Sunday, June 08 2025

News on the standard ISO 37001 version 2025 - Anti-bribery management systems - Requirements with guidance for use

03/06/2025

ISO 37001 version 2025 is the second edition (version) of this standard for anti-bribery management systems, requirements and implementation recommendations.

Choosing to apply an anti-bribery management system makes it possible to:

  • prevent and detect corruption
  • fight against corruption
  • comply with anti-bribery laws

 

Requirements of the standard ISO 37001 version 2025

Quiz of ISO 37001 requirements version 2025

The training course T 25v25 ISO 37001 readiness version 2025 and its free demo without registration

The training course T 45v25 ISO 37001 internal audit version 2025 and its free demo without registration

The training package T 85v25 ISO 37001 readiness and internal audit

1. The clauses are 10 ACCORDING TO the High LEVEL STRUCTURE :

  1. Scope
  2. Normative references
  3. Terms and definitions
  4. Context
  5. Leadership
  6. Planning
  7. Support
  8. Operation
  9. Performance
  10. Improvement
  • Annex A (informative) Guidance on the use of this document

2. Main changes

  • in the Foreword, for the first time, different licensing agreements are introduced and use restrictions are reinforced
  • stakeholder confidence is enhanced through global compliance (ISO 37301 - compliance management)
  • climate change is part of sub-clause 4.1
  • leadership is empowered to act ethically and responsibly
  • new sub-clause 5.1.3 is dedicated to anti-bribery culture
  • anti-bribery function instead of anti-bribery compliance function
  • new sub-clause 6.3 is about planning of changes
  • establishment of criteria and requirements for the identification and evaluation of internal and external conflicts of interest (ISO/DIS 37009:2025 - conflicts of interest)
  • anti-bribery function is clarified (compliance is withdrawn)
  • latest harmonized structure is introduced (i.e. continual improvement is now sub-clause 10.1)
  • in most places documented information shall be available instead of retained

REQUIRED PROCEDURES

  • procedures (documented): procédure
    • employment (§ 7.2.2)
    • disciplinary action (§ 7.2.2)
    • training (§ 7.3)
    • documentation (§ 7.5)
    • business associates procedure (sub-clause 8.5, 8.6)
    • gifts and similar (§ 8.7)
    • reporting (§ 8.9)
    • investigating and dealing with bribery (§ 8.10)
    • internal audit (§ 9.2.3)

3. records

  • records: enregistrement
    • scope (§ 4.3)
    • bribery risk assessment (§ 4.5.4)
    • anti-bribery objectives (§ 6.2)
    • competence (§ 7.2.1)
    • awareness program (§ 7.3.1)
    • training program and results (§ 7.3)
    • training program for business associates (§ 7.3)
    • documents of external origin (§ 7.5.3)
    • operational control (§ 8.1)
    • due diligence results (§ 8.2)
    • records of gifts and other benefits (§ 8.7) 
    • raised concerns (§ 8.9)
    • evaluation results (§ 9.1)
    • internal audit program (§ 9.2.2)
    • management review results (§ 9.3.1)
    • nonconformities and corrective actions (§ 10.1)

4. Required processes

  • processes: processus 
    • delegate decision-making (§ 5.3.3)
    • manage operational requirements (§ 8.1)
    • conduct internal audits (§ 9.2.1)

 5. required policy

  • policy: politique
    • anti-bribery (§ 5.2)

6. The verb shall is used 202 times 

7. DETAILS OF clauses and sub-clauses (PARAGRAPHS)

1 Scope

2 Normative references

3 Terms and definitions

4 Context of the organization

4.1 Understanding the organization and its context

4.2 Understanding the needs and expectations of stakeholders

4.3 Determining the scope of the anti-bribery management system

4.4 Anti-bribery management system

4.5 Bribery risk assessment

5 Leadership

5.1 Leadership and commitment

5.1.1 Governing body

5.1.2 Top management

5.1.3 Anti-bribery culture

5.2 Anti-bribery policy

5.3 Organizational roles, responsibilities and authorities

5.3.1 General

5.3.2 Anti-bribery function

5.3.3 Delegated decision-making

6 Planning

6.1 Actions to address risks and opportunities

6.2 Anti-bribery objetives and planning to achieve them

6.3 Planning of changes

7 Support

7.1 Resources

7.2 Competence

7.2.1 General

7.2.2 Employment process

7.3 Awareness

7.3.1 Awareness of personnel

7.3.2 Training for personnel

7.3.3 Training for business associates

7.3.4 Awareness and training programs

7.4 Communication

7.5 Documented information

7.5.1 General

7.5.2 Creating and updating documented information

7.5.3 Control of documented information

8 Operation

8.1 Operational planning and control

8.2 Due diligence

8.3 Financial controls

8.4 Non-financial controls

8.5 Implementation of anti-bribery controls by controlled organizations and by business associates

8.6 Anti-bribery commitments

8.7 Gifts, hospitality, donations and similar benefits

8.8 Managing inadequacy of anti-bribery controls

8.9 Raisingg concerns

8.10 Investigating and dealing with bribery

9 Performance evaluation

9.1 Monitoring, measurement, analysis and evaluation

9.2 Internal audit

9.2.1 Generam

9.2.2 Internal audit program

9.2.3 Audit procedures, controls and systems

9.2.4 Objectivity and impariality

9.3 Management review

9.3.1 General

9.3.2 Management review inputs

9.3.3 Management review outputs

9.4 Review by anti-bribery function

10 Improvement

10.1 Continual improvement

10.2 Nonconformity and corrective action

Annex A (Informative) Guidance on the use of this document