Expertise
Anti-Bribery & Compliance experts
27 years in compliance and anti-bribery, from in-house counsel roles through founding a global risk intelligence firm to running an ISO 37001-accredited certification body.
Most asked
Does ISO 37001 certification mean building a whole new compliance programme?
Almost never. Most organisations already run the bulk of what the standard requires somewhere in the business — segregation of duties, screening, a gifts register. The real work is finding those controls, mapping them formally against the standard, and closing the specific gaps that remain.
What's the most common reason an anti-bribery programme fails scrutiny?
A control that works perfectly well for its original purpose was simply never brought inside the management system — no bribery-risk purpose attached to it, no ownership, never touched by the management review cycle. That's a documentation and governance gap, not a missing control.