Philippe Montigny is a speaker at Corporate Parity’s upcoming 4thAnnual Global Anti-corruption and Compliance Summit. Philippe is a former advisor to the OECD Secretary General and participated in the discussions that led to the OECD Anti-Bribery Convention in 1997. He then founded ETHIC Intelligence in 2006, the first agency to deliver anti-corruption certifications. He was one of the drafters of the ISO 37001 standard on anti-bribery management systems. Since ETHIC Intelligence was bought by The Red Flag Group in 2018, he focusses on the chairmanship of the ETHIC Intelligence Certification and Impartiality Committees.
Philippe has over 20 years’ experience in anti-corruption compliance and publishes a monthly post on the ETHIC Intelligence “Anti-corruption Blog.”His last book was published in 2018, “Integrity for Competitiveness – On the road with compliance officers.”
We spoke with Philippe about ISO 37001 certification and monitoring, an issue which he will develop during the May 2019 Amsterdam Anti-corruption and Compliance Summit.
You designed the first anti-corruption standard in 2005 and ETHIC Intelligence has been the leading anti-corruption certification agency since 2006. Could you tell us how you had the idea? How it started?
ETHIC Intelligence started to provide anti-corruption services in 2001. I found it unfair that companies who were investing in compliance were not rewarded, either by their clients or by their shareholders. I thought that certification would be a way to demonstrate publicly that a company had invested in compliance to ensure that business was based on legal practices and was thus generating a sustainable turnover.
At the time judgments from the US Department of Justice were already accompanied by indications on what the convicted companies should have done to prevent corruption and what kind of remedial actions needed to be implemented. I studied the case law and based the first ETHIC Intelligence terms of reference on these guidelines.
Can you tell us how anti-corruption certification became a universal standard, the ISO 37001?
Like many others, I participated in the consultation launched by the UK authorities on the guidelines of the UK Bribery Act. I suggested that certification could be a way for a company to demonstrate that appropriate steps had been taken regarding the failure to prevent corruption offense and serve as an affirmative defense. Consequently, certification was included in the last section of the UK Bribery Act Guidance.
When the UK Bribery Act guidance was published, the British Standard Institution (BSI) started to work on an anti-corruption standard. At the same time, on the initiative of Standards Australia, ISO established a drafting committee of which I was a participant to develop a standard on compliance. The Compliance Management Systems Standard, ISO 19600, was published in 2014. The BSI proposed the creation of another committee in which I also participated to draft an Anti-Bribery Management Systems standard. Subsequently, I was nominated as ISO Liaison Officer to ensure consistency between the two standards. Ultimately, ISO 37001, the Anti-Bribery Management Systems standard, was published in 2016.
You compare an ISO 37001 certification to a “voluntary monitoring.” What do you mean by this?
The US authorities, followed by other jurisdictions including the World Bank, considered that sanctioning a company for bribery was necessary but not enough. Ensuring that the company implements the appropriate mechanism to prevent corruption is essential and these authorities established monitoring to attest that the company implements efficient tools to avoid another act of bribery. In many cases, the process is outsourced to external anti-bribery specialists. Under the leadership of the external expert, the company undergoes a thorough review of its business practices and must design appropriate policies to prevent and detect bribery.
An ISO 37001 certification has the same goal, except that it is not imposed by a judicial authority following misconduct. It is a conscious decision by Top Management to address potential risks, remediate them and minimize sanctions in the event an offense is discovered. In other words, when a CEO requests that his organization enter into an anti-corruption certification process, he expects that a specialized external auditor will review the entire compliance system to ensure that it is appropriate and constantly evolves and improves in line with developments in the company’s organization and activities.
How can a single global benchmark be appropriate to the evolving needs of any organization?
ISO 37001 is first and foremost a “Management System standard.” This means two things. First, like every Management System Standard (ISO 9001 on quality or ISO 26000 on Social Responsibility), ISO 37001 requires the organization to design an anti-bribery management system which is adequate; adequate to its business model, to its legal requirements and to its risks. Second, like every Management System, ISO 37001 requires an organization to perform an annual evaluation to identify changes necessary for continual improvement based on developments in the organization’s operations. In addition, annual surveillance audits are carried out by the certifying body’s expert auditors.
A company which is ISO 37001 certified demonstrates that the Top Management has implemented an appropriate anti-bribery compliance program which is verified by regular, external and neutral monitoring.
What do you look forward to discussing at the 4thAnnual Global Anti-Corruption and Compliance Summit? What is the desired outcome of the event for you?
I believe that the corrupt mind is always one step ahead of compliance. Exchanging views with Chief Compliance Officers is essential for me to identify emerging challenges and innovative best practices. As President of the ETHIC Intelligence Certification Committee, and founder of a leading certification agency which is committed to certifying excellence in anti-corruption compliance, I need to be a part of the conversation that this summit is organizing.
Why did you accept The Red Flag Group’s offer to acquire ETHIC Intelligence in 2018?
In 2005 I wrote a book on transnational corruption in which I described how certification could help companies and compliance officers. I already regarded certification as a complement to due diligence. When you conduct due diligence on a potential partner, you want to learn who he is and what kind of risks they may represent. If the partner has an anti-corruption certification, you will still want to know who he is, but at least you already have the assurance that they are committed to doing business with the integrity that you expect.
The rapprochement with The Red Flag Group, the leading due diligence company, and ETHIC Intelligence, the leading anti-corruption certification agency, was very natural. I have known Scott Lane, CEO of The Red Flag Group, for years and we share the same commitment to excellence and client services. After 40 years of professional activity, I was very happy to hand over the executive responsibility of ETHIC Intelligence to Scott and proud that he proposed I retain the role of Chair of the ETHIC Intelligence Certification and Impartiality Committees.
When not busy with anti-corruption certification, how do you like to spend your free time?
I have the good fortune to own a farm in Tuscany where we grow olive trees and produce olive oil and where I return as often as possible. The beauty of this hilly landscape did not flourish overnight, but over centuries of hard work by many individual farmers. A great lesson for all of us engaged in fighting bribery.
[maxbutton id=”11″ ]