Compliance is one of the biggest challenges facing organizations today, whether private or public, because they operate in a turbulent business environment where rapid and numerous changes in legislation, relevant industry standards, working conditions, technology, relations with users, etc.
According to relevant sources, the main directions of such changes in 2021 are new regulations for the protection of public property, standards in the field of various activities (eg health, energy, agriculture, etc.), digitalization of the public sector, sustainable development, online labor, privacy protection, etc.
Non-compliance of organizations with the above regulations and obligations often entails large fines, as well as the loss of image, reputation and loss of users. To avoid this, it is necessary to establish a Compliance Management System which will ensure the fulfillment of all obligations and responsibilities and effectively manage the identified risks of non-compliance.
ISO 19600 standard provides guidance for establishing, developing, implementing, managing, and improving compliance management systems within an organization. This standard is applicable to all sizes, nature and complexity of the organization’s business activities and allows organizations to face all legal requirements in the domain of their business and manage their operational risks with a single compliance framework.
The recognized benefits of introducing a compliance management system are:
- the application of the principles of ethics and compliance in the organization is simplified,
- all obligations are respected and it operates in accordance with the latest laws and standards,
- compliance risks are identified and the process of managing them is prescribed,
- an organizational culture is created in which compliance is the general rule and
- it is the basis for the introduction of the ISO 37001 anti-bribery management system.
What is ISO 37001?
The ISO 37001 standard specifies a number of measures that help organizations prevent, detect, combat and reduce bribery and corruption risks. These include adopting policies to combat bribery, appointing policy makers, educating and training, assessing risk and in-depth analysis of projects and business associates (third parties), conducting controls and initiating reporting and investigation procedures.
The benefits of an anti-bribery management system are:
- identification of areas most at risk of bribery,
- reduction of the risk of criminal prosecution due to non-compliance with legal regulations in the field of combating bribery,
- ethical leadership involving employees and business associates and
- restoring the trust of the public, users and stakeholders
In view of the above, we conclude that ISO 19600 is a comprehensive standard of compliance management system that includes all compliance risks associated with legal and other obligations, while ISO 37001 standard focuses only on compliance risks related to bribery and implementation of a set of management requirements.
An organization that implements only the ISO 37001 system will be exposed to all other compliance risks that come from the field of bribery, and in order to prevent this, the requirements of the ISO 19600 system should be implemented.