The ISO 37001 standard aims to provide non-regulatory guidance and standards for implementing anti-bribery and anti-corruption systems for businesses. From a US regulatory perspective, definitive guidelines are provided by the US Department of Justice and the Securities and Exchange Commission which all US-based businesses must adhere to.
Becoming certified through ISO 37001 USA does not necessarily provide a defence for a company that has breached US regulatory requirements. In fact, the standard only addresses anti-bribery issues and does not consider broader fraud and other corrupt practices.
However the standard does provide insights into, and substantive recommendations, on how to implement a principles-centred anti-corruption policy. The standards in ISO 37001 should be implemented as appropriate for a given company’s specific risk profile. The mere certification under a standard is unlikely to provide a suitable compliance defence to prosecution for violations in the US, however.
