ISO 37001:2016 specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing, and improving an anti-bribery management system. The system can be stand-alone or integrated into an overall management system. ISO 37001 addresses the following in relation to an organization’s activities:

• bribery in the public, private, and not-for-profit sectors;

• bribery by the organization’s personnel acting on the organization’s behalf or for its benefit;

• bribery by the organization’s business associates acting on the organization’s behalf or for its benefit;

• bribery of the organization’s personnel in relation to the organization’s activities;

• bribery of the organization’s business associates in relation to the organization’s activities;

• direct and indirect bribery (e.g., a bribe offered or accepted through or by a third party).

ISO 37001 is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization prevent, detect, and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities.

ISO 37001 does not specifically address fraud, cartels and other anti-trust/competition offences, money-laundering, or other activities related to corrupt practices, although an organization may choose to extend the scope of the management system to include such activities.