Previously published in Islamic Finance News, May 2012

While certain operational challenges are common to both conventional and Islamic banking systems, Islamic banking systems present unique compliance challenges that need to be managed and resolved. JUSTIN CORNISH, BRIAN MEENAGH, ALICE MARSDEN and ANTHONY PALLETT explore.

Strategic investment in information systems and technology is key to the continued growth and expansion of the Islamic banking sector. While analysts predict growth in demand for Islamic banking services from existing and developing markets , they also note that there are challenges involved in meeting that demand. In particular, Islamic banks need to implement the capability to:

  • Bring Shariah compliant financial products to market in an efficient and responsive manner; and
  • Put in place internal systems to manage risk, complexity, processes and Shariah compliance.

Vendors of both conventional banking systems and stand-alone Islamic banking systems have developed, and continue to develop, solutions to assist banks in improving their product capability, speed to market, internal efficiency, risk management and compliance.

The acquisition and implementation of Islamic banking systems (whether as a standalone system or as an overlay or module to a conventional system) present a number of challenges to legal and procurement teams. While certain operational challenges will be common to both conventional and Islamic banking systems, Islamic banking systems present unique compliance challenges that need to be managed and resolved so as to avoid both reputational risk to the relevant bank and the loss of business in the Islamic banking sector.

This article looks at the evolution of banking technology, describes a number of challenges and risks in the procurement and implementation of Islamic banking systems and sets out ways that legal and procurement teams may address these challenges and risks.

Evolution of information systems and technology in the banking sector

Technology innovation has had a major impact on the conventional banking sector and it is possible to identify a number of trends in technology adoption and innovation within the sector. These include:

  • The movement of customer focus from individual branches to retail networks to multiple distribution channels (e.g., branch, ATM, phone and internet);
  • The movement from bespoke or internally-developed systems to shared systems built on common standards (e.g. BACS/Swift payment processing, ATM networks);
  • The movement from manual to automated processes (e.g., cheque processing); and
  • The diffusion from core products of savings and loans to multiple financial service products such as insurance, pensions and funds.

These trends have, in turn, resulted in the growth of standardized products, systems and interfaces within conventional banking and in the growth of the outsourced service provider market providing conventional banks with access to improved services and business processes.

The technology needs of the Islamic banking sector mirror those of the conventional backing sector. However, until recently, there was a perception within Islamic banks that there was a paucity of systems catering to Islamic principles.

This perception is changing. A recent purchasing guide to Islamic banking systems identifies 30 specialist Islamic banking technology vendors and over 40 Islamic banking systems. This includes providers that focus on the Islamic banking market, such as Path Solutions and ITS, and providers who will be familiar to users of conventional banking systems, such as Misys, Oracle, Sungard and Temenos.

This proliferation of vendors and systems represents a positive step for Islamic banks; it creates choice, generates competition and drives innovation in the Islamic banking technology sector. At the same time, the proliferation of vendors does not reduce the risks associated with acquiring and implementing an Islamic banking system or the need to properly identify and manage such risks as part of the procurement and contracting process.

Conventional risks across all banking sectors

In some respects, the risks associated with the acquisition and implementation of an Islamic banking system are no different from the risks associated with the acquisition and implementation of a conventional banking system.

By way of example, as per a conventional banking system, the contract for the implementation of an Islamic banking system needs to address the following risks:

  1. Operational and delivery risks, such as:

    • The implementation running over budget or over time;
    • The implementation not completing;
    • The delivered system not meeting the bank's requirements, being over-engineered, of poor quality, inefficient or difficult to maintain; and
    • The bank's requirements changing over time;

  2. Intellectual property risks, such as ensuring that the bank:

    • Has sufficient rights to use the system;
    • Owns any bespoke developments or innovations which give it an advantage over its competitors; and
    • Is not 'locked in' to a relationship with a vendor by virtue of having no rights to use the system should it terminate its relationship with the vendor; and

  3. Liability risks, such as:

    • Protecting the bank from third-party claims related to its use of the system;
    • Ensuring that the bank may bring a claim to recover its actual losses in the event of a breach by the vendor; and
    • Ensuring that the bank's exposure to liability from the vendor is commensurate with the fees being paid by the bank to the vendor.

Each of these risks are significant; IT journals regularly feature stories of failed systems implementation projects and the material losses caused by such failure (figures above US$100 million are not uncommon). It is essential that banks address these risks in agreements with vendors and take great care in determining the manner in which an Islamic banking system implementation is priced, vendor performance is incentivised and implementation is governed and managed.

Unique challenges in the Islamic banking sector

Beyond the conventional risks, the acquisition and implementation of an Islamic banking system presents a number of unique challenges that banks need to deal with as part of the procurement and contracting process. A number of these challenges, and suggestions as to how they can be met, are set out below.

Absence of standardization

It is recognized that one of the major challenges in procuring Islamic banking systems is the absence of a single interpretation of Shariah law; as the determination of Shariah compliance ultimately comes from a bank's Shariah supervisory board.

This leads to the absence of common standards across banking systems, which makes it difficult for a bank to procure an Islamic banking system with reasonable certainty that the system will comply, 'out-of-the-box', with Shariah law.

Attempts have been made to improve standardization by organizations such as the Accounting and Auditing Organisation for Islamic Financial Institutions (AAOIFI) and the Islamic Financial Services Board (IFSB), but such standards are not mandatory nor are they universally accepted.

This uncertainty over standards also leads to scenarios where vendors claim to offer systems that are 'Shariah compliant', in the sense that they comply with an AAOIFIor IFSB standard, but the use of such a system may not actually comply with the requirements of a bank's Shariah supervisory board.

Complexity of products and processes

Islamic financial products can be more complex than conventional financial products as a result of the use of sale contracts, leasing arrangements, agency and profit-sharing arrangements and other structures in place of straightforward interest-bearing loans, bank accounts and other conventional banking products (such as credit cards and insurance). This presents a challenge to banks to ensure that vendors of Islamic banking systems fully understand the complexity of the products that the banking system needs to support and to avoid disputes as to whether or not the need to support the relevant product was contemplated by both parties as part of the system contract.

Need to segregate conventional banking funds and Islamic banking funds

The need to segregate conventional banking funds and Islamic banking funds is only relevant to conventional banks operating an Islamic banking window, but it is something that may get overlooked. Shariah compliance and local financial regulations may require the bank to keep conventional banking funds completely separate from Islamic banking funds.

This separation extends to physical as well as logical separation; a bank may need to operate parallel banking system infrastructures and processes, which will drive increased cost. Banks providing both conventional and Islamic banking services should note this risk when dealing with vendors who claim to provide a single system that can service both conventional and Islamic banking clients.

Use of commercial levers to drive correct behaviour

Contracts for conventional banking systems typically include commercial levers that drive the correct behaviour from the vendor (i.e., liquidated damages for delayed implementation) and the customer (i.e., interest payable on late payment of undisputed invoices).

While the use of such levers in contracts for Islamic banking systems may be prohibited (in the case of interest) or limited (to the extent that liquidated damages may result in unjust enrichment), such levers are important to give the vendor comfort that it will be paid on time and the customer comfort that it will receive a working system on time.

Although mechanics have been developed (discussed in more detail below) to deal with these issues in Shariah compliant documentation, the fact that such mechanics cannot completely reflect the risk-allocation in conventional contracts may have an impact on the relationship between the parties.

Dealing with these challenges

Ensuring that an Islamic bank (or conventional bank providing an Islamic banking window) properly addresses these challenges requires the involvement of the bank's procurement and legal teams.

Define requirements

It is essential that the request for proposal to be sent to vendors of Islamic banking systems clearly sets out the bank's current and future functional and technical requirements for a banking system, together with statements as to whether the bank requires compliance with any of the known AAOIFI or IFSB Islamic banking standards and/or with internal bank standards.

If local law requires a bank to purchase the system from a local entity or reseller, or any third party soft ware to be acquired from a local entity or reseller, then these requirements should also be identified and included in the request for proposal.

These requirements should also be included in the final contract between the bank and the vendor, and form the basis of the acceptance criteria used to determine whether the vendor has met its contractual obligations.

Fix the implementation price

The provision of clear requirements also enables a vendor to price for the implementation of a system with greater certainty, and accordingly assists the bank in locking the vendor into providing a system on a fixed-price basis.

The alternative commercial model, implementation on a time-and-materials basis, is not in the bank's interest, as it requires the bank to take the risk of cost-overruns and will erode the bank's business case for the system where there is a delay in implementation.

Carry out, and permit, due diligence

The bank also needs to carry out due diligence on potential vendors and their relevant products to determine whether they can provide a system that meets its compliance requirements and, following down-selection to a limited number of vendors, permit such vendors to carry out due diligence on the bank's existing systems and processes. Affording such an opportunity to vendors reduces the potential for arguments over the requirements that are in scope during implementation and can be linked to the provision of a contractual remedy for damages in the event that the vendor fails to deliver a system that meets the bank's requirements.

Manage and control change

Given the complexity of Islamic financial products and the fact that a determination of Shariah compliance may not be provided until aft er a contract with a vendor is signed, the relevant contract must be able to accommodate and deal with change.

To the extent that such change is predictable, e.g., an increase in the number of users of a system, such change should be accommodated through the contractual pricing mechanisms, giving the bank the certainty of predictable pricing.

Where a change is unpredictable, e.g., the introduction of a number of additional requirements to ensure Shariah compliance, the vendor should be obliged to demonstrate (with supporting evidence) that its costs have been materially increased by the new requirement and that it has evidence of having reviewed alternative solutions to accommodate the change without an increase in the price, e.g., by diverting resources from other tasks. It should always be the bank's choice whether it wishes to take the lower service/cost option.

Use of liquidated damages

While interest is prohibited under Shariah law, the payment of liquidated damages is not, provided that such amounts do not exceed the actual damage suffered by the recipient of the damages and accordingly the parties may agree for such a sum to be payable by the customer for late payment of undisputed invoices and by the vendor for implementation delays.

As an alternative, it is also permissible, and arguably preferable, for the contract to specify an amount to be payable to charity by either party instead of liquidated damages for late payment and/or implementation delays.


The next few years are likely to see further growth in the development and proliferation of Islamic banking systems.

This offers exciting opportunities to banks providing Islamic financial products, but such banks should be mindful to address the risks associated with such systems and the way in which they are procured and implemented.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.