The ISO has developed an international standard to help organizations fight bribery and promote ethical business practices. ISO 37001 requires organizations design and implement an anti-corruption program appropriate to their specific risk factor.
The requirements specified by ISO 37001 address two key areas:
- Bribery by the organization, its personnel or business associates for its own gain
- Bribery of the organization, its personnel or business associates in relation to its activities
ISO 37001 certification enables you to protect and preserve the integrity of your organization by:
Opening your organization to external scrutiny of the effectiveness of your anti-bribery policies and processes
Demonstrating compliance to relevant legislation such as the UK Bribery Act 2010, FCPA and other anti-bribery laws
Collaborating with stakeholders to monitor and manage risk throughout your organization and supply chain
Ensuring that suppliers, sub-contractors and agents are committed to anti-bribery best practice
Through our partnership with PECB, an accredited ISO certification body, STEER is uniquely qualified to audit anti-bribery management systems.
Our ISO 37001 services
STEER is uniquely qualified to offer a host of services in support of ISO 37001. STEER Partners are certified Lead Implementers and certified Lead Auditors with Master distinction, through the global certification body PECB, accredited by the International Accreditation Service (IAS).
Certified Audit and Certified Training Services
Through our business partnership with PECB, we offer the following certified training and certified audit services:
1. ISO 37001 Certified Lead Implementer training course (click here for more details)
2. ISO 37001 Certified Lead Auditor training course (click here for more details)
3. ISO 37001 Certification Audits for corporations/governments worldwide
STEER also offers web-based training where our instructor presents the training course live online, and is available to answer questions and provide support.
Implementation Consultancy Services
STEER also offers ISO 37001 implementation consultancy services (which cannot be combined with certified audit services for the same entity) for any size organization/entity. We have the expertise and experience required to build a state-of-the-art Anti-bribery Management System based on ISO 37001, for Fortune 500 companies, smaller size organizations and governments.
We apply, in general, the following ISO 37001 implementation methodology, whereby each of the phases can be offered as separate services:
Phase 1: Training
The purpose of the (certified) implementer training will be to introduce the participants to the ISO 37001 standard and the purpose of an ABMS. The training will focus on the planning and implementation of an ABMS and how to prepare for a certification audit.
The training will ensure a solid knowledge base of the participants ahead of the implementation activities that will take place.
A short briefing/training for Executive Management with a high-level focus on ISO 37001, the purpose of an ABMS and the role of executive management in a successful implementation and continual improvement of the ABMS.
Phase 2: ISO 37001 Maturity Level Assessment (MLA)/Gap Analysis
The STEER ISO 37001 MLA practice concentrates on the assessment of the effectiveness of the company’s existing anti-bribery program and the company’s “system of internal controls” designed to prevent the company from bribery as well as properly manage situations where bribery has occurred.
Phase 3: Planning of the Implementation
Phase 4: Implementation of the ABMS
- Implementing actions based on detailed work plan as defined in phase three.
- Close monitoring of progress and reporting of work progress.
- Interaction with various stakeholders, including the sharing of good practices and experiences.
Phase 5: (Internal) Audit and Management Review
In today’s competitive markets and in geographical locations where it is still common practice to make illicit payments to obtain business, international companies are often faced with challenges to comply with international laws and regulations.
Companies that have been in the unfortunate circumstance of being subject of a violation of International anti corruption regulations, such as the FCPA or UK bribery act know all to well the dramatic negative consequences of such an issue. The cost of penalties and related cost of investigations, remediation and mitigation often exceeds millions of dollars, with some exceeding hundreds of millions of dollars or, in exceptional cases, billions of dollars.
STEER offers to perform anti bribery compliance reviews (“ABCR”) designed to test the companies’ policies and procedures to prevent corruption. At times companies will perform this type of review under a deferred prosecution agreement after receiving government sanctions for bribery. We offer this service as part of our monitoring program but also as a proactive audit.
An ABCR’s objective is to identify violations of the company’s Code of Conduct with respect to corruption by assessing controls and processes within the business that have been designed to prevent and detect such violations. This involves a review of account balances as well as testing of transactions.
The result of an ABCR will identify weaknesses that management should remediate.
The first step in an ABCR is to develop a work plan that clearly identifies the tasks to be completed and the steps to be performed.
The action plan should include a description of the weakness, a specific individual assigned to remediate the weakness and a timeframe to do this.
At the closure of an ABCR a discussion with senior management should occur to agree on an action plan to remediate any weaknesses identified
Once this step has been completed a final report will be issued with the ABCR findings, as well as the remediation action plan.
It is the company’s responsibility to follow up and ensure corrective actions have been taken.
An ABCR not only provides insights into certain control weaknesses in a pro-active way, it can also serve as a company defense should a criminal violation occur and government agencies become involved.
Having this process in place and performing this type of review sends a strong signal to employees that the company is serious about corruption and creates a clear tone at the top.
At the closure of an ABCR a discussion with senior management should occur to agree on an action plan to remediate any weaknesses identified.