CPSA M5 ONLINE EXAM QUESTIONS

CONFIDENTIAL

PAPER : CERTIFIED PROFESSIONAL SHARIAH AUDITOR
MODULE : SHARIAH AUDIT PLANNING AND PROGRAM
CODE : AUD 3051
TIME : 3.5 HOURS

INSTRUCTIONS TO CANDIDATES:

1. This question paper consists of TWO (2) sections:

i. Section 1 30 Multiple Choice Question (MCQ)
ii. Section 2 Two (2) Case studies

2. Answer ALL sections in this question paper and you are advised to divide your time
equally between the two sections: 1 hour on Section 1 and 2.5 hours on Section 2.

3. Candidates are required to answer in the Answer Template provided.

EXAMINATION REQUIREMENTS:
 Answer Template
 Glossary

* DO NOT OPEN THIS QUESTION PAPER UNTIL YOU ARE TOLD TO DO SO
====================================================
This question paper consists of 14 pages

CONFIDENTIAL

Section 1

Answer ALL questions.

1. Shariah audit assesses the effectiveness of internal controls in managing Shariah risk. Based on the
following, which is the CORRECT Shariah audit activity that could achieve this objective?

A. Interview product development officer on his awareness on the impact of Shariah risk to the
organization.

B. Perform audit on Shariah Secretariat function.
C. Review the input criteria in the information technology system for the calculation of Ibra'.
D. Examine the report of generated by the information technology system for Tawarruq

transactions.

2. Which of the following activities BEST reflects the conduct of Shariah audit in serving its objective as
'the assessment of the effectiveness of the Shariah governance structure/process and management
oversight function?

A. Audit on Shariah Secretariat function.
B. Shariah audit on branch operation that directly deals with the offering of Islamic financial

products and services.
C. Shariah audit on product compliance manual for retail products offered by the Islamic bank.
D. Shariah audit on the information technology function.

3. Shariah Committee members of an Islamic bank are in the opinion that the current scope of Shariah
audit is inadequate for them to make qualified opinion on the state of Shariah compliance in the
institution. Which of the following options is the BEST further option available for the Shariah
Committee members to redress the situation?

A. They could direct for special or ad-hoc audit on the areas of concern.
B. They could contest the current scope of Shariah audit that has been approved by the Board

of Audit Committee.
C. They could request for the area of concern to be audited during the next audit exercise.
D. They could request for Shariah review exercise to be conducted on the area of concern.

4. International Professional Practices Framework (IPPF) (2013) identifies THREE (3) areas as the
coverage of internal audit, namely governance, risk management and control. Which is TRUE about
a Shariah auditor’s nature of work of with regard to assurance activities on risk management?

A. Assessment on the understanding of the Board of Risk Committee members on their role as
an assurance function.

B. Assessment of the effectiveness of an IFI’s Shariah governance structure/process and
management oversight function.

C. Shariah audit on Shariah Secretariat function.
D. Assessment of Shariah auditors' work by the Shariah Committee.

CONFIDENTIAL

5. A scope of Shariah audit, as identified in the Shariah Governance Framework (2010), includes the
compliance audit on organizational structure, human resource and information technology application
systems. In a Takaful institution, which of the following option is NOT TRUE on the Shariah audit
exercise within this scope?

A. Assessment on the number of staff in the Shariah-related functions are adequate to handle
the complexity of the operations.

B. Assessment on the information technology system being able to capture the Shariah
requirements for the takaful contracts.

C. Assessment that all employees within the takaful institutions are well trained on the Shariah
contracts related to takaful contracts.

D. Assessment on the understanding of the Board of Risk Committee members on their role as
an assurance function.

6. Salman is the Head of Shariah audit team having concluded the fieldwork for this year's audit in an
Islamic bank you are working. He is now drafting the audit report, and is not sure of some aspects of
audit report as this is the first time, he leads the audit team. As the Chief Internal Auditor, which of
the following actions would you remind Salman to avoid in his report?

A. Suggest the timelines for rectifications.
B. Highlight the causal factor that lead to the Shariah non-compliance.
C. Impose the recommended corrective actions and improvements.
D. Report on the Shariah non-compliance or potential Shariah non-compliance events/

activities/ transactions.

7. You are a Shariah auditor for a takaful operator. You received a feedback from Shariah Committee
members during their branch visit that there are instances that takaful contracts are not properly
explained to customers. Based on this scenario, decide on a suitable audit technique to be adopted
to obtain evidence of audit.

A. Examine approved contracts.
B. Interview takaful agents.
C. Reperform calculation of takaful benefits.
D. Observation of the processes of claims adopted in the takaful operator.

8. Iman is the Head of Shariah audit in a subsidiary Islamic bank. This is the first time she leads the
Shariah audit exercise as she was promoted as the head only this year. She sought your advice as
a Head of Shariah audit in another Islamic bank on the elements that should be concluded in the
Shariah audit report. Which of the following would you advise her NOT to include as one of the
elements?

A. The state of Shariah governance in the institution.
B. The state of internal control system for Shariah compliance.
C. The state of Shariah risk management processes.
D. The state of continuous compliance of the institution to Shariah requirements.

CONFIDENTIAL

9. The management of Bank Wardah is contemplating on appointing external Shariah auditors to
compliment internal Shariah audit function. As an internal Shariah auditor of the bank, Zakir is having
difficulty to relate to the need of external Shariah audit. Advice Zakir on the merit of the proposal.

A. To mitigate the risk of the management reviewing its own work.
B. The internal shariah auditors lack qualifications to perform their work.
C. Regulators are not willing to perform external Shariah audit on the Islamic financial

institutions.
D. External Shariah audit serves as an independent party that publicly reaffirms the view of

Shariah Committee on Shariah compliance.

10. Karmila, Hanim and Hussein has submitted its application to Ahsan Bank, a bank operating in
Pakistan, to offer external Shariah auditing services. The company has to undergo due diligence
process prior to offering its services to the bank. In qualifying the firm as the bank’s appointed external
auditor, the company has to meet the following criteria, EXCEPT:

A. Any employee of the audit firm has never audited the bank.
B. Any employee of the audit firm is not a majority shareholder of the bank.
C. Any employee of the audit firm is not a member of the bank’s Shariah Committee.
D. Any employee of the audit firm does not have any conflict of interest issue to audit the bank.

11. Iman is one of the Shariah audit team members auditing a Takaful operator. The Takaful operator
uses Wakalah contract for most of its products. She has to examine the key controls for Wakalah
contracts. The key control she has to look out for during the audit is:

A. The terms that state that Takaful company, as agent managing the Takaful fund has to be
responsible for the loss since Takaful company has professional duties as fund manager.

B. The description of the responsibilities of the contracting parties are well documented and
communicated.

C. The fee is decided at the end of contract when income and expenses are calculated.
D. The terms that state that Wakalah fee is only chargeable as the reward to manage the Takaful

fund.

12. Sarah Alia is a Shariah auditor who is responsible for audit of the capital market operation that forms
part of the Islamic bank's activities. The Islamic bank has issued sukuk and audit scope for this year
to cover sukuk operation. The following are the issues that Sarah Alia has to observe, EXCEPT:

A. The rate of return should not be fixed.
B. The assets being financed should be clearly identified.
C. All funds raised through sukuk issuance must only be used for ‘halal’ or Shariah compliant

activities.
D. Income received by sukuk holders (investors) must be derived from the cash flow

generated by the underlying asset.

CONFIDENTIAL

13. Azah is responsible to perform Shariah audit on fund management of an Islamic bank she recently
joined. She was briefed that the screening criteria to ascertain an investment in capital market as
compliant consists of both qualitative and quantitative screening. She is confused to what entails
each screening methodology. Highlight to Azah, based on the following, the criteria that is NOT part
of the screening methodology.

A. There are two areas of concern for quantitative screening, namely the assessment of public
perception of the company and financial ratio benchmark

B. The screening process involves two stages and the listed stock must pass screening at both
stages. Hence, even if a stock passed screening in the first quantitative stage, it could be
deemed as Shariah non-compliant if it failed the second qualitative screening stage

C. The four-activity based-benchmark and qualitative assessment that was previously in force
was updated to two activity based-benchmark.

D. Two quantitative activity-based benchmarks are related to the main activities of the
companies

14. Kamal Ariff and his team of external Shariah audit is auditing a Takaful operator. The team has to
collect the evidence of the operations within the company to be strictly complied to the established
Shariah criteria as follows, EXCEPT for:

A. Published rulings of SAC of BNM and Securities Commission.
B. Written opinions of the Shariah Board of the IFIs.
C. Fatwas issued by the OIC Fiqh Academy and AAOIFI.
D. Product manuals and the standard operating procedures of the takaful operator.

15. Maqri Hakim has been assigned to a specific audit work for this year's Shariah audit assignment. He
is responsible for auditing investment portfolios. Based on the following, determine the INCORRECT
test step to be included in his audit programme:

A. Verity the calculation of Shariah non-compliant income arising from the de-listing from the
Shariah-compliant list.

B. Ascertain that investment in shares in conventional bank does not constitute more than 50%
of the total bank’s investment portfolio.

C. Check the existence of internal procedures that spells out the requirement for the qualitative
and quantitative screening.

D. Re-perform the Shariah screening process on the Shariah compliant investment portfolios.

16. Abdul Hadi is completing an audit program that aims to assess the Shariah compliance level. The
report will be presented to internal stakeholders. In which report, will the assessment be featured?

A. Shariah non-compliance report.
B. External auditors' report.
C. Shariah audit report.
D. Integrated Reporting Statement.

CONFIDENTIAL

17. Bank Negara has issued a Strategic Paper that guides Islamic banks in Malaysia on Value-Based
Intermediation (VBI). Karmila is a Shariah auditor in an Islamic bank which practices a handful of VBI
initiatives. Karmila prepared the Shariah audit scope of work as requested by her supervisor. Assist
her supervisor to identify the CORRECT scope.

A. Audit on Shariah issues in the Financial statement.
B. Compliance audit on organisational structure of the bank
C. Audit of compliance on home financing product offered by the bank
D. Ethical and Maqasid-based audit, with the objective to examine the achievement of social

justice and equitable distribution of wealth, and to balance out the biased focus on
commercial profits.

18. Surrender valuation of takaful is one of the areas where transparency is vital for fair treatment to the
takaful certificate holders. This is because customers are uncertain on the surrender value of their
takaful certificate. Fahd is a Shariah auditor in a takaful company. He is assigned to audit family
takaful scope which includes the examination on surrender value. Based on the following, identify the
criteria on surrender value that he will NOT include in his audit program checklist.

A. The surrender value of a certificate must not be less than the value of units, based on the
unit price at the time of cancellation less any takaful charges, certificate fees and surrender
charges.

B. For investment-linked takaful products where the cost of takaful charges and/or other
charges are funded in advance, the surrender values for the charges shall be determined in
accordance with generally accepted actuarial principles and in a manner that ensures the fair
treatment of certificate owners.

C. Takaful company promptly effect the payment of surrender values to the certificate owners.
The certificate shall remain in force until the Takaful operator has effected payment of the
surrender value in respect of a certificate.

D. Takaful operators may not levy a surrender charge for the cancellation of a certificate.
Surrender fees levied by the takaful company is being charged according to the contract.

19. Hassan Basri is preparing the Shariah audit program to audit the Takaful model for his company that
offers Wakalah-Mudarabah hybrid model Family Takaful. He is focusing the audit program to audit
Shariah aspects of the contract. The objectives of his audit program contain the following, EXCEPT:

A. To check on whether the Wakalah fee was agreed up-front
B. To examine documentations that only the capital provider provides capital.
C. To check that the provision of the interest-free loan to the shareholder is credited to the

Mudarabah fund
D. To check the existence of the agreement of profit sharing between rabbul mal (participants)

and mudharib (TO) has been done at the inception of the contract.

CONFIDENTIAL

20. Asniza Basri is the Shariah auditor for a Takaful company. She is in the process of drafting the
Shariah audit program. She knows that one of the considerations to develop the program is to refer
to BNM's Takaful Operational Framework (TOF). She vaguely remembers the key areas of TOF.
Advise her which of the following is NOT TOF key areas of control:

A. Claims management.
B. Fair Valuation of Takaful fund.
C. Management of Surplus.
D. Disclosure and transparency.

21. A subsidiary Islamic bank offers Islamic investment accounts with a pre-agreed profit-sharing ratio of
60-40 between Islamic bank and the customer. The deposit is invested in Commodity Murabahah
transactions with the conventional parent bank. As the Shariah auditor in charge, formulate the MOST
appropriate audit objectives to audit the product.

A. Objectives of Shariah audit:
1. To ensure the existence of agent appointment between the bank and the
customer for the investment account opening as the bank will act on behalf of the
customer to transact the Commodity Murabahah transactions.
2. To ensure that the system maintained at the Tawarruq platform is accurate so
that buying and selling of commodity is performed according to stated prices.
3. To re-calculate the profit calculation and distribution amongst the bank and the
customer.

B. Objectives of Shariah audit:
1. To check on the existence of the commodity being traded under Tawarruq
transactions.
2. To check the system maintained at the Tawarruq platform is accurate so that
buying and selling of commodity is performed according to stated prices.
3. To ensure the accuracy of the profit calculation amongst the bank and the
customer.

C. Objectives of Shariah audit:
1. To ensure that the profit distribution between the bank and the customer was
properly calculated and distributed to the terms and conditions
2. To ensure the existence of the Tawarruq transactions being conducted between
the Islamic bank and its parent company
3. To ensure that part of the profit from Tawarruq transactions are being purified as
the buyer of the commodity is a non-Shariah compliant party

D. Objectives of Shariah audit:
1. To re-perform the Commodity Murabahah transaction to ensure the system
correctly captures the transactions.
2. To ensure that zakat is calculated and paid for the customers of the investment
accounts, in the case that the threshold of the accounts reaches nisab and haul.

CONFIDENTIAL

22. The Islamic deposit account offered by an Islamic bank operates on Qard concept. The marketing
materials state that if the customers are putting RM100,000 of fresh funds into the account, the
customers could win a holiday package (no apparent Shariah non-compliance activities included in
the holiday itinerary). The act was found to be Shariah non-compliant. In planning the ad-hoc Shariah
audit programme on the product development process, which of the following is the BEST reference?

A. BNM guidelines on product development, Internal manual that states that no binding
promise is offered to the customer on extra benefits or incentives during conclusion of the
contract, Qard Policy Documents, Hibah Policy Document.

B. BNM guidelines on product development, Internal manual that states that no binding
promise is offered to the customer on extra benefits or incentives during conclusion of the
contract, the execution of Wakalah contract between the customer and the bank.

C. BNM guidelines on product development, Internal manual that states that no binding
promise is offered to the customer on extra benefits or incentives during conclusion of the
contract, Qard Policy Documents, Hibah Policy Document, Kafalah Policy Document.

D. BNM guidelines on product developments, fees and charges and transparency and
disclosure Policy Document for Wadiah, Shariah Committee's resolutions, Internal Manual
and SOPs.

23. Sani is the member of Shariah audit team. One of the audit areas to be audited this year is the audit
of the bank's fixed deposit account that adopts Commodity Murabahah concept. He is responsible to
develop Shariah audit programme for the audit. Which of the following Policy Documents entails the
Shariah requirements that he has to incorporate in his audit program?

A. Policy Document for Tawarruq,Shariah Committee's resolutions, Internal Manual and SOPs,
BNM guidelines on product developments, fees and charges and transparency and
disclosure.

B. Policy Document for Qard, Shariah Committee's resolutions, Internal Manual and SOPs,
BNM guidelines on product developments, fees and charges and transparency and
disclosure.

C. Policy Document for Hibah, Internal Manual and SOPs, BNM guidelines on product
developments, fees and charges and transparency and disclosure.

D. Policy Document for Murabahah, Internal Manual and SOPs, BNM guidelines on product
developments, fees and charges and transparency and disclosure.

24. Azhari Wahid is responsible to perform Shariah audit on fund management of an Islamic bank he
recently joined. The bank has invested significantly in i-REITs. This year, audit of i-REIT is planned
as part of the audit scope. He learns that there is a list of Shariah requirements that must be
considered in investing in REIT activities. He is preparing the list of established criteria, before he
starts the audit fieldwork. Evaluate the following Shariah requirements that he has to put in the list.

A. The non-permissible benchmark is capped at 20% for the rental of real estate by i- REITs.
B. Takaful schemes are being used by the tenants for risk management of the underlying real

estate.
C. When investing in new properties, the bank must ensure that all activities of tenants currently

renting the property are Shariah compliant.
D. Currency hedging for risk management purpose is not allowed.

CONFIDENTIAL

25. En Azmi is a Chief Internal Auditor of one of the Islamic Banks in Malaysia. He instructs the Head of
Shariah Audit to allocate resources for the forthcoming Shariah audit assignment. Select the MOST
important criteria when assigning responsibility for specific tasks required in Shariah audit
engagement:

A. Auditors to be assigned with audit task based on their years of experience in Shariah
operations related areas.

B. Auditors to be assigned with audit task must have adequate Shariah knowledge and skills
to complete the task satisfactorily.

C. Audit tasks must be assigned to the most senior Shariah audit team member.
D. All audit team members must have adequate Shariah skills so that they can provide absolute

assurance to the BOD, management and regulator that all banking operations are in
compliance with Shariah requirement.

26. One of the scope of Shariah audit conducted at a branch is to examine if the features of the product
offered are communicated to the customers. During the previous audit, the auditor observed that 16
of the 30 Product Disclosure Sheet (PDS) attached to the contracts were not signed. Based on the
observation, risk identification for this year audit should be BEST focused on:

A. Ascertaining the existence of risk of mis-selling.
B. Ascertaining whether the product specifications developed are in accordance to the approved

product paper.
C. Ascertaining whether Shariah input has been taken into consideration in developing the PDS.
D. Ascertaining whether product structure may not be in compliance with Shariah.

27. Badri is a Shariah auditor that was given the responsibility to develop an audit program for the scope
of Shariah Issues in Financial Statements. He understands that the scope of this audit is to ensure
Shariah compliance for financial reporting aspects of IFI. Hence, specific audit objective has to be
addressed when creating an audit program as follows, EXCEPT:

A. Assess whether all expenses paid are Shariah compliant.
B. Ensure all non-halal income are recorded and disclosed in the financial statement.
C. Ensure the accuracy of the calculation of Mudarabah profit.
D. Ensure the computation of profit to shareholders is appropriate.

28. The objectives of Shariah audit is set to cover two basic areas; attestation to compliance to laws and
regulations and compliance to Shariah principles. Ahmad Zaki is set to develop audit procedures for
Shariah audit on compliance. Advise Ahmad Zaki the procedures that he does NOT have to include
in his proposal:

A. Assess the frequency and effectiveness of internal Shariah training.
B. Identification and evaluation of risks and control objectives (Risk Assessment via

identification and analysis of relevant risks to achievement of objectives, designing strategies
for managing risks, implementing and integrating risk management and measuring,
monitoring and reporting the risk area.
C. Ongoing monitoring activities and have separate evaluations by independent party in the
organisations.
D. Information and Communication process including the internal and external events and
effective communication with external parties, such as customers, suppliers, regulators and
shareholders.

CONFIDENTIAL
Question 29 and 30 relates to Table 1:

AUDIT UNIVERSE Conducted Previous Audit Risk
2016 2017 2018 Rating Profile

A. Governance Audit / / Moderate Medium
/ / Medium
1. Product Transparency and Disclosure / Low Medium
2. Reporting of Shariah Non-Compliance Event / Moderate
3. Management of Non-Halal Income Medium
Table 1 / Not rated Medium
B. Products Above Average
Medium
4. Qard Above Average
5. Murabahah (Deposit) High
Approved by BNM in 2019 Medium
Fixed Return Investment Account-i / Low
Medium
6. Tawarruq Financing / Low
Working Capital Financing-i Medium
Home Financing--i / Moderate
/ Low Medium
7. Wakalah
Letter of Credit n/a Medium
n/a
8. Murabahah (Trade) High
Murabahah Trust Receipt

9. Kafalah
Bank Guarantee

10. Ad-Dayn
Trade Working Capital Financing

11. Ujrah
Safe Deposit Box-i

12. Ar-Rahn
Ar-Rahnu Product

Note:
Risk Profile: High, Medium and Low risk
Audit Rating: High (Satisfactory), Above Average, Moderate, Low (Unsatisfactory)

29. Table 1 shows the extract of Audit Universe for ABC Bank that has a subsidiary of an Islamic bank.
As the Head of Shariah audit for ABC Bank, you are expected to propose and obtain approval from
the Board Audit Committee (BAC) for the Annual Shariah Audit plan for the year 2019. Taking into
consideration the most common factors to determine the auditable areas, the following are the
THREE (3) most likely areas that you would propose to the BAC.

A. Reporting of Shariah Non-Compliance Event, Tawarruq Financing, and Ar-Rahn
B. Reporting of Shariah Non-Compliance Event, Home Financing-i, and Ar-Rahn
C. Management of Non-Halal Income, Murabahah (Deposit), and Home Financing-i
D. Management of Non-Halal Income, Ar-Rahn, and Ujrah

CONFIDENTIAL

30. After sending the proposal to the BAC secretariat, two days before the meeting, the bank received a
letter from Bank Negara Malaysia (BNM) concerning the disclosure of fees made in the Ujrah based
product; Safe Deposit Box-i. This issue requires immediate action by the bank. As the information
has just been received, how will that affect your earlier proposal?

A. The earlier plan has addressed the concern accordingly.
B. The BNM’s concern should be addressed by the operational audit team.
C. The concern should be addressed accordingly and one of the areas proposed earlier

should be dropped from the proposal.
D. The concern should be addressed accordingly however the concern should be included as

one of the areas for ad-hoc audit.

CONFIDENTIAL

Section 2
Answer ALL Questions

Case Study 1

The Shariah review department of Bank A was tasked to conduct a Shariah review on Tawarruq financing
based on the plan approved by Shariah committee. The following are six (6) Shariah review findings as
submitted by the Shariah reviewers.

1. Despite the bank having established the SOP for product implementation, some staff were having
difficulties in explaining the concept of Tawarruq to customers. This situation could affect the bank’s
reputation as customers’ understanding of the Tawarruq product features may be inaccurate.

2. There were concerns relating to the terms used in the agreement such as loan, repayment and
borrowing. The usage of these conventional terms could lead to reputational risk and
misunderstanding on Tawarruq financing.

3. The purchase requisition form used in the execution was not as per the document approved by the
Shariah Committee. This could potentially lead to the Shariah contract being nullified.

4. There was a mistake relating to the price which was wrongly stated in the agreement. An element
of Gharar (uncertainty) was identified as a result of the wrong pricing.

5. The Wakalah agreement was not executed in some of the samples reviewed.

6. The Bank sells the commodity to the customer prior to establishment of ownership of the commodity
in some of the samples reviewed.

Required:

1. Based on the above findings, provide your recommendations relating to the issues as highlighted.

2. Explain the key differences between Shariah review and Shariah audit. (15 marks)
(5 marks)

CONFIDENTIAL

Case Study 2
You are the head of Shariah audit in a takaful company, Hayaat Takaful. The company was established in
2018, running both family and general takaful businesses. The family takaful model is based on a hybrid of
Wakalah and Mudarabah model, while the general takaful adopts the Wakalah model.
The following is the modus operandi of the Wakalah-Mudarabah model adopted for all family takaful
products.

As a newly established takaful company the scope for the auditable entities has not yet been determined.
Based on the information available above, answer the following questions:

1. Identify the similarities and differences between the audit scope for Wakalah-Mudarabah model
and Wakalah model.
(12 marks)

CONFIDENTIAL

2. Prepare a Shariah audit program for Wakalah-Mudarabah model based on the audit scope
identified in Question 1. The Shariah audit program should comprise of testing objectives and audit
tests using the appropriate format.
(8 marks)

END OF QUESTION PAPER