Standardise your anti-bribery compliance programme with ISO 37001

8 November 2016

Rahul Lalit, Partner, Forensic Services, PwC India

Standardise your anti-bribery compliance programme with ISO 37001

With the increasing number of cases of bribery and corruption, the past couple of years have witnessed the globalisation of anti-bribery regulations, with various countries implementing stricter enforcement actions. In India, with the introduction of the Lokpal Bill, 2013, and the proposed amendment to the Prevention of Corruption Act (PCA), 1988, measures are clearly in place for the penalisation of prohibited and unethical business activities.

Regulators are constantly on the watch, flexing their muscles to tighten the noose on the corrupt. At times, compliance to some of these laws can create a business environment which is autocratic and threatening, especially outside the US (under the FCPA regime) or UK (regulated by UKBA), when a buy-in to adhere to a company’s compliance programme is required.

ISO 37001: The need

While there is an abundance of guidance related to anti-bribery programmes and controls, what most companies find missing is a simplified and integrated framework that focuses on practical aspects instead of high-level principles, and that provides a guided approach towards creating an environment that promotes a strong anti-bribery and corruption framework.

With a history of providing practical tools for tackling many of today’s global challenges, International Organization for Standardization (ISO) has now released a new standard, ISO 37001 on Anti-bribery Management Systems, to help organisations establish, implement, maintain, and improve an anti-bribery compliance programme for preventing, detecting and addressing bribery.

As part of the requirements of ISO 37001, an organisation must implement a series of measures and controls in a reasonable and proportionate manner, including:

  • Document and implement an anti-bribery policy to identify, evaluate and address the risk of bribery.
  • Demonstrate leadership, ownership and commitment in driving an effective anti-bribery policy.
  • Provide adequate and appropriate anti-bribery awareness and training to personnel.
  • Conduct the necessary due diligence on projects and business associates to obtain sufficient information to assess the bribery risk.
  • Implement financial, commercial and contractual controls to manage the risk of bribery.
  • Implement procedures for reporting, monitoring and investigating breach of the anti-bribery policy.
  • Continually assess the anti-bribery framework through corrective action and continual improvement.

Besides reassuring management, investors, employees, customers and other stakeholders, this standard will enable organisations to measure and evaluate their own anti-bribery programmes (including those of their business partners) using a single benchmark and to create a competitive differentiator.

ISO 37001: The potential

For entities in developing regions or in areas that are considered to be high risk, the standard may act as an important tool to ensure that a company’s compliance efforts are, at least, on a par with those of other global companies. The certification may also empower organisations and their personnel to firmly decline any potential solicitations from government bodies. It will not be surprising if, in the near future, this standard is made mandatory for companies doing business with the government or if it becomes an important consideration for investors to get comfort during mergers and acquisitions.

While the certification cannot guarantee that no bribery will occur within your own or your business associates’ organisations, it will surely help to demonstrate and make regulators consider the overall state and effectiveness of a company’s compliance programme, should the situation so demand. Hence, organisations that want to adopt ISO 37001 should obtain professional expertise to help them prepare and implement this new standard.

As a recent development, the true effects of the standard are yet to be seen. Nevertheless, ISO 37001 clearly has the potential to become a powerful weapon to fight the battle against bribery and corruption.

Manav Walia, Associate Director, Forensic Services, contributed to this blog post.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.