WIXLIB

ISO 37001:2016ANTI-BRIBERY MANAGEMENTSYSTEM (ABMS)AN EFFECTIVE MECHANISM TO COMBATCORRUPTION25 MARCH 2019FAUZIAH SULAIMANMANAGEMENT SYSTEM CERTIFICATION DEPARTMENTSIRIM QAS INTERNATIONAL SDN BHD

CORRUPTION SITUATIONPerceived level of corruption for Malaysia [CPI 1995 – 2017]Highest level of corruption20184.7%61SCORE10987654321052.8 53.2 50.1 53.0 51.0 48.0 50.0 49.0 52.0232632293236 3633 3750.0 51.0 50.0 50.1 50.1 45.0 44.03939 4443 4756 20052004200320022001200019991998199719961995Lowest level of corruption43.0 49.0 50.0 52.0 50.0 49.0 47.060 54535054 5562Implemented by

The need to implement ABMS1. Supports sustainable development goal on corruption2. Comply with MACC (Amendment) Act 20183. Comply with MCCG 2017 (Malaysian Code ofCorporate Governance)4. Evidence of from“ Pledge to Practice” (Pledge, CRM,CISM5. Implement strategy 2 in NACP ( clause 2.1.3)

Sustainable development goals - can ISOstandards help?Is risk-based approach management systembetter support sustainable development goals?

SUSTAINABLE DEVELOPMENT GOALS

The MACC (Amendment) Act 2018Section 17 A -Corporate LiabilitySubsection (5)- Adequate Procedures- T.R.U.S.T- Top Level Commitment- Risk Assessment- Undertake Control Measures- Systematic Review, Monitoring andEnforcement- Training and Communication

NACP LAUNCHED 29 JAN 2019115 anti-corruption initiativesThe NACP has set six key strategies in its plan to andaccountability, efficiency in the delivery of the public sector,improving the effectiveness and transparency in publicprocurement, improving the credibility of the judiciary andthe legal system, institutionalizing the credibility of lawenforcement agencies and promoting good governance incorporate entities.

ABMS as an Enabler to AchieveAnti-Corruption ObjectiveTOOLISO 37001REQUIREMENTS United NationsSustainableDevelopment GoalsUnited NationsConvention againstCorruption (UNCAC)GovernmentCommitment Risk-based approachSelf-regulatedPreventive MeasuresContinual ImprovementACHIEVED OBJECTIVE Zero tolerance toCorruption

OBJECTIVEISO 37001 : RISK-BASEDAPPROACHRiskAssessmentKenal pasti risikobagi setiap aktivitiyang dijalankanRISKRiskTreatment Monitor &ReviewTiada lagi surat sokongan sebagai arahanMemperkasa SPRMMengembalikan kewibawaan Institusi ParlimenMemantapkan kebebasan Jabatan AuditNegaraPengisytiharan hartaMelaporkan penerimaan hadiahPeruntukan undang undang Misconduct ofPublic OfficeMewujudkan undang undang PoliticalFinancingPengurusan Berpusat Rampasan Aset danPelucutan Hak Bebas rasuah Mencapai 21 dari 60janji dalammanifesto Zero tolerance toCorruption9

New Paradigm in Management SystemStandardRisk based thinkingStrategic thinkingSustainable developmentImproved alignment with other managementsystems standards

RISK-BASED APPROACH MANAGEMENT SYSTEMISO 9001 : 2015Quality Management SystemsISO 14001 : 2015Environment Management SystemsISO 45001 : 2018Health & Safety (OH&S) Management SystemsISO 37001 : 2016Anti-Bribery Management SystemsISO 28000 : 2007Supply Chain Security Management SystemsISO 21001 : 2018Education Management SystemsISO 22000 : 2018Food Safety Management SystemsISO 50001 : 2018Energy Management SystemsISO 20000-1 : 2018IT Service Management Part 1ISO 39001 : 2012Road Safety Management SystemsISO 27001 : 2013Information Security Management SystemsISO 55001 : 2014Asset Management SystemsAll management systems supports sustainable development goals

THE ISO HIGH LEVEL STRUCTURE (HLS)ISO 9001:2015ISO 14001:2015ISO 45001:2018ISO 37001:2016ISO/IEC 27001:20130. Introduction0. Introduction0. Introduction0. Introduction0. Introduction1. Scope1. Scope1. Scope1. Scope1. Scope2. Normativereference2. Normativereferences2. Normative reference2. Normativereferences2. Normativereferences3. Terms anddefinitions3. Terms anddefinitions3. Terms and definitions3. Terms anddefinitions3. Terms anddefinitions4. Context of theorganization4. Context of theorganization4. Context of theorganization4. Context of theorganization4. Context of theorganization5. Leadership5. Leadership5. Leadership andworker participation5. Leadership5. Leadership6. Planning6. Planning6. Planning6. Planning6. Planning7. Support7. Support7. Support7. Support7. Support8. Operation8. Operation8. Operation8. Operation8. Operation9. Performanceevaluation9. Performanceevaluation9. Performanceevaluation9. Performanceevaluation9. Performanceevaluation10. Improvement10. Improvement10. Improvement10. Improvement10. Improvement

ISO 19600:2014 COMPLIANCE MANAGEMENT - GUIDELINEThe ISO 19600 standard (December2014) is not certifiable but providesuseful guidelines for a variety ofcompliance needs including antibribery, anti-money laundering,export control. The ISO 37001standard (October 2016) is acertifiable standard, consistent withISO 19600 and dedicated to AntiBribery Management Systems.Values, ethics &beliefsCompliance

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) &ISO 37001 REQUIREMENTSCISMISO 370011 CODE OF ETHICS & ANTI-BRIBERY POLICYAn anti-bribery policy, procedures, & controls2 CONFLICT OF INTEREST DETERRENCE POLICYTop management leadership, commitment &responsibility3 WHISTLEBLOWING POLICYGoverning body Oversight4 REFERAL POLICY5 CORRUPTION RISK MANAGEMENT6 TRAINING ON ETHICS, EDUCATION &COMMUNICATION7 COMPLIANCE PROGRAMMEAnti-bribery training and awarenessRisk assessmentDue diligence on projects & business associates8 ANTI-CORRUPTION PREVENTION REPORTING9 LEADERSHIP10 CORPORATE SOCIAL RESPONSIBILITYReporting, monitoring and investigationManagement review, corrective action &continual improvement

17

WHAT IS ISO 37001? It is designed to help an organization establish,implement, maintain, and improve an anti-briberycompliance programme. It includes a series of measures and controls thatrepresent global anti-bribery good practice.18

WHAT IS ISO 37001 ?Help toReduce bribery risks and demonstrate a culture ofintegrity transparency, openness andcompliance. cannot provide assurance that no briberywill occur as it is not possible to completelyeliminate the risk of bribery.Conformity helps organizations implement reasonablemeasures to prevent, detect and respond toto ISO 37001bribery.

WHAT IS ISO 37001?ISO 37001-ABMS : Series ofmeasures to help organisation toPREVENT Which include1. An antibribery policy &objectives2. Appointing aperson(s) to overseeanti-briberycompliance3. Training4. Risk assessments& due diligence onprojects & businessassociates5. Implementingfinancial &commercial controls6. Institutingreporting &investigationproceduresDETECTRESPOND

WHAT DOES ISO 37001 ADDRESS? Bribery by the organization, or by its personnel orbusiness associates acting on the organization’s behalfor for its benefit. Bribery of the organization, or of its personnel orbusiness associates in relation to the organization’sactivities.21

WHO CAN USE ISO 37001:2016 ?The standard is flexible and canbe adapted to a wide range oforganizations, including: Large organizations Small & medium sizedenterprises (SMEs) Public and private sectororganizations Non-governmentalorganizations (NGOs)The standard can be used byorganizations in any country.LargeOrgNGOsISO37001SMEsPublic/Private22

DOES THE STANDARD REQUIRE A STAND-ALONEMANAGEMENT SYSTEM? The measures required by ISO 37001 are designed to be integrated withexisting management processes and controls. It follows the common high-level structure for ISO management systemstandards, for easy integration with, for example QMS, EMS, OSHMS,EnMS, ISMS, 2018ISO27001:2013

DOES THE STANDARD DEFINEBRIBERY? Bribery is defined by law which varies between countries.Therefore the Standard provides a generic definition ofbribery, but the actual definition will depend on the lawsapplicable to the organization. The Standard provides guidance on what is meant by briberyto help users understand the intention and scope of theStandard.BRIBERY INVOLVESGIVERValuableitemsGiftsJob offersServicesRECEIVER

Active Bribery Bribing a public official in order to:a) Be awarded a contract in briber’s favour;b) Obtain an inspection report or to be awarded alicense;c) Circumvent planning or safety controls. Channelling bribes to win public contracts througha consultant or business associate; Payment of small bribes to public officials toexpedite a process Employing a public official’s son to influence awardof contracts Providing sponsorship fees and excessive travelexpenses to influence prescription of drugs

Passive Bribery Security : Officer accepts a bribe from criminals toallow access for theft and other activities. Procurement : Demand a ‘kickback’ to award acontract. Financial loss through overpaying Allocation of goods and services : Favours acustomer by expediting delivery at the expense ofother customers or giving preferential allocation. Recruitment : Demand bribe to appoint or promotea person. Insider Fraud : To provide details of customers’personal date. Illegal information brokering : To provide contractspecifications to be used in a tender.

The standard does not specifically address Fraud Cartels and other anti-trust/competition offences Money-laundering or Other activities related to corrupt practicesHowever an organization can choose to extend thescope of management system to include suchactivities.27

LAW REGULATIONS & OTHER REQUIREMENTS Penal Code MACC Act 2009 (ACT 694) MACC (Amendment )Act 2018 , Section 17(A), Corporate Liability Whistleblower Protection Act 2010 (ACT 711)- Enforcement Agencies :SPRM, JPJ, JIM, PDRM,KASTAMRelated acts & documents: Private Companies Act 2016 ( Act 777) Securities Commission Act 1993 (Act 498) Corporate Governance 2016 (Code of Conducts / Code of Business Ethics)

ACT & RELATED DOCUMENTSGovernment –Pekeliling & Arahan –Arahan Arahan Perbendaharaan Pekeliling Perkhidmatan Bil 3, 1998 –Garispanduanpemberian & penerimaan hadiah di dalam perkhidmatanawam Pekeliling Perkhidmatan Bil 6 Tahun 2013 – Penubuhan UnitIntergriti Di Semua Agensi Awam Peraturan pegawai awam (kelakuan dan tatatertib) 1993

ARAHANYAB PERDANAMENTERI - - NO.1 TAHUN 2014ARAHAN YABPERDANAMENTERINO.1 TAHUN 2014Jun 2014ARAHAN YAB PERDANA MENTERI - NO.1 TAHUN 2018Jun 2018Gerakan Pemantapan Governans, Intergriti dan AntiRasuah Dalam PengurusanPentadbiran KerajaanMalaysia

ARAHAN YAB PERDANA MENTERI - NO.1 TAHUN 201432

ARAHAN YAB PERDANA MENTERI - NO.1 TAHUN 2018

PP Bil 6/2013 : PENUBUHAN UNIT INTEGRITI AGENSIPenubuhan Unit Integriti merupakan usaha kawalan dalaman oleh agensi untuk menguruskanintegriti dalam organisasi. 6 fungsi teras seperti berikut:a) Tadbir UrusMemastikan tadbir urus yang terbaik dilaksanakan;b) Pengukuhan IntegritiMemastikan pembudayaan, penginstitusian dan pelaksanaan integriti dalam organisasi;c) Pengesanan dan Pengesahani) Mengesan dan mengesahkan aduan salahlaku jenayah serta pelanggarantatakelakuan dan etika organisasi serta memastikan tindakan susulan yangsewajarnya diambil; danii) Melaporkan salahlaku jenayah kepada agensi penguatkuasaan yangbertanggungjawab;d)Pengurusan AduanMenerima dan mengambil tindakan ke atas semua aduan/maklumat mengenai salahlakujenayah serta pelanggaran tatakelakuan dan etika organisasi;e)PematuhanMemastikan pematuhan terhadap undang-undang dan peraturan yang berkuatkuasa; danf)TatatertibMelaksanakan fungsi urus setia Lembaga Tatatertib.

Success Story 35

PILOT PROGRAMME WORKSHOPS36

COMPANIES CERTIFIED TO ISO 37001 in 2017No.1234567891011Company nameMajlis Perbandaran Seberang PeraiAngkatan Koperasi Kebangsaan Malaysia Berhad(ANGKASA)Pihak Berkuasa Tempatan PengerangTop Glove Sdn. Bhd.Petroliam Nasional BerhadLembaga Tabung HajiJabatan Pengangkutan JalanAgensi Kelayakan Malaysia (MQA)Jabatan Imigresen MalaysiaMajlis Perbandaran Subang JayaYayasan Pahang37

CERTIFIED IN 2018 & 2019NO.1234COMPANY NAMEPuspakom Sdn. Bhd.Mass Rapid Transit Corporation Sdn. Bhd.(MRT Corporation Sdn. Bhd.)Majlis Daerah Cameron HighlandsTenaga Nasional Berhad20191KLCC Project2MISC Berhad3Jabatan Ketua Menteri Melaka4Institut Pengurusan Integriti Melaka (INSPIM)5Phamaniaga Logistics