Featured Product
This Week in Quality Digest Live
Management Features
Master Gage and Tool Co.
Why it matters for accurate measurements
Lee Simmons
Lessons from a deep dive into 30 years of NFL and NBA management turnover
Mike Figliuolo
Sure, you have to be professional, but have a good time anyway
Margaret Graziano
Unlocking the power of organizational culture
Graham Ward
Asserting yourself and setting clear boundaries

More Features

Management News
A tool to help detect sinister email
Developing tools to measure and improve trustworthiness
Manufacturers embrace quality management to improve operations, minimize risk
How well are women supported after landing technical positions?
Adds increased focus on governance
Survey shows 85% of top performers rely on it to achieve business objectives

More News



Putting the Do in Don’t: The New ISO 37001 Standard

Organizations can take steps against bribery by using familiar business tools found in the standard

Published: Wednesday, August 2, 2017 - 11:01

Bribery and corruption are a $1 trillion drain on the global economy and a door-shutting event for companies unable to prevent rogue acts from destroying a company’s entire reputation. If you think about it, managing bribery is a bit of an oxymoron. How do you manage something that hasn’t happened and you hope will never happen?

It’s like light bulbs: You only notice them when they burn out. Which can make things very, very dark for your company’s reputation and future business prospects. A single act of corruption anywhere in your organization can wipe out the trust you’ve worked so hard to build. Regaining that trust can be difficult, and in some instances, impossible.

Strong leadership and a visible commitment to ethical business practices are, historically, the primary business tools for preventing corruption. On the legal front, the U.S. Foreign Corrupt Practices Act (FCPA)—instituted in the 1970s—is the big stick for prosecuting corrupt business activity. Many companies have anti-corruption programs to support FCPA compliance.

But how do ethical, socially responsible organizations become more proactive? Can this whole topic be embraced as an opportunity as opposed to a problem?

Now, the answer is yes. With ISO 37001, the new standard and certification program that puts the do into don’t.

ISO 37001:2016—“Anti-Bribery Management Systems,” like its siblings from the ISO portfolio of management systems standards, sets forth a clear, no-nonsense framework that organizations can use to help prevent bribery. Importantly, it allows organizations to leverage FCPA program compliance time and money to get positive recognition for their efforts.

“It’s like boosting your immune system so you don’t get sick to begin with,” says Worth MacMurray, principal of Governance and Compliance Initiatives LLC. “The new ISO standard reduces bribery risk by taking organizational vigilance and supply-chain relationship oversight to a new level. And it provides a common ‘anti-bribery language’ that didn’t exist before, that can be used internally and externally.”

The ISO 37001 standard was published in late 2016 and is seeing strong adoption in Europe, where certification bodies were quick to enter the market with ISO 37001 auditing and certification services. Major certification bodies like DNV GL are expected to be ready to go in the Americas this fall. The process involves gaining accreditation from ANAB, the organization that governs the accreditation of certifying bodies in the United States, or similar organizations in other countries.

“The U.S. does not yet have any organizations certified by ANAB-accredited audit firms, but I expect that to change in the fall,” says MacMurray. “I’m in frequent communication with compliance officers, general counsel, and senior executives at mid- to large-sized global companies based in the U.S., and their interest is significant to say the least.”

Consistent with the structure of other ISO management systems standards, ISO 37001 has 10 chapters and allows organizations to adapt their documentation and audit procedures to best suit their needs, while complying with the standard’s requirements.

As with other ISO standards, an organization can, on its own, attempt to comply with the ISO 37001 standard, or it can choose to engage an independent certification body to certify its compliance. The latter option has the enormous advantage of providing visible, public “proof” from an independent third party that all the proper steps have been taken in the right way.

“It’s all about present and future business value,” says MacMurray. “Bribery is a toxic issue that destroys value. Its lifeblood is invisibility and opaqueness. Companies can help preserve and actually add value by taking the preventive and corrective anti-bribery steps outlined in ISO 37001 to support transparency and better-informed business decisions. An organization holding an ISO 37001 certification sends a strong message to customers, stockholders, lenders, and others that they have a globally respected system in place to prevent bribery and root out misbehavior.”

The threat of serious punishment—job dismissal, fines and/or imprisonment—remains a powerful deterrent. But with ISO 37001, organizations can take proactive steps that look and feel like other business tools with which they are familiar. It’s no longer just lawyers and compliance officers, but senior management, supply chain partners—literally all stakeholders of the organization now have a role in keeping things on track.

Common wisdom holds that sunshine is the best disinfectant. In that regard, given the toxic and potentially contagious nature of the problem it addresses—ISO 37001 is just what the doctor ordered. On Thurs., Aug. 10, 2017, join Todd Begerow, Eastern Territory manager for DNV GL Business Assurance North America; Worth MacMurray, principal of Governance and Compliance Initiatives LLC.; and Quality Digest’s editor in chief Dirk Dusharme for the webinar, “What is ISO 37001 and what are its benefits,” beginning at 9 a.m. Pacific and 12 noon Eastern. Register here.


About The Author

DNV GL’s picture


DNV GL enables organizations to advance the safety and sustainability of their business. It provides classification, technical assurance, software, and independent expert advisory services to the maritime, oil and gas, and energy industries. It also provides certification services to customers across a wide range of industries. Combining leading technical and operational expertise, risk methodology, and in-depth industry knowledge, it empowers its customers’ decisions and actions with trust and confidence. It continuously invests in research and collaborative innovation to provide customers and society with operational and technological foresight. Operating in more than 100 countries, its professionals are dedicated to helping customers make the world safer, smarter, and greener.


Formulation of anti bribery in new ISO Standard

The new ISO 37001 Standard formulates steps against bribery is highly appreciable. I wish this new ISO standard is applicable to ISO itself or the organization shall get it paying a bribe. ECOSOC, U.N., ISO, IAF, JAS-ANZ- The Joint Accreditation System of Australia and New Zealand and NABCB - National Accreditation Board of India have no say about fake ISO 9001:2015 Certificates to GSI. These certificates are in use since 12-August-2016. When an ISO certificate can be obtained by paying a price for it. Detection of false certificate is concern of nobody, then what's the use of adaptation of ISO standardisation? An organisation can make propaganda of acquiring of set standardisation of ISO, without actual compliance of it. 

No regulation about cancellation or withdrawal of forged ISO certificate distroy purpose of ISO's Standardisation. Please stop this well organised corruption.