ISO 37001, a new anti-bribery standard expected to be published September 2016, is designed to be more detailed and in line with international trade compliance than anything ever published with regard to anti-bribery.
At the heart of ISO 37001 is the conducting of background checks of all current and prospective third parties, along with other connected business associates. It takes what was previously done by the OECD Anti-Bribery Convention and the DOJ/SEC FCPA Resource Guide and goes even deeper.
Flash Global is ahead of the curve on this project and is already implementing what ISO 37001 will mandate, said Frank Campagna, Senior Manager of Global Trade Compliance for Flash.
For companies such as Flash, ISO 37001 does not conform to a general screening for all. For example, those who fall in the low-risk category, such as retail customers and suppliers, will not require the same checks as those who do business in a high-risk situation that might open greater opportunities for bribery — such as those who act as an intermediary or agent, management or have close contact with public officials.
In other words, instead of applying the same background check to all, ISO 37001 mandates assessing the level of risk for each party and acting accordingly.
“Watch list” screenings, while they remain a necessity, are not always sufficient for due diligence. Take Interpol’s list of “wanted persons” and the OFAC’s list of Specialty Designated Nationals, which have long been mainstays. Some companies will screen large lists of names and act only when there is a match.
The ISO 37001 suggests digging deeper. Suggestions include a questionnaire, search engine research, government, judicial and international resources, debarment lists and checks of reputation. As you can see, this goes well beyond the simple “watch list” and may include names that could get by said list.
ISO 37001 also takes into strong consideration a third party’s shareholders and top management. This includes ultimate beneficial owners. Proper due diligence includes looking into their identities, backgrounds, reputations, and even any potential and/or direct links to politically exposed persons.
For some companies, this can be a financial challenge. A small business may only require researching a few additional names, sometimes even less than a handful, whereas a large corporation is likely to have many individuals who are named top managers or significant/indirect shareholders. Therefore, as companies seek to be in line with international trade compliance standards and ISO 37001, debates about what is “reasonable and proportionate” will arise, but a solution suitable for all will ultimately be met.
ISO 37001 also applies a deeper look at “red flags.” Obviously, a reputation for bribery or fraud tops the list, but these can be more than negative results. For example, if a business associate is not properly registered, something could be wrong. If a business associate has an incomplete track record of success on a similar project, bribery is possible, as is any connection to a politically exposed person.
The ISO 37001 draft allows companies such as Flash to make their own subjective judgement concerning “reasonable and proportionate.” Now it is up to the companies to make the adjustments and investments for ISO 37001 to complete its intended purpose.
Contact Flash today to learn more about how they can help companies of all sizes leverage ISO 37001 and all aspects of international trade compliance.