Fundamentals of Islamic Banking and Finance (Level 2)

Correct: Under the Dodd-Frank Act in the United States, non-financial entities that use derivatives to hedge or mitigate commercial risk can qualify for an exception from mandatory clearing and exchange trading. This is known as the ‘end-user exception.’ The internal auditor must verify that the firm meets the criteria for this exception, which includes being a non-financial entity, using the swaps for bona fide hedging, and fulfilling specific reporting obligations to a registered Swap Data Repository (SDR).

Incorrect: The strategy of registering as a Major Swap Participant is generally unnecessary for commercial firms because the definition specifically excludes positions held for hedging or mitigating commercial risk. Focusing only on national securities exchanges is incorrect because currency swaps are primarily regulated by the CFTC rather than the SEC, and the end-user exception specifically allows for OTC execution rather than mandatory exchange trading. Choosing to apply a fixed fifteen percent capital reserve is a misunderstanding of US prudential regulations, which apply different capital and margin requirements to swap dealers rather than commercial end-users.

Takeaway: Internal auditors must verify that US firms correctly document and report their eligibility for the Dodd-Frank end-user exception for currency derivatives.

Correct: Establishing information barriers, commonly known as Chinese Walls, and restricted lists is the primary preventative control used by US broker-dealers to comply with Section 15(g) of the Securities Exchange Act of 1934. These barriers physically and technologically separate departments to prevent the misuse of material non-public information, such as pending customer orders. This structural separation is essential for protecting market integrity and ensuring the firm does not trade ahead of its clients based on non-public data.

Incorrect: Implementing post-trade surveillance systems serves as a detective control rather than a preventative one because it identifies potential violations only after the trades have been executed. The strategy of performing quarterly look-back reviews by internal audit is a monitoring activity that provides oversight but does not stop the initial conflict of interest or the misuse of information. Relying solely on continuing education modules provides a baseline of knowledge but does not create the structural safeguards necessary to prevent unauthorized information sharing in a high-pressure trading environment.

Takeaway: Robust mitigation of conflicts in dual-role market participants requires structural information barriers to prevent the misuse of non-public customer data.

Correct: Secondary markets serve the vital role of price discovery and liquidity provision. By allowing existing securities to be traded, they ensure that investors can enter or exit positions at fair market prices. This liquidity supports the primary market by making new issues more attractive to investors who value the ability to sell their holdings in the future.

Incorrect: Focusing on the issuance of new capital describes the primary market’s function rather than the secondary market’s role in ongoing trading. Attributing the elimination of credit risk to the market’s primary function confuses the role of central counterparties and clearinghouses with the broader economic purpose of the market itself. Suggesting that the primary function is the regulation of interest rates by the Federal Reserve describes a specific monetary policy tool rather than the general role of financial markets in capital allocation and liquidity.

Takeaway: Secondary markets primarily function to provide liquidity and price discovery for existing securities, supporting efficient capital allocation and valuation.

Correct: Independent price verification (IPV) is a fundamental control in US financial institutions to ensure that valuations produced by front-office models are objectively challenged. Using TRACE data, which is mandated by FINRA for reporting secondary market transactions in corporate bonds, provides a reliable, independent benchmark for verifying these internal prices and ensuring financial statement accuracy.

Incorrect: Relying on a requirement for exchange-only trading is impractical because the US corporate bond market is primarily over-the-counter (OTC) rather than exchange-based. The strategy of restricting holdings to top-tier rated securities addresses credit risk management but fails to provide a control for the valuation accuracy of the assets currently on the balance sheet. Focusing on Federal Reserve liquidity facilities is an appropriate measure for managing funding and liquidity risk, but it does not address the integrity of the valuation process for financial reporting.

Takeaway: Internal auditors must verify that independent price verification processes use objective data like TRACE to validate internal fixed income valuation models.

Correct: Centralized clearing through a Derivatives Clearing Organization utilizes novation, a legal process where the clearinghouse interposes itself between the original buyer and seller. This process replaces the credit risk of the original counterparty with the credit risk of the clearinghouse, which is supported by a robust default fund and strict collateral requirements. Under US regulations, this structure is designed to prevent systemic contagion by ensuring that the failure of one market participant does not lead to a chain reaction of defaults across the financial system.

Incorrect: The strategy of assuming that centralized clearing eliminates all operational risks is flawed because while it standardizes many aspects of the trade lifecycle, internal system failures and human errors in trade capture still pose significant risks. Focusing only on the removal of margin requirements is incorrect because clearinghouses actually mandate rigorous initial and variation margin to ensure they are adequately collateralized against market movements. Choosing to believe that trading on a Swap Execution Facility provides an exemption from reporting is a misunderstanding of the law, as these venues are specifically designed to enhance transparency and facilitate the reporting mandates required by the Dodd-Frank Act.

Takeaway: Centralized clearing mitigates counterparty risk by interposing a regulated clearinghouse between market participants through the legal process of novation.

Correct: Under the Securities Act of 1933, gun-jumping refers to illegal offers or sales of securities before a registration statement is filed or becomes effective. Internal auditors must ensure controls exist to restrict public communications that could be construed as conditioning the market for the upcoming offering, as the SEC strictly regulates communications during the quiet period to ensure investors rely only on the preliminary prospectus.

Incorrect: The strategy of having internal audit certify the fairness of the offering price is inappropriate because valuation and pricing are management and underwriter responsibilities, and such involvement would impair auditor independence. Monitoring secondary market transactions before the effective date is logically flawed because the shares are not yet issued or traded on a public exchange during the waiting period. Opting for a Form 8-K filing for every informal discussion with underwriters misinterprets SEC rules, as these discussions are part of the underwriting process and do not trigger the specific material event reporting requirements of Form 8-K.

Takeaway: Internal auditors must prioritize controls preventing gun-jumping to ensure compliance with SEC registration requirements during the IPO process.

Correct: Under FINRA Rule 5310 and SEC guidance, broker-dealers must conduct a regular and rigorous review of execution quality when they route orders to other venues. SEC Rule 606 specifically requires broker-dealers to disclose their routing relationships and any payment for order flow received, which is a critical transparency requirement in the United States market.

Correct: Testing the independence of price verification ensures that valuations are not influenced by the trading desk. In the U.S. regulatory environment, the separation of duties between the front office and the valuation function is a critical internal control for OTC derivatives. This procedure confirms that the middle or back office uses objective, external data to validate the fair value of positions.

Incorrect: The strategy of verifying that all contracts are on a Swap Execution Facility is insufficient because many FX forwards are exempt from certain trading mandates under U.S. Treasury determinations. Relying on a review of manual entries against historical averages fails to capture current market volatility and real-time pricing risks. Choosing to use identical models in the back office and front office without independent validation increases the risk of undetected systemic errors or manipulation.

Takeaway: Internal auditors must ensure FX derivative valuations are independently verified against objective market data to mitigate the risk of misstatement.

Correct: In the United States, exchange-traded derivatives are cleared through central counterparties overseen by the CFTC or SEC. This structure replaces individual counterparty risk with the creditworthiness of the clearinghouse. The CCP ensures performance through daily variation margin and initial margin requirements.

Incorrect: The strategy of using bilateral agreements is typical for the over-the-counter market but does not apply to standardized exchange-traded products. Relying solely on periodic reviews of participant financials fails to account for the real-time risk mitigation provided by clearinghouse structures. Focusing only on position limits addresses market concentration and liquidity risk rather than the credit risk of the counterparty.

Correct: Under the Dodd-Frank Wall Street Reform and Consumer Protection Act, certain swaps that are otherwise subject to mandatory clearing may be exempt if one of the counterparties is a non-financial entity using the swap to hedge commercial risk. The internal auditor must verify that the firm has properly documented this end-user exception and complied with the CFTC requirement to provide specific information regarding how the entity meets its financial obligations.

Incorrect: The strategy of reporting all interest rate swaps to the SEC is incorrect because the CFTC, not the SEC, has primary jurisdiction over the interest rate swap market. Focusing only on moving customized products to a designated contract market is impractical as the OTC market exists specifically to provide tailored solutions that may not fit standardized exchange models. Choosing to assume all bilateral swaps must be cleared through a central counterparty ignores the legal exemptions provided for hedging activities by non-financial entities.

Takeaway: Internal auditors must verify that OTC derivative trades qualify for regulatory clearing exemptions by reviewing specific CFTC filing and documentation requirements.

Correct: The FX market is primarily a decentralized OTC market without a central exchange. In the United States, this structure means that participants deal directly with one another or through electronic platforms. Because there is no central clearinghouse for spot FX and no single price source, internal auditors must ensure the firm has established rigorous counterparty credit risk assessments and uses various market data sources to perform ‘mark-to-market’ valuations and execution quality monitoring.

Incorrect: Relying on the assumption that spot FX trades must be cleared through a central counterparty is incorrect because spot transactions are generally exempt from the clearing mandates of the Dodd-Frank Act. The strategy of using a single centralized exchange price is flawed because the FX market lacks a central price discovery mechanism similar to the equity markets. Focusing only on Swap Execution Facilities is misplaced as these venues are primarily designed for certain derivatives rather than the spot FX market, which remains largely fragmented across various liquidity providers.

Takeaway: The decentralized OTC nature of FX markets requires internal controls focused on counterparty risk and multi-source price verification.

Correct: In the United States, FINRA Rule 5310 requires broker-dealers to exercise reasonable diligence to ascertain the best market for a security so that the customer receives the most favorable price possible. A robust control environment must include a regular and rigorous evaluation of execution quality across various venues, such as exchanges and ATSs, focusing on factors like price improvement, speed, and the likelihood of execution.

Incorrect: The strategy of routing orders exclusively to national exchanges is incorrect because it ignores the potential for better execution or price improvement available on Alternative Trading Systems or other venues. Focusing only on maximizing payment for order flow is a conflict of interest that often contradicts the duty of best execution and does not serve as a regulatory control. Opting for manual approval of every trade is operationally impractical in modern high-speed secondary markets and fails to address the systematic risks inherent in automated routing algorithms.

Takeaway: Internal auditors must ensure firms systematically compare execution quality across all available venues to satisfy U.S. best execution regulatory requirements.

Correct: Multilateral netting allows the NSCC to act as a central counterparty that offsets all of a member’s trades in a specific security into one net position. This process significantly reduces the number of physical deliveries and payments required, thereby lowering operational risk and the firm’s overall liquidity needs.

Incorrect: The strategy of using real-time gross settlement is incorrect because it describes a process where transactions are settled individually and immediately, which does not provide the netting benefits of a CCP. Focusing only on bilateral credit limits is insufficient as it relates to direct counterparty management in non-cleared markets rather than the centralized clearing model. Choosing to describe the system as portfolio insurance is a mistake because it confuses the risk-mitigation functions of a clearinghouse with investor protection schemes like the Securities Investor Protection Corporation (SIPC).

Takeaway: Multilateral netting by a CCP reduces systemic risk and liquidity needs by consolidating multiple trade obligations into a single net position.

Correct: Under U.S. regulatory frameworks, specifically FINRA Rule 5310 and SEC guidance, firms that route order flow to specific venues for compensation must perform ‘regular and rigorous’ reviews. These reviews are essential to ensure that the firm is obtaining the best possible execution for its customers, considering factors like price improvement, speed of execution, and likelihood of execution, rather than simply maximizing the firm’s own revenue from payment for order flow.

Incorrect: The strategy of eliminating all off-exchange routing is not a regulatory requirement and could potentially disadvantage clients by removing access to price improvement often provided by wholesalers. Focusing only on maximizing liquidity rebates for the firm’s own account represents a significant conflict of interest and likely violates the duty of best execution by prioritizing firm profit over client price. Opting for a policy that only routes to primary listing exchanges ignores the fragmented nature of the U.S. equity market and fails to seek out the best available price across all protected quotes in the national market system.

Takeaway: Internal auditors must verify that firms receiving payment for order flow conduct rigorous execution quality comparisons to fulfill their best execution obligations.

Correct: Under FINRA Rule 6730, broker-dealers are required to report transactions in TRACE-eligible securities, such as corporate bonds, as soon as practicable but no later than 15 minutes after execution. Since the firm uses a manual process, there is a high inherent risk of human error or delay. Testing a sample of trades against the actual TRACE reporting data is the most effective way to verify that the controls ensure compliance with these specific regulatory timeliness and accuracy requirements.

Incorrect: Relying on high-level financial statements like the SEC Form 10-K is insufficient because these documents do not provide the transaction-level detail needed to evaluate daily operational reporting compliance. The strategy of checking registration status under the Securities Act of 1933 is fundamentally flawed as registration does not exempt a firm from secondary market reporting obligations to TRACE. Focusing on individual legal opinions for every trade regarding the Volcker Rule is an inefficient audit approach that fails to address the specific risk of reporting inaccuracies in the corporate bond market.

Takeaway: Internal auditors must verify that corporate bond trades are reported to TRACE accurately and within the FINRA-mandated 15-minute timeframe.

Correct: Under the Dodd-Frank Act, the central clearing mandate is designed to reduce systemic risk within the U.S. financial system. By requiring standardized derivatives to be cleared through a Central Counterparty (CCP), the bilateral credit risk between two private parties is replaced by the CCP, which acts as the buyer to every seller and the seller to every buyer. This structure prevents a single default from cascading through the financial markets, as the CCP maintains rigorous collateral and margin requirements to ensure settlement.

Incorrect: The strategy of assuming that clearing eliminates margin requirements is incorrect because CCPs actually enforce strict margin calls to manage risk. Focusing only on national securities exchanges is a misconception, as many derivatives are traded on Swap Execution Facilities (SEFs) rather than traditional stock exchanges. Relying on the idea of a federal guarantee against market losses is a fundamental misunderstanding of market infrastructure, as clearinghouses manage counterparty default risk but do not protect participants from losses due to adverse price movements in the underlying currency.

Takeaway: Central clearing in U.S. markets converts bilateral counterparty risk into centralized risk managed by a regulated clearinghouse to prevent systemic financial contagion.

Correct: Under SEC regulations and the Investment Company Act of 1940, funds must provide clear and accurate disclosures regarding their investment strategies. If an index methodology allows for subjective, undisclosed discretion in constituent selection, it creates a risk of ‘index drift’ and potential manipulation. This lack of transparency can mislead investors about the true nature of the fund’s holdings and violates the fiduciary duty to act in accordance with stated investment objectives.

Incorrect: The strategy of using a price-weighted methodology is a legitimate mathematical approach used by prominent US indices like the Dow Jones Industrial Average and does not constitute a regulatory violation if properly disclosed. Opting for a semi-annual rebalancing schedule is a matter of index design and operational preference rather than a compliance failure, provided it is consistently applied and documented. Focusing on the registration of the index itself is a misunderstanding of the Investment Advisers Act, as the act applies to the entities or individuals providing advice, not the mathematical benchmarks or indices they create.

Takeaway: Auditors must ensure index methodologies are objective and fully disclosed to prevent deceptive practices and maintain regulatory compliance.

Correct: In the United States, CCPs function by interposing themselves between buyers and sellers through a process called novation. This allows the CCP to net offsetting positions across different participants (multilateral netting), which significantly reduces the total amount of credit risk and collateral required in the financial system compared to bilateral arrangements. This centralization of risk management is a core requirement for certain derivatives under the Dodd-Frank Act to prevent systemic contagion.

Incorrect: Suggesting that the CCP provides a federal guarantee from the OCC misrepresents the role of the regulator and the private nature of CCP loss-sharing waterfalls. The strategy of replacing daily variation margin with a single payment is incorrect because CCPs rely on frequent margin calls to prevent the accumulation of large uncollateralized losses. Focusing on the CCP assuming market risk through proprietary trading is a fundamental misunderstanding, as CCPs maintain a matched book and use member-contributed resources to manage default risk rather than taking directional market bets.

Takeaway: CCPs reduce systemic risk by centralizing counterparty exposure through novation and facilitating multilateral netting among market participants in the US financial system.

Correct: Under SEC Rule 2a-7, which governs money market funds in the United States, non-government ‘Prime’ funds have the authority to impose liquidity fees or temporary redemption gates during times of market stress. This occurs if the fund’s weekly liquid assets drop below certain levels, potentially preventing an organization from accessing its cash exactly when it is needed most. Internal auditors must ensure that liquidity risk assessments account for these regulatory mechanisms rather than assuming immediate daily liquidity.

Incorrect: The strategy of requiring corporate investors to register as broker-dealers is incorrect because the SEC’s registration requirements apply to entities engaged in the business of trading securities for others, not to corporate end-users managing their own liquidity. Opting for the theory that the Federal Reserve would seize private assets is a misunderstanding of the Fed’s role, as it acts as a lender of last resort through established facilities rather than through the direct seizure of private fund holdings. Focusing on the loss of FDIC insurance is also misplaced because money market funds are investment products and are never covered by FDIC insurance, regardless of their maturity profile or net asset value stability.

Takeaway: Internal auditors must recognize that US Prime Money Market Funds carry unique liquidity risks due to potential SEC-authorized redemption gates and fees.

Correct: Under the Dodd-Frank Act, specifically the rules promulgated by the CFTC and SEC, uncleared swaps are subject to mandatory margin requirements. This includes the exchange of initial margin to cover potential future exposure and variation margin to cover current mark-to-market exposure. These controls are essential for mitigating counterparty credit risk and preventing systemic financial instability in the United States financial system.

Incorrect: Relying on reporting exclusively to the Federal Reserve Board is incorrect because swap data must generally be reported to a registered Swap Data Repository (SDR) rather than directly to the Fed. The strategy of maintaining a 100% cash reserve at the Office of the Comptroller of the Currency is not a regulatory requirement and would be an inefficient use of capital that exceeds standard margin rules. Choosing to migrate every single contract to a national securities exchange is unnecessary because the law allows for customized OTC transactions to remain bilateral as long as they comply with specific margin and reporting frameworks.

Takeaway: Internal auditors must verify that uncleared OTC swaps comply with Dodd-Frank margin requirements to mitigate counterparty credit risk.

Correct: Market makers in the United States are essential participants that provide liquidity by standing ready to buy and sell securities at publicly quoted prices. This activity, overseen by the SEC and FINRA, reduces transaction costs for other investors and ensures that the market can efficiently incorporate new information into security prices.

Correct: Financial markets serve the essential purpose of resource allocation. They allow funds to flow from savers, who have excess capital, to borrowers, who require capital for investment and growth.

Correct: Under SEC Rule 606, broker-dealers must provide a public report each quarter that identifies the venues to which they route orders and discloses any material relationships with those venues. This includes specific details about payment for order flow and any profit-sharing arrangements that might influence routing decisions, ensuring transparency for the investing public.

Incorrect: The strategy of submitting individual trade timestamps to FINRA for efficiency purposes describes a different regulatory focus than the public disclosure of routing incentives required by Rule 606. Opting for a transition to public exchanges only is an operational change that does not address the underlying compliance failure regarding existing disclosure obligations. Focusing only on marketing guarantees about global price execution relates to fair dealing and best execution rather than the specific transparency requirements for order routing disclosures.

Takeaway: US transparency rules require broker-dealers to disclose financial incentives and material relationships with execution venues to manage conflicts of interest.

Correct: Under the Securities Act of 1933, the pre-filing period is characterized by a strict prohibition on any ‘offers’ to sell securities. Gun-jumping occurs when an issuer or underwriter releases communications that could condition the public mind or stimulate interest in the securities before a registration statement is filed with the SEC. Internal auditors must ensure controls are in place to vet all public communications during this quiet period to prevent regulatory sanctions or forced delays in the offering.

Incorrect: Focusing on the allocation of shares to restricted persons addresses compliance with FINRA rules during the distribution phase but does not mitigate the immediate legal risk of improper pre-filing publicity. The strategy of monitoring prospectus delivery timelines is only relevant during the post-effective period once the securities are actually being sold to the public. Opting to prioritize price stabilization controls under Regulation M is premature at this stage, as those requirements specifically govern activities closer to the pricing and commencement of secondary market trading.

Takeaway: Internal auditors must verify controls prevent pre-filing communications that violate SEC gun-jumping rules to avoid significant legal and regulatory delays in IPOs.

Correct: Under Section 3(a)(3) of the Securities Act of 1933, commercial paper is exempt from SEC registration requirements if it is a note, draft, bill of exchange, or banker’s acceptance which has a maturity at the time of issuance not exceeding nine months (270 days), and the proceeds are used for current operational expenses rather than long-term capital expenditures.

Incorrect: Requiring Treasury collateral and limiting sales to accredited investors describes characteristics of other private placements or repurchase agreements rather than the specific statutory exemption for commercial paper. The strategy of seeking Federal Reserve Board approval for individual issuances is incorrect because the Fed manages monetary policy and systemic stability rather than the registration exemptions of corporate debt. Focusing on FINRA-set value thresholds is a misunderstanding of the regulatory landscape, as FINRA oversees broker-dealer conduct and market integrity rather than setting the statutory limits for registration exemptions under federal securities law.

Takeaway: U.S. commercial paper is exempt from SEC registration if it matures within 270 days and funds current operations.

Correct: In the United States, broker-dealers have a fundamental duty of best execution, which requires them to seek the most favorable terms reasonably available for customer orders. When routing to an ATS, especially an affiliated one, internal auditors must ensure that the routing logic is not biased by ‘maker-taker’ rebate schemes or affiliate profit motives, as this could violate SEC Regulation NMS and FINRA Rule 5310.

Incorrect: The suggestion that an ATS must register as a national securities exchange is incorrect because Regulation ATS specifically provides an exemption from exchange registration for these venues. Expecting a dark pool to provide public pre-trade displays contradicts the fundamental nature of such venues, which are designed to minimize market impact by keeping order books private. Proposing that a U.S. trading venue would bypass the National Securities Clearing Corporation for a decentralized model ignores the centralized clearing and settlement infrastructure mandated for the National Market System.

Takeaway: Internal auditors must verify that order routing to ATS venues prioritizes best execution over financial incentives or affiliate interests.

Correct: Under SEC and FINRA rules, firms have a duty of best execution, which requires them to seek the most favorable terms reasonably available for customer orders. In the fragmented U.S. equity market, this involves comparing execution data against the National Best Bid and Offer (NBBO). A quantitative review of execution quality, including price improvement (executing at a price better than the NBBO) and fill rates across different venues (exchanges, ECNs, and dark pools), provides objective evidence that the firm is actively seeking the best possible outcomes for its clients.

Incorrect: The strategy of routing all orders to a primary exchange ignores the reality of modern market microstructure where better prices or higher liquidity may be available on alternative venues. Focusing only on market orders for large blocks is often counterproductive, as it can lead to significant price slippage and increased execution costs compared to using limit orders or algorithmic strategies. Choosing to rely on a single broker-dealer for all transactions limits the firm’s ability to access diverse liquidity pools and may prevent the firm from achieving the best price, potentially violating its fiduciary and regulatory duties.

Takeaway: Best execution requires a data-driven evaluation of execution quality across multiple venues relative to the National Best Bid and Offer.

Correct: Under the FCA COLL sourcebook, a breach of investment limits resulting from market movements is treated as an inadvertent breach. The ACD must rectify the position as a priority while acting in the best interests of unitholders. UCITS schemes are permitted to borrow up to 10% of their value on a temporary basis to manage liquidity. This approach balances regulatory compliance with the fiduciary duty to avoid unnecessary transaction costs during periods of market stress.

Incorrect: The strategy of immediate market-order liquidation fails to consider the potential for significant price slippage and negative impact on remaining unitholders. Opting for a credit facility exceeding 10% of the scheme property value violates the strict borrowing limits set out in the COLL sourcebook for UCITS. The method of using derivatives to hedge excess exposure does not satisfy the requirement to reduce the gross investment position below the regulatory threshold. Pursuing a reclassification to a Qualified Investor Scheme is a significant structural change that cannot be used as a reactive measure to address immediate compliance breaches.

Takeaway: Passive breaches in UK UCITS must be rectified considering unitholder interests, while temporary borrowing is strictly capped at 10% of NAV.