ISO 37001 Anti-bribery Management Systems Implementation (ABMS)
Today, many customers prefer those organizations that can show and demonstrate ethical behavior regarding bribery. We are all aware of the word bribe as it is used almost everywhere in our daily lives. As we can put it, bribery is a global vice that each and every company is fighting for better services. As an individual, organization, or country, the war on bribery is always on and we should all join hands in fighting it.
In the current world where transparency is key in winning and maintaining clients, no organizations can afford to take it lightly. All the investors, shareholders, business associates, and personnel all need an assurance that the management is greatly concerned and have all the measures in place to curb bribery. However, making this eff0ort visible to the parties mentioned still remains a nightmare without a certification.
The ISO 37001
This is the only way your clients or any other party will know that you are concerned and dealing with bribery issues accordingly. While it may be difficult to eliminate bribery as it calls for an individual’s efforts, you can greatly help in reducing the rate in your organization by implementing the ISO 37001. The implementation and certification of Anti-Bribery Standards as required by the ISO 37001 standards are done through third parties that are permitted to do just that.
ISO 37001 standards have guidelines that will help you in designing and maintaining an Anti-Bribery System that is proactive and effective in controlling or curbing the bribery vice. There are many benefits that your organization stands to gain when certified as ISO 37001 compliance. However, before going into that, we will discuss briefly what these standards and guidelines are.
Key Features of ISO 37001: 2016
The International Organization for Standards (ISO) has issued the Anti-Bribery management system termed as ISO 37001: 2016. This standard outlines how your organization can establish, implement, maintain, review, and improve your Anti-Bribery Management System. As required by the standard, you need to renew your certification every two years. This ensures that you always conform to the standards and fully comply with the latest updates of ISO 37001.
Conformity to the ISO standards comes with its set of benefits that we will discuss in another article that we will discuss in detail on another page. However, we will dedicate our time to explain some of the important clause of ISO 37001: 2016 in plain English. It is important to know what you will be looking for first before we get to the certification process. And before we forget, we are a team of professionals with experience in helping every organization seeking certification for Anti-Bribery Management System. Let us help you in winning the trust of your clients and stakeholders by getting this important ISO 37001 certification.
Main Key Clauses Proposed in ISO 37001: 2016
In our own assessment and understanding, many organizations and companies are less concerned about bribery risk assessment. This is very evident from the way most organizations take part in this important activity. Some of them do it irregularly while others ignore it altogether.
As the head of an organization that will be involved in setting up an Anti-Bribery Management System, you have the mandate to conduct a bribery risk assessment as regularly as defined or more than specified if desired. The only way that we can say you will be able to handle all your risks is by first viewing the bribery as the greatest risk in your organization and then set up a mitigation plan.
Before you can get ISO 37001 certification, the certifying body should check that you have this in place and that you will be actively involved in conducting a bribery risk assessment.
Any incident of bribery, non-conformity, or any other complaints within an organization should have a channel through which it is reported. It will be of no essence if the bribery cases are not reported as appropriate and necessary actions taken. In many states, it is not clear how matters or issues of bribery are handled when identified. Whether they are from frauds, misconduct, or any unfair favor granted to some clients or employees should all be addressed.
Adopting ISO 37001 standards makes it easier for organizations to have a well-defined whistleblowing program. In many cases, people fear to be the whistleblower as they don’t want to be held responsible or face the consequences of being one. There are some companies and seniors that will intimidate any individual who is the whistleblower, and that has made it very difficult to deal with bribery.
Whistleblowing program is largely responsible for creating an anonymous whistleblower that brings everything done at the backstage on stage. This makes it possible to independently and faster report bribery and corruption issues. If your organization has this in place, then you can be sure that you will keep bribery at bay. The clients will be pleased to engage in any business with you. You will also be able to win more and more investors.
The Anti-Bribery Management System should be an independent body that has no influence on anyone within the organization. There is no way you will get an ISO 37001 certifications if your system is run by individuals who have a direct influence on the outcome. But, how do you know that your company or organizations are running an independent system?
The Anti-Bribery Management System (ABMS) thrives only on an independent ground where every individual and activity can be fairly investigated and honest report delivered through the whistleblowing program as discussed before. If you feel that the ABMS is not doing well to curb the bribery vice, then you can hire a third-party company to take over in investigating any suspicious cases. And in that case, your ABMS will not merit for ISO 37001 certification.
Everything should be investigated independently and without fear or favor.
Bribery can also come in terms of donations to charity. ISO 37001 requires that all the processes involved in charity donations or carefully monitored and any other documents of purchase or payment made available to the public. This is the only way any other unfair treatment or personal claims on donations can be eliminated.
In your organization, the ABMS has to ensure that donations and any other funds are credited to the right people.
Most companies in the United States and everywhere else in the world are still using cash despite many cashless methods currently available. Technology has made it very possible to use a cashless method in the purchase and sale of virtually everything. The continued use of cash has given a window for bribery to thrive.
ISO 37001 standards discourage the use of cash and help many different organizations in adopting digital transaction systems that make it nearly impossible as monitoring is more transparent. So, to get certified, you will have to implement more effective cash control methods that are done by using technology and cashless methods.
Most companies and employees find themselves caught in bribery actions due to poor tendering and contracting processes. The ISO requires that an organization develops and implements a transparent and competitive tendering and recruiting process that remains free and fair. The contracts should be awarded only to those who deserve them based on their merit and not compromising the process through bribery.
The ISO standards are continuously being improved and updated. The latest Anti-Bribery Standards that we have currently is the ISO 37001: 2016. After every update, you are also expected to revise your ABMS to comply with the new changes or requirements added.
As a company or organization that requires ISO certifications to enjoy all the benefits, you need to conduct training and coaching to create awareness. Also, you need to strengthen your ABMS by independently rotating the auditors. This is key as you can be sure to still have a capable team even if an employee quits.
The Effective Functioning of ABMS
An ISO 37001 certification means that your ABMS is very effective and is up to the standards. Before certification, the certifying body or party will ensure that your system functions with competence, authority, and independence. It is also important to note that the certification can be revoked at any time should your ABMS get compromised.
To make this system very effective, the board of directors, top management team, and ABMS are assigned roles that they all have to play. There should be no conflict in how these different roles are played. In summary, the three parties mentioned have the following roles to play:
Board of directors – This is an oversight authority that also approves new anti-bribery policies and also gets feedback about its effectiveness in curbing bribery.
Top management team – This is the link between the board of directors and ABMS itself. It is mainly responsible for the implementation of the policies and allotting the necessary resources needed by ABMS for its functions.
ABMS – It comprises of an independently appointed team that is responsible for the design and implementation of strategies to curb bribery. It also reports directly to the top management team and board of directors.
How to Implement ISO 37001 Standards
ISO 37001 gives you and your organization to establish an effective Anti-Bribery Management System that can curb both bribery and corruption. It is of your own interest to implement these standards as you will immensely gain from it.
To implement an ABMS in your organization according to the ISO standards, you need to find all relevant issues, both internal and external, that play a role in achieving the set objectives of your ABMS. Also, you need to determine all the stakeholders of your organization that may be involved directly or indirectly in the functioning of the system.
Finally, the organization should be able to create, document, implement and maintain a functional Anti-Bribery Management System. You also need to constantly review and maintain this system according to ISO requirements to hold the ISO 37001 certification.
The ISO 37001 Certification Process
ISO 37001 certification is done through third parties. The process may differ depending on the choice of the company that you have to help you through the certification process. It is also important to note that you can only get to this stage when you have already implemented an ABMS.
The first step of certification is auditing. At ISO-Pros, we have a team of highly experienced auditors who are ready to come to your organization at any time. So, you will need to schedule it whenever you feel that you are ready for the certification. The auditing can take more than a day depending on the nature of your company. Also, remember that auditing done by our team is not to disqualify you from getting the needed certification, but to point out the areas that need improvement and also to highlight on areas that you have done well.
A successful certification audit means that you are ap par with the ISO standards. You will be issued with a certificate that is valid for 3 years. Another round of auditing will be required to renew your certificate. However, you will still need to maintain the standards over this entire period to maintain your certified status as annual surveillance is conducted.
The certification process is not anything to worry about. Just contact our experts if you are ready or if you have any concerns to be addressed.