shariah audit function which is responsible for providing stakeholders with an unbiased view of whether organisations have an effective risk and control environment to manage Shariah non-compliance risk management.This shariah audit function is considered as one the critical success factors for effective risk management practices (Embi & Shafii, 2018).In order to provide assurance environment for Shariah compliance, an effective Shariah auditing process should be in place to enhance the Shariah audit function.The Shariah auditing guidance is very significant as it serves as a distinctive added value to IFIs.However, this function of Shariah audit was defined very briefly in SGF and caught the attention of researchers which then requested one specific framework for Shariah audit to be developed (Hassan & Haridan, 2019;Mikail et al., 2016;Kassim et al., 2013;Yussof, 2013).Although many efforts have been done by researchers to propose the audit framework, but up to date, there is no significant action taken by the regulators.
Therefore, this study would explore the relevancy to develop Shariah audit framework by getting the perceptions from the practitioners who are directly involved in Shariah audit practice.The practitioners consist of the Shariah auditors, Shariah committee and experts in Shariah audit area.The perceptions from the practitioners are significant in evaluating the needs of developing Shariah audit framework and exploring the expectations of the industry.In this study, Takaful Operators were designated as the main subject of analysis in gathering very specific empirical data that will be beneficial for future studies and references.Since the subject of discussion and study observed in most literatures are on IFIs, especially in Malaysia, it is focused more on Islamic banks, this fact has served as another motivational factor in selecting Takaful Operators as the main subject of analysis.
The main objective of this paper is to get the perceptions from the practitioners on the adequacy of current guidelines, the relevancy of having Shariah audit framework, and the desired elements in Shariah audit framework.This study is also conducted to address these three research questions; 1) How the practitioners perceive on adequacy of current available Shariah audit guidelines for Takaful Operators?2) To what extent the practitioners perceive the requirement of having specific Shariah audit framework?and 3) What are the elements that should be included in the desired framework?

LITERATURE REVIEW Takaful in Malaysia
Generally, Takaful is an insurance product which is based on Shariah principles.Islamic Financial Services Act (IFSA) 2013 provides the definition of Takaful as "an arrangement based on mutual assistance under which the takaful participants agree to contribute to a common fund providing for mutual financial benefits payable to the takaful participants or their beneficiaries on the occurrence of a pre-agreed event".On the same ground, Accounting and Auditing for Islamic Financial Institutions (AAOIFI) has defined Takaful as "a system through which the participants donate part or all of their contributions which are used to pay claims for damages suffered by some of the participants.The company's role is restricted to managing the insurance operations and investing the insurance contributions".
Apart from that, Malaysian Takaful Association (MTA) had laid down three main concepts in a Takaful arrangement known as mudharabah, tabarru' and wakalah.Based on these three concepts, there are a few principles applied in Takaful namely as brotherhood, solidarity, mutual assistance and donations.The initial idea of Takaful is to safeguard the people explicitly, when they are in need of assistance or are facing any difficulties (Sharifuddin et al., 2016).This is related to the principle of living in a community that when one person is in a problem or vulnerability, the rest of the people will help that person who incurs the loss.Thus, Takaful is basically a mutual compensation mechanism based on the Ta'awun principle or mutual assistance (Noor & Rahman, 2016).
In the Malaysian context, elements of Takaful can be seen from the Malay community culture.Generally, the Malays are closely associated with Islam; so much so that even the Federal Constitution of Malaysia has defined that in order to deem a person as Malay, he or she must be a Muslim.Among the practices that have been practiced in the Malay community are mutual cooperation, "merewang" during wedding ceremonies and "tabung khairat kematian" (mutual benevolent fund).In fact, these practices are still existing until today.All the practices mentioned are very much related to social works and portray the spirit of insurance.
"Rewang" is a part of the wedding celebration in Malay community.It is known as social capital as a result of the relationship between people in the society and can indirectly improve the relationship in society (Yana & Yew, 2017).Social capital can also be built or can start from that good relationship.Social capital is a commitment from every individual to openness, mutual trust, and giving time and energy to everyone (Dewi, 2015).Obviously, through "rewang", it can nurture the spirit of cooperation and responsibility in the community.
The practice of having a mutual benevolent fund is a good example which portrays the elements of Takaful clearly.It is a common practice in the Malay Muslim community in which when one of its members passed away, the other community members would provide funeral assistance to the family.This funeral proceeding incurs cost.Although it is relatively small, but for the poor section of the community, even this small sum could be burdensome (Muhamat, 2014).It is interesting to note that "khairat kematian" is actually a form of cooperative institution which is intended to help alleviate the hardship of its members during funeral proceedings.Based on the above descriptions of the practice in the Malay community, it shows that the practice of Takaful has also existed for a long time in the community especially for Malaysians.

Shariah Audit Practices in Malaysia
Shariah audit is one of the key elements in the Shariah governance system that functions as an independent assurance mechanism in ensuring the institution is complying to the Shariah.The basic objective of the Shariah audit is to ensure that the transactions carried out by the Islamic financial institutions are in compliance with Shariah rules and regulations and there is no prohibited element involved, i.e., Riba (interest), Qimar (gambling), and Gharar (uncertainty) (Shahzad et al., 2017).Currently, auditing practice of IFIs in various countries is under their respective local jurisdiction (Khalid et al., 2017).For the case of Malaysia, Shariah audit function became mandatory when BNM introduced Shariah Governance Function (SGF) for the first time in 2011.The requirement in SGF stated that Shariah audit should be done on an annual basis to verify that the IFI's key functions and business operations comply to Shariah.
The Shariah audit is normally performed within the internal audit division in IFI together with the current internal audit practices (Ab Ghani & Abdul Rahman, 2015).Based on SGF, Shariah auditor should make direct reporting to the Board audit and examination committee.However, there are also dotted lines between Shariah auditor and Shariah Supervisory Council which resulted in different practices because of different translation by different IFIs.According to Deris (2008), there are currently three types of Shariah audit model that have been practiced by the Islamic finance industry: i) Appointment of dedicated Shariah auditor: Establishment of specific Shariah audit department; ii) Embedded function in which the Shariah audit function shares the in internal Shariah audit function: IFIs embed a Shariah audit program with a mandatory internal audit and will refer to the Shariah department when they have any Shariah issues and iii) Hybrid: IFIs do not have any specific Shariah audit department, but appoint specific Shariah auditor(s) in the internal audit department.Generally, the auditor can only respond to the Shariah audit.The auditor could also be the reference for the internal audit's team and need not refer to the Shariah department.
The general meaning of Shariah audit is to see and supervise, control and report transactions, according to the rules and laws of Islam that are useful, accurate, timely and fair reports for decision making.It is not an easy task to conduct an audit of Sharia in capitalistic conditions and competitive conventional financial system (Yazid & Suryanto, 2016).On the same ground, SGF (2011) defined Shariah audit as the following: " Periodical assessment conducted from time to time, to provide an independent assessment and objective assurance designed to add value and improve the degree of compliance in relation to the IFI's business operations, with the main objective of ensuring a sound and effective internal control system for Shariah compliance" .
Since the implementation of SGF in 2011, the quality of religious assurance provided to the stakeholders by IFIs is expected to be enhanced with the functions of Shariah audit as the key organs of IFIs in undertaking Shariah governance function (Haridan et al., 2018).This is due to the function of Shariah audit as the third line defence which means that it is an independent function that provides an independent assurance (Hakim, 2017).The third line of defence is not involved in designing or implementing controls, nor responsible for the company's operations.Other than that, the board and senior management usually rely on internal auditor to provide reliable and objective assurance regarding governance, risk, and control.

Available Shariah Audit Guidelines Policy Document of Shariah Governance
The policy document on Shariah governance was introduced on 20 th September 2019 and was effective starting 1 st April 2020.In relation to the Takaful industry, this new policy will supersede a few other policy documents known as Shariah Governance Framework for Islamic Financial Institutions issued on 22 October 2010 and Paragraph 13.5 of Financial Reporting for Takaful Operators issued on 2 February 2018.This policy document aims to further enhance the effectiveness of the implementation of Shariah governance and reinforce a closer integration of Shariah considerations into IFIs' business and risk strategies.
Before the introduction of these policy documents, IFIs must comply with SGF which was introduced back in 2010.The SGF was found to be an important mechanism in ensuring that IFIs fulfill their roles in accordance with Shariah principles in the interests of depositors, investment account holders, shareholders and stakeholders (Mohamad Sori et al., 2015).Among the aims of SGF 2011 is to provide a proper regulatory framework for IFIs to operate within the required Shariah framework that will further enhance international investor confidence in the rapidly growing Islamic Finance Industry countries.There are few concepts which are related to Shariah governance structure as revealed by Obid and Naysari (2014) in previous studies which include accountability, transparency and disclosure, competence, confidentiality and independence.
The main objective of SGF is to improve the role of the board, the Shariah committee and the management on Shariah matters.This includes enhancing relevant key organs as they are responsible for executing Shariah enforcement and study functions to achieve an operating environment that is focused on Shariah.The SGF then described the Shariah auditors' attributes as follows: 1) Shariah audit ensures compliance with Shariah through a sound and efficient internal control mechanism; 2) Internal auditors can engage the expertise of IF's Shariah officers in the conduct of the audit, so long as the audit objectivity is not compromised ; 3) The Shariah audit can be carried out in specialist areas as part of the IFI 's thematic audit and 4) Upon consultation with the Shariah Committee, the board audit committee shall decide the deliverables of the Shariah audit process which should comply with the standards required.

Internal Audit Guidelines by Institute of Internal Auditors (IIA)
The Malaysian Accountant Institute (MIA) has accepted the Internal Audit Guideline (IIA) as the basis for internal audit practice.In addition, the IIA of the Malaysian Institute of Accountants adapted these guidelines from the publication "Guidance for Internal Auditors" published in June 1990, under the aegis of the United Kingdom's Consultative Committee of Accountancy Bodies (CCAB).These guidelines provide internal auditors with guidance on the key issues and processes that need to be addressed as part of both commercial and public sector work, including IFIs.
In this guideline, there is also one objective that emphasises the planning aspect.Internal auditors should adequately plan, regulate and document their work.This is to establish priorities, create and achieve Shariah audit objectives and ensure that audit resources are used efficiently and effectively.
There is also a code of ethics pronounced in the IIA guideline which includes the principles and rules of conduct.Among the principles stated in the guidelines are integrity, objectivity, confidentiality and competency.Integrity is very important as it establishes trust and thus provides the basis for reliance on their judgement.Objectivity means that the auditors must exhibit the highest level of professional objectivity in gathering, evaluating and communicating information about the activity or process being examined.Next, confidentiality which urges auditors to respect the value and ownership of information they receive and do not disclose information without appropriate authority and finally competency which requires auditors to apply the knowledge, skills and experience needed in the performance of internal audit services.

Minimum Audit Standards for Internal Auditors in Financial Institutions by BNM
Three main objectives have been circulated in the Guidance on Minimum Audit Standards for Internal Auditors in Financial Institutions: to emphasize and enhance the consistency and effectiveness of the work of internal auditors, to re-emphasize the role, roles and responsibilities of internal auditors to the Board of Directors, all levels of management and external auditors, and, finally, to create a uniform audit function.
Internal auditors are expected to have a good working relationship with management and internal auditors should have frequent contact with external auditors and BNM in areas of common interest.An audit charter, audit plan, audit manual, audit programme and internal control questionnaires (ICQ) should be in place in the internal audit department.An independent review of the activities of a financial institution as a management service is a crucial task for the internal audit department.The internal audit function plays an important role in helping management establish and maintain within the financial institution the best possible internal control environment.A sound internal control system should ensure compliance by the financial institution with legislative and regulatory requirements, asset safeguard, record adequacy, fraud prevention or early detection, material errors and irregularities, and operational performance.

Issues and Challenges in Shariah Audit
There are few unresolved issues in Shariah audit which need to be explored rationally (Lahsasna et al., 2015).Among the issues that have been discussed a lot in the previous study is the inexistence of specific framework for Shariah audit.Most IFIs used the conventional auditing method because of the non-availability of a Shariah auditing system.(Othman & Ameer, 2015).There are also few cases concerning Shariah non-compliance problems due to the lack of a proper audit procedure (Rahman, 2010).According to Yusoff (2013), there have been rampant instances of 'type over substances' enforcement, as seen in the aggressive and often unethical conduct of some IFIs, where Shariah enforcement has been used merely for commercial purposes as a logo or marketing gimmick, violating the ethical and religious principles of Islamic transaction.
Second issue is related to the competency of Shariah auditor itself.Competency is the ability or a set of defined behaviours which guide in a structured way to ease the process of identification, evaluation and development of the behaviours in individual to perform a job properly (IIA, 2017).In order to understand and perform Shariah audit, an auditor must have good knowledge in accounting and also in Shariah.Thus, there is a need for any Islamic institutions to invest in education in Shariah, accounting and auditing for their Shariah auditors to enhance their knowledge and expertise (Ahmad & Al-Aidaros, 2015;Shafii et al., 2014;Rahman, 2011).Najib and Ibrahim (2013) also argue that while the members of the Shariah Supervisory Board (SSB) are well trained in the role of issuing fatwas about the permissibility or otherwise of any financial items, they cannot serve as competent auditors because they lack the required qualifications and training.
Another concern is lack of accountability.Shariah audits can be carried out by internal auditors or external auditors provided they have sufficient Shariah knowledge and training (Yaacob, 2012).Subsequently, the report is forwarded to the Shariah committee of the IFIs.The Shariah committee may give their opinions only on Shariah matters to the Board of Directors, who will decide or make the final decision.Shariah auditors would have been more accountable as they are accountable to the stakeholders, including the shareholders, the community and the Ummah, and essentially, they are accountable to Allah for all acts and inactions.

Theoretical Framework
The Islamic principle of accountability originated from the Tauhid principle, which means the unity of Allah (Lewis, 2006).The principle of Tauhid implies complete surrender to Allah's will and the divine obligation in all facets of life.Concerning Islamic Institutions, accountability to Allah means accountability to society which put priority to other's right (Saad et al., 2014).In the verses of Qur'an, Hadith and even through the studies of the characters of the Prophet (peace be upon him) the importance of being accountable is constantly being reminded.It can be said that accountability is a duty and obligation of all Muslims, a duty that can reward us good deeds or make us accountable to God when it was ignored.Among the verse in Qur'an and hadith are: "Every man's fate We have fastened on his own neck: On the Day of Judgment We shall bring out for him a scroll, which he will see spread open.(It will be said to him:) "Read thine (own) record: Sufficient is thy soul this day to make out an account against thee." (Qur'an 17:13-14) "Each one of you is a guardian and each guardian is accountable to everything under his care".
Islamic accountability, as a theory, has different interpretations.Thus, this paper applies the fundamental theoretical principles of Islamic Accountability to the topic under the study which is on the importance of Shariah audit.This is congruent with the study conducted by Khalid (2019) which argues that Islamic accountability theory could be used in building a conceptual framework of Shariah audit performance.Thus, in the conceptualization of Shariah audit performance, Shariah auditor is accountable to Allah SWT and His creations.Shariah audit performance also could be enhanced by having comprehensive Shariah audit process and scope.On the same ground, Islam's principle of accountability is not only limited to financial transparency, through financial reporting, but goes far beyond that to include transparency in all activities (Basri et al., 2016).

METHODOLOGY
The purpose of this study is to gain insight of practitioners regarding Shariah audit framework.This study employed a qualitative approach using in-depth interviews to gather evidence.Apart from the issues can be examined in detail and in depth, the data collected on the basis of human experience is also more powerful and even more convincing than quantitative data (Rahman, 2017).On the same ground, by using in depth interviews, it allows the researcher to gather information about participants' experiences, views and beliefs concerning a specific research question or phenomenon of interest (Ryan et al., 2009).This study adopts a basic qualitative study or also known as a basic interpretive study for the research design.A basic qualitative study is the most common form, and has it goals on understanding how people make sense of their experiences.
The researchers employed a purposive sampling strategy whereby we engaged with the respondents who were willing to participate in this study.Ten interviews using semi-structured interview questions were undertaken.The respondents consist of Shariah auditor, Chief of Internal Auditor, Shariah committee and academicians who are directly and indirectly involved in the practice of Shariah audit for Takaful industry.The details of the respondents are shown in Table 1 below.Based on the details of the respondents, it can be considered that all of them are very highly knowledgeable, have vast experience and play a dominant role in their organizations.The interviews were conducted by the researcher via face-to-face sessions.The general questions focused on how practitioners perceived the sufficiency of available guidelines for Shariah audit in assisting them and the need of having specific Shariah audit framework.A semi-structured interview approach was used, starting with a set of questions that was extended according to the circumstances.
The observation on how these respondents replied to the questions raised was made.The study used thematic analysis.It included transcriptions of interview recordings and the coding stages proceeded.After getting the data from the interview sessions, the data was transcribed to gain general insights into what the interviewees responded to and to evaluate more on its context until the data was encoded.Data coding is the process of managing the data into text segments before it is generated in information and serves as the formal representation of analytical thinking.Before coming out with the final themes, the researchers initially read and reread transcripts to establish possible themes based on the research questions.The method chosen is inspired by Braun and Clarke's (2006) six-step approach that involves: getting familiar with the data through transcription; generating initial codes; searching for themes; reviewing themes; defining and naming themes; and producing the final written output.Refer Table 1.

RESULTS
The following analysis are provided according to the three research questions (RQ) which are then further elaborated.

Adequacy on Current Available Guidelines
RQ 1 analyzes the adequacy of current guidelines which is available in guiding Shariah auditor in performing Shariah audit function.Based on the analysis, it is found that 60 percent of respondents perceived that current available guidelines was not sufficient in guiding Shariah auditor to perform Shariah audit function as the current guidelines speaks very brief.Another 40 percent of respondents had different thoughts.The feedback from the respondents shows that majority of practitioners agreed that there was non-availability of sufficient guidelines in leading the Shariah auditors conducting efficient Shariah audit.This is in line with study by Yussof (2013) which argued that the current practice is too fragmented and not well-structured because of the inexistence of one general framework for Shariah audit.On the same ground, it is observed that majority of IFI modified the conventional audit framework when conducting Shariah audit (Hassan & Haridan, 2019;Yazkhiruni et al., 2018;Yusoff, 2013).Thus, to ensure effectiveness, the Shariah auditor himself should be competent enough to make a judgment although, in reality, competency is the main challenge especially for IFIs.
There are many effects of not having specific guidelines for Shariah audit.Scopes covered may not be as wide as it should be.Kamaruddin and Hanefah (2017) revealed that Shariah auditors tend to audit compliance of the IFIs based on the regulations regulated by the IFIs and BNM only.Besides, the scopes of Shariah audit stated in SGF are mostly based on the conventional audit scopes and they are not discussed in detail.
Other than that, each operator will practice differently, and it will result in the diversity in practice.For example, there were only a few of Takaful Operators who developed financial statement as their Shariah audit scope, while other Takaful Operators only rely on the external auditors.As the consequences, there is a potential for the Shariah non-compliance risk to occur as normally external auditors focus solely on the operation.This is in line with a study by Kassim et al. (2013) which revealed in their finding that each IFI develops its own policies or at a minimum, an audit checklist.This happened because of the absence of generally accepted criteria of Shariah auditing and considering Shariah auditing function is evolving and having a proper framework of Shariah auditing would be part of their main agenda in the future undertaking.However, after ten years, there is still no specific framework being developed by the regulators although some efforts have been done by researchers to propose a Shariah audit framework.As an example, the study conducted by Mikail et al. (2016) which proposed one Shariah audit manual specifically for Takaful industry.
The regulator such as BNM is still silent on this.Some experts have asked MIA to develop those frameworks or at least competency framework since in SGF it is stated that internal auditor is the one who can perform Shariah audit function.Bakar (2018) as the keynote speaker during one of a seminar series have stressed out on how important for MIA to develop this competency framework.Below is a statement from him:

"Further work needs to be done by having industry players and stakeholders in providing inputs for the development and implementation of this competency framework. It is imperative for Islamic Financial Institutions to have competent Shariah auditors with relevant knowledge or skills set".
The diversity in the practice of Shariah audit may affect the transparency as each of the operators would practice based on their company's policy.This is due to the company's structure.There are few Takaful Operators which are subsidiaries of a global bank that provides banking services and all the processes have been determined by their regional office and they have to follow suit.In addition, their Shariah audit process is also guided by a global audit methodology which takes into account the local regulatory requirement.On the other ground, Islamic full-fledged operators might be able to provide details reporting as they do not have any conventional products and the risk of having Shariah non-compliance risk is lower than the operators which are originally from the conventional parent's company.
Transparency is very essential in gaining trust and confidence from the stakeholders.Otherwise, customers would still have the same perceptions that the operation of Takaful Operators is similar with the insurance company and the difference is just in terms of the name.On the other hand, few of respondents perceived that we had enough guidelines in guiding the auditor to perform Shariah audit function.IIA has served the best platform to provide detailed guideline and as a Shariah auditor, it just had to embed the Shariah element while performing the Shariah audit function.Some might argue with this statement because if the auditor wants to manipulate the conventional framework and add on the Shariah elements, the auditor himself must be very competent.

Is It Essential to Have Specific Shariah Audit Framework?
RQ 2 answering on the rationality of having specific Shariah audit framework for IFI especially for Takaful industry.Based on the analysis, majority agreed that there should be one specific framework for Shariah audit.One respondent perceived that there was no necessity for Shariah audit framework.Table 3 illustrates two categories of reaction from the respondents."From the macro perspective, regulator must come out with parameters or framework as a benchmark.."( R7) "Yes..there should be a specific guideline provided to guide Shariah auditor in terms of duties and responsibilities of Shariah auditor.." (R8) "hm..yes…but whatever it is , the institution itself should take their own initiative in developing their internal Shariah audit manual…"(R9) " yes for external audit purposes, but for internal Shariah audit, it is not necessary if there have one specific person conduct for Shariah audit only.." (R10) Does not need a specific framework "..i don't think we need something similar to IIA..what we have now is more than enough, we just have to refer to all guidelines as provide by the regulators.." (R4) Only one respondent had the thought that the industry does not need one set of framework similar with what have been circulated by IIA for Shariah audit because it will burdened the practitioners to accomplish all the regulatory requirements as currently they feel it is already sufficient as the Shariah audit function has been stated in SGF briefly.
On the other hand, the main reason of why all respondents perceived that there was a need for Shariah audit framework was for benchmarking purposes.Benchmarking allows organisations to develop plans on how to adopt best practice, usually with the aim of increasing some aspect of performance.Over the years, benchmarking practices have continually evolved in diverse ways (Hong et al., 2012).Certainly, benchmarking is an important business practice priority.For the purpose of Shariah audit practice, with the existence of Shariah audit framework, it will be regarded as a benchmarking for institutions to measure how far their practice have achieved the main objective of Shariah audit which is to ensure the effectiveness of internal control system to mitigate on Shariah non-compliance risk.According to Shafii et al. (2015), the lack of evaluation to audit the performance of Islamic Financial Institutions in relation to the realization of Maqasid Shariah and the lack of regulatory guidance in the Islamic Finance left the industry to focus on complying with Islamic Financial Institutions' resolutions on products and operational issues.
Takaful operators should review their operations whether it is in line with the objective of its establishment and measure how much have they achieved their objective.The idea and goals set in takaful are established by the objectives of Islamic law that are associated with preserving religion, life, intellect, heritage, and wealth.All these basic preservations are essential in the lives of a Muslim, and it seems that the application of takaful has a strong connection in attaining the Maqasid Shariah.Other than that, Shariah audit should be able to assess whether the Takaful operators not just comply with Shariah principles but whether it has contributed to the society.Thus, it can be said that Shariah audit should establish a broad coverage of audit scope and not just ensuring compliance to Shariah aspects, but also moving towards socio-economic benefits.
This is congruence with a statement by Arwani (2018) which highlighted on the need of developing Shariah audit framework to ensure the effectiveness of the goals of Shariah compliance in IFIs which in turn can contribute positively to the larger society (ummah).The study by Hassan and Haridan (2019) is also in the opinion that the Malaysian regulatory bodies should take a comprehensive initiative to standardize the Shariah audit process and provide more efficient Shariah audit tools.On the same ground, due to the reason of lacking Shariah audit guideline, Kassim et al. (2009) concluded that the practice of Shariah audit did not give a big impact to IFI.It means that Takaful Operators should strive to develop audit program which is in line with Maqasid Shariah.Perhaps, in the future an in-depth study can be conducted in order to develop an index on measuring the achievement of Maqasid Shariah.
Elements in Shariah Audit Framework (SAF) RQ 3 proposed desired elements in SAF as designated by respondents.These elements are the main contributions as they could be the proposed elements for Shariah audit framework by the practitioners.First element is the duties and responsibilities of Shariah auditor.It is vital to have a clear direction on the duties and responsibilities of Shariah auditor so that it will not be redundant with the functions of other Shariah governance organs like Shariah reviewer.Other than that, in order to avoid the similarities with the task done by internal audit function, it is very important to spell out the duties and responsibilities clearly.This is in line with a study by Khan (1985) which defined few roles of an auditors in Islamic economy.Among them are 1) auditor's liability towards outside financiers, 2) assessment of management practices; 3) compliance with Shariah; 4) reporting on ihsan and 5) determination and payment of zakat.All these roles can be the basis in determining the duties and responsibilities of Shariah auditor.
Study by Alani and Alani (2012) proved that ethical values of an auditor are of utmost importance for an organization.In fact, there is a proposal made regarding the principles of Islamic ethics which should be used in driving the accounting policy especially in Islamic economy (Archer, 2013;Ahmad et al., 2017).Islamic ethical system is based on an equal, justified, benevolent, and accountable principles and has thrived for centuries from the golden era of Islamic civilization.For Shariah auditor, the ethics should pronounce on the Islamic value based on Al-Quran and as-sunnah.Among the ethical values will include principles of trustworthiness, where the auditors should have integrity, trust, responsibility, accountability and respect to the confidentiality of information, justice, trust, benevolence (ihsan) and give rights to others.
The third element is the reporting structure of Shariah auditor.Although, reporting structure has been spelled out in SGF, the majority of the respondents agreed that there should be a direct reporting between Shariah auditor and Shariah committee.In SGF, there is only a dotted line which resulted with different translations by different operators.Commonly, most operators will regard the dotted line as notification to Shariah committee only; whereas in reality, it is very important for Shariah auditor to report whatever possible Shariah non-compliance findings to Shariah committee in order to get their opinion before the report is presented to the Board of audit committee for any decision.Otherwise, it might happen that the audit findings do not reflect the Shariah audit findings as there is certain scope that might be overlooked by the auditors.The reporting here does not necessarily mean the final reporting, it may include a notification to the Shariah committee in finalizing on the audit plan.In other words, there should be an involvement of SC in the planning stage.This is consistent with the study conducted by Hassan and Haridan (2019) which argued on the crucial role of Shariah committees in providing additional inputs to Shariah auditing practices as their views and opinions would facilitate the development of the Shariah audit program in IFI.
The fourth element described by practitioners is key risk area.Some of the respondents agreed that key risk area should be determined in Shariah audit framework.The key risk area will assist auditor in developing Shariah risk profiling which is to guide the auditor on how to manage the risk in a way which is suitable for the organizations.Study by Ahmad and Lateh (2017) found out that there is a need to establish special Shariah risk profiling and visualize the relationship between Shariah and risk management.The study then elaborates further on Shariah risk profiling process that starts from identifying the potential threat to the organisation until establishing Shariah risk matrix and Shariah risk score card.It can help in identifying the prohibited and permitted elements.
On the same ground, although there are visible efforts from researchers to propose on SAF and audit programme which is considered as exceptional, the industry have yet to establish any specific framework on Shariah audit.One of the respondents criticized the proposed audit programme by the International Shariah Research Academy for Islamic Finance (ISRA) which for him/her was merely a checklist.This is the response from R1: "My comments to the proposed audit programme, it is more to compliance checklist, not audit programme.. audit programme should not be line by line.It should be based on risk.So, here we need Shariah key risk area…" (R1) A few respondents agreed that there is a need for Shariah key risk area since a majority of the auditors are not from Shariah background and they are very conscious that risks in IFIs are slightly different from their conventional counterparts.
The final elements mentioned by respondents are Shariah audit sampling and methodology.Audit sampling refers to the application of audit procedures to less than 100% of items within a population of audit relevance (MIA, 2009).Errors in taking sample size eventually will affect the result of audit findings.There are differences in the practice of sampling among organizations.This is proven from a study done by Christensen et al., (2015) which found that sampling methods differed significantly among the largest auditing firms; in which some emphasize statistical methods while others use nonstatistical methods.Shariah auditors need to be clear on this matter.One of the respondents highlighted on the sampling issue that happened when conducting Shariah audit which required attention to be given on this matter.This is the statement from the respondents: "It happened also that sometimes the auditors make a mistake by taking a wrong sample size.They need to be very clear on this.."(R7) As an alternative to solve this problem, audit sampling should be part of the audit framework in order to give a clear guideline to Shariah auditor and ensuring consistency in the practice of Shariah audit.For example, using risk-based audit.The size of the risk will determine the number of sample size.Higher risk would require larger sample size than the lower risk area.Figure 1 exhibits the proposed elements for Shariah audit framework which have been discussed above.

CONCLUSION
The findings of this study indicate that specific framework for Shariah auditing is needed as a benchmark and to strengthen current audit practices.Due to the lack of availability of a particular Shariah audit model, Shariah auditing process was carried out by replicating the conventional framework.The takaful operators therefore appear to focus restrictively on the financial audit while the Shariah audit should have a broader area to cover.Most of Malaysia's takaful operators currently conduct integrated auditing.As a result, the Shariah audit is not carried out systematically as it may not be able to cover the necessary area since it focuses on operational problems and the Shariah scope is only conducted when Shariah issues occur and not comprehensively on the internal control measures within the takaful institutions.
As with most other empirical studies, there are also some limitations of this study.First, this research has a limitation in generalizing the views from all Takaful Operators' main players as this study only offers insightful knowledge concerning the four (4) Takaful Operators' actual practice.Therefore, a holistic debate on Shariah audit practices in Takaful Operators needs to obtain more views and opinions.Secondly, the scope of the study is limited to the regulatory framework and due to that, elements of competencies will not be discussed in detail.Thirdly, this study does not take into considerations the view from the policymaker such as Bank Negara Malaysia which opens up the room for future research.Future research may explore the perspectives of policymakers on this topic.Future research could also assess the effectiveness of current audit practices on the basis of the finance industry 's available guidelines, especially the Takaful industry.Withstanding all the limitations, the study's analysis is essential to policymakers in improving the current Shariah auditing practice.The policymaker should consider the proposed elements for SAF while designing proper framework for Shariah auditing.

Figure 1 :
Figure 1: Proposed Elements for Shariah Audit Framework

Table 1 :
Details of Interviewees

Table 2 :
Table 2 exhibits on the responses from the respondents: Quotations for Research Question 1

Table 3 :
Quotations for Research Question 2 "..hmm..yes..but not too detail I guess…."(R2)"..yes..we have been requesting this framework to BNM..But until now, we don't know what is the progress.."(R3) "..yes..because there are many critical areas in Takaful, but the framework can't be too detail.." (R5) "yes..because at this point of time we don't have the kind of best practice guidance for Takaful…so perhaps this can be developed to strengthen Shariah audit function.." (R6)