Thematic resource

September 2019

ISO 37001 standard

ISO 37001 is a certifiable specific standard for the prevention of corruption: it requires the creation, implementation, control and continuous improvement of an Anti-Bribery Management System (ABMS).

Adopted in 2016 by the International Organization for Standardization, the ISO 37001 standard is based on a key principle: the prevention of corruption must be reasonable and proportionate to the risks of each organization ... An international standard that requires a very operational approach!

Who is the ISO 37001 Standard for? 

  • Any organization, small and medium-sized businesses as well as multinationals;
  • All sectors and activities;
  • All businesses (public or private);
  • For profit or nonprofit organizations.

6 good reasons to go for the ISO 37001 certification:

  1. Supported by good internal and external communication, it operates as a preventive firewall;
  2. It increases the credibility and international visibility of the company's anti-bribery commitments;
  3. It is a useful tutoring tool for the Compliance Officer;
  4. It helps to reduce legal and financial risks;
  5. It is a competitive advantage for sales teams and a reinforcement of reputation;
  6. It meets the international requirements for the corruption prevention : OECD, United Nations, African Union, Sapin 2 law (France), UK Bribery Act (United Kingdom), FCPA (USA), ...

ISO 37001 standard in 4 steps

Capture EN


Main ISO 37001 standard's requirements

Chapter 4 > Describe the context of the organization including:  
  • Third parties and their anti-corruption requirements

  • The scope of application of the anti-bribery management system (ABMS)

  • The detailed description of the ABMS (composition, organization, etc.)

  •  Corruption risk assessment of the organization: risk mapping

Chapter 5 > Leadership and commitment of the management

This is the heart of the ABMS : the « Tone at the top » is set, communicated and shared. This is where the antibribery policies are built, and where the project is carried and directed. 

Chapter 6 > Plan and animate the ABMS 
  • Ensure the organization is able to meet the objectives of its ABMS

  • Ensure that the organization has planned actions related to the construction, monitoring and improvement of the ABMS 

NB: The planning elements are in all the processes of the organization (diffusion, training, deployment, control, review, ...)

Chapter 7 > Make sure that resources and skills, communication and document management are adapted to the needs of ABMS

For exemple : 

  • Recruitment processes, skills management, the identification of the functions exposed, and the remuneration policy integrate the risks of corruption;

  • The training of exposed employees and / or awareness of all employees is planned and managed;

  • Disciplinary sanctions for non-compliance with anti-bribery rules are known and understood;

Chapter 8 > Realization of operational activities

This is the operational deployment of the ABMS and the integration of the requirements of the ISO 37001 standard in the business processes.

Chapter 9 > Measurement and analysis 

Methods and tools for evaluating the performance and effectiveness of the ABMS

Chapter 10 > Improvement  

Continuous improvement and treatment of nonconformities through curative or corrective actions: includes chapter 6 planning and reporting analysis.


ISO and Compliance reforms

International standards bodies and AFNOR are working on an interconnected set of standards related to compliance..

Thus 4 subjects would be distinguished but connected to each other :

  • 37000 : Governance
  • 37001 : Anti-bribery
  • 37301 : Compliance (ex 19600)
  • 37002 : Whistleblowers

International deliverables should enable companies or organizations to demonstrate compliance during controls.

 AFNOR is working to bring the requirements of the revised standards into line with the requirements of the French Sapin 2 Law.