The long-awaited international standard for anti-bribery management systems was published last month. The standard acts as a step by step guide for all types of businesses on how to develop an anti-bribery management system, from the initial risk assessment stage through to implementation, audit and review and improvement.
In our last update we looked at risk assessment and planning requirements. Here we look at the requirements for leadership and top level commitment.
Leadership and Commitment from Top Management
Section 5 of the standard explains that the governing body (such as the Board of Directors) and/or top management (such as the Chief Executive Officer) of an organisation should demonstrate leadership and commitment with respect to the anti-bribery management system by, amongst other things:
- Establishing, maintaining and reviewing an anti-bribery policy;
- Promoting a “zero-tolerance” culture for bribery;
- Ensuring that the management system is integrated into the organisation’s processes;
- Regularly reviewing the content and operation of the organisation’s anti-bribery management system;
- Ensuring that responsibilities and authorities for relevant roles are assigned and communicated.
The policy shall:
- Prohibit bribery and be appropriate for the nature of the organisation;
- Provide a framework for setting, reviewing and achieving anti-bribery objectives;
- Commit to continual improvement of the anti-bribery management system;
- Encourage reporting of bribery within the organisation and protect those making such reports;
- Be readily available and in a language understandable to those within the organisation and to business associates;
- Clarify the consequences of non-compliance.
Top management shall assign to this function the responsibility for:
- Overseeing the design and implementation by the organisation of the anti-bribery management system;
- Providing advice and guidance on bribery issues;
- Reporting to top management on the performance of the anti-bribery management system.
In a large organisation this function is likely to be staffed by several people. In all organisations the function should be staffed by individuals who have the appropriate competence, status, authority and independence. Annex A6 of the Standard provides further guidance on this. The compliance function should also have direct access to top management and the governing body.
Certification cannot provide assurance that no bribery has never or will never occur within an organisation. However, it is hoped that the new standard will provide organisations with guidance on how to develop a management system designed to prevent, detect and respond to bribery.
Our next update will look more closely at operational controls and due diligence.