Mastering enhanced due diligence for third-parties

May 6, 2024

Mastering enhanced due diligence for third parties

It is important organizations recognize that the third parties they engage with in business can pose significant risks, from bribery, corruption, human rights violations, sanctions, money laundering, and terrorist financing. To uphold the values of your company and ensure compliance with relevant laws and regulations, it is crucial to assess the potential reputational risks associated with collaborating with external entities. By conducting third-party due diligence, your organization can make well-informed decisions regarding whether to establish a partnership with a specific third party and how to effectively manage the associated risks.

The U.S. Department of Justice (DOJ) emphasizes adopting a risk-based approach to third-party due diligence. The level of diligence should correspond to the level of risk involved. Implementing enhanced due diligence for third parties is necessary when your initial risk assessment indicates a need for further scrutiny or when red flags are raised during initial screening. You strengthen your program and concentrate on addressing the most critical risks.

Enhanced due diligence is pivotal in safeguarding your organization and fosters a culture of ethics and compliance.

Levels of due diligence

To manage relationships with third parties, it is crucial to assess and mitigate risks associated with all the organizations and individuals you collaborate with. This includes suppliers, vendors, agents, partners, contractors, distributors, and customers. Due diligence is not one-size-fits-all as third parties present diverse risks and some only require basic screening, whilst others necessitate comprehensive evaluation. To categorize third-party due diligence, the tiers of risk are identified during the initial assessment:

Tier 1: Involves screening third parties against global watchlists, which may include checks for adverse media and politically exposed persons. It gives a baseline for medium and high-risk third parties and is sufficient for most low-risk third parties.

Tier 2: In addition to tier 1 screening, tier 2 involves internet searches, newspapers, international media, in-country databases, and government records. This due diligence is appropriate when there are no significant red flags, but the third party operates in a higher-risk jurisdiction.

Tier 3: Uses wider comprehensive research, including paid content and retrieval of records if necessary. Enhanced due diligence should be employed when red flags are identified in tiers 1 and 2, or when higher risk has been identified. Throughout the process, it is essential to maintain thorough documentation of your findings. These records will be invaluable in the event of a violation disclosure or an audit.

The scope of enhanced due diligence

Enhanced due diligence encompasses the most comprehensive level of third-party due diligence, with significant time and resources invested for higher-risk parties. Various factors indicate a higher risk, e.g. the third-party’s location, sector, contract value, involvement of intermediaries, and government interaction. Certain countries pose a greater risk of terrorist financing, while specific industries carry a higher risk of money laundering or financial crimes.

When conducting enhanced due diligence, it is essential to explore the ownership and management structure of the company, its financials, personnel (executive leadership, politically exposed persons, and individuals with ties to government officials), compliance regime, compliance training for employees, other corporate relationships, and conduct interviews with local sources. The scope of enhanced due diligence covers numerous areas of investigation.

Reduced third-party risk

In business, third parties play a crucial role in achieving success. However, it is imperative to thoroughly evaluate third parties to safeguard your organization and uphold your company’s values. Implementing a risk-based approach to third-party due diligence ensures a comprehensive examination of your business relationships.

This process equips you with valuable insights, enabling you to eliminate high-risk parties, make informed partnership decisions, and maintain ongoing monitoring of these alliances.

Red Flag Due Diligence

Enhanced Due Diligence

Fraud, Investigations, Litigation & Disputes