Bribery is the act of giving money, goods, or other forms of compensation to influence the behavior of an official to obtain some benefit. Bribery undermines economic growth and social development since corrupt practices create unfair competition between honest businesses and dishonest ones willing to break the law. One way to address this issue is through anti-bribery management systems(ISO37001) that are the key to stopping employee bribery and corruption in your company.
An anti-bribery management system refers to any set of policies or procedures that prevent employees from engaging in bribery or corrupt behavior with customers, suppliers, competitors, regulators, and other stakeholders.
Benefits of anti-bribery management systems (IS037001) :
Getting ISO37001 certified helps the business in the following ways:
- Ensures transparency and encourages ethical practices within an organization
- Develops the organization’s capacity to regularly monitor and control malpractices which reduces the chances of third-party intervention.
- Preventing bribery increases the quality of products or services.
- A globally recognized IS037001 certification gives you a recognition showing the organization is free from corruption and committed to an ethical business mode.
How to reduce bribery risks ?
- Training and whistleblowers – Train your staff regarding the anti-bribery policies and what is expected from them. Please encourage them to expose any sensitive information related to bribery and protect whistleblowers from any risks when leaking any information on corruption.
- Not expecting anything – Never ask for anything in return for a gift or promotion. It is an easy way to stay out of trouble and maintain customer relations by not asking people to buy something from you in exchange for their participation in your giveaway or promotion.
Anyone who gives or receives gifts must:
- Have a genuine business purpose
- Not be receiving a lavish gift unless required.
- Be transparent as per the organization’s gift and hospitality.
- Corporate culture- Build a culture that encourages and supports honesty. Top management needs to preach the importance of anti-bribery policies and the sanctions or penalties imposed in case anyone is found guilty.
- Verify third parties- Anti-bribery policies also apply to third parties i.e. agents, consultancies, who represent your company during internal or external business activities. Any involvement in corruption activities from their end may put your organization at risk. It is your responsibility to thoroughly verify these third parties or collaborate with those who are IS037001 certified.
Requirements for ISO 37001 :
- Establish- ISO recommends organizations to have an independent compliance manager either appointed from third parties or internally to be responsible for implementing an anti-bribery management system. Compliance managers work with business professionals to make sure that standards and regulations are followed. Compliance management programs often include a comprehensive internal audit process, ethics training for employees, and more.
- Develop- As a part of ISO37001, many controls should be implemented to mitigate any corruption risk and monitor violations within the organizations.
- Review- Risk should be assessed and categorized based on their threat level so they can be tackled effectively. If the corruption risk is low, it needs to be monitored since small, repeated corruption activities could be disastrous for an organization.
- Adoption- The anti-bribery management policy needs to be flexible enough to adopt the changes in compliance regulation. The success of adopting the changes can be measured when there is a reduction in corruption activities and better control measures in violation.
How to build an anti-bribery management system (ABMS) ?
- Understand the organization- Each organization will have its own ABMS depending upon its structure, operation, geographic areas of operation. Before designing the ABMS, have a thorough understanding of the following factors that could influence the ABMS:
- Obligations of government, regulatory and legal authorities.
- The extent of relations with representatives of public authorities.
- The political system of that particular country
- Expectations of stakeholders- Understanding the needs of stakeholders is another crucial element for the successful implementation of ABMS. Client, suppliers, agencies will have their expectations regarding the ABMS; they need to be informed regarding any amendments or important decisions taken regarding ABMS.
- Top management commitment- The top-level management needs to support the successful implementation of ABMS fully. Most corruption activities in an organization have the involvement of top management officials. Any involvement from a member of top management may hurt the organization, like bankruptcy or legal conflicts.
- Planning- Based on the objectives, the organization needs to plan the steps accordingly to implement ABMS. The planning phase should include the bribery risk assessment, who will be responsible, areas of improvement, and how results will be evaluated.
- Resources- Management needs to ensure there are adequate resources available for conducting anti-bribery operations. The personnel involved in implementing ABMS need to be given the freedom to work anti-bribery functions within the organization. Any resistance shown from anyone in the management without any valid reason needs to be reported.
Path to being ISO37001 certified :
- Before being applying for certification, the organization must be functioning for some time.
- An internal audit report must be submitted, conducted by a governing body, and reviewed by the anti-bribery compliance function.
- Stage 1 audit needs to be performed within the organization by the internal staff to ensure the ABMS meets the organization’s objectives.
- Stage 2 audit takes place where the management systems confirm the requirements of the IS037001 are met. It takes place at the time of implementation of ABMS.
- Follow-up audit- Any non-conformities will be clarified by conducting an additional audit which can be optional.
- Once the organization is consistent with the standards, the registration is confirmed, and the certificate is published.