Poor IAS can’t catch a break. The “International Accreditation Service” issued a wholesale denial of any wrongdoing by multiple ISO 9001 registrars operating under its logo, in response to an official complaint launched against them with the Asian Pacific Accreditation Cooperation (APAC). But only 24 hours later, new evidence flooded in that appears to show IAS-accredited bodies continuing to violate accreditation rules through improper relationships with consultants.

If you’re keeping track, Oxebridge launched formal complaints against a number of IAS-accredited registrars: AQC Middle East FZE, ACS W3 Solutionz, QACS, SIS Certification, and Care Certification. In addition, a number of other CBs were named in separate complaints filed directly with IAS: Resource Inspections Canada Inc. (RICI), Aambitious Assessment, DAS System & Services, and InterCert.

IAS first responded with a bizarre denial that landed them an escalation to APAC. In that response, IAS hung its hat on an absolutely batshit-insane theory that their CBs can’t violate accreditation rules until after an ISO certificate is issued. So we escalated to APAC.

Recently, however, IAS — who apparently didn’t think we’d escalate to someone higher than them — provided a longer response to the original complaints. It’s too late, however, since now IAS has to answer the complaint filed with APAC, and not the ones originally filed against their CBs. IAS really, really doesn’t seem to know how to this whole Accreditation Body thing works.

(At this rate, I may have to start billing them for all the consulting I’m giving them.)

In their most recent response, however, IAS just doubled-down and claimed (again) that everything was fine. This time, though, they claimed to have investigated all the CBs named in the various complaints — all ten of them?? — and found no wrongdoing. They provided no evidence at all, citing confidentiality, and remained stuck on their “no violations until after certification” theory.  They ignored the entirety of the evidence in all the complaints that was sent to them. There is no way to know how they literally conducted office audits of between six to ten different CBs in various cities and countries in the region.

But just 24 hours after IAS sent its evidence-free response, another complaint came into the ISO Whistleblower program. This time the Egyptian consultancy Smart Business was caught issuing a proposal for simultaneous ISO 9001 consulting alongside certification to be issued by AQC Middle East FZE — the very first IAS-accredited CB that was reported by Oxebridge, and which IAS insisted they investigated.

Take a look: on its quote for ISO 9001 consulting, Smart Business actually provided the pricing for AQC’s auditing services, and then posted the ASQ, IAS and IAF logos right in the proposal:


Now what IAS is going to say is (1) “shut up, you, this never happened,” or (2) “it doesn’t matter, because the victim of this scam never signed the contract and didn’t ever receive the ISO 9001 certificate.” Right.

But, hours later, I received yet another spam mail from AQC Middle East FZE asking me to partner with them as an official marketing branch. That email openly bragged out its accreditation with IAS. Take a look:

To date, AQC Middle East has sent thirteen such requests. In all, I’ve received 46 such offers from IAS-accredited CBs. But IAS says (I guess?) this never happened. I’m imagining the emails, and so are the tens of thousands of other recipients across the planet who receive them. Heck, you’ve probably got some of these in your spam folder right now, but it’s just your imagination.

I’m not even done yet. Nearly within the same exact hour, a rep from ACS W3 Solutionz — the one we filed a complaint against in August and who IAS also cleared — was literally writing me on LinkedIn to form a partnership, too. You can’t make this stuff up.

So it took all of one day for evidence to flood in debunking the claim that IAS has a handle on its problem.

Just to stress-test this a bit further, I then spent 5 minutes — five minutes!! — on Google. In that period I found more cases of improper marketing of IAS-accredited bodies by consulting firms. The website for AACS Consulting (Afghanistan) openly markets ISO 9001 consulting services and then claims PECB as a registrar “partner,” also naming its IAC accreditation. The website for Germes Consulting (Azerbaijan) offers ISO 9001 consulting services while also claiming partnership with PECB and IAS.

But wait, there’s more. Arizona-based ISO 27001 consultant SecuraStar claims it’s “partner” is the  iCertWorks, which resells ISO 27001 audits by PECB, which is accredited by (guess) IAS. Oh, and SecuraStar and iCertWorks have the same address, so I don’t know what’s going on at that funhouse.

I told APAC that at this point I’m not even sure how to process this. Do I amend the current APAC complaint with this flood of new evidence, using it to show that IAS is wholly inept at controlling its CBs, and doesn’t seem to really want to? Or do I file new complaints directly with IAS, and then escalate them later?

IAS is already breaking procedure on responding to complaints, and APAC is nodding its head like a dashboard plastic puppy, so who knows? The IAS complaint handling operation is in such a shambles, no one has made rules that cover this.

I’m the expert on filing formal complaints and appeals, and they’ve injected so much chaos into the industry, I can’t even figure out how to proceed! Clever.

(Probably a class action suit is necessary, but the victims are all outside the United States, so that’s not possible. Going to the US Federal Trade Commission and alleging widespread deceptive advertising has all the regulatory teeth of a newborn, baby slime mold. So that’s not an option, either.)

And where is APAC while all this is going on? They only have one job, and have utterly bungled it. Is this what they get for having a corrupt markets in India and the Middle East managed from Australia? Maybe they should hire an actual Indian or Egyptian… I know, crazy suggestion.

To date IAS ranks the highest in receipt of complaints against its accredited registrars.

We are supposed to believe that IAS, APAC and IAF are all doing due diligence in monitoring this stuff. And yet someone like me can find multiple violations by simply doing Google searches. Apparently that’s too hard for these folks to master.

At the same time, Steve Keeling over at JAS-ANZ — another Australian body with deep ties to Indian certification bodies — insists that they’ve cracked the problem of out-of-control Indian certification bodies ignoring the rules. Keeling says JAS-ANZ has stopped issuing accreditation to Indian bodies altogether — something I am pretty sure is a fib, but I’m still checking — and that JAS-ANZ doesn’t get complaints about the Indian CBs it still has on its roster. In order to make that true, Keeling has to ignore the mountain of complaints I sent JAS-ANZ on various Indian CBs who are also using the JAS-ANZ logo inappropriately, providing consulting alongside certification, and engaging in all sorts of other prohibited behavior.

So apart from IAS, APAC is going to have to take on the JAS-ANZ problem eventually, too. There is no way in God’s green Earth that APAC will stand up to JAS-ANZ, one of the most powerful accreditation bodies on the planet, so it should be fun to watch APAC pretzel itself when that happens.

Why bother, then? It’s simple: what these folks are doing is providing irrefutable and damning documented evidence that the accreditation scheme is a scam. With that in hand, we can approach world governments and have them (a) investigate the IAF scheme for potential fraud and (b) pull back on government contract requirements that call for various ISO certifications as a condition of bidding. That will get their attention.

So while the individuals at IAS, JAS-ANZ, APAC and IAF are all thinking only about five minutes into the future, and only about their own professional careers, they may want to start thinking about what will happen if they continue to abdicate their responsibilities and face potential accusations of international criminal fraud.

Meanwhile, IAS: get your house in order. You may not be getting oversight from the accreditation scheme, but you are getting it from whistleblowers whether you like it or not.



About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001:2015. He reviews wines for the irreverent wine blog, Winepisser.