Proposal for a new Sharīʿah risk rating approach for Islamic banks

Muhammad Adeel Ashraf (Islamic Development Bank, Jeddah, Saudi Arabia)
Ahcene Lahsasna (International Centre for Education in Islamic Finance (INCEIF), Kuala Lumpur, Malaysia)

ISRA International Journal of Islamic Finance

ISSN: 2289-4365

Article publication date: 10 July 2017




Customers of Islamic banking industry continue to be skeptical on Sharīʿah compliance of Islamic banks despite receiving fatwa from the competent authorities. The purpose of this paper is to quantify the Sharīʿah risk taken by Islamic banks, so that customers are better informed on the level of Sharīʿah compliance that will help in removing the persistent level of skepticism toward Sharīʿah compliance.


This research has used the scorecard based modeling approach to build the Sharīʿah risk rating model, which consists of 14 factors that capture Sharīʿah risk and are grouped in 5 major areas revolving around regulatory support, quality of Sharīʿah supervision, business structure, product mix and treatment of capital adequacy ratio. The score calculated by applying the model is grouped into 4 tiers reflecting the level Sharīʿah compliance at bank as non-compliant, weak compliance, satisfactory compliance and high level of Sharīʿah compliance. Three case studies were conducted by applying the model to Islamic banks from Malaysia, Pakistan and Saudi Arabia.


The final Sharīʿah risk scores calculated by the model clearly differentiate the 3 banks on basis of their Sharīʿah risk. The underlying scores also highlighted the areas where banks need to improve to reduce their Sharīʿah risk.


This model can be applied by customers of Islamic banks who are interested in understanding Sharīʿah-related aspects of Islamic banking industry. This model can be applied on standalone basis or as an extension to the conventional counter party risk rating models. This model can benefit management of Islamic banks toward allocation of capital against Sharīʿah risk under Basel III, and regulators can apply the model to measure industry wide risk of Sharīʿah non-compliance.



Ashraf, M.A. and Lahsasna, A. (2017), "Proposal for a new Sharīʿah risk rating approach for Islamic banks", ISRA International Journal of Islamic Finance, Vol. 9 No. 1, pp. 87-94.



Emerald Publishing Limited

Copyright © 2017, Muhammad Adeel Ashraf and Ahcene Lahsasna


Published in the ISRA International Journal of Islamic Finance. Published by Emerald Publishing Limited. This article is published under the Creative Commons Attribution (CC BY 4.0) licence. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this licence may be seen at


Islamic banking customers tend to pose a highly relevant question pertaining to the Islamic banking business: Are banks labeled as “Islamic banks” really Islamic? Dar’s (2013) question “Is Islamic banking as exploitative as conventional banking?” reflects the fact that there is still skepticism among customers about the practice of Islamic banking and that it extends to the issue of Sharīʿah compliance of Islamic banks. Islamic banks address this concern by sharing the fatwas (Islamic legal rulings) of their respective Sharīʿah boards or other competent authorities on the Sharīʿah compliance of their business activities. Islamic banks tend to place high emphasis on the eminent personalities who constitute the members of their Sharīʿah boards to assure the public of their Sharīʿah compliance. In practice, bank customers do not rely solely on the fatwa or credentials of the Sharīʿah board members validating the banks’ financial products in their decision to patronize Islamic banks. Nonetheless, the aspect of Sharīʿah risk – that is, the risk of Sharīʿah non-compliance – is an important factor to which customers pay special attention in their decision to endorse Islamic financial products. Moreover, it is argued that the level of Sharīʿah compliance of a bank cannot be qualified in absolute terms as “yes” or “no”; rather, there should be a rating system which scores an institution’s Sharīʿah compliance across a range; for example, high, satisfactory, weak and non-compliant. This is deemed commercially attractive, as banks with higher levels of Sharīʿah compliance should be able to fetch higher ratings and enjoy a better market positioning in Islamic financial markets.

The issue of determining the level of Sharīʿah compliance, more specifically, measuring the Sharīʿah risk of Islamic banks, motivates this research. So far research in the area of quantifying Sharīʿah risk and allocating an adequate level of capital charge to mitigate this risk remains limited. A standardized Sharīʿah risk rating model is not available for Islamic banks to compare their levels of Sharīʿah compliance.

Research objective

The objective of this paper is to develop a Sharīʿah risk rating model to measure the Sharīʿah risk of Islamic banks. It aims at answering the question relating to Sharīʿah compliance of Islamic banks in a more satisfying manner to convince a larger set of customers that are still skeptical about the Islamic banking industry. The scope of this paper is limited to reviewing the existing risk rating models with respect to their relevance to measuring Sharīʿah risk, coming up with a more relevant Sharīʿah risk rating model, testing the model on Islamic banks for its accuracy, and finally providing a risk score that represents the Sharīʿah and financial risk of an Islamic bank. It is noted that the model does not calculate financial risk, which is already available from the ratings of conventional rating agencies. The overall score derived from the model can be used by customers to evaluate the level of Sharīʿah compliance of Islamic banks and by the banks to determine the adequate amount of capital that should be allocated to mitigate this risk.

Review of existing rating models

Existing market practices to evaluate banking sector risk and Sharīʿah compliance revolve around three areas, notably:

  • conventional risk rating models;

  • ratings by the Islamic International Rating Agency (IIRA); and

  • guiding principles on Sharīʿah governance issued by the Islamic Financial Services Board (IFSB).

The existing rating models from three conventional rating agencies, namely Standard & Poor’s (S&P), Fitch and Moody’s, as well as from IIRA highlight the gap in measuring the Sharīʿah risk of Islamic banks, especially from the perspective of a standardized yardstick that can be applied on basis of publicly available information about an Islamic bank. A bank rated AAA can be financially very strong and can have very low credit risk, but it can be Sharīʿah non-compliant as well. Similarly, a fully Sharīʿah-compliant bank can have a rating of C or D by Fitch or Moody’s. As a result, these rating agencies are not effectively incorporating Sharīʿah risk rating into their risk rating systems. This calls upon the need to accommodate new risk rating factors which are important for Islamic banks to arrive at their overall credit score, including their Sharīʿah score.

Proposed methodology

The proposed rating model has two parts:

  • Sharīʿah risk score; and

  • overall counterparty financial risk score.

As highlighted above, the model calculates the Sharīʿah risk score only; the financial score, on the other hand, is taken from the rating of conventional rating agencies. The combined rating of Sharīʿah risk and financial risk is reported in a two-part format. The first part communicates the financial rating as calculated by the rating agencies, and it ranges from AAA to D or equivalent for all three conventional rating agencies. The second part of the rating reflects the Sharīʿah compliance score and, it is reported in four categories whereby the SSS category reflects the highest level of Sharīʿah compliance and SN corresponds to the lowest level, i.e. Sharīʿah non-compliant. As an example, the model output rating of AAA: SN means that bank is financially very strong, but its business is not Sharīʿah-compliant.

Proposed Sharīʿah risk rating factors

This model proposes to include five areas when measuring Sharīʿah risk. These are further sub-divided into 14 risk rating factors which are not quantified by conventional risk rating agencies from a Sharīʿah-compliance perspective. These factors provide detailed insight regarding the Sharīʿah risk of an Islamic bank and hence can provide valuable feedback to customers. A summary of these 14 factors is provided in Table I.

These 14 factors are considered relevant to measure the Sharīʿah risk of an Islamic bank based on the following rationale.

Regulatory support.

Islamic contracts used by Islamic banks must be recognized by the laws and regulations of a country. For instance, it is important to know whether a murābaḥah transaction documents will be given due consideration in the courts of law. Many countries provide little support for the execution of Islamic contracts. Therefore, Islamic banks that get support from the laws and regulations of a country are in a better position to conduct Islamic banking business. In case of dispute, customers have confidence that the laws and regulations of the country will uphold Islamic transactional documents.

Quality of Sharīʿah supervision.

A bank with a single Sharīʿah advisor reporting to the CEO is likely to compromise on Sharīʿah standards as compared with a bank having a full-fledged Sharīʿah board which independently reports to the Board of Directors (BOD). Therefore, this framework effectively captures the independence of the Sharīʿah supervisory function at a bank. Sharīʿah opinion is the most weighted factor to measure Sharīʿah risk. If a bank has adverse Sharīʿah opinion in its annual report, the negative weight will simply turn the Sharīʿah compliance score of a bank into an overall negative score.

Business structure.

Legal incorporation: A separately incorporated and publicly limited Islamic bank gets more weight than a branch of a conventional bank having a mixed pool of funds. This is because the former will be able to manage and implement Islamic banking laws in a better way when it comes to the requirement for segregation of funds.

Years in Islamic business: Fitch & Moody’s capture the total number of years in business but do not capture the total number of years in Sharīʿah-compliant business. Therefore, this scorecard gives additional marks to the tenure that a bank has been involved in Sharīʿah-compliant business.

AAOIFI & IFSB standards: Implementation of these standards at a bank adds to the Sharīʿah compliance score. However, the scope of measurement is limited to the disclosure (auditor’s certification) that the bank is following IFSB and AAOIFI standards while a check on practical compliance is outside the domain of the end user (customer).

PER: PER actually belongs to investment account holders and adds stability to their returns by mitigating displaced commercial risk. From the Sharīʿah perspective, it adds to the Sharīʿah compliance score because a bank has to develop different deposit and asset pools and adopt a Sharīʿah-compliant profit-sharing ratio mechanism to apply PER. Therefore, chances of Sharīʿah compliance are higher for a bank having a PER arrangement than a bank that is operating without PER.

Charity fund: The proper use of charity fund reflects the level of Sharīʿah compliance of an Islamic bank. Islamic banks having documented charity policies and an independent committee that spends the charity fund get a higher score. This factor is particularly important, as some banks continue to rollover their bad loans without transferring the overdue income charge to the charity account. Furthermore, some banks have started to use the charity fund as a promotional fund by using the money for advertising purposes.

Width and depth of deposit products.

Equity-based products: Banks that use products based on participation and profit/loss sharing get a higher score as compared to a bank which simply relies on murābaḥah-based products. This factor particularly helps in diversifying the risk of Sharīʿah non-compliance from one product to multiple products.

Width of asset products: A bank which has more products is much likely to diversify its Sharīʿah risk while banks that continue to rely on a single product (such as murābaḥah) are assigned a lower score under this model.

Debt-based products: A bank which is mainly relying on debt-based products is likely to rollover the credit deals and hence is exposed to higher levels of Sharīʿah risk.

Structure of deposit: Many Islamic banking businesses operating as windows of conventional banks do not maintain separate deposit pools and hence are not fully Sharīʿah-compliant as compared with those Islamic banks that maintain separate deposit pools and hence qualify for higher Sharīʿah compliance scores.

Capital adequacy standards.

External rating agencies calculate the Capital Adequacy Ratio (CAR) as per the applicable Basel definition and therefore penalize Islamic banks, especially when they have solicited deposits on the basis of profit/loss sharing and can pass the loss to depositors rather than charging it under equity. This scoring model calculates CAR as per the IFSB standards and adjusts the CAR premium/discount into the scoring according to the result.

Allocation of weights and scores

Scores and weights have been allocated based on the authors’ own judgement. This judgmental approach has its precedence in conventional risk rating model-building practices. Top rating agencies had started building their models by allocating judgmental risks and weights and have refined factors over a period through statistical back testing. Historical data are not available at this point in time on Sharīʿah non-compliance risk to back test these models on a statistical basis. These initial weights are subject to further calibration as large-volume data sets are tested by applying this model, and adjustments are made to improve the model’s accuracy.

Sources of information: model input

All the sources of information required as an input for this model are publicly available. This gives the model flexibility and makes it very easy for any individual/customer of the Islamic banking industry to use the model and get the Sharīʿah compliance score.

Interpretation of the Sharīʿah risk rating model score: model output

A bank can earn a maximum risk-weighted score of 150 and a minimum score of −138 under this Sharīʿah risk rating model. The interpretation of Sharīʿah risk rating scores is given in Table II.

A bank having a risk-weighted score of above 80 per cent is considered highly Sharīʿah-compliant and hence gets SSS rating. S+ rating is quite wide, including banks meeting most of the Sharīʿah-compliance standards. S-rating is awarded to those banks which are barely meeting Sharīʿah standards and require significant improvements in implementing the Sharīʿah guidelines into their day-to-day business dealings. An SN rating stands for a Sharīʿah non-compliant bank. The Sharīʿah rating score can be sub-divided into further categories to reflect various degrees of Sharīʿah compliance, but this would obviously add complexity for banking customers. Banks may, however, add additional tiers for more refined monitoring of their Sharīʿah risk.

Testing of the Sharīʿah risk rating model

The newly developed Sharīʿah risk rating model was applied to three banks to evaluate their degree of Sharīʿah compliance. These ratings were conducted on an unsolicited basis. The summary of results is provided in Table III.


The Sharīʿah risk rating model proposed in this paper includes 14 Sharīʿah risk rating factors to determine the degree of Sharīʿah compliance of an Islamic bank. The model has clearly differentiated the banks on basis of Sharīʿah non-compliance risk. The weights assigned in the model were based on personal judgments, and these were correct to the extent that the end score calculated for each bank has clearly highlighted their strengths and weaknesses. This model can be used by individuals and the public to check the Sharīʿah compliance score of any bank. This rating will introduce a healthy competition among Islamic banks to comply with Sharīʿah laws and regulations. Further research is required to apply the model to more Islamic financial institutions.

Sharīʿah risk rating model

Regulatory support
1 Legal support Separate Islamic banking law in the country Single law covering Islamic and conventional banks Weak legal support for Islamic contracts No legal support for Islamic contracts
Score 10 6 3 1
2 Central Bank Support Independent supervisory board conducting Sharīʿah audit Sharīʿah board with advisory function without audit No Sharīʿah board at central bank
Score 10 8 3
Quality of Sharīʿah supervision
3 Independence of Sharīʿah supervisory function Sharīʿah advisory board reporting to BOD Single Sharīʿah advisor reporting to the BOD Sharīʿah advisory committee reporting to the Chief Executive Officer (CEO) No Sharīʿah committee/advisor
Score 10 6 3 0
4 Opinion of the Sharīʿah supervisory committee/advisor Full compliance with Sharīʿah (unqualified) Qualified (some exceptions) Disclaimer (no opinion) Adverse (Sharīʿah non-compliant)
Score 10 5 0 −150
Business structure
5 Legal identity of Islamic banking business Separate legal entity Separately incorporated legal subsidiary of a conventional bank Division with separate pool of funds of a conventional bank Branch operation of a conventional bank with mixed pools of funds
Score 10 8 7 3
6 Number of Years in Sharīʿah-Compliant Business 10+ years 3-5 years 1-3 years Less than 1 year
Score 10 7 2 1
7 Compliance with AAOIFI and IFSB standards Regulatory full compliance No regulatory requirement but individual compliance Partial individual compliance No compliance
Score 10 8 5 3
8 Profit equalization reserve (PER) Yes No
Score 10 0
9 Charity fund Separate and independently expensed Separate but not independent No charity fund in place
Score 10 7 0
Composition of asset and deposit base (Width and depth of products)
10 Equity-based products (mushārakah, muḍārabah and ijārah) More than 50% of total assets 10 to 25% of total assets Less than 10% of total assets No mushārakah/muḍārabah based assets
Score 10 8 5 0
11 Width of asset Products 10 or more financing products 5 to 10 financing products 2 to 5 financing products 1 to 2 financing products
Score 10 8 5 2
12 Debt-based products (murābaḥah and tawarruq as % of total financing) Less than 10% 10 to 33% 33 to 66% Above 66%
Score 10 6 4 2
13 Structure of deposit Separate deposit pools under muḍārabah/ mushārakah partnership Murābaḥah-based deposit Current/saving deposit) contracts under qarḍ
Score 10 6 5
Capital adequacy standards (as per IFSB)
14 IFSB CAR (capital/risk weighted assets (RWA) - RWA(profit sharing investment accounts (PSIA)) 2% above the applicable Basel CAR (Basel II/ III) Equal to Basel CAR Less than Basel CAR Not available
Score 10 1 −10 1

Interpretation of Sharīʿah risk rating scores

Category Maximum weighted score Minimum weighted score
Regulatory support 30 6
Sharīʿah supervision 20 −150
Business structure 50 7
Product width and depth 40 9
CAR (IFSB) 10 −10
Model output score 150 −138
% degree of Sharīʿah compliance (Achieved score × risk weight)/maximum achievable score
Achieved degree of compliance Rating table
80% and above SSS High Sharīʿah compliance 
50 to 80% S+ Satisfactory Sharīʿah compliance
0 to 50% S− Weak Sharīʿah compliance
Negative score SN Sharīʿah non-compliant

Applying the Sharīʿah risk rating model on three banks

Bank Achieved degree of Sharīʿah compliance Awarded rating
Bank Alfalah Ltd, Islamic Banking Division, Pakistan 95/150 (63%) S+ (Satisfactory Sharīʿah compliance)
Bank Aljazira, Saudi Arabia 66.5/150 (44%) S− (Weak Sharīʿah compliance)
Bank Islam Malaysia Berhad, Malaysia 122/150 (81%) SSS (High Sharīʿah compliance)


Dar, H. (2013), “Is Islamic banking as exploitative as conventional banking”, The Express Tribune, 12 April, available at: (accessed 2 April 2015).

Further reading

Bank Alfalah Ltd (2013a), Audited Financials for the Financial Year 2013, Bank Alfalah Ltd, available at: (accessed 9 July 2014).

Bank Aljazira (2013b), Audited Financials for the Financial Year 2013, Bank Aljazira, available at: (accessed 9 July 2014).

Bank Islam Malaysia Berhad (2012), Audited Financials for the Financial Year 2012, Bank Islam Malaysia Berhad, available at: (accessed 9 July 2014).

Fitch Ratings (2016), Global Banks Rating Criteria, available at: (accessed 15 June 2016).

Islamic Financial Services Board (2005), Guiding Principles of Risk Management for Institutions (Other Than Insurance Institutions) Offering only Islamic Financial Services, available at: (accessed 15 July 2016).

Islamic Financial Services Board (2014), Islamic Financial Services Industry Stability Report 2014, available at: (accessed 15 July 2016).

Moody’s Investor Services (2015), Bank Rating Methodology, available at: (accessed 29 June 2015).

Standard & Poor’s (2013), Quantitative Metrics for Rating Banks Globally: Methodology and Assumptions, available at: (accessed 29 April 2015).


This paper is an outcome of the Chartered Islamic Finance Professional study undertaken by the co-author at INCEIF Malaysia.

Corresponding author

Muhammad Adeel Ashraf is the corresponding author and can be contacted at:

About the authors

Muhammad Adeel Ashraf holds a Chartered Islamic Finance Professional (CIFP) certification from the International Centre for Education in Islamic Finance (INCEIF), Malaysia. He currently works as a Senior Risk Management Specialist at the Islamic Development Bank (IDB), Saudi Arabia.

Ahcene Lahsasna, PhD, is an Associate Professor at the International Centre for Education in Islamic Finance (INCEIF), Kuala Lumpur, Malaysia. Dr Ahcene Lahsasna’s research interests are in the areas of Sharīʿah aspects in business and finance, financial planning and wealth management.

Related articles