"fully leverage its resources" to hold individuals accountable for corporate misconduct. DOJ may have deemed the policy announcement as helpful guidance but companies were left wondering what new legal burdens they faced. only provides clear measurable processes for businesses to adopt, it also is being promoted to DOJ as a tool for measuring an organization's commitment to compliance with relevant laws. In this way, the standard assists in both implementation and assessment of compliance when mitigating penalties. Moreover, ISO 37001 is a global, rather than national, standard. According to Worth MacMurray, a member of the U.S. Technical Advisory Group that participated in its drafting, ISO 37001 was built on systems identified as "anti-bribery leading practices" by a project committee featuring persons from over 60 countries. Governments worldwide are implementing ISO 37001 to make it harder to hide bribes and payments. The United Arab Emirates' Classification Society took the lead in the Middle East and issued a certification to Robert Bosch, the "first anti-corruption standard of its kind" in the region. Entities in Peru, Singapore, Canada, Ecuador, Indonesia, Morocco, and the Philippines also have begun certifying under 37001. With such rapid international adoption, a company engaged in international transactions can use 37001 to implement systems that address compliance obligations in multiple jurisdictions. Several major U.S. companies and audit firms also have announced their intent to seek certification under 37001 and will likely soon require the same of their suppliers. Microsoft, with an international supply chain, announced it will be the first to do so, as Vice President David Howard explained: "Corruption is a cross-border problem and demands a common language to help solve it." Walmart also is seeking certification. U.S. trade groups are now studying ISO 37001 and Attorney General Sessions has reportedly discussed how the U.S. might treat companies that adopt the standard National Association of Manufacturers. These developments suggest there is a global appetite for anti-bribery reform, which could lead to an unusually rapid cascade of ISO 37001 adoption. processes and performance measures, removing much uncertainty about what individuals and companies must do to adhere to anti-bribery laws. MacMurray says the standard was "created by business, for business," and that it is not a "myopic, legalistic process." It addresses bribery by and of the organization, its personnel, and its business associates. It is designed for easy integration with existing corporate management processes, imposing what MacMurray described as "reasonable and proportionate risk-based implementation of financial and personnel controls, training, risk assessments, due diligence, monitoring and managerial leadership." The standard considers the organization's size and nature, geographical footprint, and business associates in assessing the appropriate systems for adoption. ISO 37001 is also designed to seamlessly mesh with other certification standards, like the widely popular ISO 9001 for quality management. Although MacMurray cautioned that ISO 37001 is not a "silver bullet" to prevent bribery, nor a "liability shield" against prosecution, it builds on well-understood foundations of business operations and methodologies to create credible anti- bribery systems that are an adaptable risk- based approach to developing compliance programs for organizations in any country, of any size, whether public or private. 37001 is voluntary, but earning a third- party certification can provide significant and tangible benefits for companies. First, companies already subject to bribery investigations have incentive to certify under ISO 37001 and show that their hands are clean or that they are taking necessary preventative steps. Companies in the same sector as one under investigation also can benefit from taking precautionary steps. Similarly, governments, particularly reassure investors by requiring certification to win government contracts. Second, companies operating in high-risk areas such as the Middle East and North Africa region, Central Asia, or elsewhere, have a strong incentive to seek certification. Clients who rely on subcontractors in high-risk regions stand to gain even more. MacMurray noted that companies do not have to certify organization-wide; instead, they can "stick their big toe into the compliance pool" by certifying high-risk parts of a business, such as regional sales operations. Third, companies that are operating in traditional at-risk fields such as energy, pharmaceuticals or mining would likely benefit from certification. Companies that combine an industry risk with a geographical risk, such as oil companies operating in Central Asia, have multiple reasons to seek certification. Fourth, given that ISO 37001 was just released last year, there is an opportunity at present for companies and individuals to assume a leadership role in global anti-bribery efforts for their respective industries. "Socially-conscious" investment and partnering are becoming increasingly important for both large and small companies as part of their branding. and worldwide for anti-bribery efforts, and ISO 37001 was designed to standardize existing best practices. This new standard presents an opportunity to certify for a host of legal, leadership and risk-based reasons. make payments to foreign government officials to assist in obtaining or retaining business. anti-corruption); see also IMF Staff Discussion Note: Corruption: Costs and Mitigating Strategies, (May 2016imf. org/external/pubs/ft/sdn/2016/sdn1605.pdf) (justice.gov/opa/speech/attorney-general-jeff-sessions- delivers-remarks-ethics-and-compliance-initiative- annual?_ga=2.101723521.1282231261.1497450600- 1991356329.1497450600). Wrongdoing (Sep. 9, 2015) (justice.gov/archives/dag/ file/769036/download) |