Two weeks ago I was at the 10th annual C-5 Anti-Corruption Conference in London, listening to Kathleen McGovern, Senior Deputy Chief of the Fraud Section of the U.S. DOJ and Kara N. Brockmeyer, Chief of the FCPA Unit of the U.S. SEC, when they were asked an interesting question. What did they think of the new ISO 37001 Anti-Bribery Management Systems Standard? A hushed room eagerly awaited their response.
“I think it’s great,” said Ms. McGovern. “Anything that tells companies, especially overseas companies, what is expected from an anti-corruption perspective is a good thing.”
“I agree,” said Ms. Brockmeyer. She went on to say that levelling the playing field so that everyone has one standard is a positive step for global corruption prevention.
Why is the DOJ and SEC in favour of ISO 37001?
It’s simple: a single anti-bribery standard that can be applied globally makes sense for global businesses. The ISO 37001 standard was developed by anti-bribery experts from 28 countries, in addition to 16 observer countries and 7 liaison countries. It’s a global standard built on the framework of the US Federal Sentencing Guidelines and the UK’s definition of Adequate Procedures. It helps companies all over the world to comply with those laws (and other anti-bribery laws) such that they can more easily be approved as partners, agents or representatives of US or UK companies.
What’s in the ISO 37001 Standard?
The ISO standard requires the things you’d expect: risk assessments, strong tone at the top, anonymous reporting channels, training, anti-retaliation policies, and preventative controls. ISO formalizes anti-bribery program expectations then allows the company to apply for certification that it has met the standard.
What’s in it for Business?
Obtaining certification will not make a company immune to prosecution. However, it will make prosecution much less likely in the first place. Why? Because employees will have been trained, controls will be put in place, reports will be available and red flags should be caught more easily. If a company is prosecuted for bribery, the company will already have policies, procedures and reports available to mount an adequate procedures defence or to seek mitigation of damages because of the strong compliance program.
Additionally, having an ISO 37001 certification is short-hand for “We’ve got a good compliance program.” Like many other ISO certifications, ISO 37001 should move suppliers and third-parties through due diligence processes more quickly, as an outside body has already certified that an anti-bribery program exists and is effective. This can be a tremendous business advantage – one which benefits both supplier, moving faster through the procurement process, and buyer, who will be exposed to less risk with a certified company.
The DOJ, SEC and compliance experts from around the world have endorsed the ISO 37001 standard. It will become active and available September 15, 2016. Mark your calendars- it’s going to be a great new era in combating bribery and corruption on a global scale.