What is ISO 37001 ?
- ISO 37001 is an anti-bribery management system standard published in October 2016.
- It is designed to help an organization establish, implement, maintain, and improve an anti-bribery compliance programme.
- It includes a series of measures and controls that represent global anti-bribery good practice.
Who can use this Standard ?
The standard is flexible and can be adapted to a wide range of organizations, including:
- Large organizations
- Small & medium sized enterprises (SMEs)
- Public and private sector organizations
- Non-governmental organizations (NGOs)
The standard can be used by organizations in any country.
Does the Standard require a stand-alone Management System?
- The measures required by ISO 37001 are designed to be integrated with existing management processes and controls.
- It follows the common high-level structure for ISO management system standards, for easy integration with, for example, ISO 9001.
- New or enhanced measures can be integrated into existing systems.
What does ISO 37001 address?
- Bribery by the organization, or by its personnel or business associates acting on the organization’s behalf or for its benefit.
- Bribery of the organization, or of its personnel or business associates in relation to the organization’s activities.
Does the Standard define bribery?
- Bribery is defined by law which varies between countries. Therefore the Standard provides a generic definition of bribery, but the actual definition will depend on the laws applicable to the organization.
- The Standard provides guidance on what is meant by bribery to help users understand the intention and scope of the Standard.
What does the standard require?
The organization must implement a series of measures and controls in a reasonable and proportionate manner to help prevent, detect, and deal with bribery, including:
- Anti-bribery policy
- Management leadership, commitment and responsibility
- Personnel controls and training
- Risk assessments
- Due diligence on projects and business associates
- Financial, commercial and contractual controls
- Reporting, monitoring, investigation and review
- Corrective action and continual improvement
How will the Standard benefit an organization?
The Standard benefits an organization by providing:
- Minimum requirements and supporting guidance for implementing or benchmarking an anti-bribery management system
- Assurance to management, investors, employees, customers, and other stakeholders that an organization is taking reasonable steps to prevent bribery
- Evidence in the event of an investigation that an organization has taken reasonable steps to prevent bribery.
Can my organization be ISO 37001 certified?
- ISO 37001 is a requirements standard, making it capable of independent certification.
- Third parties will be able to certify an organization’s compliance with the Standard.