Workplace Compliance
ISO 37001 Anti-Bribery Management Systems
An internationally recognized standard designed to help organizations prevent, detect, and respond to bribery through the implementation of an anti-bribery management system (ABMS). ISO 37001 certification demonstrates a company’s adherence to good business practices.
Region: Global/
Sector: Public & Private/
Date Introduced: 10/15/2016/
Last Update:02/03/2025/
Mandatory:No/Table of contents
What Is ISO 37001?
The ISO 37001 Anti-Bribery Management Systems is an international standard published by the International Organization for Standardization (ISO) that provides a framework for implementing an Anti-Bribery Management System (ABMS). In practical terms, an ABMS is a structured set of policies, procedures, and controls designed to prevent, detect, and respond to bribery across operations.
Although non-mandatory, ISO 37001 is widely adopted by organizations seeking to demonstrate robust anti-bribery controls to regulators and partners. It is often implemented alongside other frameworks and regulations, such as SOC 2, which focuses on data security and internal controls, and the Foreign Corrupt Practices Act, which establishes legal obligations and penalties for bribery.
ISO 37001 certification is conducted independently by accredited third-party auditors and is commonly sought by businesses with international operations, exposure to public-sector contracts, or a high reliance on external providers. This often includes construction, defense, energy, manufacturing, and financial sectors, but it may apply to businesses of any size.
What Does ISO 37001 Require?
ISO 37001 requires businesses to establish, implement, maintain, and continuously improve a risk-based anti-bribery management system. The requirements are risk-based and can be tailored to each organization's specific context. For businesses to remain certified, they must consistently demonstrate compliance and promptly adapt to framework updates.
Core ISO 37001 Anti-Bribery Requirements | |
Risk Assessment | Organizations must identify, assess, and regularly update bribery risks based on their operations, geography, and third-party exposure. |
Leadership & Governance | Senior management must actively support the system, allocate resources, and oversee performance. |
Anti-Bribery Function | A designated, independent function must be responsible for overseeing compliance with the ABMS. |
Policies & Procedures | Organizations must implement documented controls, including anti-bribery, gifts and hospitality, and conflict of interest (COI) procedures. |
Due Diligence & Controls | Risk-based due diligence must be conducted on all business partners, transactions, and projects. |
Reporting & Investigations | Organizations must provide confidential reporting channels, clear investigation procedures, and anti-retaliation protections. |
Monitoring & Audit | The system must be regularly reviewed through internal audits, management reviews, and performance monitoring. |
Continuous Improvement | Organizations must address nonconformities and improve controls over time. |
Why Is ISO 37001 Important?
ISO 37001 plays an important role in creating and standardizing more resilient anti-bribery mechanisms worldwide. For businesses, the framework helps strengthen internal governance and accountability; reduce risk across operations; and demonstrate compliance to regulators, customers, and partners, supporting sales and procurement processes.
How Does FaceUp Help with ISO 37001 Attestation?
ISO 37001 places strong emphasis on reporting, investigations, documentation, and auditability. FaceUp helps businesses meet these requirements by offering multiple anonymous and confidential reporting channels (web forms, hotlines, iOS/Android apps).
These channels support 113+ languages and feed into a centralized case management system, making it easier to capture and manage reports efficiently.
With FaceUp, organizations can conduct systematic investigations with clear ownership, while protecting sensitive information through task assignment and role-based permissions. The platform also generates reliable audit logs at every step.
The FaceUp Solution
FaceUp is an anonymous reporting and compliance platform designed to help businesses meet whistleblowing regulations worldwide, including those in the US, EU, UK, and UAE.
Fully Anonymous Reporting
Give staff multiple secure channels to report their concerns, complete with an anonymous two-way chat.
Mobile-First Accessibility
No IP storage, no device IDs, encrypted submissions
Customizable forms, categories, routing rules, and more
Customizable Case Management
Create an easily verifiable audit trail through a customizable case management system with automatic routing.
Supports multiple locations, subsidiaries, or units
Entity-specific routing and access permissions
Optional notifications via email, Teams, or Slack
Real-Time Data Analytics
Identify trends, repeated issues, and escalation risks early with customizable visual real-time dashboards.
Filter by category, region, channel, and more
Share without revealing sensitive information
ISO 27001 and SOC 2-certified local servers