The International Organization for Standardization recently issued a new regulation setting forth the ISO 37001 standard for anti-bribery management systems.
ISO 37001, published on October 14, 2016, specifies the requirements and provides guidelines for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. Under ISO 37001, the system can be either stand-alone or can be integrated into an overall management system.
"The overall intent is that the organization makes reasonable and proportionate enquiries about the business associate, taking into account the activities that the business associate would undertake and the bribery risk inherent in these activities, so as to form a reasonable judgment on the level of bribery risk which the organization is exposed to if it works with the business associate". [source: ISO/DIS 37001, Draft International Standard, Ant bribery management systems, page 36, section A10.9]
The ISO 37001 anti-bribery management system outlines the minimum standards required to achieve third-party compliance, including the elements of a company's risk assessment process, anti-bribery policy, as well as recommendations regarding the investigation and remediation of bribery and corruption. The standard also dedicates several sections to the performance of third-party due diligence.
The ISO 37001 standard includes many of the components that companies should employ, according to law enforcement agencies, to prevent, detect, and respond to bribery, including: adopting an anti-bribery policy; appointing a person to oversee anti-bribery compliance, training, risk assessments, and due diligence on projects and business associates; implementing ﬁnancial and commercial controls; and instituting reporting and investigation procedures.
In addition, ISO 37001 includes a provision allowing for an independent third party to issue a certiﬁcation (for a fee) stating that a company's anti- corruption program complies with the standard. The standard ensures company's efforts are meet or exceed compliance levels for the global market, especially for individuals and entities in developing countries with which companies may wish to do business.
We strongly recommend that all companies adopt and implement an anti- corruption policy and that a company's employees, as well as its agents, distributors and resellers, participate in official training on this matter. These policies have become a pre-condition for many strategic business partners as well as investors, ﬁnancing bodies, etc., for engaging with any party. We expect that ISO 37001 will soon become a "gold standard" for these programs and, as in other ﬁelds, will serve as proof that a company employs reasonable measures to prevent corrupt activity.
Our ﬁrm has vast experience and expertise in connection with the enforcement of compliance programs in various ﬁelds, and speciﬁcally in anti-bribery and corruption, and we will be happy to assist and prepare compliance programs tailored speciﬁcally for each company also in compliance with the ISO 37001 standards. We will also be happy to assist you in reviewing your existing policy to verify its compliance with is standard and to prepare your company to apply for an ISO certiﬁcate.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.