An ISO 9001 certificate issued to the ISO 9001 certification body Russian Register has been withdrawn after Oxebridge reported the incident as a violation of accreditation rules.
Under ISO 17021-1, ISO 9001 certification bodies are prohibited from issuing ISO 9001 certificates to other CBs; doing so has long since been viewed as an insurmountable conflict of interest. Nevertheless, the UK-based registrar URS Holdings issued multiple certificates to Russian Register, including ISO 9001, ISO 14001, ISO 45001, and OHSAS 18001.
Records indicate that URS has issued the certificate in March of 2017, although it is not known if RR held the certification with URS prior to that. The certificate expired in March 2020, but the URS website shows the certificate remains current, likely having been subject to a routine re-certification audit.
Oxebridge filed a complaint with URS in October of 2020, but the filing was immediately dismissed by URS management and rejected, arguing the “scope” of Russian Register’s operations did “not pose a conflict and is not contrary to the intent of the Clause.”
Oxebridge rejected URS’ response, as it ignored a key requirement of ISO 17021-1 which clearly states:
A certification body shall not certify another certification body for its quality management system.
That rejection was upheld by accreditation body UKAS who, in an unusual move, supported the Oxebridge complaint and demanded that URS take action.
Now, in March 2020, URS has responded by reporting they have withdrawn the certification of Russian Register, and provided training to those involved. The ISO 14001 and ISO 45001 certificates apparently remain in effect, as the accreditation rules do not have any specific prohibition against cross-CB certifications under those schemes.
Oxebridge has accepted the actions, and closed the complaint in its files.
The incident marks a rare occurrence where an accreditation body — in this case, UKAS — was forced to take action because the violation was so egregious and clearly linked to a simple clause in ISO 17021-1. Often, complaints are complicated and require dense volumes of evidence to prove, allowing the CB and AB to collude in shutting down the complaint by throwing up confusing arguments or denials.
Oxebridge has had several successes in recent months. It successfully processed a complaint against Nadcap auditors from PRI who invented interpretations for the anodize industry that could have bankrupted hundreds of companies. The combination of Oxebridge filings and news reports led ASTM to revised their anodize standard to prevent PRI auditors from ever misinterpreting the clause again.
Oxebridge has led the charge to “course correct” the nascent CMMC certification industry, detailing back in September of 2020 that the new CMMC Accreditation Body would have to be split into two separate organizations to avoid conflicts of interest. Officials in the CMMC-AB rejected that call, insisting they were within their rights to certify both personnel and then accredit the companies using those same persons. The resulting DOD contract issued in December then ordered the CMMC-AB to divest its personnel certification program. An additional 15 complaints and filings have been made against the CMMC scheme, including allegations of fraud.
Another case against the Austrian registrar Quality Austria and its accreditation body Akkreditierung Austria is currently before a criminal court in that country, as allegations of bribery of officials were made in that filing.
The Russian Register case originated with a filing made through the ISO Whistleblower Program, a free service offered by Oxebridge to whistleblowers worldwide.