IS ISO 37001 CERTIFICATION WORTH THE EFFORT?

By Zafar Anjum, MSc, CFE, CII, MICA, Int. Dip. (Fin. Crime)
Chief Executive Officer, CRI Group

With an estimated $2 trillion in corporate dollars doled out annually to officials in the public and private sectors, the practice of bribery in the business world has approached near rampant proportions.  But the world is taking notice and responding in kind.  The enactment of the Foreign Corrupt Practices Act (U.S.) and the UK Bribery Act, among others, demonstrates that international governments, trade organizations, banks and non-government organizations alike are confronting such corporate corruption through laws and regulations that make various forms of bribery a crime, punishable by unlimited fines, forfeiture of public contracts, and possible imprisonment of the organization’s senior officials.

But for multinational organizations, compliance with these and a host of other international, regional and local anti-bribery regulations is a major task within itself.  As such, organizations have relied on their anti-bribery management systems as the frontline defense in the battle to combat bribery both internally and externally.  And naturally, no two management systems are alike.

With the adoption of ISO 37001 in late 2016, global organizations now have a uniform standard of requirements pertaining to their anti-bribery management systems.  These approved standards are designed to help organizations better comply with international anti-bribery regulations.

According to the scores of experts who participated in drafting the standard, the purpose of developing ISO 37001 was to establish, implement, maintain and enhance an organization’s anti-bribery program while preventing, detecting and addressing the many bribery risks throughout the entity’s operations.

Conforming to ISO 37001 symbolizes an implied commitment by an organization to protect itself, its shareholders, its customers and its business partners from the hazards and risks related to bribery.  But is the process of undergoing formal certification to the standard worth it?  What is it about the standard that would motivate organizations to become certified?

As experts in the field of global risk management, we are of the opinion that the standard can greatly benefit any entity that conducts multinational business, no matter the size of the organization.

First, it should be noted that ISO 37001 specifies a series of measures to help organizations prevent, detect and address bribery. According to ISO, these measures include adopting an anti-bribery policy, involving top management and leadership, appointing a person to oversee anti-bribery compliance, developing an internal and external communications process for the program, providing training to personnel, undertaking bribery risk assessments and due diligence on projects and business associates, implementing financial and commercial controls, and reporting and investigation procedures.

The mere act of developing such a comprehensive anti-bribery management system which is modeled after ISO 37001 should be reason enough for organizations to adopt the standard.  It implies that the organization is taking the necessary steps to safeguard itself from the many inherent risks associated with this level of corporate corruption.

But if that reason is not enough to convince one to become certified, here are several other benefits that organizations will realize by adopting the standard:

It Demonstrates Best Practice in Business —  Compliance with the standard shows a strong commitment on the organization’s part that is working fervently to battle corruption, both internally and throughout its global supply chain.  This gives the organization a competitive advantage which can be very beneficial when competing for international contracts, jobs and bids.

Further, certification will help position the organization as a premium provider, which could justify subsequent higher pricing on goods and services.

It Shows Transparency in Operations — Through the certification process, the organization willingly opens itself up to the scrutiny of a qualified outside party.  This transparency can greatly enhance the effectiveness of the organization’s anti-bribery management system, as the auditor can bring ideas and input to the table that can help the organization improve on and enhance its systems and processes.

It Saves the Organization Money — A strong anti-bribery and anti-corruption policy will save the organization money through its refusal to pay bribes and not having to execute costly procedures to facilitate a bribe.

Additionally, certification will save the organization’s employees time and energy by eliminating the need to respond to potential customer inquiries into elongated steps required to establish proof of a qualified anti-bribery and corruption training program.

It Protects and Preserves the Integrity of the Organization — Adherence to the standard demonstrates that the organization is responding to (and supporting) a growing international call to incorporate ethics as a core value when conducting business around the world.

It Leads to Healthier Relationships with Third-Parties — Certification tells third-party affiliates that they are being monitored by the organization to ensure that all sub-contractors, agents, affiliates and supply chain partners have adopted their own qualified anti-bribery measures.

It Can Greatly Assist in Legal Cases — Certification provides a verified level of proof in legal proceedings that the organization has demonstrated its commitment to anti-bribery practices by taking reasonable actions to prevent such corruption.  This could have positive effects in many jurisdictions (though it will not establish a defense to prosecution for bribery in U.S. courts) and could help the organization avoid costly litigation, lawsuits and subsequent losses.

It Builds Trust Than Can Enhance the Organization’s Reputation — Certification provides a level of assurance to management, staff, stakeholders, and business partners that the organization is developing widely accepted systems and processes to detect and prevent bribery and corruption, and by doing so can show confidence that it is actively minimizing the risks, liabilities and reputational damage associated with this level of corporate corruption.

It’s been well-documented that the consequences of bribery around the globe are catastrophic, reducing quality of life, increasing poverty and eroding public trust.  A certified anti-bribery program can’t completely guarantee the elimination of corruption within the organization, but it will demonstrate and ensure that appropriate measures have been put in place to aggressively detect and prevent bribery within the organization.

INTERESTED IN LEARNING MORE?

CRI Group is an accepted business accredited in ISO 37001:2016 certification.  The company’s recently launched Anti-Bribery Anti-Corruption Centre of Excellence was created to educate, equip and support the world’s leading business organizations with the latest in best-practice due diligence processes and procedures, providing world-class consulting services to organizations seeking to validate or expand their existing compliance frameworks to maintain a competitive edge in the world marketplace.

The ABAC Centre of Excellence offers a complete suite of best-in-class services and solutions designed to help organizations mitigate the internal and external risks associated with operating in multi-jurisdiction and multi-cultural environments. If your organization could benefit from a stronger approach to third-party risk management, please visit CRI Group at www.CRIgroup.com.

ABOUT THE AUTHOR

Zafar I. Anjum, CFE is chief executive officer of CRI Group (www.crigroup.com), a global supplier of investigative, forensic accounting, business due diligence and employee background screening services for some of the world’s leading business organizations. A member of the Dubai International Financial Centre, CRI Group safeguards businesses by establishing the legal compliance, financial viability, and integrity levels of outside partners, suppliers and customers seeking to affiliate with your business. CRI Group maintains offices in UAE, Pakistan, Qatar, Singapore, Hong Kong, Malaysia, USA, and the United Kingdom.

 

CONTACT INFORMATION
Zafar Anjum, MSc, CFE, CII, MICA, Int. Dip. (Fin. Crime)
CRI Group Chief Executive Officer
917, Liberty House, DIFC PO Box 111794, Dubai, UAE
PHONE: +971 4 3589884
CELL: +971 50 9038184
EMAIL: zanjum@crigroup.com