Inaugurated in 2016, the ISO 37001 Anti-Bribery Management Systems standard has had its fair share of both advocates and cynics. Various regulatory bodies, as well as compliance communities, primarily voiced their concerns surrounding the lack of a body of evidence supporting the effectiveness of ISO 37001 from certain standpoints; numerous critics asserted that the new standard failed to address more comprehensive compliance concerns and questioned whether ISO 37001:2016 certification alone could aid in inhibiting prosecution. It rings true that any new standard must be properly evaluated on its merits however, in the case of ISO 37001, evidence points towards critics having made some oversights in taking into account the key factors they feel are in doubt with the standard.
Anti-corruption versus broad compliance issues
One concern involving the efficacy of ISO 37001 is whether it can effectively address larger compliance issues; these include issues such as disparity, provocation, numerous types of fraud (outside of bribery and corruption), and comparable offences. As the standard’s primary focus is on anti-bribery and anti-corruption compliance, many critics took on the view that ISO 37001 has adopted a far more basic approach and therefore cannot consider anything further than its algorithm. However, they had failed to note that the scope of the standard deals with “establishing, implementing, maintaining, reviewing, and improving an anti-bribery management system,” as both a stand-alone initiative as well as part of a wider anti-corruption unit and consequently, employing the standard should be viewed as a means of enrichment, rather than alternative, to an organisation’s prevailing anti-corruption compliance programs.
The ISO 37001 provides regulatory structure and guidance for those organisations which may be inadequate in using an anti-corruption framework thereby facilitating them in implementing a compliance program without investing significant time in distinguishing the regulatory and non-regulatory requirements. It incorporated numerous rules including the Federal Sentencing Guidelines, U.S. Department of Justice (DOJ) and Securities and Exchange Commission (SEC) Resource Guide to the U.S. Foreign Corrupt Practices Act, the U.K. Ministry of Justice Bribery Act 2010 Guidance, and OECD’s Good Practice Guidance on Internal Controls, Ethics and Compliance to name a few.
Prosecution of offences
The ISO 37001 certification was also erroneously believed to be a valuable apparatus in evading prosecution for bribery – misconceptions that were not viewed favourably by former U.S. DOJ’s compliance counsel, Msd Hui Chen. Affirming that “Dan Kahn, the Chief of the FCPA Unit in the Fraud Section of DOJ’s Criminal Division, has been very consistent: prosecutors will not outsource their responsibilities”, Ms Hui Chen has established that ISO 37001 certification does not act as indemnity to corporate liability for bribery, nor does it refute the demand to perform due diligence; it should be considered and implemented as per company’s risk profile. Pragmatically, implementing the ISO 37001 can verify that the organisation in question has taken sufficient measures to establish a compliance program to mitigate bribery risks to its administrative agencies and regulators. The ISO 37001 certification will mitigate, if not shield, the consequences an organisation may face from investigation or prosecution.
Can ISO 37001 prevent bribery?
It is imperative to consider is that a standard such as the 37001 and all its measures demand a pledge and completion by the organisation implementing them. ISO 37001 is a standard that is typically governed by a certified body but ultimately implemented by the workforce of the organisation itself. The ISO 37001 standard intends to provide a framework against which an organisation’s anti-bribery management can be assessed and certified, rather than a foolproof blueprint to prevent bribery. Find out more about ISO 37001 or view the brochure below.
Find out more about ISO 37001 view ABAC®
ISO 37001:2016 supported by organisations and governments
Organisations and governments alike are supporting the use of the ISO 37001 as the standard for deterrence and detection. In Malaysia for instance, the ISO standard was adopted across the government under Prime Minister Tun Dr Mahathir Mohamad and has been acknowledged positively in both the public and private sectors. Malaysia’s former anti-graft chief believed that “the people’s perception on the government’s seriousness to fight corruption had increased to 70.8 per cent last year from 59.8 per cent in 2016. He said that Malaysia has also shown improvement in its performance indicators in several important international studies and indexes” (New Straits Times, 2019). True to form, various heads of government in the country are following the directive. Defence Minister Mohamed Sabu recently “cautioned his officers to adhere to the Anti-Bribery Management System, which had attained the International Standards Organisation’s ISO 37001: 2016 certification” (New Straits Times, 2019).
National standard bodies across Peru, Singapore, and China (Shenzhen Institute of Standards and Technology [SIST]) have also decided to implement and identify this standard. In Italy, the accreditation scheme was developed by Accredia; whereas in the UK, United Kingdom Accreditation Service (UKAS) has undertaken a pilot program to develop an accreditation scheme. In the United Arab Emirates, the Emirates International Accreditation Centre (EIAC) is undertaking the standard development with CRI Group’s ABAC® Center of Excellence. ABAC® is an initiative launched by CRI Group and offers ISO 37001 certification services. Hence, amid these positive developments, the outlook looks promising: ISO 37001 is not a “silver bullet” to foolproof an organisation from bribery or corruption, or avoid prosecution should those offences occur. It was never designed to be. Instead, it is a framework to implement the necessary controls and systems at the organisation level – across all levels – to be better equipped to prevent bribery and corruption moving forward.
Mitigating bribery and corruption can be an extensive and challenging task if you don’t know where to start. Why not get in touch with us here at ABAC®? We have experts who have conducted fraud investigations all around the world, for organisations of all sizes and industries. Our investigators work on-site at your company bringing a boots-on-the-ground approach to uncovering all the facts of the case. When you’ve uncovered fraud, that’s the time to let the experts take over. You owe it to yourself and the future of your business to make sure every investigation is done professionally and effectively.