What is ISO 37001 – Anti-Bribery Management Systems?

November 12, 2024
Clock Icon 5 min read

ISO 37001 is a globally-recognised standard for any type of organisation that needs to implement an effective anti-bribery management system. Achieving certification in ISO 37001 ensures your anti-bribery policies and procedures are robust and transparent, and that you have an appropriate system in place for preventing and dealing with cases of bribery. In this article, we’ll look at why it’s important to have an ISO 37001 anti-bribery management system, how to achieve ISO 37001 certification and what the requirements of ISO 37001 are.

What is ISO 37001?

ISO 37001 is an international standard designed to help organisations create, implement and maintain an effective anti-bribery management system (ABMS).

ISO 37001 enables businesses of all sizes to prevent, detect and address bribery by following a series of steps, including creating an anti-bribery policy, carrying out risk assessments, training members of staff, implementing controls and ensuring reporting and investigating procedures are in place. These measures are all considered best practice for anti-bribery worldwide.

The main purpose of an ISO 37001 ABMS is to instil an anti-bribery culture within an organisation, therefore making bribery less likely and having better means for detecting bribery should it occur. The standard covers bribery both by the organisation, its personnel and its business associates and bribery of the organisation, its personnel and its business associates by a third party.

An ISO 37001 ABMS can be implemented by any type of organisation, whether in the private, public or voluntary sector, by organisations of any size and in any part of the world.

bribery happening in the workplace

Why is ISO 37001 Important?

ISO 37001 is important because it helps organisations to implement or enhance their existing anti-bribery management system. Not only can this prevent bribery from occuring in the business, but it also reduces the impact of bribery should it happen.

Bribery is a widespread problem that costs businesses copious amounts of time and money. It can also have disastrous, far-reaching effects – far beyond the organisation affected – contributing towards political instability, poverty and hindering international trade. This is why having an ISO 37001 ABMS is so essential.

Note that obtaining ISO 37001 certification doesn’t guarantee that bribery will be avoided completely. Instead, it provides organisations with a well thought out system that they can follow in order to deter bribery to the best of their ability. It also acts as evidence that the organisation has a robust system in place should allegations of bribery ever arise.

What are the Benefits of ISO Certifications?

There are many business benefits of ISO certification. Obtaining an ISO 37001 certificate enables your organisation to:

  • Improve your existing ABMS – ensuring your current anti-bribery system meets the requirements of ISO 37001 will make it more robust and more effective. it also makes your policies and processes more transparent.
  • Commit to anti-bribery best practice – by following the ISO 37001 standard, your organisation will be committing to follow best practice. It also ensures that your suppliers and subcontractors are committed too.
  • Implement robust procedures – an ISO 37001 anti-bribery management system means the reporting and investigation procedures you have in place work well, your financial controls are effective and everyone knows what to do to prevent and report instances of bribery.
  • Assure customers, clients, stakeholders and investors – an ISO 37001 ABMS proves to your customers, clients and potential investors that you’re proactively trying to deter bribery, giving them more confidence in your business.
  • Provide evidence of compliance for suppliers – some contractors and suppliers will require you to provide evidence of your compliance with ISO 37001 before they’ll work with you, so having this certification opens up the market.
  • Demonstrate legal compliance – the Bribery Act 2010 requires your organisation to have adequate procedures in place to prevent bribery, so having an ISO 37001 system in place helps you to comply with this legislation.
  • Give evidence in a criminal investigation – in the event of an investigation into bribery regarding your company, your ISO 37001 certificate will act as evidence to prove you’ve taken all reasonable steps to prevent bribery from occurring.
an anti-bribery staff member

ISO 37001 Requirements

The requirements of ISO 37001 are designed to be integrated within your existing anti-bribery processes and controls. These measures, when applied, will help your business to prevent, detect and respond to bribery effectively.

ISO 37001 requirements include ensuring your organisation has:

  • An anti-bribery policy.
  • Commitment from management and leadership teams.
  • Someone to oversee compliance with the policy.
  • Regular staff training and vetting.
  • Completed bribery risk assessments.
  • Due diligence procedures for projects and business associates.
  • Financial, commercial and contractual controls.
  • Reporting, monitoring, investigation and review procedures.
  • Procedures for corrective action.
  • An attitude of continual improvement.
Expert Icon

Want to Learn More?

Regular staff training in anti-bribery and corruption measures is vital for ISO 37001 compliance and certification. Our online Anti-Bribery and Corruption training course will help you to meet this requirement.

How to Achieve ISO 37001 Certification

To achieve ISO 37001 certification for your organisation’s ABMS, you’ll need to follow a series of steps:

Step 1: Understand the ISO 37001 requirements

Firstly, it’s important to familiarise yourself with the expectations of the ISO 37001 standard so you understand how to ensure your ABMS complies with it. To create an ISO 37001-compliant ABMS, you’ll need to apply the core elements to your organisation. You can purchase a copy of the standard here.

Step 2: Undergo a stage 1 audit

A stage 1 audit by the certification team will result in a report containing general observations about your ABMS and highlighting any non-conformities with the standard. These may be minor, where a corrective action plan must be completed, or major, whereby the corrective action plan must be completed and submitted back to the assessment team within 10 days of receiving the initial report. Any major non-conformities will then be reassessed to ensure they’ve been resolved.

Step 3: Undergo a stage 2 audit

A stage 2 audit will be carried out once stage 1 has been passed and any non-conformities with the standard have been addressed. This will result in a stage 2 report containing positive general observations about your ABMS, suggestions for improvement and any minor/major non-conformities still outstanding.

Non-conformities, whether minor or major, must be addressed by the organisation with a corrective action plan and sent back to the auditor (within 45 days for minors and 90 days for majors). For major non-conformities, a revisit will be required within 30 days to ensure the issues have been resolved.

Step 2: Receive your ISO 37001 certificate

When the stage 2 audit has been passed, you’ll be awarded the ISO 37001 certification. This certification is valid for 3 years, after which your ABMS will need re-auditing in order to maintain the certificate.

An ISO 37001 Anti-Bribery Management System (ABMS) ensures your organisation is doing all it can to prevent bribery from occurring and deal with it appropriately should it happen. Achieving ISO 37001 certification proves to clients, customers and investors that you take bribery seriously and will always take action against it. To obtain ISO 37001 certification, you’ll need to be subject to two audits to ensure your ABMS is up to standard before the certificate is issued.

Further Resources:

Tags:

Business Law and ComplianceFinancial