Perry Johnson Registrars, Inc.
PJR Now Offering ISO 37001:2025 Anti-Bribery Audits

PJR Now Offering ISO 37001:2025 Anti-Bribery Audits

PJR Now Offering ISO 37001:2025 Anti-Bribery AuditsOn February 28, 2025, the International Organization for Standardization (ISO) published a revision to its Anti-Bribery Management System standard – ISO 37001.

Having completed an internal analysis of this revised standard and taking the necessary steps to implement its changes – PJR is pleased to announce we will be offering audits to ISO 37001:2025 starting on November 1, 2025.

The International Accreditation Forum (IAF) has published a binding transition timeline titled Mandatory Document (MD) 30. This document can be obtained for free on the IAF website (www.iaf.nu). IAF MD 30 has established that ISO 37001:2016 will be rendered obsolete and invalid on February 28, 2027.

In order to ensure a smooth transition for all of our current and future ISO 37001 clients we have established the following internal deadlines:

  • We will cease offering ISO 37001:2016 certification audits on January 1, 2026;
  • We will cease auditing to ISO 37001:2016 altogether on February 28, 2026;

Additionally, any certificate to ISO 37001:2016 that was issued on or after February 28, 2024, will be reissued showing a revised expiration date of February 28, 2027.

What Has Changed With ISO 37001?

While we recognize that this is an aggressive timeline, we are pleased to announce that the overall nature of changes to ISO 37001 are minimal. Here is a summary of the changes based on our analysis:

  1. All references to “maintained documented information” and “retained documented information” have been eliminated in favor of statements that state the items “shall be available as documented information.”
  2. All references to the “Anti-Bribery Compliance Function” now read as “Anti-Bribery Function.”
  3. Section 3.30 – a new definition for the term “Anti-Bribery Culture.” This is part of the introduction of “culture” across the other ISO published standards.
  4. Section 4 – no changes.
  5. Section 5 – one new clause – 5.1.3 Anti-Bribery Culture. As written, this requirement doesn’t introduce anything truly new that wasn’t implicit in existing requirements.
  6. Section 6 – one new clause – 6.3 Planning of Changes. This concept was inherent in other prior existing requirements.
  7. Section 7 – multiple changes:
    • Clause 7.2.2.1e – a new requirement that states personnel have to be made aware of the necessity to report potential and actual conflicts of interest.
    • Clause 7.2.2.2b – a tweak to require that review of performance bonuses, performance targets, etc. be done at planned intervals (rather than “periodically” as it was before).
    • Clause 7.3.1d and e – two new requirements indicating that personnel have to be made aware of anti-bribery procedures, the ABMS at large, and their duty to comply, as well as the benefits of reporting incidents.
    • Clause 7.3.2 – new section header with existing content.
    • Clause 7.3.3 – new section header with existing content.
    • Clause 7.3.4 – a tweak to mandate that updates to training programs and refresher training both be done at planned intervals (rather than “periodically” as it was before).
  8. Section 8 – two changes:
    • Clause 8.1 – moves the language pertaining to externally provided processes/products/etc. from section 8.4 to section 8.1. The content is the same as it was under 8.4.
    • Clause 8.4 – “mergers and acquisitions” has been added to the list of relevant activities where non-financial controls are needed.
  9. Section 9 – a few changes:
    • Clause 9.2.2 – this section has a new title and they’ve added “audit objectives” to the list of things that the organization has to determine.
    • Clauses 9.2.3, 9.2.4, 9.3.2, 9.3.3 – each of these has a new section header with existing content.
    • Clause 9.3.1 – merges the management review and governing body review sections. Clause 9.3.1 now has a second paragraph covering governing body reviews.
  10. Section 10 – two changes:
    • Clause 10.1 – new content pertaining to Continual Improvement intended to align to Annex SL.
    • Clause 10.2 – a new section header with existing content.
  11. Annex A5.2 – new guidance on “Anti-Bribery Culture”.
  12. Annex A8.3.1 – new guidance on Conflicts of Interest.

As we hope you can see – the nature of what has changed is extremely minimal. When it becomes time for you to schedule your first ISO 37001:2025 audit PJR will send you a special document that you will need to complete ascertaining to your preparedness for the transition audit. We are pleased to announce that in most cases it will be possible for a client to complete their transition audit with no special additional audit time.

Most clients will find it optimal to complete their transition as part of their next regularly scheduled audit. However, we also recognize that some of our clients may wish to complete a special standalone transitional audit. If you choose to pursue this option, please bear in mind it will result in additional overall audit cost to your company.

PJR has been offering ISO 37001 audits for over 5 years, and we remain the only North American headquartered certification body with ANAB accreditation for this most unique certification program.

If you have any questions on ISO 37001, we invite you to contact us.

pjr@pjr.com
1-800-800-7910