Aligning Expectations: Are we moving towards an Anti-Corruption Compliance Standard?

Like other areas, developing compliance with anti-corruption regulations is a tall endeavor whose requirements can vary based on a number of factors, including jurisdiction, size, and sophistication of the company.  The emerging International Standards Organization (ISO) 37001:2016 standard for Anti-Bribery Management Systems, issued in October 2016, may be a significant move towards some clarity and standardization in this area, right? Maybe, but not so fast.


A number of jurisdictions such as Singapore have adopted the ISO 37001 standard, and Microsoft announced earlier this year it will be the first public U.S. company to adopt the standard. Does this mean we will soon be seeing “compliance in a box” solutions that could help companies large and small circumvent the need for customized compliance programs? Probably not.

First off, the ISO 37001:2016 standard only covers bribery and not other activities like fraud prevention or anti-money laundering (AML).

Second, the jury is out on whether this standard will become an worldwide industry standard like ISO 9001 (quality management) or whether the early interest we are seeing will fizzle out.  US commentators think that while the guidance is a useful tool its core principles are effectively the same as what you already see in the US Department of Justice (DOJ), US Securities & Exchange Commission (SEC), US Foreign Corrupt Practices Act (FCPA) Guidelines, and the Federal Sentencing Guidelines.  There are also some minor differences.  For example, the standard does not allow for the facilitation (or so-called “grease”) payments, which can under certain circumstances be acceptable under the FCPA (but not the UK Bribery Act).

That said, having an independent third party audit and provide a certification for a company’s anti-bribery management system may carry appreciable weight with US regulators.  It remains to be seen what the DOJ and SEC say on this particular point. That being said, the DOJ did in February release guidance on the Evaluation of Corporate Compliance Programs.

But how can you define a standard when governments tend to look at many, not to mention different, factors?

Interestingly, for countries like Singapore and Peru (and others that follow them) it may be that government contractors or those seeking public tenders may eventually need to certify that they are ISO 37001 compliant to even bid for projects in certain countries.  In drafting contracts for international counterparties it may be less controversial to incorporate compliance provisions referencing a neutral ISO standard that say, referring to the FCPA.

While following a standard could be a great place to start, the reality is that anti-corruption laws are national in nature and not international, even though effort has been made to harmonize some of these laws.  A solid compliance program will adopt policies that are tailored to the requirements of the local jurisdiction but with an eye to establishing an over-arching “best practice” standard that would not cause reputational damage for the company in other countries.  Importantly, compliance programs also have an entirely proprietary dimension – they must cover key exposure points, which can vary not only from country to country but business to business and business line to business line.

For now, it is clear that no one size fits all, and attention to domestic nuances remains critical for compliance with anti-corruption requirements.

Note: Eric Ubias (Senior Counsel, Akrivis Law Group, PLLC) contributed to this post.

An international trade compliance (sanctions, export controls, customs, anti-corruption) and defense lawyer.

Posted in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Akrivis Law Group, PLLC
Washington, DC

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 109 other subscribers

This website aims to provide notes and commentary on international legal, business, and political developments in economic and other sanctions. It is intended solely for information and entertainment purposes and should in no way be construed as legal advice. Laws, regulations, and policies change from time to time so some information on older posts can very easily be dated. If you have any questions or are unclear on any of the subject matters addressed or discussed on this site, please consult a licensed legal professional. Views presented in the comments and outside links do not necessarily reflect those of the website author. All external links on this website to articles and documents are external and provided for informational purposes only. They have no relation to the author of this website unless specified otherwise.

This website is independent of Akrivis Law Group, PLLC and any statements of opinion posted on this website are therefore not to be considered positions of Akrivis Law Group, PLLC.

Quotations and linkages do not imply any type of endorsement.

Copyright 2023 Farhad R. Alavi.

All rights reserved.

US Sanctions Law Blog

%d bloggers like this: