ISO 37001
ISO 37001 is vital for anti-bribery management.
ISO 37001
ISO 37001 (Anti-Bribery Management) is a critical concept in quality, health, safety, and environmental management.
What Is ISO 37001?
ISO 37001:2016 is the international standard for anti-bribery management systems (ABMS). It specifies requirements for establishing, implementing, maintaining, reviewing, and improving an anti-bribery management system to help organisations prevent, detect, and address bribery by the organisation, its personnel, and business associates. The standard addresses: bribery in the public, private, and not-for-profit sectors, bribery by and of the organisation, bribery by personnel and business associates, direct and indirect bribery, and facilitation payments. ISO 37001 provides a systematic framework for compliance with the UK Bribery Act 2010, US Foreign Corrupt Practices Act (FCPA), and similar legislation worldwide.
ISO 37001 Requirements Under UK Law
The UK Bribery Act 2010 creates offences of: offering/promising/giving a bribe (Section 1), requesting/agreeing to receive a bribe (Section 2), bribing a foreign public official (Section 6), and failure by a commercial organisation to prevent bribery (Section 7). Maximum penalties: 10 years imprisonment and unlimited fines for individuals; unlimited fines for organisations. The Section 7 offence is strict liability — the only defence is having 'adequate procedures' in place. The Ministry of Justice guidance identifies 6 principles: proportionate procedures, top-level commitment, risk assessment, due diligence, communication/training, and monitoring/review. ISO 37001 maps directly to these 6 principles.
Key Components of ISO 37001
- Anti-bribery policy
- Risk assessment (bribery risks)
- Due diligence (business associates)
- Financial controls
- Gifts and hospitality register
- Whistleblowing mechanism
- Training and awareness
- Monitoring and reporting
ISO 37001 in Practice
An international engineering consultancy (800 employees, operating in 25 countries including high-risk jurisdictions) implements ISO 37001 through Q-Hub. Their bribery risk register identifies 45 risk scenarios across 3 categories: government officials (permits, licences, inspections), business partners (agents, subcontractors, joint ventures), and internal (procurement, expense claims). All 800 employees complete annual anti-bribery training (tracked in Q-Hub's Training Hub — 98% completion rate). The gifts and hospitality register records 340 entries per year, each requiring manager approval before acceptance. Due diligence questionnaires are issued to all new suppliers via Q-Hub's portal.
How to Manage ISO 37001 with Q-Hub
Q-Hub provides comprehensive tools for ISO 37001 management. The Automated Workflows module handles the core requirements, integrated with document control, audit scheduling, training management, and KPI dashboards to ensure your ISO 37001 processes are audit-ready at all times.
Related Terms
- Risk Assessment — related QHSE concept
- Audit — related QHSE concept
- Supplier Audit — related QHSE concept
- Document Control — related QHSE concept
- Iso 9001 — related QHSE concept
Want to see how Q-Hub handles ISO 37001 in practice? Book a demo or see pricing.
Related QHSE Terms
- AS9100 — The aerospace quality management standard, based on ISO 9001 with additional requirements for aviati
- Audit — A systematic, independent examination of processes, products, or systems to verify compliance with d
- Bow-Tie Analysis — A visual risk assessment method that maps the causes of an event, the event itself, its consequences
- CAPA — Corrective and Preventive Action — a systematic approach to investigating root causes of non-conform
- COSHH — Control of Substances Hazardous to Health — UK regulations requiring employers to control exposure t