ISO 37001 Certification gives out a number of requirements that relate to the following clauses: context, leadership, planning, support, operations, performance evaluations, and improvement.
Below are the key requirements that must be implemented prior to obtaining ISO 37001 certification:
- Bribery risk assessment based on the organization’s context (internal & external issues) and the needs and requirements of its interested parties.
- Anti-bribery objectives
- Anti-bribery policy Statement
- Regulatory body and top management oversight, program review and commitment to combatting bribery
- Anti-bribery legal and other compliances function and other designated roles and responsibilities
- Appropriate planning
- Adequate and complete resources
- Thorough awareness and training to all relevant personnel
- Communications- Internal & External
- Operational procedures and controls (Mitigation, Contingency and/or Strategic) including where applicable
- Due diligence on personnel (internal or external), projects, transactions and business associates posing more than the acceptable risk of bribery
- Financial and non-financial controls and operations
- Policies dealing with gifts, hospitality, donations, and similar advantages
- Reporting procedures, including a non-retaliation policy
- Investigation and verification procedures and disciplinary measures
- Continuous monitoring and periodic internal and external audits
- Appropriate and effective Corrective action and continuous efforts to improve the program
Your organization might have implemented many, if not all, of these key requirements. The Standard ISO 37001 also requires more detailed and documented processes and controls related to these key requirements, as well as appropriate records that the requirements are in place and being carried out as planned. The governing body and top management are required regularly to review the program and to provide feedback regarding any changes to the program.
So, there is no silver bullet that will remove or eradicate the risk of bribery occurring or, in the event that it does occur, that there will be no government body investigation or prosecution. However, ISO 37001 consists of well-established and proven best practices included in a comprehensive and exhaustive management system and provides the best defense against any incidents of bribery occurring involving your organization.
Having effective compliance and ethical anti-bribery management system and the program is a strong mitigating factor when facing penalties or prosecution by the Court of Justice, the Securities and Exchange Commission, and the Serious Fraud Office, any Government Body as well as other international regulatory and prosecutorial bodies. The ISO 37001:2016 Standard meets the requirements for an effective anti-bribery program as set forth in the legal and regulatory Federal Sentencing Guidelines, as well as meeting guidelines published by the Government, and thus a certification can assist an organization’s efforts to demonstrate its commitment to fighting bribery and corruption.
ISO 37001 certification (also known as “registration”) is a 3rd party audit performed by a certification body like Euro VERITAS Ltd who will upon auditing that the organization is in compliance with the requirements of ISO 37001, will issue an ISO 37001 certificate of registration/conformity. This certification is then maintained through regularly scheduled annual surveillance audits by the registrar- Euro VERITAS Ltd, with re-certification of the Anti-bribery Management System, performed on a 3-Yearly basis.
The Anti-bribery Management System which is based on ISO 37001, helps the organization prevent, detect, and address bribery towards better ethical business culture.
ISO 37001 certification makes you bring your organization to a better business environment. It makes the organization capable of complying with globally recognized anti-bribery best practices and proves the overall competence toward implementing and managing an Anti-bribery Management System.
In addition to requiring anti-bribery risk assessments, ISO 37001 will also require companies to do the following:
- Train the personnel in Anti-Bribery processes
- Document a Manual as per ISO 37001
- Develop, document and maintain compliance policies and procedures
- Implement compliance training and other competence building programs
- Demonstrate effective tone at the top- accountabilities and authorities
- Conduct risk-based due diligence wherever required
- Obtain 3rd party compliance certifications from Euro VERITAS Ltd and termination rights
- Obtain compliance commitments from employees and personnel
- Implement internal controls- mitigation, contingency and strategic
- Develop reporting and communication channels and ensure whistleblower protections
- Document compliance efforts and maintain records
- Periodically review and maintain records and improve anti-corruption compliance controls
- Prohibit facilitation payments
List of some Benefits of ISO 37001 certification from Euro VERITAS Ltd to your organization:
- Helps to fight bribery
- Promotes ethical business culture throughout the processes
- Improves performance of affected processes and activities
- Proves personnel commitment to anti-bribery best practices
- Monitors and manages risks and various opportunities wherever applicable throughout your business
- Demonstrates that your organization documents, implements, maintains and improves anti-bribery compliance program
- Protects the company, assets, shareholders, and directors from bribery
- Reduced malpractice risks: implementing the methods of this standard reduces the risk of malpractice.
- Reference: ISO 37001 can be used as a reference within the organization for the establishment or improvement of an anti-bribery management system.
- Transparency: this standard serves as a methodology to support transparency and keep stakeholders informed on its stand on bribery. Interested Parties may include the Board of Directors, personnel, business partners, customers, users, suppliers, vendors, contractors, and investors.
- Stakeholder assurance: ISO 37001 assures Interested Parties (relevant) that an organization has taken the appropriate measures to prevent bribery.
- Protection: ISO 37001 protects an organization, its assets, shareholders, and directors from the adverse effects of bribery and corruption.
- Demonstrates compliance: implementing the standard offers organizations a way to demonstrate compliance with the applicable laws.
- Easily integrated: ISO 37001 follows the same structure- Annex SL as ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 and hence, it can be easily integrated into existing management systems.
- Insurance: In the event of disputes, if any, implementation and certification can be used as evidence of due diligence.
- Serves as a benchmark: ISO 37001 can be used as an international best practice benchmark to evaluate the organizations’ position in relation to global best practices used by other organisations.
- While ISO 37001 is not a guarantee that no bribery will take place within an organisation, or involving the organization, it is a clear demonstration that the organisation has documented and implemented adequate measures to detect and prevent bribery, making it a valuable investment for any business organisation.
Benefits of ISO 37001 to your customers:
- An added assurance on ethics of the Organization from the customer
- Assurance of trust
- Ensures legislative and regulatory compliance
- Establishes additional trust and credibility to customers
- Proves proven commitment to anti-bribery best practices
ISO 37001 certification is expected to provide companies with a new “measuring stick” for evaluating their conformity programs and ensuring that they have met common international standard requirements. In addition, ISO 37001 will as well enable companies to make more factual and ethical and informed decisions about business partners and other third-party representatives.
Companies that receive an ISO 37001 certification from Euro VERITAS Ltd —especially those that work in corruption-prone areas or industries or high-risk industries or that have frequent exposure to government officials—will potentially have a comparative linear advantage against competitors that do not have the qualification.
ISO 37001 may also prove helpful to companies caught in the government investigations, if such a thing happens and involves the organization and which increasingly involve multiple jurisdictions and enforcement authorities.
Although the ISO 37001 certification does not absolve companies from liability for anti-corruption law violations, it is more-so-ever expected to offer independent validation of the company’s anti-corruption compliance program, and therefore may help the company make the case that its internal controls are pragmatic- both “strong on paper” and strong in practice.
Your organization if it has implemented (through Ascent WORLD) a certified global anti-bribery program, as per ISO 37001:2016 from Euro VERITAS Ltd consisting of documented policies, procedures, and controls that are recognized by anti-bribery and anti-corruption experts as best practices and that it has maintained records. This will significantly reduce the organization’s bribery risks. Having a certified program from Euro VERITAS Ltd in place demonstrates the organization’s stakeholders, including shareholders, investors, personnel (internal and external), business associates, customers, regulatory authorities, and the public that your organization is committed to ethical business practices and fighting corruption. This commitment can provide a significant competitive advantage in the global marketplace. In the event that bribery does occur (even after applying all controls) within your organization and there is a governmental investigation, having ISO 37001 certification might serve as evidence that your organization did its utmost to prevent such an event from occurring. The requirements in the Standard also ensure that the anti-bribery program is well documented – that there are established Procedures and Processes and Guidelines- which actually is essential when trying to prove to government authorities that an organization was committing to ethical business conduct.
ISO 37001 certification also reduces the risk of suffering the high costs (direct or indirect), penalties, lost opportunities, and reputational damage (in the market) associated with bribery.
Additionally, ISO 37001 certification imbeds transparency and ethical conduct in the processes, systems, procedures, and policies of your organization and becomes part of the way your organization does business in the market. With these procedures in place, the organization should experience improved efficiency, the assurance of better business relationships, and a more ethical culture within the processes and to the outside world.
Read Latest Blogs