The Benefits of Converting from a Compliance Programme to an Anti-Bribery Management System (ABMS)
Many compliance officers have heard of the ISO standard for anti-bribery known as ISO 37001, but few have really appreciated the tremendous value that it can offer to organisations. By making some slight changes to their current anti-corruption compliance programme (ABAC programme), organisations can leverage their new ABMS framework as a true differentiator.
An ABMS is different to an ABAC programme
The concept of an ABMS is different to that of an ABAC programme. While they do share certain similarities, there are inherent differences which make the former superior. The ABMS follows a well-heeled, high-level structure used by many of the ISO management system standards, such as the more well-known Quality Management Systems (9001) and Information Security Management Systems (27001). Therefore, many members of your organisation will already be familiar with such a framework or at least the idea that the system is entirely built around your company. The key value of a management system lies in its flexibility, allowing you to mould it to fit your organisation. Select the scope, the length, breadth, and coverage of the system which best fit your operations. As you might expect, a quality management system under ISO 9001 will vary significantly between an aircraft maker and a facial tissue company. While both companies will adopt and apply the standard in the same manner, each will have very different risk profiles. The same concept also applies to an ABMS, with a unique design for each company. You set the risk tolerance, you set the actions, and you set how you will manage them.
An ABMS is ‘more rounded’ than an ABAC programme
The first thing to note when looking at a typical ABAC programme is that it has a strong top-to-bottom structure, making it somewhat linear compared to an ABMS’s circular design. This can be seen in the ABMS’s circular motion of implementing systems, checking them, measuring them, auditing them, reviewing them, and improving them. This is often in stark contrast to an ABAC programme which is often a little light on the audit, review, and improvement side of things. These differences can be derived from the earlier creation of ABAC programmes, when many coordinators were nervous about what they might find and have to disclose if these processes were conducted. They therefore tended to avoid the second half of the ABMS cycle which, critically, will change upon adoption of this system.
An ABMS forces you to measure
When it comes to measurement and improvement, an ABMS is substantially more detailed than an ABAC programme. The ABMS forces your compliance team to measure any activity that it decides to include in its defined policies and procedures. The whole framework is around measurement and improvement without which the classic ‘circle’ simply doesn’t work. While this may make some organisations a little uncomfortable, it is essential to preventing bribery and closing any gaps that might appear in the system. This is a major weak point in ABAC programmes, where measurements and audits lack if they exist at all. Investing the time to re-define this area of your company’s anti-bribery efforts will pay dividends in the future, offering key insights that will over time lead to a more successful organisation.
An ABMS makes the management of bribery risks part of the company’s overall risks of doing business
The quality department of your company doesn’t have sole responsibility for every broken widget that goes off the manufacturing line. Quality is owned by everyone engaged in the company, and all those individuals perform their role as outlined in the Quality Management System. The same concept can be applied to bribery and the ABMS. Though the compliance department and management own the responsibilities of development, review, approval, and improvement of the ABMS, everyone in the business plays a role in making the ABMS successful. Making the change from a compliance programme to a management system fundamentally changes the objective from attempting to ‘comply’ with something (in this case anti-bribery), to creating a system for the management of an issue and supporting the business to operate within it. This comprehensive set of actions, known as a ‘system’, seeks to achieve a specific objective. As the system is tested, remedial actions are recorded, tracked, and the necessary improvements are made, the system as a whole will continuously get better and better over time.
An ABMS forces the business to be involved, taking responsibility and assuming accountability for what it does (or doesn’t do!)
The ABMS, through its internal audit process and ultimately the external audit and certification process, will drive people to follow the ABMS to avoid being exposed as the reason it is found to be in non-conformity with the standard. The ABMS spreads the obligations across the organisation, based on how you define it. A ‘lack of ownership’ has been frustrating for many businesses using ABAC programmes in the past, making the benefit of transitioning to an ABMS much clearer. That is not to say that ownership of anti-bribery efforts is lost by either the legal or compliance departments. In fact, it is quite the opposite. It means that they make the decisions on what responsibilities are implemented and what accountability is assigned, and then police it to ensure that the processes are being upheld.
An ABMS allows you to be certified independently
Broadly speaking, it is almost impossible for anyone to have an ABAC programme certified. This is because there is no professional way to audit and certify something against an objective standard which doesn’t exist. This concept is evident in businesses throughout the world, as accountants follow a universal standard against which they are then audited by external professionals. If you want to prove the strength of your company’s anti-bribery efforts through an audit and certification, then an ABAC programme won’t be enough. You will need to make the conversion to an ABMS that is built under the ISO 37001 framework in order to measure conformity against a universal standard.
Learning more about what an ABMS can do for you is simple! You’ve already started to build your knowledge about what it involves, try these suggestions for continued learning on the subject:
- Read a copy of the ISO 37001:2016 standard (available at the ISO website)
- Attend one of our webinars or watch a recording from a previous one
- Call or email ETHIC Intelligence to speak to one of our knowledgeable staff members, who can answer any questions you might have on the topic
Though it takes a bit of time and commitment from your organisation, you won’t regret the vast and continual improvements that an ABMS will bring to your anti-bribery efforts.
by Scott Lane
President, ETHIC Intelligence