International ISO Standard IS0 37001 Anti-bribery management Second edition systems Requirements with 2025-02 guidance for use Systemes de management anti-corruption - Exigences et recommandations de mise en ceuvre Reference number IS0 37001:2025(en) @ ISO 2025 IS0 37001:2025(en) COPYRIGHTPROTECTEDDOCUMENT @ IS0 2025 All rights reserved. IsO publications, in their entirety or in fragments, are owned by ISo. They are licensed, not sold, and are subject to the terms and those of authorized third-party distributors. Unless otherwise specified or required for its implementation, no part of this Iso publication may be reproduced, distributed, modified, or used in any form or by any means, eiectronic or nechanicai, inciuding photocopying, scanning, recording, or posting on any intranet, internet, or other digital platforms, without the prior written permission of ISo, the relevant Iso member body or an authorized third-party distributor. This publication shall not be disclosed to third parties, and its use is strictly limited to the license type and purpose specified in result in legal action. ISO copyright office CP 401: Ch. de Blandonnet 8 CH-1214 Vernier, Geneva Phone: +41 22 749 01 11 Email: [email protected] Website: www.iso.org Published in Switzerland @ IS0 2025 - All rights reserved ii IS0 37001:2025(en) Contents Page Foreword. V Introduction .viii 1 Scope. .1 2 Normative references .1 3 Terms and definitions .1 Context of the organization. .6 4.1 Understanding the organization and its context ..6 4.2 Understanding the needs and expectations of interested parties 6 4.3 Determining the scope of the anti-bribery management system 4.4 Anti-bribery management system .7 4.5 Bribery risk assessment. .7 5 Leadership .8 5.1 Leadership and commitment ..8 5.1.1 Governing body. ..8 5.1.2 Top management.. ..8 5.1.3 Anti-bribery culture .9 5.2 Anti-bribery policy. 5.3 Roles, responsibilities and authorities. .10 5.3.1 General ..10 5.3.2 Anti-bribery function .10 5.3.3 Delegated decision-making .10 6 Planning .11 6.1 Actions to address risks and opportunities ..11 6.2 Anti-bribery objectives and planning to achieve them .11 6.3 Planning of changes .12 7 Support. .12 7.1 Resources 12 7.2 Competence. 12 7.2.1 General .12 7.2.2 Employment process 12 7.3 Awareness .13 7.3.1 Awareness of personnel. 13 7.3.2 Training for personnel. .13 7.3.3 Training for business associates .14 7.3.4 Awareness and training programmes. ..14 7.4 Communication.. ..14 7.5 Documented information. .15 7.5.1 General .15 7.5.2 Creating and updating documented information ..15 7.5.3 Control of documented information .15 8 Operation .16 8.1 Operational planning and control ..16 8.2 ..16 Due diligence 8.3 Financial controls ..16 8.4 Non-financial controls. ..16 8.5 Implementation of anti-bribery controls by controlled organizations and by business associates. .17 8.6 Anti-briberycommitments. .17 8.7 Gifts, hospitality, donations and similar benefits. .18 8.8 Managing inadequacy of anti-bribery controls. ..18 8.9 Raising concerns ..18 8.10 Investigating and dealing with bribery. .18 @ IS0 2025 - All rights reserved iii IS0 37001:2025(en) 9 Performance evaluation 19 9.1 Monitoring, measurement, analysis and evaluation .19 9.2 Internal audit .19 9.2.1 General .19 9.2.2 Internal audit programme 20 9.2.3 Audit procedures, controls and systems. 20 9.2.4 Objectivity and impartiality 20 9.3 Management review 20 9.3.1 General 20 9.3.2 Management review inputs 21 9.3.3 Management review results 21 9.4 Review by anti-bribery function .21 10 Improvement 22 10.1 Continual improvement 22 10.2 Nonconformity and corrective action. 22 Annex A (informative) Guidance on the use of this document .23 Bibliography .46 @ IS0 2025 - All rights reserved iv IS0 37001:2025(en) Foreword Iso (the International Organization for Standardization) is a worldwide federation of national standards bodies (IsO member bodies). The work of preparing International Standards is normally carried out through Is