The business case for a formal Anti-Bribery Management System (ABMS)
As business becomes more globalized, organizations are faced with new challenges and opportunities. Part of this new environment is compliance with newly emerging anti-bribery and anti-corruption laws, such as the US Foreign Corrupt Practices Act (FCPA), the UK Bribery Act, Canada’s Corruption of Foreign Public Officials Act, Mexico's General Law of Administrative Accountability and Model Program for Corporation Integrity, Russia's Federal Anti-Corruption Law No. 273, and several others in France, Germany, China, and Brazil just to name a few.
International development and enforcement of new anti-bribery and corruption (ABC) laws and guidelines is not an ad-hoc coincidence. As of August 2017, 43 countries have committed to implementing the recommendations and requirements of the OECD Anti-Bribery Convention. 140 Countries have committed to the United Nations' Convention against Corruption. This means that adoption and rigorous enforcement of anti-bribery and anti-corruption programs and best practices is already well-established, and is growing stronger by the day.
While each of these laws and conventions are somewhat different in scope and reach, the corrupt activities they prohibit are similar. “Bribery” involves improper inducement and occurs when something of value is offered or accepted in order to influence a transaction or encourage improper or illegal behavior. “Corruption” involves dishonest or illegal behavior achieved through unethical means, such as bribery. To ensure that bribery and corruption are minimized, a common requirement of these laws is for an organization to establish and maintain a formal anti-bribery and anti-corruption (ABC) management program (system). Failure to establish such a system puts public and private sector organizations and their employees at risk of incurring severe fines or even criminal prosecution. Today, a formal ABC compliance program is simply a mandatory requirement for all organizations, public or private. In fact, many organizations no longer purchase from a vendor, supplier, or contractor that doesn't have evidence of a formal Anti-Bribery Management System (ABMS) fulfilling local, national, and even international ABC compliance requirements.
Strict enforcement of UK's Bribery Act of 2010 (examples here) is now in the news quite frequently, so it is also natural that any UK organization, citizen, or even UK resident will be particularly sensitive to the need to show due diligence in having an ABMS to prevent, detect, and correct bribery and corruption. Not a UK organization or citizen? You might need to comply with UK's bribery Act anyway. If your organization buys from or provides products or services to any UK organizations or citizens anywhere in the world, expect to be required to show evidence of your own organization's ABMS to continue business with these UK organizations and citizens since they need to prove that the scope of their own ABMS includes their vendors and customers - everywhere they do business.
Expect even more pressure to control bribery and corruption when doing business in Russia or with any Russian organization. On January 1, 2013, Russia amended its its Federal Anti-Corruption Law No. 273 with Article 13.3 to go beyond the reach of both the U.S. Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act (UKBA) to require all corporations organized in Russia to develop anti-corruption compliance measures.
Country by country, anti-bribery and anti-corruption laws and related enforcement is growing rapidly and more severely. And the growth is gaining momentum every year. If your organization wants to continue to conduct business in this new era necessitating proof of compliance with existing and emerging regulatory and legislative anti-bribery requirements, it should invest in developing and maintaining an ISO 37001-certified anti-bribery management program. The alternative is losing B2B business, or even potentially paying huge fines and penalties for failing to practice anti-bribery and anti-corruption due diligence.
The new standard for an Anti-Bribery Management System (ABMS) - ISO 37001
While organizations critically need to prove due diligence in preventing, detecting, and correcting bribery and corruption, the dilemma is that there has not been a universally-recognized standard of exactly what a sufficient ABC program would entail. Until now. As of October 2016, there is a new global standard for anti-bribery and corruption (ABC) management systems, made available by the International Organization for Standardization. With the new ISO 37001 standard, "Anti-bribery management systems - Requirements with guidance for use," it means there is now an internationally recognized set of best practices to prevent and detect bribery. Moreover, these best practices are auditable and can be ISO certified. The standard is designed for use in both public-sector and private-sector organizations. Expect to see early widespread international adoption by the public sector, which will subsequently drive private-sector organizations wanting to do business with them to become certified to the same standard. Even if your organization already has an ABC program, it should immediately perform an audit against the new ISO 37001 standard to ensure that all details are addressed and compliant. After all, ISO 37001 will likely determine the minimum of what your organization's customers, regulators, and suppliers will expect of your program.
Even if you feel your ABM program covers all of the new ISO 37001 requirements, and can claim such as fact, how do you prove it to your organization's stakeholders? Going through a fresh review/audit every time someone asks? A better alternative is having your organization's ABMS certified to ISO 37001 so it can easily provide third-party assurance of its ABC program. Although ISO 37001 does not bring any amazingly fresh best practices to the table regarding bribery and corruption control, ISO 37001 certification is the single best solution for getting credible third-party assurance and validation of your organization's ABC management system - which is a critical business need today. Certification to ISO 37001 will become essential for companies wanting to do public-sector work, and we will see it quickly permeate through industry commercial sectors as well. Companies not certified will be at a substantial disadvantage in the near future.
Where to go from here
Strategy & Policy Workshop: ISO 37001 Anti-Bribery and Corruption Management (5-Days)
Introduction to today's business legal context driving the need for a formal anti-bribery and corruption system
Establishing, managing, and performing anti-bribery and corruption controls
Establishing, managing, and performing anti-bribery and corruption controls, continued
Establishing, managing, and performing anti-bribery and corruption controls, continued
Measuring the performance and effectiveness of the ABC Management System and ABC Controls (ISO 37001 Clause 9)
Continuous improvement and corrective action (ISO 37001 Clause 10)
Break-out Class Lab: ABC Management System Gap Assessment
Understanding typical high-risk areas for bribery and corruption
Training Certificate of attendance (32 CPE) awarded
Optional Online Certification Exam (Student laptop required)
* ISO Standards are NOT included in this management system and compliance training, nor are provided in class. Students are encouraged to bring their own hard-copies of the standards to the class. ISO standards are available for purchase at www.iso.org.
As an organizational governor, executive, or manager you need to ensure the organization minimizes and controls potential bribery and corruption as managers conduct business. You also need to ensure the organization complies with existing and emerging legislative requirements for establishing, operating, and maintaining an effective anti-bribery and anti-corruption management system aligned to the international standard of ISO 37001. Earning the CFCM™ certification will give you the credential and proof of competence the standard requires, and will ensure you understand how to integrate ISO 37001 best practices into your portfolio of job responsibilities.
Getting IRMCB standardized training and taking certification exams
IRMCB courses are delivered by Authorized Training and Education Centers (ATECs) in standardized live and online formats. Select ATECs are also authorized to proctor exams and issue certificates.
|Authorized Training and Education Center
||Authorized for Live Instructor-Led Training
||Authorized for Web-Based Training
||Authorized exam center
|Certified Information Security