Transparency International UK also makes this free guide available through their website @ News | Transparency International
ISO 37001 - Anti-Bribery Management Systems
- Thread starter Sidney Vianna
- Start date
Ian_Morris
Involved In Discussions
Thanks both,
I had read the article from UKAS and was surprised to not see the likes of BSI engage with the trial.
It's a little frustrating and depressing that here in the UK 2 years on from the introduction of the standard that we still do not have a credible CB to support what will be a key client requirement in the near future as corporate responsibility becomes ever more important to successful businesses.
Minky57, this may have to be a road that we pursue and take a hit on costs if auditors have to travel, but I would no way move in the direction of the unaccredited bodies as I am more than capable of writing a piece of paper myself to save the money we would spend on this.
Hope this resolves itself in the future and if we get an update I will let you all know.
Ian
I had read the article from UKAS and was surprised to not see the likes of BSI engage with the trial.
It's a little frustrating and depressing that here in the UK 2 years on from the introduction of the standard that we still do not have a credible CB to support what will be a key client requirement in the near future as corporate responsibility becomes ever more important to successful businesses.
Minky57, this may have to be a road that we pursue and take a hit on costs if auditors have to travel, but I would no way move in the direction of the unaccredited bodies as I am more than capable of writing a piece of paper myself to save the money we would spend on this.
Hope this resolves itself in the future and if we get an update I will let you all know.
Ian
Just to share, under the American accreditation scheme (ANAB), the only two accredited CB's for ISO 37001 certification are not located in North America; one is located in Israel and the other one is located in Peru.
I suspect that CB's are not seeing a big interest in this certification scheme, so far. And, for both the AB's and CB's, to seek an accreditation program which does not seem to have significant market interest is a non-starter, these days.
As I said earlier, in my opinion, this issue is so different than the traditional accredited management system certification, especially because people responsible for ethical breaches will deliberately and forcefully attempt to cover their tracks, that the whole aspect of accredited oversight belongs elsewhere.
For an ABMS audit to "have teeth", the whole auditing process should be very different from the current/traditional one we have.
Ian_Morris
Involved In Discussions
I agree with the challenges for the audit approach.
Wrestling with how to keep our in-house systems clean with simple elements, such as corporate hospitality, is difficult enough so an organisation that is actively using illegal activity, a forensic financial audit would possibly be the only way to do this, although I am not even sure how effective this would be given the high profile failures of the audit process in recent large corporate collapses, i.e. Carillion and BHS in the UK.
The pressure for adoption will undoubtedly come from government bodies and large companies looking to offset their own supply chain risks and with a noticeable increase in awareness being promoted from some industries here about the use of ISO37001 certification to demonstrate compliance with legislation such as the Bribery Act and FCPA.
Maybe the ISO guys took it a step too far with offering 37001 as a certifiable standard in the first place.
Either way we are still in a place where we have clients indicating this will be a mandatory requirement in 2018 - 2019 and very limited capability for achieving it.
Wrestling with how to keep our in-house systems clean with simple elements, such as corporate hospitality, is difficult enough so an organisation that is actively using illegal activity, a forensic financial audit would possibly be the only way to do this, although I am not even sure how effective this would be given the high profile failures of the audit process in recent large corporate collapses, i.e. Carillion and BHS in the UK.
The pressure for adoption will undoubtedly come from government bodies and large companies looking to offset their own supply chain risks and with a noticeable increase in awareness being promoted from some industries here about the use of ISO37001 certification to demonstrate compliance with legislation such as the Bribery Act and FCPA.
Maybe the ISO guys took it a step too far with offering 37001 as a certifiable standard in the first place.
Either way we are still in a place where we have clients indicating this will be a mandatory requirement in 2018 - 2019 and very limited capability for achieving it.
In the risk - opportunity spectrum, you can use the fact that a few CB's are investing in the scheme and need registrants to support their accreditation efforts, to negotiate an ISO 37001 certification basically for free. They, the CB's, need organizations such as yours to perform witnessed audits. That's something that you can monetize for your organization.
As for (my perceived) reluctance/resistance from the corporate world in embracing this certification program, I can understand. Assuming the organization is doing a good job of using their ABMS to capture the risks and manage their exposure, some management system records, such as internal audits, management reviews and others could have potentially damning information about bribery acts and countermeasures. External parties, such as CB auditors could then be subpoenaed to testify in lawsuits.
I have no doubt this type of exposure is something in the minds of executives and their corporate legal teams.
In the USA, in the past, some CB's had attempted to use "client-attorney" privileges as a way to fend off subpoenas related to environmental lawsuits. It didn't last a nano second.
I suspect that, if, as you say, there will be a demand for organizations to seek certification to ISO 37001, corporations will have two ABMS systems; the real one and the fairy tale one, totally sanitized for prying CB auditor eyes....
Update: A 3[sup]rd[/sup] CB, from Mexico, has attained ANAB accreditation for the ISO 37001 Standard. So, there you have it: an American AB accrediting 3 CB's for ISO 37001; none of them in the USA.
Another interesting point: In the 2017 ISO Survey, ISO has not reported any data on certification to ISO 37001, despite the fact that the standard was released in 2016 and, thus, some certification programs certainly happened during 2016 and 2017. Could it be that the numbers are so low that they did not report it?
Ian_Morris
Involved In Discussions
Thanks Sidney,
I just checked the UKAS site and there are now two accredited bodies in the UK.
Not sure about how great this is, in that one of them is only covered for IT companies and the other, whilst having coverage for a number of industries, including my own, appears to be based out of Bulgaria and not the UK.
The irony that Bulgaria does not fare well on the Transparency International corruption index was not lost on me when I read this...
Its a start through.
I just checked the UKAS site and there are now two accredited bodies in the UK.
Not sure about how great this is, in that one of them is only covered for IT companies and the other, whilst having coverage for a number of industries, including my own, appears to be based out of Bulgaria and not the UK.
The irony that Bulgaria does not fare well on the Transparency International corruption index was not lost on me when I read this...
Its a start through.
Indonesian Accreditation Body has accredited six (6) local CBs to certify ISO 37001.
As April 2018, there are some 96 organizations certified to ISO 37001:2016 but not all are certified by accredited CBs as they are in the infant stage where seeking accreditation.
As April 2018, there are some 96 organizations certified to ISO 37001:2016 but not all are certified by accredited CBs as they are in the infant stage where seeking accreditation.
Last edited by a moderator:
According to the 2020 ISO Survey, the top 10 countries, in number of ISO 37001 certificates are:
Many thanks for the info. In Indonesia, 120 out of 162 SOEs and in South Korea, 25 out of 340 SOEs have been certified to ISO 37001 as June 2021.
