What is the ISO 37001 standard?
Bribery is a global issue that affects the economy, society, and environment. It leads to the erosion of public trust, distorts fair competition, and undermines the rule of law. The World Bank reports that more than $1 trillion is paid in bribes yearly, equivalent to about 3% of the world’s GDP. Organizations can face legal sanctions, reputational damage, financial losses, and operational disruptions due to bribery.
To help organizations combat the risk of bribery in their operations, the International Organization for Standardization (ISO)
published ISO 37001 in 2016. This standard is an anti-bribery management system that provides guidelines and specifies requirements for implementing, establishing, maintaining, reviewing, and improving an anti-bribery compliance program. It is based on good governance, transparency, accountability, and proportionality principles.
What are the main features and benefits of ISO 37001?
ISO37001 covers several aspects of anti-bribery management, including adopting an anti-bribery policy and ensuring top management commitment, appointing a person or function to oversee anti-bribery compliance, conducting bribery risk assessments and due diligence on projects and business associates, providing training and awareness programs for personnel and business associates, implementing financial and commercial controls to prevent and detect bribery, establishing reporting and investigation procedures for bribery incidents, taking corrective actions, and continual improvement measures.
ISO 37001 applies to all types of organizations, regardless of size, nature, or location. It can be used as a stand-alone or integrated into an existing management system. It can also be applied to any form of bribery, whether direct or indirect, public or private, active or passive.
The benefits of implementing ISO 37001 are numerous. It can help organizations effectively prevent, detect, and address bribery risks, comply with anti-bribery laws and voluntary commitments, demonstrate their credibility and integrity to stakeholders, reduce costs and losses associated with bribery misconduct, enhance their reputation and brand value, and improve their performance and competitiveness.
What are ISO 37001 Certification Process Steps?
To get the ISO 37001 certification, organizations need to pass an audit by an accredited certification body to ensure they comply with the standard. Typically, the ISO 37001 certification process includes the following stages:
- Audit confirmation: The organization and the certification body agree on an audit plan and schedule at least three months before the first audit.
- Optional pre-assessment audit: The organization can conduct a preliminary audit to identify gaps or weaknesses in its anti-bribery management system and prepare for the formal audit.
- Stage 1 audit: The certification body reviews the organization’s documentation and policies related to anti-bribery management and checks its readiness for the stage 2 audit. The certification body reports any non-compliance issues to the organization.
- Stage 2 audit: The certification body conducts an on-site audit to evaluate the implementation and effectiveness of the organization’s anti-bribery management system. The certification body reports any non-compliance issues, opportunities for improvement, and positive observations to the organization.
- Certification decision: The certification body recommends certification based on the audit results. The organization must submit a corrective action plan for non-compliance issues within a specified time frame and implement the actions accordingly.
The ISO 37001 certificate is valid for three years and is subject to annual surveillance audits to ensure the organization’s continued compliance with the standard.
How to get ISO 37001 certified?
Organizations seeking ISO 37001 certification
need to undergo an audit by an independent and accredited certification body, such as VIS. The audit will verify that the organization has implemented an anti-bribery management system that meets the standard’s requirements. Certification provides external assurance that the organization has taken reasonable steps to prevent bribery.
ISO 37001 is a valuable tool for organizations that want to combat bribery risk systematically and proactively. It provides a framework for developing a culture of integrity and transparency within the organization and its value chain. By adopting ISO 37001 as a business enabler, organizations can demonstrate their commitment to ethical practices and gain a competitive edge in the market.