If you need more evidence that the ISO certification scheme is entirely broken, look no further than this latest fiasco.

A while back a whistleblower revealed that the Colombian consulting firm Future Builders was issuing ISO certifications, but under accreditations held by another company, SIS Certifications of India. According to the ISO accreditation rules, however, Future Builders isn’t permitted to issue certificates on behalf of SIS because they are not listed on SIS’ scope of accreditation. But they’re doing it anyway.

So we did the usual thing, and filed a formal complaint without any expectation that anyone in the certification pyramid would actually do their job and hold SIS accountable. I’m happy to report that months later, all the parties have risen to the occasion and done nothing, ensuring that my expectations of fraud and incompetence were realized.

But who exactly did nothing? Let’s look.

First, there is SIS itself. As I mentioned, they operate out of India, but the Future Builders fiasco was unfolding in Colombia and Peru. It goes without saying that SIS has no actual people in either of these South American countries, so I had to file the matter with the Indian office. In April they promised to get back to me, and it is now July and they have (of course) not done so.

Breaking protocols and ISO 17011 rules, the US accreditation body IAS then volunteered to step in and offer up a full-throated defense of SIS, without even knowing the facts and before we had even filed any formal escalation to them. This proved that IAS isn’t a fair dealer, since their instinct was to defend SIS without facts and without even waiting for the (required) response by SIS itself.

But IAS sent a clear message to SIS: they didn’t need to actually worry about the complaint, because they had paid their “protection money” and IAS was on the job, already scrambling to cover up the scandal.

Next up was the Colombian accreditation body, ONAC, which is famous for its own seediness and corruption within the South American region. ONAC accredits Future Builders in Colombia, but they, too, punted. ONAC argued that the fraudulent SIS-branded certificates were not issued under the ONAC accreditation, so this had nothing to do with them. Keep in mind, ISO 17011 requires that accreditation bodies like ONAC take action when a CB does anything to bring the mark into disrepute, and Future Builders was doing just that. But ONAC wasn’t going to stand up to Future Builders, either.

Up next comes the two IAF regional bodies involved, the IAAC (for the Americas) and APAC (for India). Both of these refused to respond at all to the matter, despite the requirement that they ensure the accreditation bodies involved (ONAC and IAS) comply with ISO 17011.

Finally, that leaves the IAF itself, which has been kept in the loop this entire time. The IAF can at any time step in to force the parties to adhere to ISO 17011 or 17021-1, but — as always — Elva Nilsen spends most of her day trying to convince everyone she doesn’t even exist, like some kind of third age Canadian Bigfoot. So the IAF has done nothing, either.

Now, keep in mind that we had uncovered this same exact problem by SIS in 2019, and filed complaints on the matter then. nothing was done, and so here we are in 2023 and SIS continues to issue ISO certificates all around the world, in violation of its scope of accreditation.

So here’s the full tally of the “oversight” bodies ignoring their responsibilities, and allowing fraudulent certificates to be sold in the market, despite all the dozens of rules saying they really shouldn’t do that:

  1. SIS Certifications
  2. Future Builders
  3. IAS
  4. ONAC
  5. APAC
  6. IAAC
  7. IAF

Meanwhile, what has Future Builders done? They published an actual video on Instagram showing all the certs and accreditation logos as if to rub everyone’s nose in the fact that they can print certificates all day long, and no one will hold them accountable.

UPDATE 14 July 2023: ONAC has replied, again, insisting that the work done by Future Builders (AKA “FB Certification SAS”) is fully conforming, since none of the questionable certificates were issued under the ONAC logo, but under the IAS logo instead. I have replied — for a second time — telling ONAC that I was only keeping them apprised of the situation. But then I went one step further…

In fact, ISO 17011 — the standard for ABs like ONAC and IAS — doesn’t specifically limit a CB from enforcing the rules only relevant to its mark, but to all claims of accreditation.” this is then supported by general statements made in the multilateral agreements of IAF and its regional bodies, like IAAC. Historically, however, ABs have read this rule as only applying to ensuring CBs don’t do anything bad with, specifically, their mark. If a CB wants to sell heroin, they can do so so long as it’s under someone else’s mark, they seem to believe.

But that’s not what 17011’s actual text says. Maybe it’s what the CASCO authors meant, but it’s not what appears in the standard. As a result, I wrote back to ONAC pointing this fact out to them, and saying they still have an obligation to at least have a conversation with Future Builders about potentially misusing other marks of accreditation, which thus bring the entire scheme into disrepute — including ONAC’s own reputation.

The people at ONAC are typical South American bureaucrats, however, and read rules the way they want to. They will quote verbatim certain sentences, and then skip over other points entirely, while having a near-physical allergy to things like intent and context. Convenient.

This means that so far the only two bodies that have replied at all to this fiasco – IAS and ONAC – have both done so without putting pressure on SIS / Future Builders to actually process a complaint. Remember, SIS’ refusal to respond to the complaint is, itself, a violation of ISO 17021, and the ABs are obligated to make them do it. Instead, the ABs are offering up lame excuses and cherry-picked interpretations to defend SIS and Future Builders, which is the opposite of what ABs are supposed to do.

This is because it’s all a protection racket. So long as SIS and Future Builders pay the ABs their annual protection money, they can hide behind their skirts.

About Christopher Paris

Christopher Paris is the founder and VP Operations of Oxebridge. He has over 30 years' experience implementing ISO 9001 and AS9100 systems, and is a vocal advocate for the development and use of standards from the point of view of actual users. He is the author of Surviving ISO 9001 and Surviving AS9100. He reviews wines for the irreverent wine blog, Winepisser.


ISO 45001 Implementation