The value of an ISO37001 certified anti-bribery management systemDrive ethical business practice, build stakeholder trust and competitive advantage
The value of an ISO37001 certified anti-bribery management system
The ISO37001 anti-bribery management system was published worldwide on 17 October 2016. It was developed by more than 37 countries from China to Mexico, all the G7 countries and in liaison with the OECD. Its implementation is being considered in Singapore, Peru and reportedly by Walmart and Microsoft amongst others.
The value of an ISO37001 certified anti-bribery management system is that it demonstrates your commitment to an anti-bribery programme. This will coherently flow out to all business activities, through leadership, management, and all your key commercial, financial and operational functions. Your organisation might have other certified standards such as ISO9001 Quality Management and ISO37001 fits neatly into these established management processes.
The costs of bribery
Bribery is a significant business and political risk in many countries and sectors. It will adversely impact an organisation in the event of an allegation or criminal prosecution. Bribes are often tolerated as a “necessary part of doing business” , or “that’s the way we do things in our country”.
ISO37001 is applicable to the public, private, third and voluntary sectors and, state owned enterprises and international organisations, regardless of size. The bribery risk facing an organisation varies according to factors such as the size of the organisation, the countries and sectors in which the organisation operates and the nature, scale and complexity of its operations.
Certification of an organisation to ISO37001:2016 provides clear evidence to all stakeholders, financial, regulatory and government bodies, of the veracity of its anti-bribery programme to prevent bribery. It demonstrates that the organisation has adopted, is practising and constantly improving its anti-bribery measures. This will not only strengthen internal compliance to mitigate bribery risk but catalyse those key cultural changes which will influence others, both internal and external, to behave with integrity and within the law. In answering the call for more transparency and better ethics by governments customers, suppliers and other stakeholders there is international demand to prevent bribery.
Why a management system?
The ISO37001:2016 standard recognises that effective anti-corruption compliance requires the adoption of a risk-based approach – appropriate and proportionate to the nature of the organisation’s business.In addition to conducting a bribery risk assessment, ISO37001:2016 requires that organisations take the following steps:
- Tone at the Top: the board/senior management must demonstrate commitment to anti-bribery prevention, including communicating the importance of effective anti-bribery management and promoting an anti-bribery culture within their organisation.
- Develop and Maintain Compliance Policies and Internal Controls: including procedures designed to prevent the offering, provision or acceptance of gifts, hospitality, donations and similar benefits where the offering, provision or acceptance is, or could reasonably be perceived as, bribery.
- Training: provide employees with appropriate anti-bribery training of which their participation is documented.
- Risk-Based Due Diligence: conduct an appropriate level of due diligence on specific transactions, projects, activities and business associates.
- Contractual and Certification Protections: requires third parties (such as sales agents) that “pose more than a low bribery risk” to certify they will commit to preventing bribery.
- Compliance Commitments from Employees: personnel must comply with the anti-bribery policy and anti-bribery management system and the organisation has the right to sanction personnel in the event of non-compliance.”
- Implement Internal Controls: organisations must implement both “financial” and “non-financial controls” (i.e. finance, procurement, operational, sales, marketing etc.)
- Reporting Channels and Whistleblower Protections: establishment of systems to allow personnel and third parties to “report in good faith” or “on the basis of a reasonable belief” an attempted, suspected/actual bribery, or any violation of the anti-bribery management system.
- Documentation: to document their ISO37001:2016 activities (a business management system) appropriate for the size and complexity of the organisation and the nature of its activities.
- Improvement of Anti-Corruption Controls through Constant Assessment: monitor, audit, assess and review their anti-bribery compliance systems on an ongoing basis.
Commercial organisations have a significant role to play in reducing both private bribery and the bribing of foreign public officials. Business is often the primary source of the funds to pay bribes and in such circumstances party to engendering an environment for bribery to occur, whether direct to the bribe taker or indirectly through an intermediary acting on its behalf. It is increasingly likely that companies, governments and international organisations will encourage (or possibly require) vendors to hold a valid ISO3700:2016 anti-bribery certification, to reduce harm and cost to themselves and/or to a nation state.
Certification assures stakeholders
Compliance with ISO37001 cannot provide legal assurance that bribery will not occur, such as a deliberate bribery incident. However, implementing the standard will help the organisation prevent bribery, positively change its ethics culture and provide verification and demonstration to third parties, be they customers or law enforcers, that it has implemented all reasonable and proportionate measures to prevent bribery. In so doing it will protect its own reputation and that of its employees other stakeholders and gain competitive advantage.
Back to main learning page
Latest views and ideas on compliance and anti-corruption issues from our experts
This month Interchange founder, John Burbidge-King was interviewed by Melanie Blackmore on the ISO Show, giving the benefit of his experience around the ISO37001 anti-bribery management systems and the outcomes for criminal behaviour by companies. Many companies don’t...read more
Interchange Solutions Founder, John Burbidge-King chaired a seminar on the criminal risks of international business, organised by The Worshipful Company of World Traders and Birkbeck College, London. The speakers were Dr Alexander Trautrims from Nottingham University...read more
Digital technology is changing the face of corruption, making it easier for the perpetrators but also arming those who are engaged in the war against it. So how can we define ‘corruption’, that collection of seedy practices that are often delivered at a high level in...read more