What is ISO 37001 ?

  • ISO 37001 is an anti-bribery management system standard published in October 2016.
  • It is designed to help an organization establish, implement, maintain, and improve an anti-bribery compliance programme.
  • It includes a series of measures and controls that represent global anti-bribery good practice.

Who can use this Standard ?

The standard is flexible and can be adapted to a wide range of organizations, including:

  • Large organizations
  • Small & medium sized enterprises (SMEs)
  • Public and private sector organizations
  • Non-governmental organizations (NGOs)

The standard can be used by organizations in any country.

Does the Standard require a stand-alone Management System?

  • The measures required by ISO 37001 are designed to be integrated with existing management processes and controls.
  • It follows the common high-level structure for ISO management system standards, for easy integration with, for example, ISO 9001.
  • New or enhanced measures can be integrated into existing systems.

What does ISO 37001 address?

  • Bribery by the organization, or by its personnel or business associates acting on the organization’s behalf or for its benefit.
  • Bribery of the organization, or of its personnel or business associates in relation to the organization’s activities.

Does the Standard define bribery?

  • Bribery is defined by law which varies between countries. Therefore the Standard provides a generic definition of bribery, but the actual definition will depend on the laws applicable to the organization.
  • The Standard provides guidance on what is meant by bribery to help users understand the intention and scope of the Standard.

What does the standard require?

The organization must implement a series of measures and controls in a reasonable and proportionate manner to help prevent, detect, and deal with bribery, including:

  • Anti-bribery policy
  • Management leadership, commitment and responsibility
  • Personnel controls and training
  • Risk assessments
  • Due diligence on projects and business associates
  • Financial, commercial and contractual controls
  • Reporting, monitoring, investigation and review
  • Corrective action and continual improvement

How will the Standard benefit an organization?

The Standard benefits an organization by providing:

  • Minimum requirements and supporting guidance for implementing or benchmarking an anti-bribery management system
  • Assurance to management, investors, employees, customers, and other stakeholders that an organization is taking reasonable steps to prevent bribery
  • Evidence in the event of an investigation that an organization has taken reasonable steps to prevent bribery.

Can my organization be ISO 37001 certified?

  • ISO 37001 is a requirements standard, making it capable of independent certification.
  • Third parties will be able to certify an organization’s compliance with the Standard.
ISO 37001 Training Information