ISO 37001:2025
Sistemi di gestione per la prevenzione della corruzione (Ed. 2 2025)

ID 23732 | 02.04.2025 / Preview allegata

Pubblicata da ISO il 28 Febbraio 2025 la seconda edizione dell norma ISO 37001 sui Requisiti dei Sistemi di gestione per la prevenzione della corruzione che sostituisce la precedente versione del 2016 (ISO 37001:2016).

ISO 37001:2025 Sistemi di gestione per la prevenzione della corruzione - Requisiti e guida all'utilizzo

La UNI ISO 37001 specifica requisiti e fornisce una guida per stabilire, mettere in atto, mantenere, aggiornare e migliorare un sistema di gestione per la prevenzione della corruzione. Il sistema può essere a sè stante o integrato in un sistema di gestione complessivo.

Le principali modifiche sono le seguenti:

4.1:  Aggiunto il climate change come un fattore rilevante nella gestione del rischio di corruzione.
5.1.3: Introduzione dell’obbligo di sviluppare e diffondere una cultura anticorruzione a tutti i livelli aziendali.
6.3: Pianificazione dei cambiamenti, in linea con le normative HLS (High Level Structure).
7.3: Nuova struttura per la consapevolezza, suddivisa in formazione per il personale, soci in affari e programmi specifici di sensibilizzazione.
9.3: Eliminato il processo di riesame dell’Organo Direttivo, ora presente solo il processo di riesame della Direzione.
________

ISO 37001:2025
Anti-bribery management systems - Requirements with guidance for use

Publication date: 28 febbraio 2025

Introduction
Bribery is a widespread phenomenon. It raises serious social, moral, economic and political concerns, undermines good governance, hinders development and distorts competition. It erodes justice, undermines human rights and is an obstacle to the relief of poverty. It also increases the cost of doing business, introduces uncertainties into commercial transactions, increases the cost of goods and services, diminishes the quality of products and services, which can lead to loss of life and property, destroys trust in institutions and interferes with the fair and efficient operation of markets.

Governments have made progress in addressing bribery through international agreements such as the Organization for Economic Co-operation and Development Convention on Combating Bribery of Foreign Public Officials in International Business Transactions[19] and the United Nations Convention against Corruption[18] and through their national laws. In most jurisdictions, it is an offence for individuals to engage in bribery and there is a growing trend to make organizations, as well as individuals, liable for bribery.
However, the law alone is not sufficient to solve this problem. Organizations have a responsibility to proactively contribute to combating bribery. This can be achieved by an anti-bribery management system, which this document is intended to provide, and through leadership commitment to establishing a culture of integrity, transparency, openness and compliance. The nature of an organization's culture is critical to the success or failure of an anti-bribery management system.

A well-managed organization is expected to have a compliance policy supported by appropriate management systems to assist it in complying with its legal obligations and commitment to integrity. An anti-bribery policy is a component of an overall compliance policy. The anti-bribery policy and supporting management system help an organization to avoid or mitigate the costs, risks and damage of involvement in bribery, to promote trust and confidence in business dealings and to enhance its reputation.

This document reflects international good practice and can be used in all jurisdictions. It is applicable to small, medium and large organizations in all sectors, including public, private and not-for-profit sectors. The bribery risks facing an organization vary according to factors such as the size of the organization, the locations and sectors in which the organization operates, and the nature, scale and complexity of the organization's activities. This document specifies the implementation by the organization of policies, procedures and controls which are reasonable and proportionate according to the bribery risks the organization faces. Annex A provides guidance on implementing the requirements of this document.

Conformity with this document cannot provide assurance that no bribery has occurred or will occur in relation to the organization, as it is not possible to completely eliminate the risk of bribery. However, this document can help the organization implement reasonable and proportionate measures designed to prevent, detect and respond to bribery.

This document can be used in conjunction with other management system standards (e.g. ISO 9001, ISO 14001, ISO/IEC 27001, ISO 37301 and ISO 37002) and management standards (e.g. ISO 26000 and ISO 31000).
Guidance for the governance of organizations is specified in ISO 37000 and requirements for a general compliance management system are specified in ISO 37301.

1 Scope
This document specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system.

The system can be stand-alone or can be integrated into an overall management system. This document addresses the following in relation to the organization's activities:

- bribery in the public, private and not-for-profit sectors;
- bribery by the organization;
- bribery by the organization's personnel acting on the organization's behalf or for its benefit;
- bribery by the organization's business associates acting on the organization's behalf or for its benefit;
- bribery of the organization;
- bribery of the organization's personnel in relation to the organization’s activities;
- bribery of the organization's business associates in relation to the organization’s activities;
- direct and indirect bribery (e.g. a bribe offered or accepted through or by a third party).

This document is applicable only to bribery. It sets out requirements and provides guidance for a management system designed to help an organization to prevent, detect and respond to bribery and comply with anti-bribery laws and voluntary commitments applicable to its activities.

The requirements of this document are generic and are intended to be applicable to all organizations (or parts of an organization), regardless of type, size and nature of activity, and whether in the public, private or not-for-profit sectors. The extent of application of these requirements depends on the factors specified in 4.1, 4.2 and 4.5.
< NOTE 1 See Clause A.2 for guidance.

NOTE 2 The measures necessary to prevent, detect and mitigate the risk of bribery by the organization can be different from the measures used to prevent, detect and respond to bribery of the organization (or its personnel or business associates acting on the organization's behalf). See A.8 for guidance.
...
Preview attached


Info / download

Collegati
UNI ISO 37001:2016
Linea Guida UNI ISO 37001 prevenzione della corruzione