Anti-bribery Management Specifications under ISO

Narendra Kumar

07 Nov, 2019

ISO 37001:2016

As per the Corruption Perception Index, 2015 (initiated by the internationally acclaimed NGO Transparency International, this index is widely used as an indicator of corruption existing globally – it rates countries between zero to hundred, where zero indicates a high level of corruption and 100 indicates a clean country), the cleanest countries in the world are Denmark, Finland, Sweden, New Zealand and Netherlands. The countries with the highest level of perceived corruption are South Sudan, Sudan, Afghanistan, North Korea, and Somalia. A survey conducted to assess service-wise bribery rates across the world revealed that the police department globally has the highest incidence of accepting bribes, closely followed by the judiciary department.

Tackling bribery and corruption is a critical issue that nations face across the world today. While law and law enforcing agencies along with the support of their respective governments try to combat evil, there is huge scope for development in this field. At the international level, there have been agreements such as the Organization for Economic Cooperation and Development Convention on Combating Bribery of Foreign Public Officials in International Business Transactions and even the United Nations Convention against Corruption. Since bribery is an act of corruption that primarily happens at an individual, department or organizational level, it has been felt that there is a need for proper anti-bribery policy and an effectual management system to develop an environment of transparency and openness in the organization.

The introduction of ISO 37001 is a big step towards creating a corruption-free world. To create a work environment that enables employees to work with integrity, it is important that organizations, big and small, government and non-government, embrace this standard in order to establish, implement, maintain and continually improve upon an appropriate anti-bribery management system. The ISO 37001 was developed through global consensus, led by the ISO project committee ISO/PC 278.

Organizations can decide to be compliant with ISO 37001 as a stand-alone system or join it with other Quality Management System^[1] such as ISO 9001. It is based on the ISO High-Level Structure (HLS) for management system standards which means that it can be combined with other existing management systems like quality, environment, etc. quite easily. This standard is one of the relatively new standards published by the International Organization for Standardization (ISO) – the first version was made public in October 2016.

What is an Anti-Bribery System?

With a proper anti-bribery system in place, organizations can aim to achieve two major things –(1) increases the chance of detecting bribery, in case indulged in by internal or external persons within or outside the organization; and also will also help reduce the chances of incidence of bribery taking place.

The ISO 37001 covers in its scope all types of bribery, whether financial or non-financial, cash or kind, a bribe paid or received through or by a third party and it can be bribery by or an organization. The details of the scope of ISO 37001 are:-

• Direct or indirect bribery
• Bribery in the public, private or not-for-profit sectors
• Bribery by the organization
• Bribery by the organization’s personnel acting on behalf of the organization or for its benefit
• Bribery by the organization’s business partners accepting on behalf of the organization or for its benefit
• Bribery of the organization
• Bribery of the organization’s employees related to the organization’s activities
• Bribery being accepted by the organization’s business partners related to the organization’s activities.

ISO 37001 is Suitable for which Companies and Sectors?

It is just right for any kind of business. The compliance policy is helpful to any organization to help promote a culture of trust and confidence amongst its internal and external stakeholders. It is suitable for big, small and medium scale industries; public and private organizations including the non-profit industries and government departments.

Key elements of the ISO 37001

1. The context of the organization which involves understanding the need for an anti-bribery system in the organization followed by strategizing for it. It needs to be done keeping in view the expectations of shareholders as well as other stakeholders, assessment of risk factors keeping in view the overall functioning of the organization.
2. The senior management or the leadership team’s involvement in initiating, participating and reviewing of the system. The leadership needs to be crucially involved and committed to drawing up an anti-bribery policy, defining the roles and responsibilities of the team and compliance functions.
3. Planning stage where the risks and opportunities are identified; objectives of the overall system and compliance objectives are laid down, a compliance manager is appointed to oversee the development and the implementation of the system.
4. Support element where the required resources, competencies are identified. Training needs, communication, and documentation systems are all required to be put into place. Anti-bribery training is provided to all employees and business associates.
5. Operation element that includes due diligence, investigations, monitoring, reporting, commercial and contractual controls, and
6. Evaluation of performance which consists of measuring the performance of the anti-bribery quality system. Carrying out internal audits, management reviews, etc.
7. Improvement stage which involves taking up corrective actions and program improvement steps against non-conformance with ISO 37001.

Benefits of ISO 37001

1. The foremost advantage of adopting ISO 37001 is that it helps the organization establish a culture of integrity and transparency.
2. It helps create a competitive advantage for the company.
3. It also helps the organization detect the incidence of bribery and take action against the same.
4. The certificate helps in assuring customers and other stakeholders that the organization practices anti-bribery norms thereby creating a feel-good factor about the company.
5. The certificate is a proof to law enforcing agencies that the organization is trying to be compatible with international standards relating to anti-bribery and anti-corruption.

Limitation of the ISO 37001

Getting the ISO 37001 certificate has its limitations too. At an organizational level, the limitations are:-

• Just by being certified by this standard does not necessarily mean that enforcing authorities will automatically accept that the anti-bribery standards have been adhered to within the organizational
• Just because a company is certified with ISO 37001, it does not mean that the company needs not to undertake the due diligence process and expect law enforcing agencies to be lenient in case of an offense related to bribery caused by the counterparty.
• The cost of certification might be substantial as there is an initial cost as well as expense related to renewal of the certificate which might prove to be a challenge for small and medium-size

The ISO 37001 addresses only bribery.  The other acts of corruption that is prevalent in the society like acts of fraud, cartels, antitrust offenses, money laundering etc. are not specifically addressed by this management system. Organizations can choose to extend the scope of their anti-bribery system to include these corrupt practices though.

Obtaining the ISO 37001 Certificate – the Process

The process of certification for ISO 37001 is similar to obtaining the other ISO certificates. Interested organizations need to apply and involve a third party certifying agency to assess the anti-bribery system of the organization, review and audit the same and on satisfactory results of conformance to specified requirements laid down in ISO 37001, the certificate is issued to the organization.