What you need to know about ISO 37001
ShareShare

What you need to know about ISO 37001

Published in July 2nd, 2018

ISO 37001 – Anti-Bribery Management Systems was created so that companies can act more proactively and avoid the practice of bribery, often responsible for triggering confidence crises that can destroy an organization’s image and business.

You can learn about the main aspects that govern this norm in this article.

According to estimates by the World Bank and the International Monetary Fund, between 1 and 2 trillion dollars are paid each year in bribes. Considering other corrupt practices as well, it is estimated that amounts “drained” illegally result in an inestimable economic loss.

When companies fail to invest these amounts in improving the quality of products and services, and when they fail to prevent dishonest acts, they end up with a tarnished reputation. This drives customers away and, consequently, lowers revenues.

The strong commitment of business leaders to clarity and ethics contributes significantly to combating the practice of bribery, but this is not always enough to ensure one’s reputation.

The path to regaining trust is very difficult, if not impossible. Often, the only alternative left is to simply close the doors.

To this end, ISO 37001 is a strong ally in the fight against this sad scenario.

What is ISO 37001?

ISO 37001 is a standard that provides requirements and guidelines for organizations seeking to establish, implement, maintain and refine an anti-bribery management system. The standard is based on best practices throughout the world. It includes a series of measures and controls aimed at increasing the likelihood of detecting bribes and reducing their occurrence.

It deals with two aspects:

  • Bribes paid by the organization, its staff or business partners acting on behalf of the organization or for its benefit.
  • Bribes paid to the organization, its staff or business partners related to the activities of the organization.

What is the difference between bribery and corruption?

 The terms bribery and corruption are related, but are applied incorrectly in some cases and lead to doubts.

Bribery can be defined as an illegal practice, in which an individual is induced to practice a given act in exchange for some advantage. It usually involves money, but it can also involve other benefits such as services, trips or material possessions.

Corruption is the result of the practice of bribery and can occur in both public and private companies.

When a system is “corrupted”, it is weakened and results in a number of consequences. The consequences can affect the quality of life of citizens, discourage foreign investment or impede the development and growth of the country, among others.

What kind of company can adhere to ISO 37001?

ISO 37001 is flexible and is adaptable to different kinds of organizations, including:

  • Large companies
  • Small and medium-sized enterprises (SMEs)
  • Public and private sector organizations
  • Non-governmental organizations (NGOs)

The standard can be applied in any country.

Is ISO 37001 certifiable?

Yes. Any organization, regardless of its size or business area, can certify its anti-bribery management system under ISO 37001. In each country, there are a number of entities that can certify system compliance, just as they do for ISO 9001 and ISO 14001, among others.

Does ISO 37001 require an independent management system?

 ISO 37001 is based on the High Level Structure already used by other ISO management standards and systems. This means that the requirements have been defined anticipating the integration of processes, management controls and other existing management systems, such as quality management systems and environmental and safety management systems, among others.

How is bribery defined under ISO 37001?

The standard provides a generic definition of bribery, but the actual definition will depend on the laws applicable to each company. The term bribery is defined by law and varies from country to country.

ISO 37001 provides guidelines on what is understood as bribery to help users understand the intent and scope of the standard.

What are the main pillars of ISO 37001?

According to the standard, organizations should implement measures and controls to help prevent, detect and address bribery, including:

  • An anti-bribery policy
  • Leadership, commitment and responsibility of senior management
  • Anti-bribery training
  • Risk assessments
  • Due diligence on projects and business partners
  • Financial, commercial and contractual controls
  • Reporting, monitoring, research and review
  • Corrective action and continuous improvement

What are the main benefits of implementing an anti-bribery management system?

The requirements of ISO 37001 place a lot of emphasis on details and documentation. The standard requires that companies not only take steps to strengthen their anti-bribery program, but also document these steps. This ensures that during audits the company has evidence that the program has been properly planned and effectively implemented in good faith.

Being in compliance with the requirements of ISO 37001 demonstrates the company’s commitment to anti-bribery practices. When entering a new market or starting a new business relationship, the new business partner has assurances that the company takes compliance seriously. Certification has the potential to be a competitive edge. It increases the credibility of the company and leads to new business.

If you are interested in ISO 37001 and would like to learn more about the standard, watch our webinar: Understanding Anti-Bribery Management Systems under ISO 37001.

About the author
Marcelo Becher

Marcelo Becher

Especialista em Gestão Estratégica pela PUC-PR. Analista de negócios e mercado na SoftExpert, fornecedora de softwares e serviços para automação e aprimoramento dos processos de negócio, conformidade regulamentar e governança corporativa.

You might also like:

Logo SoftExpert Suite

The most comprehensive corporate solution for business compliance, innovation and digital transformation