Matt Kelly’s post for the FCPA Blog about ISO 37001 — the draft standard for anti-bribery management systems– was a helpful introduction. We’re both members of the ISO 37001 U.S. Technical Advisory Group. We’d like to explain why ISO 37001 is different from past standardization efforts for compliance and why it’s important.
Among the new and positive aspects of ISO 37001 compared with past anti-corruption standards are the source, the approach, and the certification component.
The source is ISO — the International Organization for Standardization — and more specifically the technical advisory groups of 28 countries (in addition to 16 observer countries and 7 liaison organizations) presently working on the standard, consisting of not just the usual suspects (lawyers and NGO representatives), but also business people. As such, there is an emphasis among many participants on having this standard be “from business, for business,” and for businesses of all sizes.
The approach is also one that business recognizes — a management systems approach. The draft language is plain English – not legalese. In these ways, 37001 demystifies anti-bribery compliance and acts as an operationally-oriented substitute for immersing oneself in the DOJ and SEC’s FCPA Resource Guide.
Lastly, remember the corporate emphasis on quality produced by the introduction of ISO 1900 et seq? Businesses of all sizes (and especially small and medium-sized businesses) embraced the standard. Company splash pages and marketing materials prominently featured (and still feature, in many cases) certifications evidencing adoption and independent third party certification.
And recall, as well, that the “Big 4” accounting firms and other globally recognized professional groups have not been able to agree on an anti-corruption certification standard.
ISO 37001 is similarly a “requirements standard,” and qualified organizations will be able to obtain certification from accredited independent third party reviewers. Once in place, 37001 could well meet an equally positive reception as ISO 1900 received from the business community.
Adoption may be quickened if 37001 becomes the de facto substitute for supply chain anti-corruption questionnaires and/or serves, for early adopters, as a compliance and marketing differentiator.
Leslie Benton is the Vice President of Advocacy and Stakeholder Engagement of CREATE.org. Ms. Benton is a former Senior Vice President of Levick Strategic Communications, where she led the anti-corruption and compliance communications practice. Previously, she was the Senior Policy Director for the U.S. chapter of Transparency International. She can be contacted here.