Subject and Scope:

ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing, and improving an anti-bribery management system.

The system can be standalone or integrated into the overall management framework.

ISO 37001:2016 addresses the following issues related to an organization's activities:
• Bribery in the public, private, and nonprofit sectors.
• Bribery by the organization.
• Bribery by personnel acting on behalf of or for the benefit of the organization.
• Bribery by business associates acting on behalf of or for the benefit of the organization.
• Bribery of the organization.
• Bribery of personnel of the organization in relation to its activities.
• Bribery of business associates of the organization in relation to its activities.
• Direct and indirect bribery (e.g., offering or receiving bribes from a third party).

ISO 37001:2016 is applicable only to bribery. It establishes requirements and provides guidance for a management system designed to help the organization prevent, detect, and respond to bribery and to comply with anti-bribery laws and voluntary commitments applicable to its activities.

ISO 37001:2016 does not specifically address fraud, cartels, other criminal activities related to abuse of monopoly/competition law, money laundering, or other corruption-related practices, although an organization may choose to expand the scope of its management system to include these activities.

The requirements are generic and intended to be applicable to all organizations (or parts of organizations), regardless of type, size, or nature of activity, and whether they operate in the public, private, or nonprofit sectors.