ISO’s Anti-bribery Management Systems

“CompanyX is an ISO certified company.” You have likely seen many such proud claims made by organizations that have met global International Standards Organization (ISO) requirements.

ISO certification assures current and potential customers, business partners, investors, and other stakeholders that an organization has the required management processes and documentation in place to meet standards related to materials, products, procedures, formats, information, or quality management.

Among the newest of ISO standards—currently in final review and expected to be published in late 2016—is ISO 37001, Anti-bribery Management Systems.

ISO 37001 is designed to be used by small, medium, and large organizations in the public, private, and not-for-profit sectors, as an aid to them in implementing anti-bribery systems that will help prevent, detect, and address bribery, whether such bribery is by or of an organization or its employees or business associates.

The standard will require a series of related measures and controls (see the following list). It will also provide supporting guidance for implementing these measures.

  • An anti-bribery policy, procedures, and controls
  • Top management leadership, commitment, and responsibility
  • Senior level oversight
  • Anti-bribery training
  • Risk assessments
  • Due diligence on projects and business associates
  • Reporting, monitoring, investigation, and review
  • Corrective action and continual improvement

Managers and compliance professionals in U.S. organizations should not be surprised by anything on this list. It is similar and complementary to the requirements and guidance found in the U.S. Federal Sentencing Guidelines manual, which identifies the following seven program elements:

  • Establish standards and procedures to prevent and detect criminal conduct.
  • Ensure that the company’s governing authority (board of directors, etc.) exercises reasonable oversight of those standards and procedures.
  • Keep bad actors out of managerial ranks (or other key positions).
  • Conduct effective training and communicate periodically and in a practical manner to all levels of employees.
  • Take reasonable steps to ensure that the program is followed. This could include a system for anonymous reporting, such as an ethics hotline.
  • Promote and enforce the program through appropriate incentives and disciplinary measures.
  • Take reasonable steps to respond appropriately to criminal conduct and to prevent further similar criminal conduct.


Even though ISO’s anti-bribery standard might not contain any surprises for U.S. organizations that comply with the Federal Sentencing Guidelines, it can still benefit those that choose to seek certification. It will assure current and potential customers, business partners, investors, and other stakeholders that that these organizations have strong systems in place to support ethical behavior and to combat corruption.

They will be able to say “CompanyX is ISO 37001 certified,” a message with global meaning.

Ethical Advocate provides ethics hotline solutions and comprehensive compliance solutions for public and private companies, non-profits, educational, and government institutions. Please contact us for more information.


“ISO 37001 Anti-bribery Management Systems Standard,” (PowerPoint presentation), 2015.