Risk Management 295
It is critical that investors know who owns the underlying or securitized
assets in a particular sukuk because, depending on the answer, risks can
change. For example, under some conditions, investors may not be able to
sell the underlying assets independently or may not be fully protected from
the borrower’s insolvency. In other circumstances, investors may be exposed
to the corporation’s creditworthiness (a practice that is considered to be in
confl ict with the basic principles of risk sharing) or to that of the underlying
assets or projects. The sukuk market has serious liquidity issues arising from
a shortage of supply, which leads investors to buy and hold the contract,
rather than trading it in the market. This results in a shallow secondary
market where the transaction costs (measured by bid - ask spreads) are much
higher. This exposes investors to liquidity risk and impairs their ability to
manage their portfolios in an effi cient and cost - effective manner.
Investors are also exposed to transparency risk because structuring
sukuk transactions involves complex legal documentation which can lead
to unconventional legal positions and can become a source of ambiguity
and future disputes. The lack of clarity can lead to reputational risk for the
parties, including the arrangers, issuers and regulators.
Risk Management Framework
The complex nature of risks faced by Islamic banks requires a comprehen-
sive risk management, risk reporting and risk control framework.
Effi cient risk management is essential for reducing an organization’s
overall risk exposure. Adequate resources need to be devoted to identifying
and measuring risks and developing appropriate techniques for managing
them. The IFSB has formulated a set of principles for sound risk manage-
ment that should be followed by Islamic banks to mitigate the various risks
they are exposed to. There are several areas in which there is room for
improvement. These are discussed below.
IFSB PRINCIPLES OF RISK MANAGEMENT
■ (^) [Islamic Financial Institution] shall have a sound process for exe-
cuting all elements of risk management, including risk identifi ca-
tion, measurement, mitigation, monitoring, reporting and control.
This process requires the implementation of appropriate policies,
limits, procedures and effective management information systems
(MIS) for internal risk reporting and decision making that are com-
mensurate with the scope, complexity and nature of the activities.
(Continued)