• Governance I Risk I Compliance Management

While the United Kingdom has positioned itself as a leader in the fight against fraud and corruption, the shifting economic conditions surrounding Brexit have raised uncertainty and vulnerability. As some organisations are forced to forge new trade deals outside of already established European Union (EU) relationships, some experts warn that there will be more exposure to corrupt markets. This new wrinkle comes nine years after passage of the Bribery Act 2010, which marked a major salvo in the war against bribery and corruption. The Bribery Act enhanced existing British law against corruption and placed a new level of responsibility squarely at the feet of organisations. It requires organisations to demonstrate anti-bribery procedures and controls, while also providing strict penalties for breaches of anti-bribery laws. The takeaway for UK companies is that they need to take action now. With Brexit posing challenges through new, untested trade deals in various markets, organisations need ISO 37001 – Anti-Bribery Management Systems standard as a comprehensive approach to mitigating risk. ISO 37001 include adopting an anti-bribery policy, including anti-bribery compliance, training, risk assessments and due diligence on projects and business associates. It also calls for implementing financial and commercial controls, and instituting reporting and investigation procedures.

The Persistence of Bribery and Corruption

Worldwide, bribery and corruption are still massive problems. Global anti-fraud watchdog Transparency International states that “only 11 major exporting countries – accounting for about a third of world exports – have active or moderate law enforcement against companies bribing abroad in order to gain mining rights, contracts for major construction projects, purchases of planes and other deals”. Great Britain is certainly one of those countries actively enforcing against bribery, and the UK Bribery Act placed it within the leading edge of the fight against bribery and corruption. Even still, Great Britain fell three places in Transparency International’s 2018 Corruption Perceptions Index (released in 2019). The country slipped from 8th place to 11th. The drop is seen by some as an embarrassment for a government that takes a hard line against corruption, and faces new challenges posed by a post-Brexit future.

Rolls-Royce Agrees to Massive Fines

Recent high-profile bribery and corruption scandals demonstrate how pervasive the problem is. Among them, a scandal involving British engineering giant Rolls-Royce led to the corporation agreeing to pay £671m to settle corruption cases with UK and U.S. authorities (£497m plus costs earmarked for the UK Serious Fraud Office, which conducted its biggest ever investigation into the firm). The SFO found conspiracy to corrupt or failure to prevent bribery by Rolls-Royce in China, India, Russia, Thailand, Malaysia, and other markets. The firm apologised “unreservedly” for the cases spanning nearly 25 years.

The wrongdoing involved Rolls-Royce’s “intermediaries”, which are local companies that handle sales, distribution and maintenance in countries where the British firm does not have enough people on the ground. Thirty-eight employees have faced disciplinary proceedings. Eleven left the firm during the disciplinary process. Six were dismissed. Rolls-Royce has also reviewed 250 intermediary relationships across the company – 88 have now been suspended.

Recently, the Serious Fraud Office says it ended its investigation but only after Rolls-Royce entered the deferred prosecution agreement and accepted responsibility “for corrupt conduct spanning three decades, seven jurisdictions and three businesses, for which it paid a fine of £497.25m”, according to SFO director Lisa Osofsky.

Cadbury Limited Pays for FCPA Violations

In another recent case, British confectionary company Cadbury Limited and its owner, Mondelēz International, Inc., agreed to pay $13 million to settle charges of violating the internal controls and books-and-records provisions of the FCPA. According to the order from the U.S. Securities and Exchange Commission (SEC), the FCPA violations arose from payments their subsidiary in India made to a consultant to obtain government licenses and approvals for a chocolate factory in Baddi, India.

An SEC investigation found that in February 2010, Mondelēz, formerly known as Kraft Foods, Inc., acquired Cadbury and its subsidiaries, including Cadbury India Limited, which manufactures and sells chocolate products in India. Cadbury India retained and made payments to an agent to interact with Indian government officials to obtain licenses and approvals for a chocolate factory in Baddi, India. Cadbury India failed to conduct appropriate due diligence on, and monitor the activities of, the agent.

From February 2010 to July 2010, the agent submitted five invoices to Cadbury India for, among other things, preparing license applications. Cadbury India employees at Baddi, not the agent, prepared these license applications. Cadbury India paid the agent a total of $90,666 (after withholding tax) upon receipt of the invoices. After receiving each payment, the agent withdrew from its bank account most of the funds in cash. During this time period, Cadbury India obtained some of the licenses and approvals. Without admitting or denying the findings, Cadbury and Mondelēz agreed to a cease-and-desist order and payment of a $13 million civil penalty.

The Bribery Act 2010 and UK Anti-Corruption Strategy 2017-2022

Passage of the Bribery Act 2010 in the UK marked a major milestone in the effort to prevent, detect, and prosecute bribery and corruption. Building off of existing British law and other international legislation like the U.S. Foreign Corrupt Practices Act (FCPA), the Bribery Act 2010 created a new offence which can be committed by commercial organisations that fail to prevent persons associated with them from bribing another person on their behalf. In turn, an organisation that can demonstrate having adequate procedures in place to prevent persons associated with it from committing bribery have a defence to the section 7 offence. In 2018, eight years after passage of the UK Bribery Act, the total number of SFO investigations was “believed to be in region of 70-75,” with “dozens” of bribery and corruption cases in the investigative pipeline.

In 2017, the HM Government (formerly Her Majesty’s Government) released its first UK Anti-Corruption Strategy 2017-2022 to provide a framework to guide government policy and action against corruption. The strategy aims to reduce threats to national security, protect the economy and foster business opportunities (especially for British businesses) and build public trust and confidence. It also sets out six clear priorities for the British Parliament: (1) reduce the insider threat in high-risk domestic sectors such as borders and ports; (2) strengthen the integrity of the UK as an international financial centre; (3) promote integrity across the public and private sectors; (4) reduce corruption in public procurement and grants; (5) improve the business environment globally; (6) work with other countries to combat corruption. The strategy’s emphasis on transparency, risk mitigation and compliance should serve as a strong indication that organisations are expected to be held to a higher standard if they are based or do business in the UK.

This is why it is of such critical importance that organisations doing business from the UK, or through/across its borders, have credentialed and tested processes like the ISO 37001 Anti-Bribery Management System Standard in place. Switzerland-based International Organization for Standardization issued the 37001 Anti-Bribery Management System Standard in 2016 to help organisations worldwide increase and measure their efforts against bribery and corruption. The standard will be discussed in depth later in this article.

Brexit and the Potential for Increased Bribery

With the UK leaving the European Union effective October 2019, the debate and protests have mostly been political in nature. A major concern, however, that is only recently being discussed is the potential business impact regarding bribery and corruption. In particular, the UK’s National Crime Agency (NCA) has warned that the UK’s exit from the EU will impact the prevalence of bribery and corruption over the next five years, as UK companies potentially come into greater contact with corrupt markets. In addition, there is a report so secret that is has not been made public, according to an article in the Independent that quotes NCA Director-general Lynne Owens as saying that “We produce an ‘official sensitive’ and ‘top secret’ report that would go into the detail of where and what we are concerned about”. For watchdogs on bribery and corruption, such a statement is ominous, at best.

It’s worth noting that some Brexiters see the departure from the EU as an opportunity to cut red tape, which could further the regulation problem. Brexit could prompt the UK to strike trade deals with countries that have a heightened corruption risk. To embrace a reduction of “red tape” in favor of lax controls, however, would be a monumental mistake – with the Bribery Act 2010 still in full force, along with SEC enforcement of FCPA provisions. In fact, having anti-bribery standard implemented will now be more important than ever, as the SFO and other enforcement bodies will likely be scrutinising new trade deals more than ever in a new post-Brexit landscape.

ISO 37001 Anti-Bribery Management Standard

It is in this environment that ISO 37001 ABMS becomes a critical centerpiece for any organisation’s ABMS systems. Accredited providers of ISO 37001 such as ABAC (Anti-Bribery and Anti-Corruption) Center of Excellence, a global network of certified ethics and compliance professionals, qualified auditors, financial and corporate investigators, certified fraud examiners, forensic analysts and accountants, can be used as a tool for organisations to prevent bribery and corruption. ABAC Certification is an accredited provider of ISO 37001 ABMS Certification and Training for organisations of all types and industries.

The ISO 37001 standard specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be stand-alone or can be integrated into an overall management system. ISO 37001 addresses the following in relation to the organisation’s activities:

  • Bribery in the public, private and not-for-profit sectors
  • Bribery by the organisation
  • Bribery by the organisation’s personnel acting on the organisation’s behalf or for its benefit
  • Bribery by the organisation’s business associates acting on the organisation’s behalf or for its benefit
  • Bribery of the organisation
  • Bribery of the organisation’s personnel in relation to the organisation’s activities
  • Bribery of the organisation’s business associates in relation to the organisation’s activities
  • Direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party)

When administered by an accredited provider of ISO ABMS certification and training, the protocol can:

  • Help an organisation create new and better business partnerships with entities that recognise ISO 37001 certified status, including supply chain manufacturing, joint ventures, pending acquisitions and co-marketing alliances
  • Potentially reduce corporate insurance premiums
  • Provide customers, stakeholders, employees and partners with confidence in the entity’s business operations and ethics
  • Provide a competitive edge over non-certified organisations the organisation’s industry or niche
  • Provide acceptable evidence to prosecutors or courts that the organisation has taken reasonable steps to prevent bribery and corruption

The ISO 37001 process helps companies and government organisations reduce the risk of bribery by establishing, implementing, maintaining and enhancing internal anti-bribery and anti-corruption systems. ISO ABMS certification is a mitigating piece of evidence to regulators or even prosecutors and the courts that the entity has taken meaningful steps in its efforts to prevent bribery and corruption.



With the UK moving from the EU to a post-Brexit world, the time is now for organisations to protect their investments, their reputations and their business. The Bribery Act 2010 puts an emphasis on proactive prevention and compliance. The SFO and other enforcement bodies will almost certainly respond to guidance that warns of a post-Brexit potential for increased bribery and corruption. The result will be increased scrutiny and a likely no-tolerance approach for breaches. As such, UK corporations and their overseas partners should stand ready to demonstrate their implementation of internal processes, policies and controls to prevent and detect bribery and corruption and remain in compliance.

The ISO 37001 ABMS standard is established, tried and tested program that addresses those issues head-on through a comprehensive program of training and certification. The training process is tailored to the organisation, while still following the developed curriculum and documented best practices. Certification requires demonstrating that processes have been implemented effectively, with follow-up evaluations. The shift to a post-Brexit economy is the perfect opportunity to implement ISO 37001 standards – no reputable board of directors or governors should question the timing and importance of taking this step. It’s a matter of safeguarding the organisation, its reputation, and its future.


By Zafar Anjum MSc, CFE, Intl. Dip. (Fin. Crime)

Group Chief Executive, CRI Group



  1. “Exporting Corruption”, Transparency International, 2018,

< https://www.transparency.org/news/feature/exporting-corruption-2018> (accessed 18 Aug. 2019)

  1. “Corruption Perceptions Index 2018”, Transparency International, 2019,

< https://www.transparency.org/cpi2018> (accessed 18 Aug. 2019)

  1. Caroline Binham, “UK drops out of top 10 in global anti-corruption rankings”, Financial Times, 28 Jan. 2019,

< https://www.ft.com/content/8d1a2474-224e-11e9-b329-c7e6ceb5ffdf> (accessed 17 Aug. 2019)

  1. Holly Watt, David Pegg, Rob Evans, “Rolls-Royce apologises in court after settling bribery case”, The Guardian, 17 Jan. 2017 < https://www.theguardian.com/business/2017/jan/17/rolls-royce-apologises-bribery-671m-uk-us-brazil > (accessed 18 Aug. 2019)
  1. “Rolls-Royce apologises after £671m bribery settlement”, BBC News, 18 Jan. 2017, < https://www.bbc.co.uk/news/business-38644114 > (accessed 30 Aug. 2019)
  1. SFO drops investigations into Rolls-Royce and GSK”, BBC News, 22 Feb. 2019, < https://www.bbc.com/news/business-47330580 > (accessed 18 Aug. 2019)
  1. Richard L. Cassin, “2017 FCPA Enforcement Index”, The FCPA Blog, 2 Jan. 2018, < https://www.fcpablog.com/blog/2018/1/2/2017-fcpa-enforcement-index.html > (accessed 19 Aug. 2019)

< https://www.sec.gov/litigation/admin/2017/34-79753-s.pdf > (accessed 19 Aug. 2019)

  1. “Bribery Act 2010 guidance”, GOV.UK, 11 Feb. 2012,

< https://www.gov.uk/government/publications/bribery-act-2010-guidance > (accessed 18 Aug. 2019)

  1. Lizzie Dearden, “Brexit could push UK companies into ‘greater contact with corrupt markets’ if EU trade deals lost”, The Independent, 14 May 2019,

< https://www.independent.co.uk/news/uk/politics/brexit-uk-business-corrupt-markets-trade-deal-a8914016.html > (accessed 18 Aug. 2019)

  1. Caroline Binham, “UK drops out of top 10 in global anti-corruption rankings”, Financial Times, 28 Jan. 2019,

< https://www.ft.com/content/8d1a2474-224e-11e9-b329-c7e6ceb5ffdf> (accessed 17 Aug. 2019)


< https://www.iso.org/standard/65034.html > (accessed 5 Aug. 2019)