UAE Central Bank introduces Shariah Compliance Function standard

Banks must act swiftly to meet the Shariah Compliance Function (SCF) requirements, issued by the Central Bank of the UAE (CBUAE). A proactive, structured approach is essential - prioritising critical tasks, assigning clear responsibilities, and establishing key milestones. With a firm deadline of April 2025, Islamic financial institutions must ensure full compliance to meet regulatory expectations and maintain operational integrity.

In brief:

On 3 April 2024, the CBUAE introduced the SCF Standard and Guidance Note. These guidelines are applicable to all UAE-based banks and financial institutions conducting all or part of their business under Islamic Shariah principles and mandate full compliance within a year of issuance. These new guidelines will strengthen governance, internal controls, and ensure strict adherence to Shariah principles across all banking activities.

In detail:

To sustain this growth and maintain best-in-class Islamic banking solutions, the CBUAE, the key regulator of banks in the UAE, has been proactive in enhancing the regulatory framework for Islamic banking. Key developments include the issuance of risk management requirements, Shariah governance requirements, and guidelines for Shariah audit functions within banks. The latest regulation introduces comprehensive guidelines and standards (hereafter referred to as standards) for a dedicated SCF.

The standards outline the establishment of a dedicated SCF, focusing on key pillars: planning, execution, reporting, monitoring, and governance. The SCF is responsible to continuously monitor compliance of a financial institution’s Islamic businesses and activities with resolutions, fatwas, regulations and standards, which are issued by the Higher Shariah Authority (HSA).

Below is a summary of the primary requirements under each pillar.

Planning
Execution
Reporting
Monitoring

Planning

Develop an annual review plan using a prioritisation matrix to focus on critical areas. The plan should be subsequently approved by the Internal Shariah Supervisory Committee (ISSC) and Board of Directors of the Bank.
Understand regulatory requirements, ISSC resolutions, Shariah Non-Compliance (SNC) risks, compliance obligations, policies, procedures, and internal controls.
Submit a pre-review memo to relevant departments outlining the scope, rationale, timeline, and terms of the scheduled review exercise.

Execution

Begin the field review with an opening meeting involving representatives from relevant departments to set expectations and clarify the review scope.
Establish a sampling methodology to guide the review process effectively.
During reviews, the SCF assesses ISSC resolutions related to SNC risks, compliance obligations, processes, policies, procedures, and associated internal controls, both before and during execution of transactions / processes, to ensure ongoing adherence to Shariah principles.
Develop internal checklists tailored to ensure a thorough and effective review of the subject under assessment.
Conduct walkthrough tests of real-life deals to evaluate the reliability of internal procedures, manuals, and policies in daily operations.
Perform an internal controls assessment to evaluate the design and operational effectiveness of controls related to SNC risks.
Assess staff awareness to ensure employees possess the necessary knowledge and skills to fulfil their responsibilities in compliance with Shariah principles.

Reporting

Record each identified finding or incident in a comprehensive report after every field review. Ensure all issues are factual, precise, objective, clear, concise, and supported by adequate evidence demonstrating the accuracy of the finding.
A clear action plan to address the root cause, close the gap, and assign responsibility.

Develop and share the report in multiple stages: preliminary issues report, response from relevant departments, closing meeting, and final report.
Circulate the final report to the CEO and relevant parties within five working days of its approval by the ISSC to ensure timely implementation of its recommendations.

Monitoring

Incorporate all findings into a status tracker to monitor progress on addressing and closing identified issues.
Regularly update the tracker and provide updates to the ISSC and risk management committee (or equivalent committee).

The importance of a Shariah Compliance Function

The defining feature of Islamic banks is their strict adherence to Shariah principles. The SCF is vital in ensuring that all activities and products align with these principles. Key reasons why it’s essential:

Ensures adherence to Shariah principles: The function ensures all banking activities, transactions, and products comply with the principles set by the HSA, safeguarding the bank’s reputation and avoiding non-compliance penalties.
Enhances the bank's credibility and trust: A robust SCF builds trust with customers and stakeholders, enhancing credibility, customer loyalty, and competitiveness in the Islamic finance market.
Strengthens governance and operational effectiveness: Embedding Shariah compliance into the bank’s governance framework promotes better collaboration, strengthens oversight, and enhances operational effectiveness, supporting ethical decision-making.

Roadmap and next steps for banks conducting Islamic business:

To comply with the newly introduced SCF requirements within the stipulated timelines, banks must adopt a proactive and structured approach.

Perform a gap analysis to identify non-compliance areas and weaknesses in existing frameworks, highlighting the enhancements needed to meet the new regulatory standards.

Create a detailed implementation plan with a timeline, prioritising urgent tasks and assigning ownership to monitor progress.

Hold coordination meetings with control functions like risk and compliance teams to ensure clear roles and avoid duplication of efforts.

Define the SCF’s structure, staffing needs, and reporting lines, ensuring scalability for future compliance needs.

Develop essential policies, procedures, and templates to support operational readiness and demonstrate commitment to regulatory compliance.

Conduct regular training sessions for employees to ensure understanding of Shariah principles and the new regulatory requirements.

Engage proactively with the CBUAE to clarify regulatory expectations and build a collaborative relationship to navigate compliance challenges.

Key takeaways

The CBUAE rules are poised to become the regional benchmark for internal compliance processes in Islamic finance. Early adoption will empower proactive banks, attract customers, control costs, and foster closer relationships with regulatory authorities.

By embracing these changes, financial institutions in the UAE can set a precedent for the wider GCC market and position themselves as leaders in the sector.