The New ISO Anti-Bribery Standard

Guidance that has been adopted to help companies comply with the FCPA, the U.K. Bribery Act, and other laws adopted pursuant to the OECD Anti-Bribery Convention, helps mitigate the risk for bribery. But gaps still exist, and they are especially problematic for small and mid-sized companies, which are less able to command the resources needed to effectively mitigate the risk of corruption and bribery.

These smaller companies are now able to take advantage of ISO 37001, the recently published anti-bribery management systems standard from ISO, the International Organization for Standardization.

ISO 37001 equips small and middle-market companies with a flexible, risk-based framework so they can fill in some of the gaps and better mitigate the risk of bribery without breaking the bank.

An organization can use ISO 37001 in two ways. It can use the standard as a benchmark to develop a program, or it can retain a third-party auditor. The third party would then use the ISO standard as a guide for auditors conducting employee interviews and reviewing documentation, as required.

Earlier this year, Italian energy company Eni became the first company to achieve certification.

ISO 37001 is not a bar to liability, and like most standards, it will take time – likely a few years – for a clear picture of its market acceptance to emerge. If implemented effectively, and replicated across borders, it has the potential to be a powerful tool in combating bribery throughout the global supply chain.