Islamic Open Finance™Value

Value — what IOF brings to the table

Islamic Open Finance™ runs the rails so every player — from regulators to consumers — can do their job in days, not years. This page covers three things: (1) stakeholder-by-stakeholder problem → solution → ROI, (2) the empowerment matrix showing what each tier gains, (3) how IOF productises Shariah + regulatory standards into shippable rails.

Open vs commercial

What ships free

Open under Apache 2.0

  • Stakeholder problem → solution → ROI breakdown (5 tiers)
  • Empowerment matrix cross-tier view
  • Productized technology map (standards → rails → engines)
  • All 66 typed contract schemas + OpenAPI 3.1 spec

What we charge for

Commercial / paid

  • Multi-tenant SaaS hosting + 109 Shariah-native rails in production
  • Tier-1 bank onboarding + BYOC / Helm deployment
  • Annual Shariah audit pack signing + evidence packs
  • 24/7 SLA + dedicated architecture team

1. Problem → Solution → ROI, by stakeholder

Five tiers from regulator to ecosystem partner. Each card is the McKinsey pyramid: the answer first, then the structure, then the evidence.

Tier 0

Regulators + central banks

Problem

Visibility into market actors is fragmented across PDFs, spreadsheets, and ad-hoc data calls. Shariah governance is opaque. AI risk is unaudited. Vendors talk past each other.

Solution

Read-only access to OSCAL exports, machine-readable risk registers, EU AI Act conformity dossiers, AAOIFI Shariah memos, and live attestations — all signed, dated, reproducible.

ROI

Cuts the data-call burden on regulated entities by 60–80%. Replaces manual evidence collation with API-pulls. Surfaces systemic risk in days instead of quarters.

13
Compliance regimes
12
OSCAL artefacts
10
Risks tracked
minutes
Evidence latency
What does this empower? (4 capabilities)
  • Self-serve evidence-pack collection
  • Cross-vendor regime comparison via OSCAL profile reuse
  • Real-time AI-system inventory + classification
  • Shariah board memo cross-check

Tier 1

Tier-1 banks + issuers

Problem

Replacing the core is a $100M+ multi-year programme nobody wants. Bolt-on Islamic windows have stale rails. Connector projects burn 18 months and arrive obsolete.

Solution

Overlay architecture — IOF rails sit beside the existing core via Temenos / Finastra / Mambu / FLEXCUBE / Finacle connectors. BYOC means data stays in your VPC. Helm + Docker + Terraform shipping in 4–8 weeks.

ROI

Time-to-first-Shariah-product: weeks not years. ~80% control evidence reuse across SOC 2 / ISO 27001 / IFSB / DORA. Maker-checker-by-default closes audit findings before they're written.

89
Rails available
11
Domain engines
4–8 wk
Time to live
5
Connector cores
What does this empower? (4 capabilities)
  • Launch Murabaha / Ijarah / Sukuk products without a core swap
  • Shariah board governance gate built into every contract schema
  • Evidence packs generated automatically from audit-trail
  • Capital-adequacy reporting under Basel III + IFSB-15

Tier 2

Fintechs + neobanks

Problem

Building a Shariah-compliant product means hiring Shariah scholars, decoding AAOIFI, integrating ledgers, and wiring up PSD2 / KYC / AML — most fintechs run out of runway before reaching product.

Solution

API-first integration. SDKs in TS / Python / Java / Go. MCP gateway for AI agents. 150 endpoints, sandbox tenant in <1 business day, certification-ready by design.

ROI

Skip 12–18 months of compliance build. Ship a permissible product in <1 week of dev work. Stripe-style usage-based pricing — pay for what you use, not what you might need.

142+
API endpoints
5
SDK languages
< 1 wk
First contract
< 1 day
Sandbox setup
What does this empower? (4 capabilities)
  • Launch with Shariah credibility from day one
  • Embed checkout / wallet / KYC via widgets
  • Use AI agents safely under EU AI Act guardrails
  • Pre-built Cerbos ABAC for multi-tenant access control

Tier 3

Consumers + SMEs

Problem

Faith-aligned finance options are scarce, opaque, or geographically restricted. SMEs can't access trade finance without conventional collateral structures. Cash management bleeds into riba.

Solution

Through partner banks + fintechs running on IOF: Shariah-compliant accounts, Murabaha-financed purchases, Ijarah leases, Takaful protection, Qard Hasan benevolent loans, Zakat distribution — all auditable, all permissible.

ROI

Real Shariah compliance backed by a public Shariah board. Same digital UX as conventional fintechs. Transparent pricing — no hidden mark-ups dressed as 'admin fees'.

8
Contract types
11
Takaful pools
Waqf, Zakat, Sadaqah, Qard
Social finance
100%
Disclosure
What does this empower? (4 capabilities)
  • Full Shariah audit trail visible per transaction
  • Same-day settlement via SEPA Instant
  • Zakat calculation + distribution at your bank
  • Takaful pools free of gharar + maysir

Tier ∞

Ecosystem partners

Problem

The Islamic finance market is fragmented — partners can't reach all banks at once, integration is bespoke per institution, and certification is opaque.

Solution

Single integration → access to all banks + fintechs running on IOF. Partner certification programme. Public App Store listing. Co-marketing + revenue share where applicable.

ROI

10× distribution leverage. Certified-once, listed-everywhere. Predictable certification cycle (3–6 weeks for connector cert; 6–10 weeks for Shariah product cert).

16
App Store listings
6
Cert programmes
3–6 wk
Connector cert SLA
6–10 wk
Product cert SLA
What does this empower? (4 capabilities)
  • Reach Tier-1 bank pilots without bespoke deals
  • Certify once under SOC 2 / ISO 27001 / OWASP ASVS
  • List on the App Store with verified badge
  • Plug into the standardised connector protocol

2. Empowerment matrix

Cross-tier view: what every player gets when IOF runs the rails. Click any row for detail.

CapabilityTier 0RegulatorsTier 1Tier-1 banksTier 2FintechsTier 3ConsumersTier ∞Ecosystem partners
Real-time evidence + audit trail✓ Read✓ Write✓ Write✓ Read✓ Read
Shariah board governance gate✓ Verify✓ Run✓ Run✓ See✓ Submit
Cerbos ABAC + maker-checker✓ Built-in✓ Built-in✓ Cert
OSCAL machine-readable controls✓ Ingest✓ Export✓ Export✓ Profile
EU AI Act conformity gate✓ Audit✓ Bind✓ Bind✓ See card✓ Cert
ISO 20022 native messaging✓ Read✓ Send✓ Send✓ Plug-in
Sandbox tenant in <1 day✓ Use✓ Use✓ via Partner✓ Use
BYOC (Helm / Docker / Terraform)✓ Self-host✓ Self-host

3. How IOF productises technologies

Standards become rails. Rails become engines. Engines become products. 10 examples across 13 categories.

Standard

AAOIFI SS-8 Murabaha

Becomes a rail

/rails/murabaha

Powered by

Contract Engine

What it ships

Cost-plus-sale lifecycle: ownership transfer → mark-up disclosure → deferred-payment schedule → ibra (early-payoff). Each step Shariah-bound.

Standard

AAOIFI SS-9 Ijarah

Becomes a rail

/rails/ijarah

Powered by

Contract + Ledger Engine

What it ships

Lease origination → depreciation tracking → residual-value mgmt → Ijarah Muntahia Bittamleek (lease-to-own). Maker-checker on residual valuation.

Standard

AAOIFI SS-17 Sukuk

Becomes a rail

/rails/sukuk-issuance

Powered by

Capital Markets Engine

What it ships

Issuance prep → coupon scheduling → redemption → annual Shariah audit. SS-26 Investment Sukuk variant supported.

Standard

PSD2 / PSD3 (designed-for)

Becomes a rail

/rails/access-consent

Powered by

Open Finance Engine

What it ships

Strong customer authentication, consent lifecycle, AISP/PISP gating. PSD3/PSR profile drafted, locks when in force.

Standard

ISO 20022

Becomes a rail

/rails/payments

Powered by

Messaging Engine

What it ships

pacs.008 / pacs.002 / camt.054 native end-to-end. SEPA Instant + SWIFT GPI under one schema. No XML-to-JSON shimming.

Standard

Basel III + IFSB-15

Becomes a rail

/rails/prudential

Powered by

Capital Adequacy Engine

What it ships

CET1 / Tier-1 / Tier-2 capital monitoring, RWA computation, LCR / NSFR / NSFR-Plus reporting. ICAAP / ILAAP packaging.

Standard

EU AI Act (2024/1689)

Becomes a rail

/rails/euai

Powered by

AI Conformity Engine

What it ships

Annex III high-risk classification gate, technical documentation auto-pack, post-market monitoring, FRIA + DPIA bridge.

Standard

FATF + sanctions

Becomes a rail

/rails/aml

Powered by

Compliance Engine

What it ships

Continuous sanctions / PEP / adverse-media screening. Cerbos blocks transactions on flagged parties at protocol level.

Standard

DORA + IFSB-21

Becomes a rail

/rails/observability

Powered by

Resilience Engine

What it ships

ICT risk register, third-party concentration tracking, quarterly resilience tests with documented switchover RTO.

Standard

AAOIFI SS-26 Takaful

Becomes a rail

/rails/takaful-general

Powered by

Takaful Engine

What it ships

Risk pools free of gharar + maysir. Surplus distribution prep. Qard from operator on deficit. 11 takaful rails.

Ready to talk specifics?

Whichever tier you sit in, the next step is the same — a 30-minute call to scope the most valuable starting point on IOF for your organisation.

Related: Features · Pricing · Use Cases · By Role · About