New International standard for compliance management systems — ISO 37301:2021

This document specifies requirements and provides guidelines for establishing, developing, implementing, evaluating, maintaining and improving an effective compliance management system within an organization. This document is applicable to all types of organizations regardless of the type, size and nature of the activity, as well as whether the organization is from the public, private or non-profit sector.

ISO 37301 recommends the involvement of senior management and advocates compliance as a principle of good governance. It also recommends that compliance management be integrated throughout the organization to be embedded in its financial, risk, quality, environmental and health and safety management processes, as well as operational requirements and procedures.

One of the goals of this document is to help organizations develop and spread a positive culture of compliance. Thus, effective compliance risk management should be considered an opportunity to be realized and exploited because of several benefits it provides to the organization, such as:

• improving business opportunities and sustainability,
• protection and improvement of the reputation and credibility of the organization,
• taking into account the expectations of stakeholders,
• demonstrating the organization's commitment to effective and efficient risk management for compliance,
• increase third party confidence in the organization's ability to achieve sustainable success,
• minimizing the risk of violating the rules that cause associated costs and damage to the reputation of the organization.

The benefits of applying ISO 37301 are expected to include not only a reduced risk of fines for non-compliance, but also an increased reputation and credibility, providing greater trust to clients and other stakeholders and increased business opportunities.

The standard can also be integrated into other organizational management systems, such as ISO 37001: 2016, Anti-bribery management systems - Requirements with guidance for use or ISO 9001 for quality, thus increase efficiency, effectiveness and productivity.

This standard was developed by the ISO technical committee ISO/TC 309, Governance of organizations, whose secretariat is lead by BSI, a member of ISO from the United Kingdom.