What is ISO 37001?

ISO 37001 is the first international standard in the field of management systems designed for combating bribery and corruption. It's conceptualized to help organizations combat the risk of potential bribery within their own working processes and across their global value chains.

It has the potential to reduce corporate risk and costs related to the occurrence of bribery by providing a flexible business framework that prevents, detects, and addresses bribery. "Bribery represents a significant business risk in many countries and sectors," says Neill Stansbury, the chairman of the ISO/PC 278 project committee responsible for this new standard. In many cases, it has been tolerated as a "necessary" part of business behavior. However, increasing awareness of the harm that bribery causes to countries, organizations, and individuals has led to a call for effective action to prevent bribery.

Many organizations have already invested significant time and resources in developing internal systems and processes to prevent bribery. ISO 37001:2016, Anti-Bribery Management Systems - Requirements with Guidance for Use, is designed to support efforts to combat bribery while ensuring transparency and clarity of measures implemented by an organization, as well as the most efficient and effective ways to implement them.

ISO 37001 will aid in preventing, detecting, and addressing bribery issues, whether it involves bribery within the organization or bribery benefiting the organization, its employees, or business partners. By implementing related measures and controls, including accompanying guidelines, the anti-bribery management system defines requirements for:

•  Anti-bribery policies and procedures
• Leadership commitment and responsibility
• Responsible manager oversight
• Anti-bribery training
• Risk assessment and due diligence on projects and business partners
• Financial control, procurement control, commercial and contractual control
• Reporting, monitoring, investigation, and review
• Corrective actions and continuous improvement

Stansbury notes that ISO 37001 is developed for flexible application in organizations of all sizes, wherever they operate. "The risk of bribery an organization faces varies depending on factors such as the size of the organization, the country or sectors in which the organization operates, and the nature, extent, and complexity of the organization's business. Therefore, ISO 37001 defines the application of reasonable and proportionate policies, procedures, and controls."

Organizations can choose Quality Cert Sarajevo to verify their compliance with the ISO 37001 requirements to confirm that their anti-bribery management system meets the criteria of the standard. While certification (or compliance) with ISO 37001 cannot guarantee the absence of bribery or that bribery will not occur in relation to that organization, the standard can assist the organization in implementing all appropriate measures to prevent bribery.