The Importance of a Certified Anti-Bribery Management System
by Anastasios Arampatzis
ISO 37001 provides requirements and guidance for any organization to establish, implement, review, and improve an anti-bribery management system. Managing risks related to bribery and other forms of corruption is vital to succeed commercially.
The threat of bribery
Transparency and trust are the building blocks of any organization’s credibility. Nothing undermines effective institutions and equitable business more than bribery. Bribery represents a serious risk to businesses, with potentially significant legal and financial repercussions for individuals and organizations.
The UN and OECD have both adopted conventions aimed at reducing bribery, and anti-bribery legislation is being tightened worldwide, imposing harsher penalties on employees, directors and organizations. It is estimated that globally, over $1.5 trillion in bribes changes hands every year. Apart from the negative economic impact, bribery also impacts the whole society as it undermines trust, leads to unfairness, creates inequality, and stifles motivation.
ISO joined the global fight against bribery by developing ISO 37001, an international standard that sets out the requirements for an anti-bribery management system (ABMS).
What is ISO 37001?
ISO 37001 is applicable to bribery. It defines requirements for a management system designed to help organizations prevent, detect, and respond to bribery as well as comply with anti-bribery laws and voluntary commitments applicable to the organization’s activities.
An anti-bribery management system is designed to instill an anti-bribery culture within an organization and implement appropriate controls, which will in turn increase the chance of detecting bribery and reduce its incidence in the first place. The system can be independent of, or integrated into, an overall management system.
Other aspects, such as fraud or money laundering can also be included in the management system scope in accordance with relevant legislation and best-practices. ISO 37001 covers bribery:
- by the organization, its personnel or business associates acting on the organization’s behalf or for its benefit
- of the organization, its personnel or business associates in relation to the organization’s activities
A compliant management system must implement measures and controls to include:
- Anti-bribery policy
- Management leadership, commitment, and responsibility
- Personnel controls and training
- Risk assessments
- Due diligence on projects and business associates
- Financial, commercial, and contractual controls
- Segregation of Duties (SoD) and effective approval flows
- Reporting, monitoring, investigation, and review
- Corrective action and continuous improvement
Implementing an anti-bribery management system requires leadership and input from top management, and the policy and program must be communicated to all staff and external parties such as contractors, suppliers and joint venture partners.