The Risk Is Real

Why Malaysian Businesses Need
ISO 37001 Now

MACC Act 2009 · Section 17A
Your Company Can Be Prosecuted — Even If You Didn't Know
Section 17A of the MACC Act 2009 introduced a corporate liability offence. If any employee, agent, or associated person commits bribery to benefit your company — your company is automatically guilty. The only statutory defence is proving that adequate procedures were in place to prevent bribery.
Section 17A Defence: "It shall be a defence for the commercial organisation to prove that the commercial organisation had in place adequate procedures designed to prevent persons associated with the commercial organisation from undertaking such conduct."
ISO 37001 = The Internationally Recognised Adequate Procedures Standard
ISO 37001 certification is the strongest evidence a Malaysian company can present that it has adequate anti-bribery procedures in place — satisfying the Section 17A defence and demonstrating genuine commitment to corporate integrity.
🚨
Without ISO 37001 — Your ExposureNo documented proof of adequate procedures. Automatic corporate liability if an associate commits bribery. Potential prosecution, fines, and reputational damage under MACC Act S.17A.
📋
G7 Contractor RequirementGovernment agencies and major project owners increasingly mandate ISO 37001 from contractors and vendors. Missing certification means missing tenders worth millions.
🏢
GLC & MNC Supply Chain DemandGLCs, Petronas, TNB, and multinational companies are requiring ISO 37001 from their supply chain. It's becoming a baseline vendor qualification requirement.
📈
ESG & Governance ReportingBursa Malaysia's enhanced sustainability reporting requirements and ESG investor scrutiny are making anti-bribery certification a corporate governance priority.
With ISO 37001 — Your ProtectionDocumented adequate procedures. Statutory defence under MACC Act S.17A. Competitive advantage in tenders. Confident, auditable anti-bribery system that protects the whole organisation.
What We Deliver

Everything You Need.
Nothing You Don't.

Our ISO 37001 engagement is structured for speed and completeness — from the first gap analysis to the day your certificate is issued.

01
🔍
Gap Analysis & Bribery Risk Assessment
Comprehensive clause-by-clause gap analysis against ISO 37001:2025. We identify your bribery risk exposure across all business functions, geographies, and transaction types — producing a prioritised implementation roadmap.
Clause 4 ContextRisk IdentificationPrioritised RoadmapExposure Mapping
⚡ Completed in Week 1–2
02
📄
ABMS Documentation Suite
Full documentation — Anti-Bribery Policy, Procedures, Due Diligence Framework, Gift & Hospitality Register, Reporting Channels, and all required records — tailored to your actual business operations.
AB PolicyProceduresDue Diligence
⚡ Week 2–6
03
🎓
Staff & Leadership Training
Anti-bribery awareness training for all staff. Leadership commitment workshop for top management. We ensure your team genuinely understands their obligations — not just signs a policy.
Awareness TrainingLeadership WorkshopEvidence Records
⚡ Week 6–8
04
🔎
Internal Audit & Management Review
Full internal audit of your ABMS conducted by our experienced auditors. Management review facilitation. All findings resolved before the external certification audit.
Internal AuditManagement ReviewCorrective Actions
⚡ Week 8–10
05
🏆
Certification Audit Support
CB selection, Stage 1 and Stage 2 audit preparation, on-call support during the external audit, and rapid response to any findings raised by the assessor. Certificate issued.
CB SelectionStage 1 & 2 PrepFinding Response
⚡ Week 10–14
+
🔗
IMS Integration Option
Already have ISO 9001, 14001, or 45001? We integrate ISO 37001 into your existing management system — sharing documentation, audits, and management review processes.
ISO 9001 IntegrationShared DocsCost Saving
💡 Reduces implementation cost by up to 30%
How It Works

Certified in 6 Efficient Steps

Our structured process means no surprises. You always know where you are and when you'll be ready for the certification audit.

1
Free Consultation
Assess your business, risks, and goals
Day 1
2
Gap Analysis
Clause-by-clause ABMS readiness assessment
Week 1–2
3
Documentation
Full ABMS document suite developed
Week 2–6
4
Training
Staff awareness & leadership commitment
Week 6–8
5
Internal Audit
Full ABMS audit + management review
Week 8–10
6
Certified ✓
External CB audit + certificate issued
Week 10–14
Transparent Pricing

One Package. Everything Included.

No hidden fees. No scope creep surprises. One all-inclusive price covers your full journey from gap analysis to certification — with ongoing support beyond.

All-Inclusive ⚡ 3–4 Months CB-Neutral
ISO 37001 Certification Package
Any size organisation · Single entity · Malaysia
RM23,000
One-time consultancy fee · CB audit fees separate (est. RM 6,000–8,000)
💬 WhatsApp to Get Started Send an Email Enquiry
  • Gap analysis & bribery risk assessment
  • Context of organisation & stakeholder analysis (Clause 4)
  • Anti-Bribery Policy development
  • Full ABMS procedures & work instructions
  • Bribery risk register & controls matrix
  • Due diligence framework (business associates)
  • Gift, hospitality & donation register
  • Whistleblowing & reporting channel setup
  • Financial controls documentation (Clause 8.7)
  • Staff anti-bribery awareness training
  • Top management leadership commitment workshop
  • Anti-bribery compliance function guidance
  • Full internal audit (ISO 37001 scope)
  • Management review facilitation & records
  • Corrective action support pre-certification
  • CB selection, Stage 1 & 2 audit preparation
  • On-call support during external certification audit
  • Finding response & close-out support
  • 6 months post-certification WhatsApp support
  • First surveillance audit preparation guidance
Certification Body (CB) audit fees are payable separately directly to your chosen CB — typically RM 6,000–8,000 depending on organisation size. We are CB-neutral and will help you choose the most cost-effective accredited body (SIRIM QAS, BSI, TÜV SÜD, Bureau Veritas, SGS, DNV). We'll provide a full breakdown before you commit.
IMS Integration
Custom Quote
Integrate ISO 37001 into your existing ISO 9001 / 14001 / 45001 system. Shared docs, audits, and management review.
Additional Staff Training
From RM 800/session
Extra anti-bribery awareness sessions for additional departments, sites, or subsidiaries.
Surveillance Audit Support
From RM 3,000/year
Annual ABMS maintenance — internal audit, management review, document updates, and surveillance audit preparation.
Standard Deep Dive

ISO 37001 & the MACC Act —
What You Need to Know

ISO 37001:2025 specifies requirements and provides guidance for establishing, implementing, and maintaining an Anti-Bribery Management System. In the Malaysian context, it maps directly to the MACC Act 2009 Section 17A adequate procedures defence.

MACC Act RequirementISO 37001 Coverage
Adequate procedures to prevent briberyFull ABMS per ISO 37001:2025
Top management commitmentClause 5 — Leadership
Bribery risk assessmentClause 4.5 — Bribery risk assessment
Due diligence on business associatesClause 8.2 — Due diligence
Anti-bribery training & awarenessClause 7.3 — Awareness & training
Reporting & whistleblowing mechanismClause 8.9 — Raising concerns
Monitoring & reviewClause 9 — Performance evaluation
Independent verificationAccredited CB certification
Clause 4
Context & Stakeholder Needs
Understanding your organisation, identifying internal and external issues, and determining the scope of your ABMS.
Clause 5
Leadership & Commitment
Top management must demonstrate active commitment — not just sign a policy. Anti-bribery compliance function defined.
Clause 6
Planning & Bribery Risk Assessment
Identify, analyse, and evaluate bribery risks across all business activities, transactions, and associated persons.
Clause 8
Operations — Due Diligence & Controls
Due diligence on business associates, gifts/hospitality controls, financial controls, reporting channels, and investigation procedures.
Clause 9
Performance Evaluation
Monitoring, measurement, internal audit, and management review to ensure the ABMS remains effective and current.
Clause 10
Improvement & Corrective Action
Nonconformity management, corrective actions, and continual improvement of the anti-bribery management system.
Who Needs ISO 37001

Is Your Business At Risk?

ISO 37001 is not just for large corporations. Any Malaysian business with government dealings, associated persons, or high-value transactions faces MACC Act exposure.

🏗️
CIDB G7 Contractors
Government project bidders increasingly required to hold ISO 37001 certification. Mandatory for many federal and state infrastructure tenders.
High Priority
🏢
GLCs & Government Vendors
Petronas, TNB, MARA, and other GLCs are requiring ISO 37001 from vendors. Supply chain integrity is a board-level priority.
High Priority
🏦
Financial Services
Banks, insurance, and financial intermediaries face heightened scrutiny. ISO 37001 demonstrates compliance culture to BNM and regulators.
Regulated Sector
🌐
MNC & Export-Oriented
Companies with international partners or parent companies facing FCPA, UK Bribery Act, or overseas anti-corruption requirements.
Global Compliance
⚕️
Healthcare & Pharma
High-risk sector for healthcare professional interactions. ISO 37001 provides structured controls for gifts, hospitality, and procurement.
Risk Management
🏭
Manufacturing & Supply Chain
Manufacturers with government procurement, customs dealings, or MNC customers requiring supply chain anti-bribery assurance.
Supply Chain
🎓
Education Institutions
Private universities and training providers bidding for government-funded programmes or receiving public funding require integrity frameworks.
Public Funding
Oil, Gas & Energy
Petronas SWEC vendors and energy sector contractors face stringent anti-bribery requirements as part of vendor registration and renewal.
Petronas Vendors
Client Results

What Our Clients Say

★★★★★

"We needed ISO 37001 urgently to qualify for a RM 45 million federal infrastructure tender. JCSS understood the MACC alignment requirements perfectly and built an ABMS our board could genuinely stand behind. Certified in under 4 months."

R
Group Compliance Director
G7 Infrastructure Contractor, Kuala Lumpur
ISO 37001 · G7 Tender
★★★★★

"Our Petronas vendor renewal required ISO 37001. JCSS provided a practical ABMS that our operations team could actually implement — not just a document filing exercise. The due diligence framework they built was particularly impressive."

A
Head of Legal & Compliance
Oil & Gas Services Company, Terengganu
ISO 37001 · Petronas Vendor
★★★★★

"We integrated ISO 37001 with our existing ISO 9001 system. JCSS handled both seamlessly — one management review, shared internal audit, combined documentation. Saved us significant time and cost versus certifying separately."

S
Quality & Compliance Manager
Engineering Services, Selangor
ISO 37001 + ISO 9001 IMS
FAQ

ISO 37001 Malaysia —
Questions Answered

Everything Malaysian businesses need to know about ISO 37001 certification, the MACC Act, costs, and timelines.

Still have questions?
WhatsApp us directly — most ISO 37001 queries answered within the hour during business hours.

What is ISO 37001 and why does my Malaysian company need it?
ISO 37001:2025 is the international standard for Anti-Bribery Management Systems (ABMS). In Malaysia, it is directly relevant to the MACC Act 2009 Section 17A, which creates corporate liability for bribery committed by associated persons — even without management knowledge. ISO 37001 certification provides internationally recognised evidence of adequate anti-bribery procedures, which is the statutory defence under the MACC Act. It is increasingly required by G7 contractors, GLCs, Petronas vendors, and companies bidding on government projects.
How much does ISO 37001 certification cost in Malaysia?+
JCSS Consultancy's all-inclusive ISO 37001 certification package is RM 23,000. This covers gap analysis, full ABMS documentation, bribery risk assessment, due diligence framework, staff training, internal audit, management review, and certification audit support. Ceparately to your chosen CB — typically RM 6,000–8,000 depending on organisation size.
How long does ISO 37001 certification take in Malaysia?+
ISO 37001 certification with JCSS Consultancy typically takes 3 to 4 months. This includes: gap analysis (Week 1–2), ABMS documentation (Week 2–6), staff training (Week 6–8), internal audit and management review (Week 8–10), and the external certification audit by an accredited CB (Week 10–14). Timeline may vary based on your organisation's current readiness and CB scheduling.
What is MACC Act 2009 Section 17A and how does ISO 37001 help?+
Section 17A of the MACC Act 2009 makes companies criminally liable for acts of bribery committed by employees, agents, or associated persons to benefit the company — even without management knowledge. The only statutory defence is proving that adequate procedures were in place. ISO 37001 certification is the strongest, most credible evidence that adequate anti-bribery procedures exist, as it is verified by an independent, accredited certification body.
Is ISO 37001 required for CIDB G7 contractors in Malaysia?+
ISO 37001 is increasingly required for CIDB G7 contractors bidding on government projects and major infrastructure contracts. Government agencies, GLCs, and large project owners are making ISO 37001 a baseline qualification requirement. Contractors without certification risk being disqualified from tender evaluation, regardless of other qualifications.
Can ISO 37001 be integrated with ISO 9001 or other standards?+
Yes. ISO 37001 follows the ISO High Level Structure (HLS) — the same framework as ISO 9001, 14001, and 45001. Common elements like context analysis, leadership commitment, objectives, internal audit, and management review can be fully integrated. JCSS Consultancy specialises in integrated management systems and can add ISO 37001 to your existing certified system, reducing documentation duplication and audit burden by up to 30%.
Get ISO 37001 Certified

Protect Your Business.
Get Certified Fast.

Start with a free consultation. We'll assess your MACC Act exposure, scope your ABMS, and give you a transparent implementation plan — no commitment required.

💬 WhatsApp Us Now Send an Email
📍 Kuala Lumpur, Malaysia
📞 +601159560873
✉️ info@jcssconsultancy.com
🔗 Part of JCSS Consultancy's ISO services — also covering ISO 9001 · 14001 · 45001 · 17025