Proper due diligence is ongoing and never static

By Sanday Chongo Kabange, The Red Flag Group®

Today’s compliance landscape is more complex, challenging and costly compared to years ago. This is because previously there were fewer regulatory demands to meet and organisations were able to easily grasp the risk profiles of their partners through a simple check-the-box due diligence (or, that was a common belief). Moreover, access to partner data and intelligence was simple and somewhat transparent.

However, things are no longer the same. There are more regulatory requirements and obligations. Regulators know that it is possible to gather more data, and so are now requiring companies to undertake deep dive, thorough due diligence on their partners to ensure that all potential risk entry points are properly checked on a regular basis and effectively sealed off. More so, wrongdoers are becoming ever sophisticated and constantly devising complicated ways of circumventing laws and regulations by making it harder to assess their compliance culture and integrity. This is causing many organisations to be exposed to new risks.

The appalling gaps in check-the-box due diligence are evident. One-off, check-the-box due diligence may help you to fulfil your regulatory requirements in a snapshot of time but won’t necessarily help you to identify and effectively manage evolving new risk. Compliance-savvy companies aren’t taking the checklist approach because it’s not cheap, but still doesn’t manage risk - and the penalties are high in case you are investigated for your partner’s misconduct.

Consequently, regulators are constantly encouraging companies to avoid check-the-box due diligence and adopt more holistic and robust processes on a regular basis which includes a periodic review of key documentations like contracts, data privacy agreements, ESG policies and other related terms of engagement.

A robust, deep dive renewal due diligence must include reviews for contractual compliance, ensuring that the agreed T&Cs are complied with in totality. If your partner agrees not to subcontract, it must maintain that throughout the tenure of your partnership. Any changes to the contract must be communicated to you with a signed addendum. Many compliance issues arise when your partners fail to abide by the contract and you equally did not take the time to check during your due diligence renewal circle.

The value of ongoing due diligence

Ongoing due diligence doesn’t only ensure that you’re on top of your partner’s compliance but also ensures that you’re meeting the ever-increasing regulatory demands. Needless to say, it’s the most desirable low-cost method of partner monitoring and is highly effective.

The U.S. Department of Justice and the UK’s Serious Fraud Office recommend ongoing partner monitoring. Ongoing due diligence is widely recommended and suggested because it:

  • ensures constant awareness of new risks presented by your partners
  • helps to manage risks in real-time and more effectively
  • can help you avoid or minimise financial losses and liability
  • safeguards reputation from damage and negative press
  • ensures compliance with new regulatory requirements and legal obligations
  • encourages a culture of compliance and ethical conduct in your partners
  • helps to keep the due diligence, corporate information and business intelligence current
  • may result in reduced penalties if investigated by authorities for partner misconduct
  • helps to reassess and reposition your exposure to risk
  • provides a clearer oversight of your partners’ activities, conduct and practices
  • should be part of a robust compliance programme and third party monitoring
  • raises your brand name and is considered a good business practice
  • cuts down on repetitive administrative tasks and is cost-effective
  • can be outsourced to experienced due diligence providers to avoid vested conflict of interest
  • helps to make better decisions in selecting key partners

Due diligence doesn’t end once you have completed your initial review of the risk, integrity and compliance profile of your partner. There must be a process that ensures regular ongoing checks, reviews and audits of various documentation, processes and procedures.  

Need help?

Call us now on +1 480 825 7787 or visit our website www.redflaggroup.com to find out more about our due diligence products and solutions.  If you have any enquiries, please contact info@redflaggroup.com.

Related articles:

Why ESG compliance can’t be ignored
Minimise your risks through ongoing monitoring
If repeating due diligence is obvious, why don’t more companies do it?

Previous Article
Compliance challenges for foreign corporations in Japan and Japanese companies abroad
Compliance challenges for foreign corporations in Japan and Japanese companies abroad

Japan is the world’s third largest economy and home to some of the largest global corporations. Many organi...

Next Article
Preparing for the California Consumer Privacy Act
Preparing for the California Consumer Privacy Act

Businesses are required to be CCPA-compliant or risk monetary liability or civil action. What actions do yo...

Looking to build a perfect due diligence programme for your business?

Contact us