ISO 37001:2016 specifies requirements and provides guidance for the establishment, implementation, maintenance, review and improvement of an anti-bribery management system. The system can be stand-alone or integrated into an overall management system. ISO 37001:2016 addresses the following in relation to the organization's activities:

Bribery in the public, private and not-for-profit sectors;

Bribery by the organization;

Bribery by the organization's personnel working on behalf of the organization or who will benefit from it;

Bribery by the organization's business partners acting on behalf of or for the benefit of the organization;

Bribery by the organization; - Bribery of the organization's personnel in relation to the organization's activities;

Bribery related to the organization's activities in relation to the organization's business partners;

Direct and indirect bribery (e.g., a bribe offered or accepted through or by a third party).

ISO 37001:2016 only applies to bribery. It sets requirements and provides guidance for a management system designed to help an organization prevent, detect and respond to bribery, bribery and voluntary commitments applicable to anti-bribery laws and activities.

While ISO 37001:2016 does not specifically address fraud, cartel and other anti-trust/competition crimes, money laundering or other corruption-related activities, an organization may choose to expand the scope of its management system to include such activities.

The requirements of ISO 37001:2016 are generic and can be applied to all organizations (or parts of an organization), regardless of the type, size and nature of the activity, and whether in the public, private or not-for-profit sectors. . The degree to which these requirements apply depends on the factors set out in 4.1, 4.2 and 4.5.