I live in Mexico City and work in Mexico and Latin America. Here’s what ISO 37001 looks like from my perspective.
In the next few months, the Geneva-based International Organization for Standardization, or ISO, is expected to release its anti-bribery management systems standard, Number 37001. Whether used as guidance or as an audit standard, ISO 37001 offers increased business opportunities for all sectors worldwide.
From the perspective of Latin American companies that seek to do business with international firms that have sophisticated anti-bribery compliance programs, policies and procedures, adopting ISO 37001, and thus earning the resulting certifications, may afford them a competitive advantage in the local market.
International companies are always looking for local partners, or to invest in this region. These global firms are increasingly asking — or demanding — that their local partners meet their ethical standards when doing business or providing support or services. These demands are driven by a growing number of compliance regimes around the world, both developing, and mature, that can levy severe fines on companies that flout them. Whether those fines are considered legitimate or political punishment, multinational corporations seek to avoid them by ensuring that their partners are certified under a compliance standard that everyone can agree is fair.
Herein lies the challenge for Latin American companies: how do you build a compliance regime that controls and monitors your operations in order to meet these exacting standards? And how do you help to ensure that the public sector organization responsible for monitoring your progress, employ agents that are qualified to certify your compliance?
For global companies navigating business in Latin America, acknowledging and mitigating bribery risk, and the resulting liability for prosecution and reputation damage, is critical for success. Latin America’s bribery and corruption cases have been triggered by third parties or supply chains. ISO 37001 can and will raise awareness among local companies about the key elements of a basic compliance regime, which they should seriously consider in order to gain and retain international business.
Certification under ISO 37001 could provide a level of assurance to multinational corporations that their Latin American partner’s compliance standards will match their own. After building and implementing management systems that mitigate and control bribery risk, the stakes for paying or accepting a bribe are heightened to international standards, and do not stop at potential legal fines and penalties. Pay, and you run the risk of losing your global access.
A Latin American company that has achieved these credentials shouldn’t then rest on its laurels or do the bare minimum. Instead it should build on that certification as well as publicize its efforts to demonstrate its commitment. Think of ISO 37001 as a base level, not a final achievement.
ISO 37001 certifications will only be as good as the independent and experienced auditors or certifiers who perform the necessary inspections. Within the ISO, this challenge is under discussion and development. One outcome that’s assured is that companies will have to continuously and increasingly demonstrate transparency both pre, during, and post examination.
Sinner or saint, corporate entities need to put their houses in order before calling the auditor or certifier. Be transparent. Be open. Be aware. Also, know that based on previous behavior, auditors or certifiers may write a company off wholesale and refuse, at first, to do the job. If all third party supply chain partners don’t have effective compliance programs in line with this standard, the company under inspection employing their services may be in further trouble.
There is hope in Latin America. Guatemala, Argentina, Brazil, Mexico, Colombia, Chile, Uruguay, and Panamá, as examples, are increasingly focused on how to tackle corruption — at least according to recent media coverage. They are developing anti-bribery and corruption bills and systems, as well as the enforcement bodies to police them.
Brazil in particular, given its current headline-grabbing scandals, is demonstrating the will to implement anti-corruption initiatives. Guatemala has refused to tolerate corruption from the president and vice-president.
Latin American countries are realizing that although there’s a political price in pushing for reforms, the price tag for not doing so is much greater.
There is a balance that each country needs to take into consideration as they choose to implement ISO 37001. It is a tool, not legislation, and the private sector will likely lead the public sector in embracing it. Whether small, medium or large, public or private, organizations that espouse these credentials will collectively demonstrate a more robust compliance culture overall, which can bolster the national economy if a country is seen as “better to do business in.”
As ISO 37001 becomes a more widely accepted indicator of global compliance, a company’s adherence to and championing of it will only help it attract joint ventures and other business relationships with desirable global enterprises.
Fernando Cevallos the Director of Compliance, Investigations and Intelligence for Control Risks in Mexico City. He is also the global coordinator of the communications task group of ISO 37001 and a member of the Mexican technical advisory group. He can be contacted here.