ISO 37001 – Bribery prevention in organisations
After several years of development, with contributions from over 50 countries, the International Organisation for Standardisation (ISO) has published ISO 37001: Anti-Bribery Management Systems Standard – a new international standard designed to help organisations worldwide implement and maintain effective bribery prevention measures. ISO 37001 includes the first global requirements that organisations can refer to when establishing or updating policies, procedures and controls to eliminate bribery risks.
What is ISO 37001?
ISO 37001 is a framework that defines minimum requirements for establishing, implementing, maintaining, reviewing and improving an organisation’s bribery prevention management and compliance systems. The requirements and guidance in ISO 37001 are designed to prevent or detect bribery by an organisation or by its employees or business partners acting on behalf of or on behalf of the organisation.
Implementation of ISO 37001
Compliance with the bribery prevention standard is voluntary and compliance does not ensure that bribery does not occur within an organisation or provide absolute protection against prosecution of the organisation where its employees, agents or intermediaries are engaged in bribery. However, conformity with the standard may
- better position the organisation to detect and prevent acts of bribery
- assist in the defence of prosecutions, including in the preservation of evidence by
- establishing the appropriate “corporate culture”
- putting in place “adequate procedures” to prevent bribery
- or implementing an “effective compliance and ethics programme” (in accordance with the Federal Sentencing Guidelines Manual, which applies to prosecutions under the US Foreign Corrupt Practices Act)
- provide companies with a competitive advantage when bidding for contracts
ISO 37001 content on bribery prevention
ISO 37001 is designed so that any organisation, regardless of size, location or activity, can implement it. In order to achieve ISO 37001, the organisation must implement a set of measures appropriate to the bribery risk to which the organisation is exposed. These include but are not limited to:
- Implementing a bribery prevention programme.
- Communicating the programme to all relevant individuals and business partners (joint venture partners, subcontractors, suppliers, consultants, etc.).
- Appointing a compliance manager (full-time or part-time) to oversee the programme.
- Provide appropriate anti-bribery training to staff.
- Assessing bribery risks, including appropriate due diligence.
- Taking appropriate steps to ensure that controlled organisations and business partners have implemented appropriate anti-bribery controls.
- Proportionate control over the internal application and implementation of the anti-bribery programme.
- Establishing processes to control gifts, hospitality, donations and similar benefits to ensure that they do not serve a corrupt purpose.
- Implementing appropriate funding, procurement, contract and other commercial controls to prevent the risk of bribery.
- Implement reporting (whistleblowing) procedures.
- Investigating and appropriately addressing actual or suspected bribery.
- Monitoring and reviewing the effectiveness of the programme, including any necessary improvements.
Source: Adapted from: http://globalcompliancenews.com/new-global-anti-bribery-standard-will-company-measure-20161017/