Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

MacMurray and Benton: ISO 37001 is ‘from business, for business’

Matt Kelly’s post for the FCPA Blog about ISO 37001 — the draft standard for anti-bribery management systems– was a helpful introduction. We’re both members of the ISO 37001 U.S. Technical Advisory Group. We’d like to explain why ISO 37001 is different from past standardization efforts for compliance and why it’s important.

Among the new and positive aspects of ISO 37001 compared with past anti-corruption standards are the source, the approach, and the certification component.

The source is ISO — the International Organization for Standardization — and more specifically the technical advisory groups of 28 countries (in addition to 16 observer countries and 7 liaison organizations) presently working on the standard, consisting of not just the usual suspects (lawyers and NGO representatives), but also business people. As such, there is an emphasis among many participants on having this standard be “from business, for business,” and for businesses of all sizes.

The approach is also one that business recognizes — a management systems approach. The draft language is plain English – not legalese. In these ways, 37001 demystifies anti-bribery compliance and acts as an operationally-oriented substitute for immersing oneself in the DOJ and SEC’s FCPA Resource Guide.

Lastly, remember the corporate emphasis on quality produced by the introduction of ISO 1900 et seq? Businesses of all sizes (and especially small and medium-sized businesses) embraced the standard. Company splash pages and marketing materials prominently featured (and still feature, in many cases) certifications evidencing adoption and independent third party certification.

And recall, as well, that the “Big 4” accounting firms and other globally recognized professional groups have not been able to agree on an anti-corruption certification standard.

ISO 37001 is similarly a “requirements standard,” and qualified organizations will be able to obtain certification from accredited independent third party reviewers. Once in place, 37001 could well meet an equally positive reception as ISO 1900 received from the business community.

Adoption may be quickened if 37001 becomes the de facto substitute for supply chain anti-corruption questionnaires and/or serves, for early adopters, as a compliance and marketing differentiator.


Worth MacMurray is the Senior Vice President – General Counsel & Chief Compliance Officer of GAN Integrity Inc. in McLean, Virginia. He can be contacted here.

Leslie Benton is the Vice President of Advocacy and Stakeholder Engagement of Ms. Benton is a former Senior Vice President of Levick Strategic Communications, where she led the anti-corruption and compliance communications practice. Previously, she was the Senior Policy Director for the U.S. chapter of Transparency International. She can be contacted here.

Share this post


Comments are closed for this article!