S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31	1	2	3	4

This content is intended for the public covered by the exceptions of the Charter of the French language and its regulations. If you read on, you confirm that you fall within one of these exceptions.

ISO 37001

person refusing an envelope

Standard ISO 37001
Anti-bribery management systems — Requirements with guidance for use

Bribery raises social, moral, economic and political concerns. It undermines good governance, hinders development and interferes with competition.

In order to be proactive in combating bribery, organizations must commit to establishing a culture of integrity, transparency, openness and compliance. This can be achieved by implementing the requirements specified in the standard ISO 37001 Anti-bribery management systems — Requirements with guidance for use.

This standard reflects international good practice and offers organizations a structured approach to help them to avoid or mitigate the risks, costs, and damage linked to bribery, in order to ensure the public’s confidence and thus maintain a positive image of the organization.

The standard ISO 37001 describes the implementation within an organization of an anti-bribery management system. This system is composed of policies, procedures and controls that are reasonable and proportionate according to the risks, to prevent, detect and respond to bribery.

Published in October 2016, the standard ISO 37001 has several elements in common with other ISO standards. The management system it proposes can easily be integrated into other management systems such as quality management (ISO 9001), environmental management (ISO 14001), and occupational health and safety management (ISO 45001).

Download standard

This standard is available on the ISO website.

Certification Offer

ISO 37001

Organizations who wish to have their anti-bribery management systems recognized can contact the BNQ, whose certification program for anti-bribery management systems ISO 37001 is accredited by the Standards Council of Canada (SCC).

To obtain ISO 37001 certification, organizations must demonstrate to the BNQ that they meet the requirements of the standard. These requirements cover:

context (needs and expectations of stakeholders, bribery risk assessment, etc.)
leadership (anti-bribery policy, roles, responsibilities, authorities, etc.)
planning (actions to address risks, objectives, targets, etc.)
support (resources, competence, training, communication, documentation, etc.)
operation (operational planning and control, due diligence, financial and non-financial controls, managing inadequacy of controls, raising concerns, investigating and dealing with bribery, etc.)
performance evaluation (monitoring, measurement, analysis and evaluation, internal audit, management review, and review by anti-bribery compliance function)
improvement of system (nonconformity, corrective actions, and continual improvement).

This certification program is accredited by the Standards Council of Canada.

Why choose the BNQ?

Accredited by the Standards Council of Canada (SCC), the BNQ has always shown an exemplary diligence regarding decision-making and recommendations for certification. Our international accreditation guarantees that the BNQ’s methods and procedures are carried out in compliance with the rules of the International Organization for Standardization (ISO), the International Accreditation Forum (IAF), and the World Trade Organization (WTO).

Choosing the BNQ’s certification program ISO 37001 means:

choosing an approach that is transparent, independent, impartial, uniform, and confidential
having access to an audit method that is structured, rigorous, trusted, and proven increasing the confidence of your clients, suppliers, shareholders, employees, and other stakeholders regarding the processes implemented
ensuring the sustainability and continuous improvement of your anti-bribery management system.

Certification steps

At the BNQ, the certification process for anti-bribery management systems adheres strictly to the applicable accreditation requirements.

The certification cycle is a three-year cycle during which maintenance audits are performed every twelve months. The process begins with an initial application for certification submitted by email using the application form (see this web page under “Download the document required for certification”).

Once the service contract has been signed by both the BNQ and the client, and once the documentation pertaining to the client’s anti-bribery management system has been sent to the BNQ, the name of the auditor responsible for the audit is communicated to the client.

Before the initial onsite certification audit, a preliminary assessment of the client’s level of preparedness is carried out, notably through the review of the documentation received. The conclusions of this preliminary assessment are then communicated to the client in the form of a written report. This report establishes an initial judgment of the conformity of the client’s system to the documentation requirements of the standard and to the level of understanding and implementation of the requirements of the standard by the client. If the assessment is favourable, the lead auditor prepares an audit plan and sends it to the client.

The initial certification audit can now take place: the auditor collects all relevant information pertaining to the requirements of the standard and verifies them. This information is collected by means of interviews, the observation of activities and the work environment, and the consultation of documents on site. The client is kept informed of the auditor’s observations as the audit progresses; these will be included in the written report summarizing the auditor’s findings.

If discrepancies are observed during the audit, they may be subject to corrective action requests (CARs ) by the BNQ, which may be major or minor depending on the significance of the impact of the discrepancies on achieving the objectives of the standard. The CAR must be closed (in other words resolved) within 30 days following the audit.

The decision concerning the certification of the anti-bribery management system is based on the recommendation of the lead auditor, along with the revision of the file by the BNQ, in order to ensure that all certification conditions have been met.

Following a favourable decision by the BNQ, a certificate of conformity is sent to the client, who agrees to undergo a first maintenance audit within twelve months from the first day of the initial certification audit.