A New Tool for Anti-Bribery Compliance Program: ISO 37001
|Recently, the International Organization for Standardization (ISO) adopted a new set of voluntary standards, designated as ISO 37001, to assist organizations in their ongoing fight against bribery. As a result of recent increases in the enforcement of the U.S. Foreign Corrupt Practices Act of 1977 (FCPA) and, notwithstanding the guidance provided by the U.S. Department of Justice’s (DOJ) Resource Guide to the U.S. Foreign Corrupt Practices Act (Guide), for-profit and notfor-profit organizations continue to seek greater clarity when establishing and maintaining their anti-bribery compliance programs. By developing a set of standards that adopts best practices in the area of anti-bribery compliance across industries, and organization types and sizes, ISO 37001’s adoption may assist organizations in their development and implementation of stronger anti-bribery compliance programs.|
FCPA and the Guide
The FCPA makes it unlawful for certain classes of persons and entities to make payments to foreign government officials in furtherance of obtaining or retaining business. More specifically, the anti-bribery provisions of the FCPA prohibit payments to foreign officials to obtain or retain business, while the accounting provisions require issuers to make and keep accurate books and records, and to maintain an adequate system of internal accounting controls. The anti-bribery provisions not only apply to all U.S. persons and certain foreign issuers of securities, they also apply to foreign firms and persons who cause, directly or through agents, an act in furtherance of a corrupt payment to take place within the U.S.
Largely as a result of increased enforcement of the FCPA over the past decade, some have expressed frustration with the perceived inconsistency in the manner in which the government approaches FCPA violations. In response to these voices, the DOJ issued the Guide in 2012. Although not providing bright line rules, the Guide provides extensive case studies and hypothetical scenarios intended to assist organizations navigate compliance with the FCPA, and thus avoid potential enforcement actions. Moreover, the Guide has conveyed an essential message to organizations subject to the FCPA that proactive and effective self-oversight and management of conduct by an organization is the key to avoiding FCPArelated prosecution and liability, and ensuring compliance. Such conduct can be satisfied through the establishment and maintenance of an effective anti-bribery compliance program to prevent corrupt, violative behavior by employees and agents.
As part of its objective of developing and publishing international standards, the ISO has drawn upon the national standards bodies of 163 member countries to develop nearly 20,000 voluntary international standards across industries and sectors to date. ISO 37001, published in October 2016, is designed to help an organization establish, implement, maintain and improve an effective and proactive anti-bribery compliance program using a series of measures and controls that represent global anti-bribery best practices. The set of standards set forth in ISO 37001 can be used as a standalone program or can be integrated into a pre-existing overall management system.
ISO 37001 addresses the following bribery types in relation to an organization’s activities:
- Bribery in the public, private and not-for-profit sectors;
ISO 37001 compliance requires organizations to implement a series of measures and controls in a reasonable and proportionate manner to help prevent, detect and effectively deal with bribery. Below are the relevant requirements set forth by ISO 37001:
a. Anti-bribery policies & procedures: Develop appropriate anti-bribery compliance policies and procedures in accordance with applicable laws to prevent bribery. Ensure that the policy and procedures are communicated in appropriate languages to employees and business associates, and are available to all relevant stakeholders.
In addition, ISO 37001 notes that while “facilitating payments” are permitted by the FCPA, such payment type is illegal under many other countries’ foreign bribery laws. Given the ISO’s broad global perspective, it is not surprising that ISO 37001 treats facilitating payments as bribery and advocates that such payments should be prohibited by an organization’s anti-bribery management system.
Organizations may also seek assistance from law firms or other third parties with relevant experience.
In short, ISO 37001 benefits organizations by providing:
- guidance for developing and maintaining an effective anti-bribery management system;
This alert is for general informational purposes only and should not be construed as specific legal advice. If you would like more information about this alert, please contact one of the following attorneys or call your regular Patterson contact.
*Not admitted to practice in New York.
Link to article