In the business world there is always a dynamic change that eventually gives birth to uncertainty. From this uncertainty arises risks that lead to unfortunate consequences. The inability of humans to predict things that happen in the future makes human activities always carry risks. This uncertainty (like risk) certainly cannot be eliminated even with the best management. However, humans can at least try to minimize these things so that the adverse effects that are born can be eliminated or at least minimized.
Islam as a universal religion has implied or explicitly stated the importance of risk management as stated in the story of the Prophet Yusuf AS as being enshrined in the Qur’an Joseph surah verses 46-49:
- (after the servant met Joseph He cried): “Joseph, O you who are very trusted, Explain to Us about the seven fat cows eaten by the seven thin cows and the seven ears (wheat) which green and (seven) others that are dry so that I return to those people, so that they know. “
- Yusuf said: “So that you plant seven years (for ever) as usual; So what you harvest, you must let it turn except a little for you to eat.
- then after that will come seven very difficult years, which spend what you save to deal with (difficult years), except for a few of the (wheat seeds) that you save.
- then after that a year will come when humans will be given enough rain (rain) and in that period they will squeeze wine. “
From this story, it can be said that in the second seven years there will be a terrible drought. This is a risk that befell the country. But with the dream of the king who was ordained by the Prophet Joseph, measurement and control of the risks that will occur in the seven years. Thus, avoiding the danger of famine that threatens the country. The process of risk management applied by the Prophet Yusuf AS through risk understanding, evaluation, and measurement and risk management is one of the many examples of Islam in terms of risk management that is certainly faced by humans in their lives.
Related to the definition of risk, there are a lot of opinions expressed by experts both outside and within the country. As stated by Eddie Cade (2002) that the definition of risk varies depending on its purpose. But in general, risk can be interpreted as an adverse event, or deviation of the results obtained from the expected results. Philip Best (2004) states that risk is a financial loss, both directly and indirectly. Another definition of risk as revealed by Veithzal Rivai and Rifki Ismall (2013) is a condition that arises because of uncertainty with all unfavorable consequences that may occur.
Risk can also be associated with the possibility of events or circumstances that can threaten the achievement of the goals and objectives of the organization. Related to this, Vaughan (1978) proposed several definitions of risk, including the following:
- Risk is the chance of loss(risk is the possibility of loss).
- Risk is the possibility of loss(risk is the chance of loss).
- Risk is uncertainty(risk is uncertainty).
- Risk is the dispersion of actual results from expected(the risk is the spread of actual results from the expected results).
- Risk is the probability of any outcome different from the expected one(risk is the probability that an outcome is different from the expected outcome).
Risk ( risk ), as expressed by Veithzal Rivai and Rifki Ismall (2013) is different from uncertainty). Uncertainty refers to the understanding of risks that occur and are not anticipated (unexpected risk), while the term risk refers to risks that occur and have been predicted (expected risk). In addition, risks can be estimated or measured and the level of probability of occurrence has been known. Some mentioned that the risk is uncertainty that can be quantified the amount of loss. As such, unpredictable uncertainties are not risks. Another difference is, “the presence or absence of information” about the uncertainty, so that uncertainty without information is not referred to as risk.
Definition of Risk Management
Management in Arabic is called idarah which means a means to realize general objectives. While the risk as already mentioned is a condition that arises because of uncertainty with all unfavorable consequences that may occur. While what is referred to as risk management is an activity undertaken to respond to known risks (through a risk analysis plan or other form of observation) in order to minimize the negative consequences that may arise.
According to the COSO (Committee of Sponsoring Organizations of the Treadway Commission), risk management can be interpreted as “a process, effected by an entity’s board of directors, management and other personnel, applied in a strategy setting and across the enterprise, designed to identify potential events that may affect the entity, manage risk to be within its risk appetite, and provide reasonable assurance regarding the achievement of entity objectives “ . There is also an explanation is as follows:
- On going process
It is carried out continuously, is monitored periodically and is not an activity that is carried out occasionally (one time event).
- Effected by people
Determined by parties in the organization. For the environment of government institutions, risk management is formulated by the leaders and employees of the institution / department concerned.
- Applied in strategy setting
It has been compiled since the formulation of organizational strategy by the organization’s top management. With the use of risk management, the strategies prepared are adjusted to the risks faced by each section / unit of the organization.
- Applied across the enterprise
The strategy chosen based on risk management is applied in operational activities, and covers all parts / units in the organization. Given the risk of each part is different, the application of risk management is based on the determination of risk by each section.
- Designed to identify potential events
Designed to identify events or circumstances that potentially disrupt the achievement of organizational goals.
- Provide reasonable assurance
Risks that are managed appropriately and fairly will provide a guarantee that the activities and services by the organization can take place optimally.
- Geared to achieve objectives
Risk management is expected to be a guideline for the organization in achieving its stated goals.
The concept of risk in Islam
In Islam, risk is seen as a positive thing because it is related to the concept of fairness where every profit of business must be generated from involvement in dealing with business risk. In addition, risk management is an effort to maintain God’s mandate of wealth for the benefit of humans.
However, as a system that prioritizes “risk-sharing” the Islamic Economy does not yet have an in-depth study of risk. The concept of risk in Islam is only about “gharar” and “maysir”.
Risk Management Coverage
The scope of risk management covers three main things, including the following:
- Risk identification
There are various risks faced by organizations which are broadly categorized as pure risk, and speculative risk. Pure risk is the risk where the possibility of loss exists, but the possibility of profit does not exist. Examples of these risks include accidents, fires and floods.
While speculative risk is the risk where we expect losses and profits. The point is, the potential losses and profits still exist in business ventures. We always expect profit, but do not rule out the possibility of loss.
- Risk evaluation and measurement
The next step is the evaluation and measurement of risk which aims to better identify and understand the characteristics of risk so that risk is more easily controlled. A more systematic evaluation is carried out to measure the risk. There are several techniques for measuring risk depending on the type of risk.
- Risk management
Next is risk management. Risk management needs to be done carefully considering the serious consequences if it fails to manage risk. Risks can be managed in various ways, such as avoidance, retention, diversification, or transferred to other parties.
Managing risk by avoiding it is the easiest and safest way, but it is not optimal. For example, if we want high profits from business, surely we must face these risks and manage them well, not by avoiding them. While retention means we face these risks ourselves. For example, a person who does not insure his property means that the person will personally bear the damage to his property. As for diversification means to spread the exposure we have so it is not concentrated in one or two exposures. For example, when investing in shares, we will not invest only in one share, but in several or many shares. While the transfer of risk is done when we do not want to bear certain risks, then transferred to other parties who are able to face these risks. Accident insurance is one example.
Two other things related to risk management are risk control and risk funding. Control is done to prevent or reduce the probability of occurrence of risk or undesirable events. An example is the installation of fire alarms in buildings to control the risk of fire. Risk funding implies how to finance the losses incurred if a risk arises. Whether from fire insurance or using a reserve fund is one example of fire risk funding.
The characteristics of good risk management include several elements, among others
- Understand the company’s business
- Formal and integrated
- Develop a risk infrastructure
- Establish control mechanisms
- Set a limit (limit)
- Focus on cash flow
- Proper incentive system
- Develop a risk awareness culture
Risk Management in Islamic Financial Institutions
In fact, in the context of the application of risk management, the guidelines implemented so far have been made only for conventional financial institutions. In fact, the growing mushrooming of Islamic financial institutions shows that national and international business players are not only conventional financial institutions, but also Islamic financial institutions.
Bank Indonesia, in the case of applying risk management to banks, has only just begun in 1992, with the adoption of the Capital Adequacy Ratio (CAR) calculation rules. In the same year, let’s say that a bank with Islamic principles was born so that the challenges it felt would be quite heavy. On the one hand, banks or other Islamic financial institutions will find it difficult to follow conventional risk management systems, considering that conventional institutions themselves need a process that does not take time to build systems and develop risk management techniques. Another problem is that Islamic financial institutions themselves have very basic differences from conventional financial institutions, while the application of risk management is a necessity so it must be implemented if Islamic financial institutions do not want to be hit by risk. Then, how is the application of risk management in Islamic financial institutions including Islamic banks? The quickest and most effective way is to adopt a conventional risk management system that is tailored to the characteristics of Islamic financial institutions as stated by Veithzal Rivai and Rifki Ismall, (2013).
In this regard, the Islamic Financial Services Board (IFSB) has formulated the principles of risk management for banks and financial institutions using Islamic principles. On March 15, 2005, the first exposure draft was published. The executive summary draft mentioned that the risk of Islamic financial institutions refers to the Basel Accord II (which is also applied in conventional banking) and adjusted to the characteristics of financial institutions with Islamic principles. Thus, a thorough understanding of conventional risk management will greatly assist the application of risk management in Islamic financial institutions.
Risks to Islamic Financial Institutions
In general, the risks faced by Islamic financial institutions can be classified into two major parts, namely the risks that are similar to those faced by conventional financial institutions and risks that have their own uniqueness because they have to follow Islamic principles. This risk arises because the contents of the balance sheet are different from conventional financial institutions. For example, profit and loss sharing patterns by Islamic banks increase the possibility of other risks such as withdrawal risk, fiduciary risk  , and displaced commercial risk  . As a consequence, the techniques used to identify, measure and manage risk in Islamic banks are divided into two types, including the following:
- The standard techniques used by conventional banks, as long as they do not conflict with Islamic principles such as gap analysis, maturity matching, internal rating system, and Risk Adjusted Return On Capital (RAROC).
- New techniques that must be consistent with Islamic principles in the hope of being able to anticipate other risks that are unique.
The risk applied by Islamic banks actually comes from the application of profit and loss sharing methods, in this case conventional banks also experience it to certain limits. Islamic banks, of course, must accept these additional risks for at least two reasons:
- Moral obligation to avoid interest (interest) as the word of Allah SWT
in Surah Al-Baqarah verse 279:
- So if you don’t work (leaving usury), then know that Allah and His Messenger will fight you. and if you repent (from usury taking), then for you the principal of your treasure; you are not persecuting and are not persecuted.
- There is satisfaction that the divine provisions are based on efforts to help
realizing humanitarian goals including justice. This is as stipulated in the word of Allah SWT in Surah Al-Hadid verse 25:
- Verily, We have sent Our Apostles by bringing concrete evidence and We have sent down with them the Scriptures and the balance (justice) so that people can carry out justice. and We created iron in which there is great power and various benefits for humans, (so they use the iron) and so that Allah knows who helps (His religion) and His apostles. Verily, Allah is Strong and Mighty.
According to Zamir and Mirakhor, there are three risks of Islamic financial institutions especially Islamic banks that are not experienced by conventional banks:
- Displace Commercial Risk, i.e. transfer of risks related to deposits to equity holders or when investment returns in Islamic banks are lower than conventional bank interest rates, Islamic banks become vulnerable to withdrawal of investment funds by the customer (displacement risk).
- Shariah Risk, which demands optimal performance from the Sharia Supervisory Board (DPS).
- Rate of return risk, which is generally associated with overall balance sheet exposure where there is a mismatch between the assets and the balance of the fund provider.
 Displaced commercial risk is the transfer of risk associated with deposits to equity holders. This risk arises when banks are under profit pressure, but banks must instead give a portion of their profits to depositors due to the low rate of return