The publication of the ISO Standard 37001 and its certifiability has caused a debate as to whether the standard offers legal protection or not in the event an act of corruption is discovered at a company. As corruption is an offense that can result in the corporation’s criminal prosecution, companies want to know what kind of legal protection comes with an ISO 37001 certification.
Yes. French authorities have been long criticized for ineffective enforcement of their anti-corruption legislation. The “Law Regarding Transparency, the Fight Against Corruption and the Modernization of Economic Life,” known as the Loi Sapin II, was promulgated on December 9, 2016 and provides for some significant changes in the current French anti-corruption legal and regulatory administrative structure, as well as some specific amendments to the general French criminal law and procedures.
The recent publication of the ISO standard 37001 on anti-bribery management systems is garnering more and more interest from a variety of sectors and organizations. For the first time, more than 80 countries were able to agree on a set of requirements which facilitate the design of an anti-bribery management system. The requirements apply not only to companies but also to administrations, associations, NGOs….
The last decade has seen a surge of collective actions at the initiative of civil society, professional federations or international organizations. Many have benefited from the support of the Siemens Integrity Initiative which has demonstrated the usefulness of such actions in the fight against corruption at the local level.
On December 21, 2016, US and Swiss prosecutors announced that Odebrecht, Latin America’s largest construction conglomerate, had agreed to a wide-ranging bribery resolution with authorities in Brazil (Ministério Público Federal), the United States (Department of Justice, and Securities and Exchange Commission) and Switzerland (Attorney General) with combined penalties of at least US$ 3.5 billion. These penalties are by far the largest monetary sanction ever imposed in a global foreign bribery resolution, dwarfing the previous record of US$ 1,6 billion imposed on Siemens AG in 2008.
The multiplication of national guidelines published on the issue of anti-corruption compliance over the past few years has some compliance officers shaking their heads with perplexity.
In May 2018, the General Data Protection Regulation (GDPR) will come into force with tighter data protection provisions and stronger enforcement of those provisions. It will provide a single set of regulations in all EU member states, thereby replacing current national data protection laws. And, it will have wide-reaching impact on organisational Whistleblowing systems.
The issue of whether results-based bonuses might be an invitation for salespeople to engage in bribery always fuels passionate discussions. Some consider that a high bonus vis-a-vis a fixed salary in countries of weak governance could lead salespeople to conclude contracts at any price. Others consider that working in countries of weak governance is more complex and difficult and that successful salespeople should be rewarded with significant bonuses.
I’m Alexander Stein, Founder of Dolus Advisors. We deploy expertise in human risk forecasting and psychodynamic intelligence analysis—actionable insight about human behavior and its drivers—to help companies proactively mitigate and respond to corruption, fraud, and other malicious insider and white-collar malfeasance risks. We also partner with organizational governance, culture, compliance, and ethics professionals, as well as international investigations and intelligence firms, and multinational fraud and asset recovery organizations (such as ICC FraudNet),
The reasons for applying standard-based management systems are that standardization reduces complexity and cost whilst increasing effectiveness. Businesses introduce risk and compliance management systems to make sure that their (legal) risks are treated effectively. On top of that, organizations and managers that are suspected of not meeting all their compliance obligations are increasingly exposed to merciless public criticism and strict government enforcement action.
The UAE is one of the most resilient economies in the world. Its visionary rulers foresaw the dangers of over reliance on oil years back, and made determined efforts to diversify the economy. This created a myriad of opportunities in the market and businesses from across the world rushed to the UAE. However, it appears that many international companies, although clearly enjoying the market growth, are oblivious to the implications of such growth on compliance. In terms of anti-corruption, their attention is confined to the US Federal Corrupt Practices Act (FCPA) or the UK Bribery Act and they are unaware of the anti-corruption laws in the UAE.
In October 2016, after three years of work and the participation of experts from 37 countries, the International Organization for Standardization (ISO) published the first international standard to fight bribery: ISO 37001 – Anti-bribery management systems. It is a major step toward international adoption of anti-bribery legislation.
The ISO 37001 standard is designed to be used as a management system in order to instill an ethical business culture in an organization. By applying this standard, organizations make available the best tools for management to maintain a proactive system to fight this phenomenon. In concrete terms, the standard specifies a series of measures to help organizations prevent, detect, and address bribery.
Over the course of the past five years, much has been written about the financial services sector—particularly private equity funds, hedge funds and other private investment vehicles—being in the sights of both the US Department of Justice (DOJ) and the US Securities and Exchange Commission (SEC) for potential investigation and prosecution under the US Foreign Corrupt Practices Act (FCPA).
US Deputy Attorney General Sally Yates stated in a September 9th, 2015 memo that not only will she be targeting companies, but that she will also pursue individuals who represent the “flesh and blood” of corrupt activities; after all, bribes are always paid by individuals.
Each year ETHIC Intelligence hosts the Excellence in Compliance Day for certified companies, accredited auditors and members of the ETHIC Intelligence Certification Committee. This year the meeting took place at the OECD Conference Centre in Paris on September 12 and 13. This day is an opportunity for professionals working in anti-corruption compliance to discuss emerging issues and share views in the constantly-evolving landscape of corruption prevention. The following interview addresses some of the key issues raised at the meeting.
Ten years after the launch of our first certification whose terms of reference were based on the Italian Law 231 and Chapter 8 of the United States Federal Sentencing Guidelines (the so-called 7 steps), more and more guidelines are being issued by various national governments including the UK, Russia, Brazil, Spain, France… These national guidelines are integrated into our terms of reference as they are published.
I would like to address the organization of a compliance system and, in particular, the controls in place that ensure its appropriate implementation. I will use examples witnessed within certified companies who met the evolving challenges of anti-corruption compliance.
The future French anti-corruption law on Transparency, Fight Against Corruption and Modernization of the Economy (the “Sapin II Bill”) is in its final stages of adoption after discussions and a vote by both the French National Assembly and Senate. It will be a landmark change in the French legal environment. France had not had a global anti-corruption law and three out of ten companies involved in the top FCPA enforcement actions in the last 20 years were French whereas there has been just one decision by French judicial authorities condemning a French company for corruption and this 15 years after the fact.
Self-knowledge indeed is first a mirror: it calls for a clear judgment on oneself and life situations. Then, it tests one’s courage and determination to get rid of what is not adjusted. Finally, it opens the door to work on oneself.
The new ISO standard 37001 displays all of these features: it invites a critical analysis of situations, requires determination to get rid of unsuitable practices so as to build sustainable growth, founded on ethics.
As the President of the ETHIC Intelligence Certification Committee, I would like to share some of the common principles I have noticed in the compliance programs of companies we have certified.
Beyond the formal requirements issued by various jurisdictions, the following are three essential points that allow for an effective program capable of preventing corruption and of ensuring efficient controls of its implementation.