What is it?
ISO 37001 is an Anti-Bribery Management System Standard published in October 2016. It is designed to help an Organization establish, implement, maintain and improve an anti-bribery compliance program. It includes a series of measures and controls that represent global anti-bribery good practice.
ISO 37001 addresses:
- Bribery by the Organization or its personnel/business associates acting on the Organization’s behalf or benefit
- Bribery of the Organization or its personnel/business associates in relation to the Organization’s activities
Bribery is defined by law, which varies between countries. The Standard provides guidance on what is meant by bribery to help users understand the intention and scope of the Standard.
ISO 37001 is a Requirements Standard, making it an Independent Certification. The Organization must implement a series of measures and controls in a reasonable and equivalent manner to help prevent, detect and deal with bribery. This must include:
- Anti-Bribery Policy
- Managements Leadership, Commitment and Responsibilities
- Personnel Controls and Training
- Risk Assessments
- Due Diligence on Projects and Business Associates
- Financial, Commercial and Contractual Controls
- Reporting, Monitoring, Investigation and Reviews
- Corrective Action and Continual Improvement
Who Can Use this Standard?
The Standard is flexible and can be adapted to a wide range of Organizations, including:
- Small and Medium Sized Enterprises (SMEs)
- Large Organizations
- Public and Private Sector Organizations
- Non-Governmental Organizations (NGOs)
The Standard can be used by any Organizations in any Country Worldwide.
The measures required by ISO 37001 are designed to be integrated with existing Management Systems or processes and controls. It follows the common high-level structure for ISO Management System Standards, for easy integration with Quality Management Systems (9001) and Information Security Management Systems (27001).
The Standard provides:
- Minimum requirements and supporting guidance for implementing an Anti-Bribery Management System
- Assurance and Evidence to Management, Investors, Employees, Customers and Stakeholders that the Organization is taking reasonable steps to prevent bribery
Allows Organizations of all types to prevent, detect and address bribery by appointing a person to oversee its compliance, training, risk assessments and due diligence, which creates a continuous cycle of improvement.