anti-bribery

ISO 37001 Anti-Bribery Management System (ABMS) Malaysia

What Is ISO 37001 ABMS?

ISO 37001 ABMS is an internationally recognized standard for anti-bribery management systems. 

It provides organizations with a framework to prevent, detect, and address bribery-related risks and corruption. The standard aims to help organizations establish a culture of integrity, promote ethical business practices, and reduce the risks associated with bribery.

ISO 37001 is applicable to organizations of all sizes and sectors, including both public and private sectors. It assists organizations in building robust anti-bribery systems and processes to comply with legal requirements and international best practices.

What's In It For Me (My Organization)?

  1. Enhanced Anti-Bribery Practices: ISO 37001 provides a systematic approach to managing bribery risks. It requires organizations to develop and implement anti-bribery policies, procedures, and controls. By implementing the standard, organizations can establish clear guidelines on accepting gifts, donations, and hospitality, implement due diligence processes for third parties, and set up a framework for reporting and investigating suspected bribery incidents. This leads to stronger anti-bribery practices and helps prevent bribery-related offenses.

  2. Compliance with Legal Requirements: Complying with anti-bribery laws and regulations is essential for organizations to maintain their reputation, avoid legal penalties, and operate ethically. ISO 37001 helps organizations understand and comply with applicable legal requirements related to bribery and corruption. By implementing the standard, organizations develop processes and controls to ensure compliance, which can protect them from legal liabilities and reputational risks.

  3. Reputation and Brand Protection: ISO 37001 certification demonstrates an organization’s commitment to anti-bribery practices and ethical conduct. It sends a strong message to stakeholders, including customers, investors, employees, and business partners, that the organization takes bribery risks seriously and has implemented measures to prevent bribery. This commitment can enhance the organization’s reputation, build trust with stakeholders, and differentiate it from competitors.

  4. Competitive Advantage: In today’s business environment, organizations with strong ethical values and robust anti-bribery practices have a competitive advantage. ISO 37001 certification provides a clear demonstration of an organization’s commitment to integrity, transparency, and ethical business conduct. It can help organizations win new business, attract socially responsible investors, and build strategic partnerships with like-minded organizations.

  5. Risk Management: Bribery and corruption pose significant risks to organizations, including financial losses, legal consequences, and damage to reputation. ISO 37001 helps organizations identify, assess, and manage bribery risks. By implementing systematic risk assessment processes, due diligence procedures, and whistleblower mechanisms, organizations can proactively mitigate bribery risks. This reduces the likelihood of bribery incidents, protects the organization’s reputation, and ensures business continuity.

  6. Supply Chain Integrity: ISO 37001 emphasizes the importance of managing bribery risks within the supply chain. It encourages organizations to conduct due diligence on their suppliers, contractors, and business partners to ensure they adhere to anti-bribery standards. By implementing the standard, organizations can strengthen their supply chain integrity, reduce the risk of being associated with corrupt practices, and ensure that they work with ethical and compliant partners.

How To Obtain ISO 37001 Certification Malaysia?

The process of obtaining ISO 37001 certification involves several key steps:

Leadership Commitment: Top management must demonstrate leadership commitment to implementing and maintaining an effective anti-bribery management system. They need to establish an anti-bribery policy, define roles and responsibilities, allocate necessary resources, and communicate the importance of ethical conduct and compliance throughout the organization.

    1. Gap Analysis: Conduct a comprehensive review of the organization’s current anti-bribery practices and compare them against the requirements of ISO 37001. This gap analysis helps identify areas that need improvement and provides a roadmap for implementing the standard. It also helps determine the scope of the anti-bribery management system.

    2. System Development: Based on the gap analysis, the organization develops and implements the necessary policies, procedures, and controls to establish an effective anti-bribery management system. This includes developing an anti-bribery policy, conducting bribery risk assessments, implementing due diligence processes for third parties, establishing controls for gifts and hospitality, and setting up mechanisms for reporting and investigating suspected bribery incidents.

    3. Training and Awareness: Employees at all levels need to be trained on the anti-bribery management system and their roles within it. Training programs should cover topics such as the organization’s anti-bribery policy, bribery risks, procedures for reporting and handling bribery incidents, and the importance of ethical conduct. Creating awareness among employees about the risks and consequences of bribery and corruption helps ensure effective implementation of the system.

    4. Implementation and Operation: Once the necessary procedures and controls are in place, the organization starts implementing the anti-bribery management system. This involves integrating the procedures into day-to-day operations, communicating the system requirements to employees and relevant stakeholders, and initiating activities to prevent and detect bribery. Regular monitoring of compliance, internal audits, and management reviews are essential to ensure the effectiveness of the system.

    5. Internal Audit: Internal audits are conducted to assess the organization’s compliance with the requirements of ISO 37001 and the effectiveness of its anti-bribery management system. Internal auditors, who are independent of the areas being audited, review procedures, records, and practices to identify any non-conformities or areas for improvement. Audit findings are documented, and corrective actions are initiated to address identified issues.

    6. Management Review: Top management conducts periodic reviews of the anti-bribery management system to evaluate its effectiveness, suitability, and opportunities for improvement. These reviews provide a platform for assessing the organization’s anti-bribery performance, reviewing objectives and targets, and identifying areas for enhancement. Management reviews ensure that the system remains aligned with organizational goals and drives continual improvement.

    7. Certification Audit: After implementing the anti-bribery management system and conducting internal audits, the organization can seek certification from an accredited certification body. A certification audit, also known as a third-party audit, is conducted by an independent certification body to assess the organization’s compliance with ISO 37001. The certification audit includes a thorough examination of the organization’s procedures, practices, and records related to anti-bribery. If the organization meets the requirements of the standard, it is awarded ISO 37001 certification.

    8. Continual Improvement: ISO 37001 emphasizes the importance of continual improvement in managing bribery risks. Organizations should strive to enhance their anti-bribery practices by monitoring performance, analyzing data, and implementing corrective and preventive actions. Regular reviews of the anti-bribery management system, training programs, and engagement with stakeholders can provide valuable insights and opportunities for innovation and progress.

How Can We Help You To Get ISO 37001 Certification?

Our Consultancy Approach:

1. Gap Analysis:
– Perform a detailed analysis of the organization’s existing processes, documentation, and practices.
– Identify gaps between the current state and ISO 37001 requirements.
– Document findings and recommendations for improvement.

2. Training:
– Provide customized training sessions to familiarize employees with ISO 37001 concepts, requirements, and implementation strategies.
– Offer specialized training for key personnel involved in the anti-bribery management system.

3. Documentation:
– Assist in developing and implementing a comprehensive anti-bribery management system documentation.
– Create or update policies, procedures, work instructions, and forms to align with ISO 37001 requirements.
– Ensure clear documentation of processes, responsibilities, and controls.

4. Internal Audit Support:
– Conduct internal audits to assess the organization’s compliance with ISO 37001 requirements.
– Provide guidance and support in conducting audits, including audit planning, checklists, and report preparation.
– Identify nonconformities and provide recommendations for corrective actions.

5. Management Review Support:
– Assist in facilitating management review meetings to evaluate the effectiveness of the quality management system.
– Provide guidance in analyzing performance data, bribery risk assessment, and audit results.
– Help identify improvement opportunities and define actions for continual improvement.

6. External Certification Audit Support:
– Prepare the organization for the external certification audit.
– Assist in selecting an accredited certification body.
– Provide guidance and support during the certification audit process.

7. Closeout:
– Collaborate with the organization to address any nonconformities identified during the certification audit.
– Celebrate the successful achievement of ISO 37001 certification. 

ISO 37001 ABMS Case Study Malaysia


JC Simplified System, a respected ISO consultancy firm, undertook the challenge of guiding SMX Corp, towards ISO 37001 compliance. Leading the charge was Mr. Mak, a seasoned consultant, who meticulously dissected the company’s operations to comprehend its unique ethical landscape.


Employing a strategic approach, Mr. Mak conducted comprehensive training sessions, instilling in SMX Corp’s employees the significance of ethical practices and anti-bribery measures. He fostered a culture of integrity and accountability, emphasizing the company’s commitment to principled business conduct.


Together, they meticulously adapted the ISO 37001 requirements to fit SMX Corp’s specific structure, integrating robust internal controls and thorough risk assessment protocols. Mr. Mak ‘s unwavering support facilitated the development of an effective anti-bribery management system.


Months of tireless collaboration resulted in SMX Corp obtaining the prestigious ISO 37001 certification, solidifying its reputation as an exemplar of ethical business conduct. With JC Simplified System’s assistance, the company not only attained compliance but also positioned itself as an industry leader, attracting stakeholders who valued transparency and ethical principles.

Get In Touch
Email Us
Email Us