The IAF corruption continues unabated, in another scandal that proves how worthless accreditation of ISO certification bodies has become.

As reported only yesterday, we claimed partial victory over the United Arab Emirates certification body QRS, which has had a long history of issuing fully-accredited certificates in violation of international accreditation rules. Short version: they partner with Al Tair Inspection Services which provides consulting while then reselling QRS audits, a gross conflict of interest.

First QRS and ATIS tried to get around this by having ATIS rename itself to “ATQS,” a flimsy attempt at best, so they got caught again. So we filed a new complaint which the UAE accreditation body EIAC tried to delay by largely ignoring it. Meanwhile, QRS filed a bogus police report claiming the complaint was based on “forged” documents, and had the whistleblower arrested. (We didn’t reveal the whistleblower, he originally filed a formal complaint with QRS which they ignored, prompting him to come to Oxebridge. By filing the police report, they essentially revealed they had the complaint all along.)

Initially, EIAC sided with QRS on this, also taking the position that the documents were forged, even though they had no evidence of this. The documents included emails and actual people that EIAC could have contacted, but they apparently didn’t. EIAC refused to get involved in the police action, and made no demands on QRS to clear the complainant’s name.

Just pause on that idea for a moment: the IAF and CBs are entirely willing to have innocent, private citizens pulled off the street and thrown in jail for exercising their rights to file complaints, per ISO accreditation standards.

That led us to put pressure on EIAC through UAE government ministers, since EIAC is a government department. Suddenly, then, EIAC wrote to Oxebridge and said they did, in fact, find irregularities and withdrew QRS’ accreditation.

So… small victories, right?

But, this is the IAF scheme, so you know this doesn’t end there. During the few emails sent by EIAC’s Muhammad Shahid, I thought it was curious that he was sending copies to Atta Subhan, a representative for the Saudi Arabian accreditation body GAC. It wasn’t clear to me why GAC should be involved at all, since they hadn’t accredited QRS.

So I thought. In fact, QRS had, just two months prior to the latest complaint, already transferred their accreditation to GAC. Or, more accurately, they applied for it and then had GAC accreditation as a backup. The accreditation certificate for GAC was dated March 2022, just one month prior to our formal complaint, but at least a month or two AFTER they had received the original complaint from the complainant.

So as soon as QRS got the complaint and realized there was no way they were getting out of it, they filed a bogus police report and began work on holding a second accreditation, just in case EIAC withdrew the first one.

The benefitted EIAC, too, who raised no objections to this, despite knowing full well what was going on. EIAC could throw QRS to the curb and claim to have taken action, but without the risk of a lawsuit since QRS had already secured another accreditation from the even-more-corrupt Saudis.

The IAF, meanwhile, has remained silent. After all, QRS is still paying someone, and a portion of that money eventually flows up to Emanuele Riva and Elsa Nilsen. They still get paid.

The scandal shows the problems within the certification scheme, and how official rules don’t exist to prohibit “accreditation body shopping.” This is the practice where companies find the weakest, most corrupt body to issue a certificate so they don’t actually have to abide by official ISO standards. The IAF doesn’t police corrupt ABs, provided they pay their membership dues, so the practice continues unabated.

The aerospace scheme has a simple rule preventing AS9100 certified companies from doing this. As a part of any AS9100 transfer, the new CB must verify the closure of any nonconformities issued by the prior CB, to ensure they aren’t switching CBs to get out from under violations. (I’m pretty sure the IATF has a similar rule for automotive certifications.)

Now, IAF has a mandatory document on rules for AB transfers. But IAF Md2 was written, literally, in 2007 and deals with transfers of certificates issued by CBs, not transfer of CBs between ABs. But IAF MD2 is largely ignored anyway, since IAF doesn’t enforce these things, so putting “anti-shopping” rules in ISO 17021-1 and ISO 17011 is the way to go. That needs to be done by ISO/CASCO.

But while that would easily start the process of reining in corruption, corruption is how ISO and IAF make money, so they have no appetite for it.

Meanwhile, some poor guy is facing prison all for exercising his right to file a complaint. That’s criminal.

The good news is that if you live in any of these Middle East countries, you can buy an ISO certificate cheap and without proper oversight. The bad news is that if you buy any product from these certified companies, they’re likely to be dangerous, defective garbage since the only way they can get certified is through full-on criminal corruption.

About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.


Free ISO 9001 Template Kit