4.1. General Requirements

An Islamic Financial Institution must establish, implement and maintain policies, procedures, systems and controls that ensure that its business is conducted in a Shari’ah-compliant manner.

4.2. Requirement for procedures, processes, systems, controls and limits

In these Rules, a requirement for an Authorised Firm conducting Islamic Financial Business to have a policy also requires it to have the procedures, processes, systems, controls and limits required to implement the policy.

4.3. Responsibility for compliance

(1) The Governing Body of an Islamic Financial Institution is responsible for its compliance with the regulatory requirements set out in the AIFC Regulations and Rules.

(2) The Governing Body must ensure that the Authorised Firm’s senior management establishes and implements policies to give effect to these rules. The Governing Body must approve significant policies and any changes to them (other than formal changes) and must ensure that the policies are fully integrated with each other.

(3) The Governing Body must review the Authorised Firm’s significant policies from time to time, considering changed operating circumstances, activities and risks. The interval between reviews must be appropriate for the nature, scale and complexity of the firm’s business, but must not be longer than 12 months.

(4) The Governing Body must ensure that the policies are made known to, and understood by, all relevant staff.

4.4. Responsibility for compliance with Shari’ah

(1) An Authorised Firm’s Shari’ah Supervisory Board (SSB) must ensure that the Islamic Financial Business of the Authorised Firm is conducted in accordance with Shari’ah. The SSB:

(a) must establish, implement and supervise the Islamic Financial Institution’s Shari’ah governance and compliance;

(b) every year, must prepare a report in accordance with the AAOIFI standards relating to preparing and assessing compliance with Shari’ah;

(c) must ensure that reviews to assess the Islamic Financial Institution’s compliance with Shari’ah are carried out in accordance with those AAOIFI standards; and

(d) must review every service or product that is the subject of a financial communication before the firm issues the communication.

(2) The SSB is responsible for expressing binding opinion about the extent to which the operations, transactions and contracts of the Authorised Firm conducting Islamic Financial Business comply with Shari’ah. The SSB must review any matter that is assigned to it by the firm’s Governing Body.

4.5. Policy and Procedures Manual

An Islamic Financial Institution must establish, implement and maintain an Islamic Financial Business policy and procedures manual that addresses the following matters:

(a) how the compliance oversight function will be undertaken in relation to compliance with Shari’ah;

(b) how the institution’s SSB will oversee and advise it in regard to its Islamic Financial Business activities and operations;

(c) how fatwas, rulings and guidelines of the SSB will be recorded, disseminated and implemented and the internal Shari’ah review undertaken;

(d) how disputes between the SSB and the institution in relation to Shari’ah compliance will be addressed;

(e) the process for approving the internal policies, procedures, systems and controls to ensure that Islamic Financial Business is conducted in accordance with Shari’ah;

(f) the process for approving the internal policies, procedures, systems and controls to ensure that information is disseminated to investors appropriately;

(g) how conflicts of interest and potential conflicts of interest will be identified and managed.