No matter how large the organization is, adhering to a set of anti-bribery and anti-corruption principles is needed to put you on a clear path towards achieving the ISO 37001 certification. This set of principles provide a prerequisite for organizations to develop an effective anti-bribery management system. From no-bribes policies to risk assessments and independent assurance, all these principles must be implemented.
Transparency International has developed such a set of business principles and encourages companies to consider using these as a starting point for developing, implementing and maintaining their effective anti-bribery programmes.
The Business Principles aim to provide a framework that can assist enterprises in developing, benchmarking or strengthening their anti-bribery programmes. The Business Principles reflect a high, yet achievable standard of anti-bribery practice. They apply to the bribery of public officials as well as private-to-private transactions.
Cross reference between ISO 37001 and the Business Principles
clause 6.1 Actions to address risks and opportunities versus 4. RISK ASSESSMENT
4.1 The Programme should be tailored to reflect the enterprise’s particular business risks, circumstances and culture, taking into account inherent risks such as locations of the business, the business sector and organisational risks such as size of the enterprise and use of channels such as intermediaries.
4.2 The enterprise should assign responsibilities for oversight and implementation of risk assessment.
clause 5.3 Organizational roles, responsibilities and authorities versus 6.1 Organisation and responsibilities
6.1.1 The Board of Directors or equivalent body should demonstrate visible and active commitment to the implementation of the enterprise’s Programme.
6.1.2 The Chief Executive Officer is responsible for ensuring that the Programme is carried out consistently with clear lines of authority.
clause 7.2 Competence versus 6.3 Human resources
6.3.1 Human resources practices including recruitment, promotion, training, performance evaluation, remuneration and recognition should reflect the enterprise’s commitment to the Programme.
clause 7.3 Awareness and training versus 6.4 Training
6.4.1 Directors, managers, employees and agents should receive appropriate training on the Programme.
6.4.2 Where appropriate, contractors and suppliers should receive training on the Programme.
clause 7.4 Communication versus 6.6 Communication and reporting
6.6.1 The enterprise should establish effective internal and external communication of the Programme.
6.6.2 The enterprise should publicly disclose information about its Programme, including the management systems employed to ensure its implementation.
6.6.3 The enterprise should be open to receiving communications from and engaging with stakeholders with respect to the Programme.
6.6.4 The enterprise should consider additional public disclosure on payments to governments on a country-by-country basis.
6.6.5 In the spirit of greater organisational transparency and accountability to stakeholders, the enterprise should consider disclosing its material holdings of subsidiaries, affiliates, joint ventures and other related entities.
clause 8.3 Financial controls & 8.4 Non financial controls versus 6.7 Internal controls and record keeping
6.7.1 The enterprise should establish and maintain an effective system of internal controls to counter bribery, comprising financial and organisational checks and balances over the enterprise’s accounting and record keeping practices and other business processes related to the Programme.
6.7.2 The enterprise should maintain available for inspection accurate books and records that properly and fairly document all financial transactions. The enterprise should not maintain off-the-books accounts.
6.7.3 The enterprise should subject the internal control systems, in particular the accounting and record keeping practices, to regular review and audit to provide assurance on their design, implementation and effectiveness.
clause 9.1 Monitoring, measurement, analysis and evaluation versus 6.8 Monitoring and review
6.8.1 The enterprise should establish feedback mechanisms and other internal processes supporting the continuous improvement of the Programme. Senior management of the enterprise should monitor the Programme and periodically review the Programme’s suitability, adequacy and effectiveness and implement improvements as appropriate.
6.8.2 Senior management should periodically report the results of the Programme reviews to the Audit Committee, Board or equivalent body.
6.8.3 The Audit Committee, the Board or equivalent body should make an independent assessment of the adequacy of the Programme and disclose its findings in the Annual Report to shareholders.
Source: BUSINESS PRINCIPLES FOR COUNTERING BRIBERY 2013 by Transparency International is licensed under CC-BY-ND 4.0
Download here the full document for further reading.