The International Standard ISO 37001 sets out requirements and provides guidance for establishing, implementing, maintaining, and improving an anti-bribery management system within an organization. It focuses exclusively on anti-bribery measures and does not address other types of corrupt conduct. The first version of the standard was approved in 2016.
Compared to the previous edition, the new version places greater emphasis on the organization’s overall compliance culture, addresses anti-bribery efforts in the context of climate change mitigation, separately considers issues related to conflicts of interest, clarifies the roles of individuals (or departments) responsible for anti-bribery compliance, and generally aligns the content of the standard with other ISO standards.
As with the first edition, the updated standard consists of two parts: the main section outlines the general rules and requirements for the management system, while the annex provides recommendations on how to implement and apply the standard to each element of an anti-bribery framework, including:
- bribery risk assessment,
- roles and responsibilities of governing body and top management,
- anti-bribery function,
- resources,
- awareness and training,
- due diligence,
- gifts, hospitality, donations, and similar benefits,
- investigation and dealing with of bribery,
- monitoring,
- planning and implementing changes,
- public officialsm etc.
In addition, ISO has published a guidance with practical case studies illustrating how key principles of the standard - such as leadership commitment, accessible and transparent communication channels, adequate staffing, regular training, and rigorous due diligence- can be put into practice.
As a general rule, the transition period for adopting the new version of the standard is two years. However, the International Accreditation Forum (IAF) may adjust this timeframe to between one and three years, based on its assessment of the impact on certified organizations.
