ISO 37001: Anti-Bribery Management System Standard
ISO is the International Organization for Standardization (ISO) which develops and publishes International Standards and it is compromised of the national standards bodies from 163 member countries. It has developed nearly twenty thousand voluntary international standards.
ISO 37001 is an anti-bribery management system standard published in October 2016 and it is designed to help an organization to establish, implement, maintain, and improve an anti-bribery compliance programme. It also includes a series of measures and controls that represent global anti-bribery good practice.
The standard is flexible and can be adapted to a wide range of organizations, including:
large organizations, small & medium sized enterprises (SMEs), public and private sector organizations, non-governmental organizations (NGOs), the standard can be used by organizations in any country.
The measures required by ISO 37001 are designed to be integrated with existing management processes and controls. It follows the common high-level structure for ISO management system standards, for easy integration with, for example, ISO 9001. New or enhanced measures can be integrated into existing systems.
The ISO 37001’s address: bribery by the organization, or by its personnel or business associates acting on the organization’s behalf or for its benefit and bribery of the organization, or of its personnel or business associates in relation to the organization’s activities.
Bribery is also defined by law which varies between countries. Therefore the Standard provides a generic definition of bribery, but the actual definition will depend on the laws applicable to the organization. The Standard provides guidance on what is meant by bribery to help users understand the intention and scope of the Standard.
The organization must implement a series of measures and controls in a reasonable and proportionate manner to help prevent, detect, and deal with bribery, including:
- Anti-bribery policy
- Management leadership, commitment and responsibility
- Personnel controls and training
- Risk assessments
- Due diligence on projects and business associates
- Financial, commercial and contractual controls
- Reporting, monitoring, investigation and review
- Corrective action and continual improvement
Finally, the Standard benefits an organization by providing:
minimum requirements and supporting guidance for implementing or benchmarking an anti-bribery management system, assurance to management, investors, employees, customers, and other stakeholders that an organization is taking reasonable steps to prevent bribery, evidence in the event of an investigation that an organization has taken reasonable steps to prevent bribery.
ISO 37001 is a requirements standard, making it capable of independent certification and the third parties will be able to certify an organization’s compliance with the Standard.