New Edition of ISO 37001: Key Updates and Transition Period
The ISO 37001 standard on Anti-Bribery Management Systems (ABMS) is one of the most relevant self-regulation standards at an international level in the field of Compliance.
Initially published in 2016, ISO 37001 closely coincided with the 2015 reform of the Spanish Penal Code, which introduced the possibility of exempting legal entities from criminal liability if they had implemented an effective Compliance System.
In line with the evolution of regulatory frameworks and new global concerns and realities, ISO 37001 has undergone a review aimed at strengthening its effectiveness in the prevention and fight against corruption.
This review has resulted in the publication of its second edition, introducing significant changes in several areas:
- Strengthening the link between corruption and climate change: One of the most significant modifications to ISO 37001, in line with Amendment Amd 1:2024, is the inclusion of the obligation to analyze, within the organization’s context, the impact of climate change, as well as the expectations and needs of stakeholders in this area.
- In this regard, organizations with an Anti-Bribery Management System will need to review their contextual analysis to include environmental criteria, if they have not done so already.
- Development of the concept and regulation of conflicts of interest: Another key aspect of this review is the enhanced development and regulation of conflicts of interest, recognizing them as high-risk situations in corruption prevention.
- Among other updates, the standard expands the types of conflicts of interest and establishes new detection, prevention, and control mechanisms, such as the creation of a register of conflict of interest declarations with annual review.
- Other revised elements: Additionally, this update has led to a minor review of other structural elements of Anti-Bribery Management Systems, including system review and updates, due diligence, internal auditing, and compliance reporting.
- Other formal revisions: Finally, the second edition of ISO 37001 also aims to improve its integration with other international standards through cross-references and synergies. The most relevant connections include:
- ISO 37301 – Compliance Management Systems.
- ISO 37002 – Whistleblowing Management Systems.
- ISO 9001 – Quality Management Systems.
- ISO 14001 – Environmental Management Systems.
- Additionally, the terminology used in ISO 37001 has been revised to align with that of other self-regulation standards.
In this context, the question arises as to whether organizations with an Anti-Bribery Management System must review and update their systems to comply with these modifications.
The answer is yes, although a transition period will be in place. For now, certification and monitoring processes will not immediately require the implementation of these changes.
The Spanish National Accreditation Body (ENAC) will determine the transition period between this edition of ISO 37001 and its 2016 version. By default, this period will be two years from the publication of the standard, unless stated otherwise. However, the timeframe may be reduced to one year or extended to three, depending on the effort ENAC deems necessary for organizations to adapt their Anti-Bribery Management Systems.
At the Compliance Department of Molins Defensa Penal, we offer expert advice in the design, review, and implementation of Anti-Bribery Management Systems, including support throughout the certification and compliance monitoring process under the ISO 37001 standard.
Compliance Department of Molins Defensa Penal.