Risk Management Disclosure In Malaysian Islamic Financial Institutions: Pre- And Post-Financial Crisis [Journal of Applied Business Research]

By Ahmad, Normah

Proquest LLC

ABSTRACT

The East Asian financial crisis in 1997 and later the global financial crisis in 2007 and 2008 had a big impact on the corporate world as many companies and financial institutions collapsed during that period. Poor governance systems and lack of transparency in reporting including lack of risk reporting and disclosure were blamed as the roots of the problem. Conventional financial institutions have widely practiced risk management within their organization, but it is still under-developed in Islamic financial institutions due to new emerging market and unique business structures which are based on Shariah or Islamic law. Therefore, this study examined the risk management disclosure by all 17 Islamic financial institutions in Malaysia from 2006 to 2009, covering the period before, during, and after the global financial crisis. A disclosure checklist consists of mandatory and voluntary items developed to measure the level of risk disclosure. The descriptive result shows the risk management disclosure among the Islamic Financial Institutions was satisfactory. Analysis for a four year period revealed that the risk disclosure has greatly improved before and after crisis indicating that Islamic Financial Institutions have taken the necessary steps to improve their disclosure.

Keywords: Risk management; Islamic Financial Institutions (IFIs)

INTRODUCTION

Corporate risk disclosure is a critical issue in corporate communication (Abraham & Cox, 2007) as the risk information disclosed in the financial statements will be closer to the decision models, as set out in financial theory (Cabedo & Tirado, 2004). The FASB (2001) Steering Committee demonstrated Ulis when it reported that the information that users are most looking for from the annual report includes (1) more disclosure of non-financial information, (2) more forward-looking information, and (3) more information about tangible assets. Husseiney (2004) considered forward-looking information to include risk and opportunities. In relation to risk information, the CICA' s Management Discussion & Analysis Guidance on Preparation and Disclosure (MD&A Guidance) recommended that a corporation:

disclose its principal risks and describe related risk management systems to enable MD&A report readers to understand and evaluate the company's risL· and its decisions regarding the management of such risks"(CCA, 2004, Para 360.2)

Thus, risk disclosure aims to enable users to evaluate the risk and risk management of a corporation.

During the first quarter of the 20th century, issues on corporate risk disclosure focused on the amount of risk information provided to shareholders and other stakeholders. In particular, with the advent of corporate collapses, a strong demand emerged for information on companies' exposure to risks. Various reports, such as those produced by United Nations Conference on Trade and Development (1999) and the IMF (2000), have suggested that one of the reasons for corporate collapses is the weakness in the financial reporting systems and risk management practices. A report issued by UNCTAD in March 1999, as quoted in IF A (2003), stated that:

the failure or near failure of many financial institutions and corporations in the East Asian region resulted from a highly leveraged corporate sector, growing private sector reliance on foreign currency borrowing and the lack of transparency and accountability.... A crucial role was played by disclosure deficiencies. ..and the lack of appropriate disclosure requirements indirectly contributed to the deficient internal controls and imprudent risk management practices of the corporations and banks (IF A, 2003, p. 6).

Furthermore, die East Asian financial crisis in 1997 and die even worse global financial crisis driven by the US sub-prime debacle in 2007 and 2008 also contribute to me corporate collapses. The East Asian financial crisis occurred due to me devaluation in the Thailand's baht, which led to the worst financial crisis in the region. In contrast, financial institutions' liquidity problems stemming from the overvaluation of assets triggered the US subprime mortgage crisis.

Both financial crises have significantly impacted the corporate world as many companies, including financial institutions, collapsed during me first decade of the 21st century. Otìier companies managed to survive tìianks to their strong financial management and prudent risk management. Dobler (2008) argued mat corporate disclosure including risk reports is important for managing the effects of risks on companies' future financial positions. Thus, it is imperative to employ good risk management to reduce potentially negative impacts on companies. Indeed, Foong (2009) pointed out mat poor corporate governance and a lack of transparency, especially in terms of risk management disclosure among major financial conglomerates, intensified the financial meltdown in the US sub-prime mortgage crisis. Therefore, financial institutions need to pay serious attention to Ulis area as risk management is a global problem. The availability of the Basel Accord (Pillar 3), requires a number of disclosure requirements in an effort to improve the market's ability to assess a bank's risk and value (Baumann & Nier, 2004). Thus, it is important for companies to practice risk management, especially financial institutions, which are more exposed to various types of risk due to me nature of their operations.

Risk management is widely practiced by conventional institutions, but it is still underdeveloped in Islamic financial institutions. Almough Islamic banks face the same risks as conventional banks, mey must also deal with "new and unique risks as a result of their unique asset and liability structures" (Kahf, 2006). This new type of risk is an immediate outcome of meir compliance with the Sharia requirement tìiat prohibits interest on all types of loans. As a result, Islamic banking is based on interest-free banking, meaning that investment account holders at Islamic banks share the risk of investment with mese banks.

All Islamic financial institutions in Malaysia are governed by the Malaysia Central Bank (BNM) under the Banking and Financial Institutions Act 1989 as well as the Islamic Banking Act 1983. BNM issued guidelines on financial reporting specifically for Islamic banks (GP8-1) to ensure mat they provide sufficient disclosure to me public. All companies and corporations in Malaysia are also responsible for following the guidelines issued by me Securities Commission, and listed companies need to follow regulations issued by Bursa Malaysia. In terms of disclosure requirements, the revised Malaysian Code on Corporate Governance (MCCG) 2007 set out principles and best practices as guidelines for achieving an optimal governance framework including risk reporting. Bursa Malaysia also released listing requirements to regulate me publicly listed companies; among the issues highlighted was corporate disclosure.

Several studies have focused on risk management disclosure in financial institutions (Sundararajan & Errico, 2002). Mohd Ariffin, Archer, and Abdel Karem (2009) examined the perception of risk disclosure in Islamic banks. Other studies have adopted a meoretical approach to disclosure among conventional banks (Hossain, 2008; Harahap, 2003; Helbok & Wegner, 2003). Hossain (2008) studied me extent of mandatory and voluntary disclosure among banks in India, while Helbok and Wegner (2003) focused on the disclosure of operational risk in US banks. Unfortunately, the only known study on risk management disclosure in Islamic financial institutions, conducted by Sundararajan and Errico (2002), addressed only the general risk disclosure among Islamic financial institutions. Meanwhile, Mohd Ariffin et al. (2009) only examined bank officers' perceptions toward risk disclosure. Thus, me current study attempts to explore risk management disclosure specifically among Islamic financial institutions, comparing the extent of these financial institutions' disclosure during a four-year period before, after, and during the recent global financial crisis in order to verify whether these institutions have complied with regulators' guidelines.

The organization of this paper is as follows. The next section provides the literature review, which is followed by the section outlining the research design used in this study. The results are summarized in the subsequent section. The final section provides a discussion and concludes this paper.

LITERATURE REVIEW

Islamic Financial Institutions

Islamic finance has grown tremendously since it first emerged in the 1970s. According to Securities Commission (2011), Islamic capital markets in Malaysia have exceeded RM 1.07 trillion, with market growth reaching 15.2% in fiscal year 2010. The number of Islamic financial institutions is growing, exceeding more than 300 across 75 countries and the world's 100 largest Islamic banks have reached an annual asset growth rate of 26.7%, with the global Islamic finance industry is experiencing an average growth of 15-20% annually.

The growth of the Islamic finance market resulted in the establishment of the international standard-setting organization called the Islamic Financial Services Board (IFSB) on November 3, 2002, which started operations on March 10, 2003. IFSB serves regulatory and supervisory agencies that have a vested interest in ensuring the soundness and stability of the Islamic financial services industry, which is defined broadly to include banking, capital markets, and insurance. In advancing this mission, the IFSB promotes the development of a prudent and transparent Islamic financial services industry by introducing new or adapting existing international standards consistent with Sharia principles. To this end, the IFSB' s work complements that of the Basel Committee on Banking Supervision, International Organization of Securities Commissions, and the International Association of Insurance Supervisors (IFSB, 2011).

Malaysia's Islamic banking system is regarded as being more progressive and robust than similar banking systems in other Muslim countries (PWC, 2008). Malaysia is now recognized as a pioneer at the forefront of Islamic banking and finance. Separate Islamic legislation and banking regulations co-exist, side-by-side, with those for the conventional banking system in Malaysia. The legal basis for the establishment of Islamic banks was the Islamic Banking Act (IBA), which came into effect on April 7, 1983. The G?? provides BNM with the power to supervise and regulate Islamic banks, similar to the case of other licensed banks. The landmark IBA led to the first Islamic bank, Bank Islam Malaysia Berhad, being established in the country. The bank commenced operations on July 1, 1983, with the objective of basing its banking activities on Sharia principles. The number of Islamic banking and financial institutions has since grown, and today Malaysia has 17 Islamic banks that focus on Islamic products and services (BNM, 2011).

Risk Information and Its Importance

Fatemi and Glaum (2000) conducted a survey on non-financial German companies listed on the Frankfurt Stock Exchange with a minimum sales volume of DM400 million. Their results demonstrated that the respondents believed that disclosure is important in ensuring the survival of the companies and increasing their market value. Therefore, arguably, risk disclosure should cater to the needs of shareholders, who are the main capital provider in the company. In another study, Linsmeier, Thortorn, Venkatachalam, and Welker (2002) used non-financial SEC registrant companies in the US to determine the usefulness of risk management disclosure. They found that risk disclosure is useful for investors in reducing uncertainty and the diversity of opinions with respect to the company's market valuations.

In Malaysia, Muda and Yazid (2006) conducted a similar study using the multinational corporation setting. They found that risk management disclosure helps corporate strategic planning by minimizing the overall operational cash flow that is exposed to volatility in the business environment. Indeed, compames that have foreign currency risk disclosure provide better assessment concerning the risk being faced and are more likely take the necessary action to reduce exposure to currency losses.

In addition, by using risk management, a company can benefit in terms of lowering costs and enhancing communication across the company. By focusing on risk management disclosure, the company is better able to handle internal transactions and determine whether it has under- or overestimated the risk (Klefmer, Lee, & McGannon, 2003). Therefore, a company with a risk management strategy is able to manage its risk efficiently and have better communication among departments, ultimately avoiding huge losses.

Risk Management Disclosure Requirements in Malaysia

Risk Disclosure

Risk information in the corporate annual report can be quantitative or qualitative, financial or non-financial, and historical or forward-looking in nature (Beattie, Mclnnes & Fearnley, 2004). Risk disclosure is partly mandatory and partly voluntary. Mandatory disclosures include those specifically required under regulatory requirements of statutes or laws, professional regulations or accounting standards, and stock exchange listing requirements. Failing to disclose such information will result in a corporation being issued a qualified audit report or some other regulatory sanction. However, Al-Razeen and Karbhari (2004) contended that, in an environment where everything is equal and disclosure is made under the same regulatory requirements, corporate disclosure may be in full compliance, in partial compliance, or not at all in compliance with the regulatory requirements. In other words, full disclosure is not guaranteed. The inconsistencies of corporate disclosure in complying with regulatory requirements are due to ineffective enforcement measures and controls (Akhtaruddin, 2005). In addition, full voluntary disclosure rarely seems to be made in reality. Typically, corporations do not disclose more than the regulation requires despite the free choice and discretion in disclosing voluntary information. Thus, the levels of mandatory and voluntary corporate disclosure vary among countries. Although no correlation exists between voluntary disclosure and mandatory disclosure (Al-Razeen & Karbhari, 2004), Inchausti (1997) demonstrated that voluntary disclosure decreases when mandatory disclosure requirements increase, thereby influencing the quality of corporate disclosure.

Chavent, Ding, Stolowy, and Wang (2006) posited that no inherent characteristic exists for determining the quality of disclosure because disclosure is an abstract concept that is difficult to measure (Botosan, 2004). Nevertheless, the norms in corporate disclosure studies are to use quantities of corporate information disclosed as proxies for the levels and quality of corporate disclosure practices (Linsley & Shrives, 2005; 2006; Barako, Hancock, & Izan, 2006). The precarious assumption that quantity signifies quality was reportedly pioneered by Cerf in 1961. Krippendorff (1980) and Deegan and Rankin (1996) claimed that only in studies made within a specified category of disclosure can quantity signify the importance ofthat category. For Abayo, Adams, and Roberts (1993), "quantity signifies quality" is only appropriate for studies on mandatory disclosure where compliance with mandatory requirements is regarded as good quality of corporate disclosure practices. For analyses, Beattie et al. (2004) posited that researchers would construct a disclosure index, readability scores, texture index, and themes to represent good disclosure practices. Hammond and Miles (2004) concluded that quality refers to the range of issues reported. Such different interpretations of quality resulted in the operational definition of the disclosure of corporate risks being divided into several categories and elements that are observable and measurable.

Requirements in Disclosing Risk Information

As disclosure of corporate risk is governed by statutes or laws, professional accounting regulations, or accounting standards and stock exchange listing requirements, corporate risk disclosure is considered mandatory disclosure. Only the thematic content of risk information normally discussed in management's explanatory materials or governance reports is voluntary. In Malaysia, the three important regulatory bodies on corporate disclosure are the Companies Act 1965 (CA), Bursa Malaysia Securities Berhad (BMSB), and the Malaysian Accounting Standards Board (MASB). The regulatory functions of these three regulatory bodies are empowered by the Ministry of Finance, the Ministry of Domestic Trade and Consumer Affairs, the Securities Industries Act 1983, the Securities Commission Act 1993, the Securities Commission, and the Companies Commission of Malaysia. Although the Malaysian Institute of Corporate Governance (MICG) is responsible for the development of Malaysian financial reporting, it has no regulatory power. Its recommendations for best practices in corporate management instigated the Finance Committee on Corporate Governance (FCCG) to issue the Malaysian Code on Corporate Governance (MCCG), which is a mandatory requirement for Malaysian corporations through the Listing Requirements (LR) of the BMSB.

The Malaysian regulatory framework does not govern the overall information requirements for annual reports. The Financial Reporting Standards (FRS) only apply to financial statements, not other information presented in other documents as part of the annual report. Although FRS provides accounting policy choices, the disclosure of items in the financial statements is mandatory to the extent of the inclusion of a provision in the Ninth Schedule, CA 1965. Non-compliance with statutory requirements results in criminal sanctions or fines, imprisonment, or both. In terms of risk reporting, MASB issued the Financial Reporting Standard (FRS) 101: Presentation of Financial Statement and FRS 132: Financial Instruments: Disclosure and Presentation. Paragraph 105 (d) (ii) of FRS 101 specifies the need for a company to disclose notes to assist users in understanding the financial statement on non-financial disclosures such as the company's financial risk management objectives and policies. Paragraph 52 of FRS 132 requires a company to provide information to assist users of financial statements in assessing die extent of risk related to financial instruments.

According to the revised Bursa Malaysia Listing Requirements (2007), "a listed issuer must ensure that its board of directors includes in its annual report a statement about the state of internal control of the listed issuer as a group" (Part E, Para 15.27(b)). Bursa Malaysia also issued the Statement of Internal Control in 2000 to provide detailed guidelines concerning disclosure of the state of internal control in the annual report. The statement specifies the importance of having an appropriate risk assessment and an evaluation framework and activities to properly manage risk. Once risks are identified, appropriate control systems for managing and controlling these risks should be maintained and regularly reviewed.

Furthermore, Islamic financial institutions in Malaysia are responsible for complying with the IBA 1983. This legally binding act affects operations of the Islamic financial institutions in Malaysia and specifically gives power to BN to control the operations of licensed banks in Malaysia. For Islamic financial institutions, Malaysia Central Bank issued "Guidelines on Financial Reporting for Licensed Islamic Banks" (GP8-z) to provide the basis for the presentation and disclosure of reports and financial statements to ensure consistency and comparability among die Islamic banks. Specifically, GP8-Í requires "a disclosure of die institution's risk management strategies and policies, including a statement on the risk management framework and policy for managing and controlling a wide range of banking risks" (GP8-I, page 10).

The importance of risk disclosure was again highlighted by die IFSB in its standards in IFSB1. IFSBl's "Guiding Principles of Risk Management for Institutions (Otiier Than Insurance Institutions) Offering Only Islamic Financial Services" has set out 15 principles of risk management for institutions offering only Islamic financial services (IIFS). The main principle states that "IIFS should have comprehensive risk management and reporting process, including appropriate board and senior management oversight, to identify, measure, monitor report and control relevant categories of risks" (IFSB, 2007, Page 1).

RESEARCH METHODS

Sample Selection

The sample for this study includes all 17 Islamic financial institutions in Malaysia, as listed by BNM. Table 1 shows die full list of these institutions, which include botii national and foreign-based financial institutions.

Data Collection

All data for this study were based on the annual reports available from BNM's website as well as from die individual financial institutions' websites. The 17 institutions' annual reports for a four-year period, from 2006 to 2009, were selected. Consistent with previous studies, content analysis was performed in collecting and analyzing the level of risk management disclosure in die annual reports (Lajili & Zeghal, 2005; Linsley & Shrives, 2006; Amran et al., 2009). Content analysis was chosen as it is a research metiiod that uses a set of procedures in making valid inferences from the text. This method is appropriate for examining die risk disclosure's qualitative terms as die analysis includes capturing die extent and volume of such disclosure (Lajili & Zeghal, 2005). A scored checklist was developed; scores were assigned based on die percentage of disclosure for each area, as disclosed by the Islamic financial institutions.

Risk Management Disclosure Checklist

The study developed a risk management scorecard based on me FRS, GP8-/, and "Guidelines on Corporate Governance for Licensed Islamic Banks" (GPl-i). In order to examine die effect of the financial crisis on disclosures, the study focused on a four-year period (i.e., 2006 to 2009).

Mandatory risk disclosure, as required by FRS 132, is divided into four main attributes:

* Market risk

* Credit risk

* Liquidity risk

* Interest rate risk

In addition, me voluntary disclosure scored checklist consists of seven main attributes, obtained from EFSB's "Guiding Principles of Risk Management" and Bursa Malaysia's "Statement on Internal Control: Guidance for Directors of Public Listed Companies (2000)." The following items are recommended for voluntary disclosure for bodi international and national bodies:

* Control environment

* Control activities

* Monitoring

* Information and communication

* Monitoring

* Sharia compliance risk

* Operational risks

Sharia compliance and operational risks are a unique risk faced by Islamic financial institutions as a result of complying with Sharia requirements.

Risk Management Disclosure Measurement

This study used a 3-point scale to determine the extent of risk management disclosure. This scale was used to provide more details on die extent of risk disclosure man a dichotomous measurement would have provided. Islamic financial institutions that disclosed all required details of risk management were awarded two points, those with at least one criterion of risk management disclosure from the checklist were awarded one point, and those with no risk management disclosure were awarded no (0) points. Eleven items were assessed on the disclosure checklist, resulting in a maximum possible score of 22 points (i.e., 100% disclosure) and a minimum of 0 points (0% disclosure).

RESULTS

Similar to the results in previous literature, the current study defined the level of disclosure according to the mean percentage score on the checklist as this figure shows the average percentage that would be obtained by the companies under observation (Ismail & Abdul Rahman, 2011; Che Haat et al., 2008; Amran et al. 2009). The risk management disclosure in Islamic financial institutions was categorized according to two main elements: (i) mandatory disclosure and (ii) voluntary disclosure. As indicated in Table 2, the overall mean score for risk management disclosure among these institutions was 87.11%, which is quite high compared to Ismail and Abdul Rahman's (201 1) result for public listed companies, which was approximately 50%. Although the Islamic financial institutions reasonably complied with disclosure requirements, they did not achieve the maximum amount of required disclosure. However, the results indicate that risk disclosure increased from 83.82% in 2006 to 91.67% in 2009, suggesting that these institutions have taken steps to improve their risk disclosure, especially after the low risk disclosure rate in 2007 during the financial crisis. This trend may also be a result of lessons learned from the subprime mortgage crisis, which required financial institutions to be more prudent and focus on risk assessment and disclosure.

Table 2 also indicates the overall maximum score of risk disclosure (96.67%) and minimum score (46.67%). Although the financial institutions did not achieve 100% risk disclosure, the maximum disclosure rate is promising and suggests that Islamic financial institutions are quite concerned about potential risks. Table 3 identified the companies with the highest risk disclosure based on the checklist. As expected, the two biggest banks in Malaysia - CIMB Islamic Bank Berhad and Maybank Islamic Berhad - along with the pioneer in Islamic banking, Bank Islam Malaysia Berhad, dominate the list with a mean score of, on average, 96.67%, implying that they are very committed to disclosing risk exposures.

Mandatory Risk Disclosure

Based on Table 2, the overall result for mandatory risk disclosure was 85.71%. Such a result is reasonably high due to the governing bodies' legal requirements; non-compliance with the legal requirements would have legal implications. Therefore, most companies have taken the initiative to disclose what is required by the standards. The highest mandatory disclosure is recorded at 100%, indicating that these companies have provided full disclosure as required by FRS 132.

Mandatory disclosure focusing on risk assessment includes four main types of risk, as required under FRS 132: market risk, credit risk, liquidity risk, and interest rate risk. As shown in Table 4, the highest overall mean score was 90.93%, which was for credit risk; this score was followed by market risk (87.75%), interest rate risk (77.21%), and finally liquidity risk (75.49%).

Credit risk's average mean score is highest likely due to the fact that credit risk is important for banking and financial institutions as their operations focus primarily on taking deposits and lending money. Indeed, Mohd Arriffin et al. (2009) found that Islamic bankers perceive credit risk to be very important; failing to focus on credit risk management practices and quality will lead to bank failures and banking crises worldwide, as suggested by the Basel Committee report. Abul Hassan's (2009) study revealed similar results: Credit risk comprises the top three most important risks in Islamic banks in Brunei due to the need to ensure that customers are in a good position to repay loans in the future. Conventional banks have shown similar results (Hassan Al-Tamimi & Al-Mazrooei, 2007). Ahmad and Ahmad (2004) found that credit risk is regarded as very important for both Islamic and conventional banks for various reasons, such as management efficiency, risk-weighted assets as well as loan exposure to risky sectors, regulatory capital, and loan loss provision. In short, they suggested that credit risk contributes the highest risk for financial institutions as the exposure to loss is generally expected.

The lowest mean score item disclosed was liquidity risk. Unlike normal business operations, banking and financial institutions do not face pressures in terms of liquidity because of the nature of their business, which is dealing with deposits from customers and businesses. According to Abul Hassan (2009), although liquidity might be perceived as important by bankers, the real situation in Brunei shows that Islamic banks do not have problems in terms of liquidity due to the excess funds and deposits in their holdings. Hassan Al-Tamimi and Al-Mazrooei (2007) supported this finding by demonstrating that UAE banks do not face any problems with respect to liquidity. However, Mohd Ariffin et al. (2009) argued that liquidity might be a significant problem for Islamic financial institutions because, from an Islamic point of view, these financial institutions cannot withhold return-producing cash from depositors.

Voluntary Disclosure

For voluntary disclosure, seven main attributes were examined in this study. The results shown in Table 5 highlight that the highest attribute disclosed was control activities (98.16%) followed closely by risk framework (96.08%), information and communication (96.32%), and control environment (95.59%).

The control activities consist of policies and procedures to ensure that risk action is carried out effectively. Most financial institutions have disclosed the policies and procedures that they adopt in their operations, as mese are part of the standard operating procedures that financial institutions should have in place. Previous studies (Ismail & Abdul Rahman, 201 1; Othman et al., 2009) similarly found that control activities are least reported by companies due to the unavailability of such policies and procedures in their companies. However, other studies, such as Ismail and Abdul Rahman (2011) and Othman et al. (2009), found contradictory results in their studies of non-financial institutions and financial and non-financial institutions, respectively.

The second highest disclosure was risk framework, which consists of the availability of frameworks; procedures for identifying, monitoring, and controlling various risks; and the availability of independent risk management and control functions. These results are consistent with the findings of Ismail and Abdul Rahman (2011), suggesting that most Islamic institutions have a framework in place due to pressure from regulatory bodies, especially BNM, which requires a strong framework for reporting in line with the Basel Pillar 3 requirements. Furthermore, the item for information and communication has been fairly disclosed by most Islamic financial institutions - likely because they have in place good policies and procedures, including the dissemination of information among management and employees.

Next, the control environment consisted of items such as overall attitude, awareness, and actions of directors and management as well as written communication systems that support the business objectives and risk management system. The results were expected, as most institutions have disclosure on the overall attitudes, awareness, and actions of directors and management - an area that focuses on disclosures related to the organizational structure, functions of the board of directors and its committees, and management's philosophy and operating style. These items are usually available in the annual reports of most corporations. Such results are consistent with those found by Ismail and Abdul Rahman (2011) and Othman et al. (2006) - namely, that these attributes are mostly disclosed in the annual reports of companies in Malaysia.

The lowest mean score, at 77.94%, was for Sharia compliance risks. This result is unexpected as Islamic financial institutions and banks are supposed to have detailed disclosure on Sharia compliance given that the main principles of Islamic institutions are based on Sharia. However, although Islamic banks were formed 30 years ago, the development of Islamic financial institutions has only attained significant importance in the last few years. Most Islamic financial institutions were first established as Islamic branches of conventional banks before being transformed to stand-alone Islamic banks. Indeed, further analysis revealed that most of the sample institutions did not disclose Sharia compliance risk in 2006 and 2007, but made full disclosure in 2008 and 2009, which was likely due to the lack of availability of a Sharia compliance risk committee in earlier years, when most of the financial institutions in this study still operated as Islamic branches of conventional banks. Thus, initially they did not have their own Sharia committee, but by 2008, these Islamic financial institutions had started to operate as standalone institutions.

CONCLUSION

The East Asian financial crisis in 1997 and the global financial crisis in 2007 and 2008 significantly impacted companies and financial institutions. Many companies collapsed during the first decade of the 21st century due to poor governance systems and the lack of transparency in reporting (Foong, 2009), including risk reporting disclosure - one of the most important types of disclosure as it affects companies' future financial positions (Muda & Yazid, 2006). Thus, it is critical that companies practice risk management, especially financial institutions, which are more exposed to various types of risk due to the nature of their operations, as evidenced during the US sub-prime crisis, which affected not only financial institutions, but all businesses around the world.

Conventional financial institutions have extensively practiced risk management; however, it is still underdeveloped in Islamic financial institutions due to the newly emerging market and unique business structure based on Sharia or Islamic law. Therefore, this study focused on risk management disclosure by all Islamic financial institutions in Malaysia. The main objective was to examine the level of disclosure and compare the extent of disclosure by these financial institutions for four years, covering the period before, after, and during the global financial crisis. This approach helped verify whether Islamic financial institutions in Malaysia have complied with the guidelines issued by the regulators, especially in terms of whether the worldwide financial crisis affected the amount of their disclosure.

This study analyzed the institutions' risk management disclosure using the regulatory requirements and guidelines of the relevant bodies. Thus, risk disclosure was divided into two main elements: (i) mandatory disclosure and (ii) voluntary disclosure. The descriptive results demonstrated that the overall mean score for risk management disclosure among Islamic financial institutions in Malaysia is almost 90%, which is good despite not achieving the maximum amount of required disclosure (i.e., 100%). An analysis of the four-year period, from 2006 to 2009, revealed that the risk disclosure has greatly improved from around 80% to more than 90%, thereby suggesting that Islamic financial institutions have enhanced their disclosure considerably between the pre- and post-crisis periods. In other words, they learned from the crisis and exerted efforts to promote better transparency and risk reporting for future benefits.

The overall result for mandatory risk disclosure shows more than 80% disclosure by these institutions. However, the results indicate that some companies did not comply with disclosure requirements even when mandated by regulatory bodies. Thus, a need exists for these regulatory bodies to identify the reasons for such noncompliance as risk disclosure is important for stakeholders.

Mandatory disclosure consists of four main areas of risk, as required by FRS 132: market risk, credit risk, liquidity risk, and interest rate risk. Credit risk was mostly disclosed by Islamic financial institutions with an overall mean score of approximately 90%, followed by market risk at almost 90% and interest rate risk at almost 80%. The least area of disclosure was liquidity risk, with an overall mean score of 75%.

Seven main attributes were examined for voluntary disclosure in this study. The results indicated that the highest attribute disclosed was control activities while the lowest disclosure was for Sharia compliance risks. Most financial institutions have disclosed control activities, which consist of policies and procedures they adopt in their operations because they are part of the standard operating procedures that financial institutions should have in place. Sharia compliance risk was found to be the item least disclosed by Islamic financial institutions, which is surprising given that Islamic financial institutions and banks are supposed to have detailed disclosure on Sharia compliance. This finding could be explained by the underdevelopment of the Islamic financial institutions as Islamic banking has only started to grow rapidly over the last 10 years.

The results of this study contribute to establishing a preliminary point for empirically examining the level of risk management disclosure. It is crucial to fully understand the factors that drive risk management disclosure in Islamic financial institutions. Such institutions should consistently follow requirements established by relevant authorities to ensure full compliance with risk disclosure.

In essence, future research can be conducted to study the relationship between the risk management disclosure level and corporate governance mechanisms, such as the board of directors, audit committee, and ownership structure. Such an approach would help regulators understand the most important factors that can influence the disclosure level in Islamic financial institutions. Future research should also compare the risk management disclosure level between Islamic financial institutions and conventional financial institutions to determine if any differences exist in the reporting style.

REFERENCES

1 . Abayo, ?., Adams, C, & Roberts, C. (1993). Measuring die quality of corporate disclosure in less developed countries: the case of Tanzania. Journal of International Accounting Auditing and Taxation, 2, 145-158.

2. Abul Hassan, (2009). Risk management practices of Islamic banks of Brunei Darussalam. The Journal of Risk Finance, 10(10, 23 - 37

3. Abraham, S. & Cox, P. (2007). Analysing the determinants of narrative risk information in UK FTSE 100 annual reports. The British Accounting Review, 39(3), 227-248.

4. Ahmad, N. H. & Ahmad, S. N. (2004). Key factors influencing credit risk of Islamic bank: A Malaysian case. The Journal of Muamalat and Islamic Finance Research. 1(1), 68-80.

5. Akhtaruddin, M. (2005). Corporate mandatory disclosure practices in Bangladesh. The International Journal of Accounting, 40, 399-422.

6. Al-Razeen, A. & Karbhari, Y. (2004). Interaction between compulsory and voluntary disclosure in Saudi Arabian corporate annual reports. Managerial Auditing Journal, 19(3), 351-360.

7. Amran, ?., Abdul Manaf, R. & Che Haat, M. H., 2009. Risk reporting: An exploratory study on risk management disclosure in Malaysian annual reports. Managerial Auditing Journal, 24(1), pp. 39-57. [NOT cited in paper]

8. Bank Negara Malaysia. (20 11). Bank Negara Malaysia in profile, 20 1 1 . Retrieved from www.bnm. gov.my

9. Barako, D.G., Hancock, P. & Izan, ?. Y. (2006). Factors influencing voluntary corporate disclosure by Kenyan companies. Corporate Governance, 14(2), 107-125.

10. Baumann, U. & Nier, E. (2004). Disclosure, Volatility, and Transparency: An Empirical Investigation into me Value of Bank Disclosure. FRBNY Economic Policy Review I September 2004, 31-45.

11. Beattie, V., Mclnnes, B., & Fearnley, S. (2004). A methodology for analysing and evaluating narratives in annual reports: a comprehensive descriptive profile and metrics for disclosure quality attributes. Accounting Forum, 28, 205-236.

12. Botosan, C.A. (2004). Discussion of a framework for the analysis of firm risk communication. The International Journal of Accounting, 39, 289-295.

13. Cabedo, J.D. & Tirado, J.M. (2004). The disclosure of risk in financial statements. Accounting Forum, 28, 181-200.

14. Chavent, M., Ding, Y., Fu, L., Stolowy, H. & Wang, H. (2006). Disclosure and determinant studies: an extension using die divisive clustering method (DIV). European Accounting Review, 15(2), 181-218.

15. Canadian Institute of Chartered Accountants (CICA). (2004). Management's Discussion and Analysis: Guidance on Preparation and Disclosure. May. Toronto, Ontario: Canadian Institute of Chartered Accountants.

16. Committee of Sponsoring Organizations of the Treadway Commission. The (COSO). (2004). Enterprise Risk Management - Integrated Framework: Executive Summary. September 2004. Jersey City, NJ: AICPA.

17. Deegan, C. & Rankin, M. (1996). Do Australia companies report environmental news objectively? Accounting, Auditing & Accountability Journal, 9(2), 50-67.

18. Dobler, M., (2008). Incentives for risk reporting - A discretionary disclosure and cheap talk approach. The Internationaljournal of Accounting, 42(2), pp. 184-206.

19. Fatemi, A. & Glaum, M. (2000) "Risk management practices of German firms" ', Managerial Finance, 26(3), 1 - 17

20. Finance Committee on Corporate Governance, (2007). Malaysian Code of Corporate Governance (MCCG). Ministry of Finance, Malaysia.

21. Foong, K.K. (2009). Some Lessons of the Global Financial Crisis. Retrieved July, 24, 2009, from http://www.mier.org.mv/newarticles/archives/pdf/drfoong6 07 2009 pdf

22. Harahap, S., S., (2003). The disclosure of Islamic values - annual report. The analysis of Bank Muamalat Indonesia's annual report. Managerial Finance. 29(7), 70 - 89.

23. Hammond, K. & Miles, S. (2004). Assessing quality assessment of corporate social reporting: UK perspectives. Accounting Forum. 28, 61-79.

24. Helbok, G., & Wagner, C. (2003). Corporate Financial Disclosure on Operational Risk in the Banking Industry. 17. Austrian Working Group on Banking and Finance (S. 1-17).

25. Hassan Al-Tamimi, H. A. & Al-Mazrooei, F. M. (2007) "Banks' risk management: a comparison study of UAE national and foreign banks", The Journal of Risk Finance, 8(4), 394 - 409

26. Husseiney, K. (2004). A study of the ability of partially automated disclosure scores to explain the information content of annual report narratives for future earnings. PhD thesis, University of Manchester.

27. Inchausti, B.G. (1997). The influence of company characteristics and accounting regulation on information disclosed by Spanish Firms. The European Accounting Review, 6(1), 45-68.

28. Institute of Chartered Accountants in England and Wales, The. (1997). Financial Reporting of Risk: Proposals for a Statement of Business Risk. London: ICAEW ICAEW (1997)

29. Institute of Chartered Accountants in England and Wales, The. (1999). No Surprises: The Case for Better Risk Reporting. London: ICAEW.

30. Institute of Chartered Accountants in England and Wales, The. (2002). Risk management for SMEs. London: ICAEW.

<p>31. International Federation of Accountants, (2003). Rebuilding Public Confidence in Financial Reporting: An International Perspective. New York: ?7 A.

32. Islamic Financial Service Board (2007). Disclosures to Promote Transparency and Market Discipline for Institutions offering Islamic Financial Services) excluding Islamic Insurance and Islamic Mutual Fund). Kuala Lumpur: IFSB

33. Islamic financial Service Board (201 1). IFSB in profile 201 1. Retrieved from http://www.ifsb.org/

34. Ismail, R. & Abdul Rahman, R. (201 1). Institutional Investors and Board of Director's Monitoring Role on Risk Management Disclosure Level in Malaysia. The IUP Journal of Corporate Governance, X (2), 37-61.

35. Kahf, M., (2006). Maqasid al Shari'ah in the Prohibition of Riba and their Implications for Modern Islamic Finance. Paper prepared for the IIUM International Conference on Maqasid al Shari'ah, August 8-10, 2006

36. Kleffner, A. E., Lee, R., B., & McGannon, B. (2003). The Effect of Corporate Governance on the use of Enterprise Risk Management: Evidence from Canada. Risk Management and Insurance Review 6(1). 53-73.

37. Krippendorff, K. (1980), Content Analysis: An Introduction to its Methodology. CA, Beverly Hills: Sage Publications.

38. Lajili, K. & Zeghal, D., 2005. A content analysis of risk management disclosures in Canadian annual reports. Canadian Journal of Administrative Sciences, 22(2), pp. 125-142.

39. Linsley, P.M. & Shrives, P.J. (2005). Examining risk reporting in UK public companies. The Journal of Risk Finance, 6(4), 292-305.

40. Linsley, P.M. & Shrives, P.J. (2006). Risk reporting: A study of risk disclosures in the annual reports of UK companies. The British Accounting Review, 38(4), 387-404.

41. Linsmeier, T. J., Thortorn, D. B., Venkatachalam, M. and Welker, M. (2002). The Effect of Mandated Market Risk Disclosures on Trading Volume Sensitivity to Interest Rate, Exchange Rate, and Commodity Price Movements. The Accounting Review Publication, 77(2). 343-377.

42. MASB, 2005. Financial Reporting Standard FRS 132 Financial Instruments: Disclosure and Presentation. Malaysian Accounting Standard Board, Kuala Lumpur.

43. Mohd Ariffin, N., Archer, S., & Abdel Karim, R. A, (2009). Risks in Islamic banks: Evidence from empirical research. Journal of Banking Regulation, 10(2), 153-163.

44. Muda, A. S., & Yazid, M. S., (2006). The role of foreign exchange risk management in Malaysia. Irish Journal Management, 2(2), pp. 45-63.

45. NAO (2000). Supporting Innovation: Managing Risk in Government Departments, London: The Stationery Office of National Audit Office NAO (2000), OGC (2002). Management of Risk: Guidance for Practitioners, London: The Stationery Office of Office of Government Commerce.

46. Othman, R. & Ameer, R. (2009). Market risk disclosure: evidence from Malaysian listed firms. Journal of Financial Regulation and Compliance, 17(1), pp. 57-69.

47. PricewaterhouseCoopers (PWC). (2008). Malaysia, Asia's Islamic Finance Hub, Retrieved from http://www.pwc.com/en mv/mv/assets/publications/islamic-finance-hub.pdf

48. Securities Commission (SC). (2010), Securities Commission in profile 2011, retrieved from http://www.sc.com.mv/

49. Sundararajan, V., & Errico, L. (2002). Islamic Financial Institutions & Products in the Global Financial System: Key Issues in Risk Mnagement & Challanges Shead, Working Paper, International Monetary Fund.

50. United Nations Conference on Trade and Development (UNCTAD) (1999). The Role of Accounting Disclosure in the East Asian Financial Crisis: Lessons Learned. Switzerland 1999

Rosnadzirah Ismail, Universiti Teknologi MARA, Malaysia

Rashidah Abdul Rahman, Ph.D., Universiti Teknologi MARA, Malaysia

Normah Ahmad, Ph.D., Universiti Teknologi MARA, Malaysia

AUTHOR INFORMATION

Rosnadzirah Ismail is a lecturer at Accounting Research Institute and Faculty of Accountancy, Universiti Teknologi MARA Malaysia, 40450. She has teaching experiences in accounting at the diploma and degree levels as well as at the professional level specifically Certified Accounting Technician. She is currently an associate member of the Accounting Research Institute, Universiti Teknologi MARA. Her areas of interest include risk management, financial reporting, and corporate governance. E-mail: rosnadzirah(5),salam.uitm.edu.mv (Corresponding author)

Professor Dr. Rashidah Abdul Rahman is the deputy director of die Accounting Research Institute, Universiti Teknologi MARA. She has presented and published various articles in several areas, including Islamic finances, corporate governance, intellectual capital, financial reporting, and corporate ediics. She sits on the editorial boards of several journals and has been an external examiner for post-graduate students both at local universities and abroad. Her publications include Corporate Governance in Malaysia, Effective Corporate Governance, CSR-Based Corporate Governance, and Self-Regulating Corporate Governance.

Dr. Normah Ahmad is a senior lecturer at MARA University of Technology (UiTM), Perlis branch, and has had more than 20 years of teaching experiences in accounting at all levels of die diploma and in relevant courses for graduate work (EMBA) and degrees in accounting. She is currently the head of die Learning Centre, Faculty of Accountancy at UiTM (Perlis). Her research areas include financial reporting, accounting education, corporate governance, and internal controls. Her published works include Introduction to Cost and Management Accounting as well as several student manuals.

Copyright:	(c) 2013 Clute Institute for Academic Research
Wordcount:	7075