The document discusses the development and purpose of the ISO 37001 standard for anti-bribery management systems. It notes that ISO 37001 was developed over three years with input from 37 countries, and provides minimum requirements for organizations to implement anti-bribery measures. Certification to ISO 37001 requires organizations to conduct risk assessments, provide anti-bribery training, implement controls, and investigate any suspected bribery incidents. Adopting the standardized approach outlined in ISO 37001 can help organizations strengthen their anti-bribery programs and reduce legal and reputational risks from bribery.
Realizzazione Pratica Modelli 231 Versione Pdf (Rev 01)
ISO 37001 Anti-Bribery Management
1. ISO 37001:2016
Anti-Bribery
Management Systems
A great opportunity for the public and private organisations
15 October 2016
Eng. Ciro Alessio STRAZZERI
(Asso231 President – GIACC Italy President – Gruppo Strazzeri CEO)
GIACC Italy – Global Infrastructure Anti-Corruption Centre
with the technical support of
presents:
2. GIACC Italy – Global Infrastructure Anti-Corruption Centre
GIACC Italy
GIACC Italy is an independent not-for-profit organisation which provides resources and
services for the purpose of preventing corruption in each sector of business. It is the Italian
affiliate of GIACC worldwide network.
GIACC’s objectives are to:
• a) raise awareness of corruption; and
• b) promote the implementation of anti-corruption measures as an integral part of
government, corporate and project management.
GIACC’s policy is to promote change in the future. It does not cast blame for corruption on
any particular group of participants in the sector. It does not investigate or report on
allegations of corruption. It works in collaboration with key stakeholders in order to achieve
its objectives.
3. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Asso 231
Asso231 is a non-profit multi-stakeholder industry association based in Italy which aims to
study and solve problems relating to risk management and the prevention of corruption. Its
members include companies, regulators, academia, consultants and public bodies.
In 2009, with the technical support of Gruppo Strazzeri, has developed the GS 23101
Guidelines, that establish the requirements to build and implement Anti-Bribery
Management System according to national law and integrated with ISO Management
Systems and other international standards (ISO 9001, ISO 14001, SA 8000, OHSAS 18001,
ISO 31000).
Asso231 manages an important series of books with the publisher Wolters Kluwer, on the
topics Risk Management and Anti-Bribery and organizes dozens of free events for its
stakeholders.
4. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Gruppo Strazzeri
Gruppo Strazzeri provides Anti-Bribery Management Consulting since 2001. Our staff has built
dozens of Anti-Bribery Management Systems. In 2009, Gruppo Strazzeri, on behalf of Asso231,
has developed the GS 23101 Guidelines, that establish the requirements to build and
implement Anti-Bribery Management System according to national law and integrated with ISO
Management Systems and other international standards (ISO 9001, ISO 14001, SA 8000,
OHSAS 18001, ISO 31000), so being ready to support public and private organisations in the
implementation of their Anti-Bribery Management Systems, according to ISO 37001.
Gruppo Strazzeri was the first organisations to provide Anti-Bribery training courses (followed
by hundreds of persons) in order to get the following certification of competences (compatible
to ISO 37001, too):
• Anti-Bribery Compliance Function
• Anti-Bribery Auditor
• Anti-Bribery Supervisory Body
• Anti-Bribery Consultant
5. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Bribery is a significant business risk
• Bribery is widely acknowledged as a significant business risk in many countries and
sectors.
• Previously, bribery has in many cases been tolerated as a “necessary” part of doing
business.
• Now, increasing awareness of the damage caused by bribery to countries,
organizations and individuals has resulted in calls at international and national level
for effective action to be taken to prevent bribery.
6. GIACC Italy – Global Infrastructure Anti-Corruption Centre
International treaties
• Many international treaties have been signed during
the last 15 years requiring member states to
implement anti-bribery laws and procedures:
• Most internationally significant:
• The United Nations Convention against Corruption
(2003)
• The OECD Convention on Combating Bribery of
Foreign Public Officials in International Business
Transactions (1999)
7. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Laws
• Most countries have changed their laws in accordance with
treaty requirements. Bribery and other corruption offences
are therefore crimes worldwide.
• UK Bribery Act
• US FCPA
• Italian Legislative Decree 231/01
• More and more……
• All OECD countries have now made it a crime for their
nationals and organisations to bribe overseas. As a result, a
person or organisation may be liable for bribery both:
• In the country where the bribery took place; and
• In the person or organisation’s home country.
9. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Corporate anti-bribery programme (1)
• While good laws and enforcement are vital, it is also important that
organisations implement anti-bribery measures.
• Bribery prevention is increasingly seen as a management issue.
• Good management in government, in companies and on projects can
materially reduce bribery.
• Bribery prevention should be treated in a similar manner to safety, quality
and environmental management.
10. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Corporate anti-bribery programme (2)
• Significant number of organisations internationally have responded to the
changing legal and ethical environment by implementing anti-bribery
management systems within their organisations.
• Ethical organisations also need to ensure that their partners and supply
chain implement appropriate controls.
• Government departments, funders, and companies should all adopt anti-
bribery measures within their organisation.
11. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Before ISO 37001: BS 10500
• Organisations are now requiring proof that their own
organisation, and their clients, agents, joint venture partners,
and major sub-contractors, suppliers and consultants have
implemented adequate anti-bribery measures.
• This led to a call for a standard which provides minimum
requirements and allows independent verification.
• This led to development of British Standard BS 10500 -
Specification for anti-bribery management system. Published
2011.
• BS 10500 successfully adopted by numerous companies. Many
are now certified to it on a similar basis to IS0 9001 and 14001.
12. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Development of ISO 37001(1)
• ISO in 2013 established a Project Committee to publish a new ISO anti-
bribery management system standard, ISO 37001.
• Participating countries (37): Australia, Austria, Brazil, Cameroon, Canada,
China, Colombia, Croatia, Czech Republic, Denmark, Ecuador, Egypt,
France, Germany, Guatemala, India, Iraq, Israel, Kenya, Lebanon,
Malaysia, Mauritius, Mexico, Morocco, Nigeria, Norway, Pakistan, Saudi
Arabia, Serbia, Singapore, Spain, Sweden, Switzerland, Tunisia, UK, USA,
Zambia.
• Observing countries (22): Argentina, Armenia, Bulgaria, Chile, Cyprus, Cote
d’Ivoire, Finland, Hong Kong, Hungary, Italy, Japan, Korea, Lithuania,
Macau, Mongolia, Netherlands, New Zealand, Poland, Portugal, Russia,
Thailand, Uruguay.
13. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Development of ISO 37001(2)
• Liaison organisations (8): ASIS, European Construction Industry
Federation (FIEC), Independent International Organisation for
Certification (IIOC), International Federation of Consulting Engineers
(FIDIC), IQNet, OECD, Transparency International, World Federation
of Engineering Organisations (WFEO).
• Committee Secretariat and Chair: UK.
14. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Development of ISO 37001(3)
• First draft of ISO 37001 based on content of BS 10500 merged into ISO
standard management systems template. Uses same template as ISO
9001 and 14001, so is consistent with these standards.
• The drafts were circulated for international comment, and were modified
at six international drafting meetings over three years to take account of
international comments.
• Over 80 experts from over 20 countries participated in these meetings,
which were held in London, Madrid, Miami, Paris, Kuala Lumpur and
Mexico City.
• Decisions on text made by consensus of participating countries.
15. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Development of ISO 37001(4)
• ISO 37001 was issued on 15 October 2016.
• ISO 37001 replaced BS 10500.
• Is a Type A requirements standard, so can be independently certified.
• Contains supporting guidance to help with implementation.
• Focuses on bribery, but can be expanded to include other corruption
offences.
16. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Purpose and scope of ISO 37001 (1)
• ISO 37001 is intended to help an organisation to implement an effective
anti-bribery management system.
• It requires organisations to implement various anti-bribery measures on a
reasonable and proportionate basis according to the type and size of the
organisation, and the nature and extent of bribery risks faced.
• Requirements of internationally recognised good practice are taken into
account.
• It is applicable to small, medium and large organisations in the public,
private and voluntary sectors.
17. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Purpose and scope of ISO 37001 (2)
• ISO 37001 cannot provide absolute assurance that no bribery will take place in
relation to an organisation. But it can help establish that the organisation has
implemented reasonable and proportionate measures designed to prevent bribery.
• Organisation can obtain certification to ISO 37001 in a similar way to obtaining
certification to 9001 and 14001 and others standard based on ISO Annex A.
• Provides assurance to owners, directors, employees, business associates and all of
stakeholders that organisation is taking steps to prevent bribery.
• Can be used as project pre-qualification requirement.
• Can enhance organisation’s reputation.
18. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Requirements of ISO 37001 (1)
ISO 37001 specifies a series of requirements which the organisation must implement
in a reasonable and proportionate manner.
In summary, they include:
Implement an anti-bribery policy and programme.
Communicate the policy and programme to all relevant personnel and business
associates (joint venture partners, sub-contractors, suppliers, consultants etc.)
Appoint an Anti-Bribery Compliance Function (full time or part time) to oversee
programme.
19. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Requirements of ISO 37001 (2)
Provide appropriate anti-bribery training to personnel.
Assess bribery risks, including appropriate due diligence.
Take reasonable steps to ensure that controlled organisations and
business associates have implemented appropriate anti-bribery
controls.
Verify as far as reasonable that personnel will comply with the anti-
bribery policy.
20. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Requirements of ISO 37001 (3)
Control gifts, hospitality, donations and similar benefits to ensure do
not have corrupt purpose.
Implement appropriate financial, procurement and other commercial
and contractual controls so as to help prevent the risk of bribery.
Implement reporting (whistle-blowing) procedures.
Investigate and deal appropriately with any actual or suspected
bribery.
21. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Cost of Certification
Cost of certification is likely to vary according to the size of the
organisation (which is the same as with e.g. ISO 9001).
Cost is unlikely to be a competitive disadvantage. Likely to be an
advantage if:
• a procuring entity requires all its bidders to be certified to ISO 37001; or
• additional points given in the procurement evaluation for evidence of anti-
bribery policies.
Cost of implementing system likely to be minimal when compared to loss
and damage which could be suffered by organisation which gets involved
in bribery. System can help prevent loss.
22. GIACC Italy – Global Infrastructure Anti-Corruption Centre
Outcome
• ISO 37001 cannot provide absolute assurance that no bribery will occur.
But can help establish that organisation has implemented reasonable and
proportionate anti-bribery measures.
• The risk of bribery is reduced and the playing field is levelled for
organisations if certification to ISO 37001 is a project pre-qualification
requirement.
• The risk of corrupt or negligent certification is reduced by the use of major,
well known, accredited international certifiers.
• The publication and use of ISO 37001 is therefore a major step forward in
the fight against bribery.
23. Thank you
for your attention
For any information, please write to
info@giacc-italy.org
or contact Asso231 to
800 864 752