Bribery refers to any offering, giving, accepting or promising advantage with any value or bribe in order to influence the decision, action or judgement of persons in charge of a duty. Any individual or organization that is involved in bribery means that they have accepted or gave something with the intention of influencing the recipient in some way favorable to the party providing the bribe. Until now, many acts, laws, legislations and policies have been established and implemented in order to prevent corruption and bribery around the world; nonetheless, some of them were successfully implemented and many others not. Bribery is becoming a significant concern among individuals and different businesses. Consequently, this is leading to the lack of confidence, trust, and transparency in both public and private sectors. Thus, International Organization for Standardization initiated the establishment of an Anti-bribery Management System that deals specifically with bribery risks. ISO 37001 is an Anti-bribery Management system standard currently under development by the International Organization for Standardization. The purpose of developing this standard is to establish, implement, maintain and enhance an anti-bribery program that prevents, detects and addresses bribery risks in an organization or institution. Moreover, ISO 37001 is designed to help organizations comply with anti-bribery laws. This international standard is only applicable to bribery, as it sets requirements and guidance for the establishment of an anti-bribery management system in compliance with anti-bribery laws. Furthermore, an Anti-bribery management system can stand alone or can be integrated with other management systems that are already implemented in the organization. In fact, an Anti-bribery Management System program is suitable to be implemented in any organization. Considering that the nature of an organization differs from one another, the International Organization for Standardization established the standard in such a system that it can be appropriate to different organizations and can be integrated with different management systems. Since ISO 37001 addresses to bribery in the private or public sector, bribery by the organization, within the organization, and by the personnel, it is reasonable to think that the standard is applicable to all types and sizes of the organizations. Substantially, there are different reasons why an organization should establish, implement, maintain and improve an Anti-bribery Management System. Organizations that wish to implement such a system will have the opportunity to:
- Promote trust and confidence – organizations that implement an anti-bribery management system are more likely to be reliable when it comes to cooperating with potential partners because the risk of bribery is lower. Organizations that have anti-bribery policies in place promote trust and are more likely to sign agreements with other organizations, rather than with organizations that do not have anti-bribery policies in place. Moreover, individuals who are certified ISO 37001 Lead Implementers or ISO 37001 Lead Auditors are more reliable when it comes to helping organizations implement an ABMS or perform audits on an ABMS
- Implement the necessary measures designed to prevent, detect and address bribery – organizations that implement an ABMS according to ISO 37001 requirements will be able to implement the necessary measures to reduce bribery risk by preventing or detecting the risk before it negatively impacts the organization. Moreover, ISO 37001 standard, guides and provides requirements for taking these measures based on the nature of the bribery risk that the organization might face
- Avoid reputational damage – by implementing an ABMS based on ISO 37001; an organization will avoid reputational damage, which is a consequence of being involved in bribery. Considering that organizations’ reputation is extremely important for their longevity, an effective anti-bribery management system will be helpful in avoiding reputational damage
- Avoid cost – organizations that implement an anti-bribery management system will save money by refusing to pay bribes and by not having to implement costly procedures
Indeed, when taking the appropriate measures designed to help the implementation of ISO 37001, the implementation of Anti-bribery policies will be much easier. Any organization that wants to get certified against ISO 37001 shall follow the requirements and guidelines in order to implement policies that are applicable to them. These policies shall comply with Anti-bribery laws, prohibit bribery, comply with ABMS requirements, commit to continual improvement of ABMS, be documented and communicated within the organization. If the organization implements the necessary measures of ISO 37001 as guided, it will be easier to effectively manage bribery risks, prevent bribery risks and detect potential bribery risks.Considering that bribery is harming many organizations and leading them to costly litigations, lawsuits, and losses, PECB (Professional Evaluation and Certification Board) has established training curriculums and certification schemes for professionals, consultants or experts who want to gain a comprehensive knowledge in anti-bribery management system and its principles. Therefore, any organization wanting to establish, implement, maintain and improve ISO 37001 can refer to PECB trainings. This also stands for organizations wanting to integrate ISO 37001 with any existing management system within the organization. The Anti-bribery Management System Trainings provided by PECB are listed below:
- ISO 37001 Introduction (1 Day)
- ISO 37001 Foundation (2 Days)
- ISO 37001 Lead Implementer (5 Days)
- ISO 37001 Lead Auditor (5 Days)
About the author
Donika Muçolli is the Course Development Manager for Risk and Management at PECB. She is in charge of developing and maintaining training courses related to RM.
Mohamad Khachab is a PECB Partner and Trainer, who has 30 years of professional experience in management consultancy, project management, teaching/training, IT Procurement, preparing proposals, information risk management, research, developing bidding documents, and business development activities.