Skip to content


Harry Cassin
Publisher and Editor

Andy Spalding
Senior Editor

Jessica Tillipman
Senior Editor

Bill Steinman
Senior Editor

Richard L. Cassin
Editor at Large

Elizabeth K. Spahn
Editor Emeritus

Cody Worthington
Contributing Editor

Julie DiMauro
Contributing Editor

Thomas Fox
Contributing Editor

Marc Alain Bohn
Contributing Editor

Bill Waite
Contributing Editor

Shruti J. Shah
Contributing Editor

Russell A. Stamets
Contributing Editor

Richard Bistrong
Contributing Editor

Eric Carlson
Contributing Editor

MacMurray and Lazzarini: Why ISO 37001 is the next big thing

The ISO 9001 Quality Management System has been a spectacular success, with over 1.3 million organizations certified around the world since the standard’s 1987 introduction.

We believe the ISO 37001 Anti-Bribery Management Systems may enjoy similar widespread worldwide acceptance.

Why? Similar pre-existing circumstances and good business reasons.

Many of the same conditions are in place today with respect to bribery as existed in 1987 concerning the often unpredictable nature of product or service quality:

  • the existence of a global business problem with pernicious societal impact
  • ambiguous or conflicting legal/regulatory measures that place more importance on national boundaries and proscribed behavior than on positive direction and common sense, and
  • a growing belief among practitioners actively fighting the given problem that what is needed is a broadly-focused business (and not yet another narrow legal) approach.

ISO 9001’s value to business? Trust and transparency emanate from this management system’s straight-forward requirements. It emphasizes “how to” rather than “thou shalt not.” And it features a respected and independent review process that has seen global acceptance.

ISO 37001 follows the same organizational construct and similarly prioritizes practicality. ISO 37001 is also fast gaining global recognition. Microsoft has announced that it will adopt the standard, Walmart just announced that it is considering ISO 37001 adoption, and the governments of Singapore and Peru are studying ways to apply the standard to public procurements and the private sector.

A study of public U.S. manufacturing companies over a ten-year period indicates that significant financial improvement (sales growth, return on sales and return on assets) occurred after ISO 9001 certification as compared to similarly situated non-certifying peers. ISO 37001-certified companies stand to similarly benefit; internally, through improved processes and visibility, with associated financial improvements; and externally, by making counterparties and stakeholders aware of their improved bribery risk profile.

Compliance cost reduction opportunities are also available to certifying companies that apply ISO 37001 in their supply chains — through elimination of “one-off” and other labor-intensive processes.

As ISO 9001 has so effectively demonstrated with quality, good business standards reduce complexities and cost and promote sound business practices. ISO 9001 certification (now governed by the 2015 iteration) continues to help companies compete and win business by providing a globally understood “common language of quality.”

With ISO 37001’s emphasis on the business-oriented nuts, bolts and benefits of fighting bribery, it provides creative opportunities for companies to leverage sunk FCPA anti-corruption program costs and existing program activities — and with certification as a tangible, positive and marketable result.


Worth MacMurray is a Principal at Governance & Compliance Initiatives (, a Senior Advisor at the Ethisphere Institute ( and can be emailed at [email protected]

Edoardo Lazzarini , PhD is an Italy-based international pharma compliance professional and can be emailed at [email protected]

Share this post


1 Comment

  1. Here is one question I have about ISO 37001. Why should companies focus on this one ISO standard, instead of ISO 19600, dealing with compliance management systems? Should we expect ISO standards for each compliance area in the future? Will companies be expected to pay consulting companies to "certify" each new compliance ISO standard? And will they be expected to pay for copies of each new standard, since ISO charges for access to each standard? Cheers, Joe

Comments are closed for this article!