The Red Flag Group®
compliance due diligence

Compliance due diligence


Introducing IntegraCheck® 7.0

The Red Flag Group® prides itself as The Compliance Firm® - where Chief Compliance Officers come for strategic advice and solutions to make compliance a competitive advantage.

We are committed to supporting your compliance programmes by adding value and expertise through quality products and services.

Our enhanced IntegraCheck® | Integrity Due Diligence 7.0 has been designed to provide you with a comprehensive 360 business overview of your third parties while focusing on concerns that matter most to you.

A wide stream of third party business risks, including integrity risks, reputational risks, operational risks and strategic risks are critically analysed by our team of skilled risk management specialists to give you the most applicable and actionable risk insights.

With the following additional aspects, IntegraCheck® | Integrity Due Diligence 7.0 is set to provide you with everything you need to know about your existing and prospective business partners:

Peer Benchmarking: A clear visual display that lets you know how your third party ranks against its peers in the same industry and country:

IntegraRating®: The Red Flag Group®’s comprehensive proprietary risk assessment methodology provides you with an overview of all facets of the business based on the regional insights and global expertise of our Professional Services team. Taking into consideration the industry, country, size and type of third party, our rating is configured to provide a balanced overview of the business as a whole.

IntegraRating® comes with an enhanced 10-Points Risk Rating System. This replacement for the old traffic light system has been designed to provide more clarity, which can be easily and quickly tailored to meet your specific risk needs. Each report will be rated and analysed based on the risks that matter the most to you:

Visual Risk Analysis: We have made extensive enhancements to the report sections to include risk analysis graphs. We measure and rate the key items that may affect the business, including:

  • Completeness/ Availability of data
  • Erroneous or unexpected findings
  • Transparency of ownership data
  • Transparency of management data
  • Country-specific issues
  • Industry-specific issues
  • Economic/ political factors
  • Regulatory factors

We are committed to continuous improvement benefiting all our clients.


Compliance due diligence?

Compliance and due diligence are closely linked but there is a subtle difference between them. Compliance is clearly defined by legislation and can be achieved by following a set of pre-determined rules and regulations. The consequences of being non-compliant are equally well-defined.

Due diligence is not defined in terms of legal duties and consequently can be harder to achieve. It is anticipated that everyone in the supply chain will act ethically respecting human rights, but in practise monitoring this can be challenging.

Business acquisition due diligence

Although business acquisition is commonly used to acquire new products or expand into new territories it can also bring with it considerable risk. It is recommended that due diligence takes place regardless of business size.

If due diligence is not followed, the results can be catastrophic. A lack of due diligence can result in limited investment opportunities and ultimate business closure. Anyone associated with the business is also likely to face a difficult future.


This is a management approach taken in order to control and protect the organisation. It ensures that information supplied to the executive team is accurate and supplied in a timely manner with control measure in place so that any management decisions are implemented effectively.

Conducting compliance due diligence

Due diligence involves the assessment and evaluation of risks. Typical areas considered include bribery, International data protection regulations, procurement law and anti-corruption regulations. Due diligence may appear to be very complicated but can be broken down into three simple steps.

Step 1 – Risk investigation

This involves the collation of any information which is available publicly. Specific business activities, the structure of the business, country embargoes, the World Bank’s blacklist and the company’s location should also be considered. If the business is in a country on the Corruption Perception Index (CPI), an in-depth corruption assessment is recommended.

Companies trading on an international basis are usually exposed to greater risks than those based locally. Joint ventures can be high risk, as the UK Bribery Act mutually attributes any compliance infringements of a joint venture partner.

Step 2 – Risk assessment

Based on the information obtained, a risk assessment of the potential risks is undertaken. If any potential risks are identified, further information is sought from the potential acquisition. This will highlight any previous non-compliance incidence as whilst assessing the potential acquisition’s compliance management systems.

Stage 3 – Risk evaluation and management

The overall benefits and risks of the transaction are evaluated. If the compliance due diligence process has discovered serious compliance risks, the purchase may still go ahead provided that the purchase price is adjusted accordingly, and strategies are put into place to minimise the risks.

Managing due diligence compliance risks

If due diligence procedures highlight serious compliance risks, the risk can be managed by including the risks in the purchase agreement.

When the risks are known, an indemnification clause should be included, but a compliance guarantee clause is required if compliance due diligence revealed a potential but unquantifiable risk. Adding an arbitration clause will ensure that any legal disputes arising from this can be settled speedily.

If there is a risk of insolvency, this risk can be protected by a warranty and indemnity insurance policy. This will also provide cover for any compliance guarantees which may arise in connection with corruption and bribery.