What does ISO 37001 Mean for Firms in Emerging Markets?

ISO certified pic
Image: trident-integrity.com

In the relatively new sphere of anti-corruption compliance, 2016 is shaping up to be one of the most significant years ever. Not because of a record fine levied against a multi-national corporation. Nor because of a new law or stepped up enforcement. But, rather because a group of compliance practitioners from dozens of countries have painstakingly devised a new global standard that lays the groundwork for unambiguous anti-corruption compliance certification of firms large and small.

The new standard, known as ISO 37001 – Anti-bribery management systems, is set to be released for use on September 15 by the Geneva-based International Organization for Standardization (ISO). The ISO is the global body that develops and maintains thousands of standards, ranging from technical and industrial specifications that ensure products can work together – how pipes are threaded, the data structure of CD-ROMs, the direction of on/off switches in aircraft, the dimensions of camera film and office paper – to environmental practices and health and safety in the workplace.

In plain language designed to capture the core elements of the world’s existing anti-corruption standards, ISO 37001 outlines a set of minimum requirements companies must meet to be certified as having an effective compliance program. One clear benefit of the standard is that it brings clarity for compliance practitioners globally on what elements a bona fide, corporate anti-corruption program must have and how the presence or absence of those elements can be certified.

Neill Stansbury, co-founder of the U.K.-based NGO Global Infrastructure and Anti-Corruption Centre, played a key role in developing ISO 37001 as the chairman of the ISO’s Anti-Bribery Project Committee. The committee’s three years of labor peaked earlier this year with the publishing of a draft version of 37001 and the subsequent consideration last month in Mexico City of over 600 edits. Stansbury says he was heartened by the diversity of participants in the ISO 37001 creation process.

“What has been interesting is the level of support we have had for the standard from developing countries. Over 50 countries are involved in the standard’s development, and nearly half of those are developing countries,” says Stansbury, whose NGO specializes in combatting corruption in the notoriously venal global construction industry.

In part, because the ISO 37001’s contributors included compliance practitioners from economically diverse countries with a variety of approaches to anti-corruption, Stansbury predicts that the new standard will have a significant impact on the way SMEs do business.

“You would expect to see in some countries some sort of government support to help SMEs use this standard. Also, when larger companies adopt the standard, they will be required to ensure that their sub-contractors and suppliers which pose more than a low bribery risk implement anti-bribery controls,” he says. “So, this will have a cascading effect, which will result in an improvement in overall standards.”

Ilsur Akhmetshin, who recently retired as a longtime compliance/integrity officer based in the Moscow office of ABB, the power and automation technology behemoth, sees the new standard as playing a positive role in sorting out a sometimes chaotic playing field where different compliance standards hold forth.

“ISO 37001 is absolutely timely,” he says. “Many companies, including ABB, used certifications for their compliance programs in non-systematic way. The existing specialized companies have different approaches for certification processes and the value of such certifications looks different. The new standard will provide a unified and comparable base for the assessment of anticorruption management systems.”

It is up to companies to choose whether they certify or not under ISO 37001. According to Philippe Montigny, who helped draft the new standard, this is a key distinction for mid-sized firms that may not have the resources to embark upon a full-blown certification process.

“The standard’s terms of reference offer a collection of guidelines to mid-sized companies that will enable them to design and implement a corruption prevention program at a reasonable cost,” says Montigny, president of ETHIC Intelligence. “Having participated in the development of the standard from the beginning, I believe that the most significant feature of the standard is that it is risk-based. In other words, the standard promotes an anti-corruption program that is both risk-based and adapted to a company’s specific organization. It is thus suitable for mid-sized firms with limited resources who wish to implement an anti-corruption compliance program.”

One compliance and anti-corruption expert not involved with the drafting of ISO 37001 expressed caution in pronouncing judgment on the new standard’s impact. “The concern I have is about the actual outcome of this. Will it help promote effective implementation of appropriate standards or will it add to process-focused, check-the-box, one-size-fits-all approaches that we have seen in the past,” asks Nikos Passas, the Distinguished Inaugural Professor of Collective Action, Business Ethics, and Compliance at the International Anti-Corruption Academy in Vienna, and Professor of Criminal Justice at Northeastern University in Boston.

Moving forward, Stansbury says one of the key indicators of the ISO 37001’s impact will be the degree to which governments adopt it. “It will be a big breakthrough if public sector procurement agencies require the standard to be a pre-qualification requirement for contracts over a certain value.”

Overall, having shepherded first a UK anti-bribery standard and now a global standard to implementation, Stansbury says he has gained perspective on the issue.

“There has been massive progress over the last 10 years, but bribery is unfortunately still very widespread and there is a significant lack of political will globally. Interestingly, the main progress has been primarily driven by the private sector rather than the public sector,” he observes, continuing, “The initial trigger for the private sector to act was probably the widespread changes to the law and increase in enforcement over the last few years. However, there is also increasing awareness of the damage and risks caused by bribery.  The actual drive to put in place anti-bribery controls and management systems is primarily being led by the private sector. There is a desire to have a more level playing field, and a more ethical environment in which to work.”

Frank Brown is a Senior Program Officer for the Global Alliance for Trade Facilitation (GATF) and the Value Chain/Anti-Corruption Program Team Leader at CIPE.