Summary of "Conoce la nueva versión de la norma ISO 37001:2025: Cambios, requisitos y cómo adaptarse con éxito"

Overview of the Video

The video titled “Conoce la nueva versión de la norma ISO 37001:2025: Cambios, requisitos y cómo adaptarse con éxito” presents an in-depth overview of the updates in the ISO 37001:2025 anti-bribery management system standard. It focuses on key changes, their implications, and practical guidance for successful adaptation.

Main Financial Strategies, Market Analyses, and Business Trends

ISO 37001 certification is highly strategic in Peru, which leads globally in the number of certifications. This is driven by state incentives such as additional points in bidding processes.
The trend is increasing as companies seek competitive advantages in public and private tenders.

Business Benefits of ISO 37001

Enhanced corporate reputation and trustworthiness in ethical business practices.
Increased assurance of business continuity by managing bribery risks.
Compliance with legal and regulatory requirements, including anti-bribery laws.
Competitive edge in tenders and client acquisition, especially from larger clients with strict compliance filters.
Stronger due diligence and management of business partners and suppliers to mitigate bribery risks.

Key Changes and Requirements in ISO 37001:2025

1. Integration of Climate Change Considerations (Chapters 4.1 & 4.2)

Organizations must explicitly assess climate change as an internal/external issue and consider related stakeholder needs or expectations.
Climate change is recognized as a potential factor that can indirectly increase bribery risks (e.g., disruptions causing opportunities for bribery in logistics or maintenance).
Methodologies such as SWOT, PESTEL, AMOFIT, or Porter’s Five Forces can be used to analyze these impacts.
Organizations must document whether climate change affects them or not to demonstrate audit readiness.

2. Leadership and Commitment (Chapter 5)

Enhanced focus on promoting an anti-bribery culture at all organizational levels.
Senior management must actively demonstrate commitment, promote ethical behavior, and communicate the importance of the anti-bribery system internally and to business partners and stakeholders.
The anti-bribery culture is now a formal requirement, including sanctions for non-compliance documented in codes of ethics or internal policies.

3. Risk Management (Chapter 6)

Risks related to bribery must consider internal/external issues, including climate change.
New requirement 6.3: Planning of Changes mandates that any changes to the anti-bribery management system must be planned, documented, and controlled, similar to ISO 9001’s approach.
Risk assessments should include bribery scenarios triggered by external factors like climate change.

4. Awareness, Training, and Communication (Chapter 7)

Expanded requirements for training and awareness:
Staff must receive anti-bribery training at induction and at planned intervals.
Training content is now separated into awareness (understanding policies, risks, reporting) and formal training (recognizing bribery, prevention, indicators).
Business partners (suppliers, contractors, intermediaries) must also be trained based on risk criteria.
Communication must be clear, documented, and include procedures for document control.

5. Internal Audits and Impartiality (Chapter 9)

Internal audits must be conducted at least annually, with some organizations opting for biannual audits.
Auditors must be competent and impartial; they cannot audit their own work area.
The anti-bribery function cannot audit itself; external or independent internal auditors should audit the anti-bribery management system.
Audit programs should ensure objectivity and avoid conflicts of interest.

6. Continuous Improvement and Non-Conformities (Chapter 10)

The order of requirements has been aligned with other ISO standards:
10.1 Non-conformities
10.2 Continuous improvement
Emphasis on documenting and addressing non-compliance and improving the system continually.

Methodology / Step-by-Step Guide to Adapt to ISO 37001:2025

Step 1: Understand and Communicate Changes

Inform all relevant staff, especially those in key positions and processes, about the updates in the standard.
Emphasize new requirements such as climate change considerations and anti-bribery culture.

Step 2: Update Risk Assessments and Stakeholder Analysis

Incorporate climate change and related risks into internal/external context analysis.
Identify stakeholders with climate-related requirements or expectations.
Document all findings clearly, including if climate change is not relevant.

Step 3: Revise Policies and Procedures

Update anti-bribery policies to reflect the new requirements on leadership commitment and culture.
Include sanctions and guidelines in codes of ethics or internal regulations.
Define roles clearly, especially for the anti-bribery function (compliance officer).