The Red Flag Group®

How to select a due diligence provider

How to select a due diligence provider

Recent cases involving high-profile entities and c-suite executives have tarnished reputations of well-known global companies for spying and initiating surveillance on former employees and whistleblowers. In one case, a high ranking executive unlawfully engaged private investigators to spy on an ex-colleague over a personal vendetta while in another case, a company’s top executive spied on a whistleblower’s personal messages after they had left the company. In a third case, a senior legal practitioner was secretly tracked by a surveillance company that placed secret cameras on his property and tailed him on private holiday trips. These cases and many others reported in the media highlight the danger of engaging inexperienced and unethical ‘due diligence providers’ who are willing to do anything unlawful to get paid. Although both cases stem from personal differences, the end result is badly tarnished reputation of companies they are associated with.

Due diligence is a very over-used term, which means different things to different people at different times.  In the compliance world, this generally translates to a need to understand more about a person or company before engaging with them in some way.

Many companies use external resources for gathering and analysing information as part of their due diligence exercises, so it’s important for them to choose the best provider for their circumstances.  Over the years, the compliance industry has been flooded by many boutique due diligence ‘providers’, some of whom have limited knowledge, expertise and understanding of the industry. There are many questions you must ask yourself before selecting your due diligence provider – including but not limited to:

  • Does your due diligence provider really understand your risks and the need for compliance?
  • Do they offer any surveillance or tracking services?
  • Do they mention their strengths as private investigators?
  • Do they follow the law when obtaining and providing you the information you need to make better decisions?

Like any other supplier, due diligence providers have a legal, ethical, moral and regulatory obligation to ensure that the work they do for their clients is done within the confines of the law. Nothing should be done beyond the legal mandate at whatever cost. This is because no individual or entity is above the law.

The rapid influx of due diligence ‘providers’ in the industry who include, former police officers, private investigators, security firms, surveillance companies and spy agencies, has led to a moral breakdown and severe monetisation of the due diligence industry. Some inexperienced due diligence ‘providers’ flooding the market don’t have any client focus in their provision of services. They are willing to circumvent the law or engage in illicit practices to get paid, defeating the ethical and legal purpose of a due diligence provider.

As a buyer of due diligence, you need a provider that is not only trustworthy but understands their legal obligations. You don’t necessarily require a law firm as your due diligence provider. What you need is a provider that understand risk, compliance and adheres to the law at all times and cost.

Reputation is king

Reputation is the biggest asset any entity or individual possess. A ruined reputation can lead to numerous impacts including financial loss, product boycotts, or even business closure. Thus, when selecting a due diligence provider, ensure that the services they provide are built on a foundation of high ethical standards, transparency, legal and of premium quality.

Avoid dealing with a due diligence provider who is willing to do anything at the expense of your reputation. Remember that the conduct of your provider will be judged as yours should anything go wrong. Your supplier is a direct representation of you and must conduct their business activities in strict accordance with your expectations and values.

If you allow your due diligence provider to undertake projects for you that compromises your reputation, then you are exposing yourself to risk even before you take a step further into identifying the risks you are trying to achieve through due diligence. Simply put, due diligence starts with your provider. Your provider must subscribe to your core values before onboarding or engaging in any business partnership. It is more costly to fix a damaged reputation than investing in a provider that won’t comprise your integrity and reputation.

Choose wisely

Other questions to ask when selecting a due diligence provider may include the ones noted below. This list not exhaustive but provides a baseline when selecting a credible and reliable due diligence provider that won’t expose you to risk.

  1. Who are the people or entities involved? What are their backgrounds?
  2. Do they follow the law at every single opportunity?
  3. Can the information and data they collect and provide be used in court?
  4. Is information compiled, stored and transmitted in compliance with applicable laws like the GDPR?
  5. Do they have lawyers and counsel supporting and guiding them in their due diligence?
  6. Where and how to they get premium-quality data they provide to clients?
  7. How are their reviews and testimonials from current or previous partners and clients?
  8. Do they sub-contract or use in-country resources? Are these trained and certified?
  9. What is the depth of their research? How is the analysis of the findings done and by who?
  10. What kind of after-sales service or support systems do they have?

Due diligence is about doing the right thing. This includes selecting the right due diligence provider. Due diligence has become an monetised commodity and the industry has turned into a low-end playing field. Thus, you need a provider that can never cut corners or pay bribes. Your provider must endeavour to obtain information legally and should never encourage you to buy more expensive services than required or withhold information in an attempt to upsell the services they provide.

Your due diligence provider should advise you on cost-effective solutions and not simply make more money out of you. You can only get this if you work with a due diligence provider that isn’t willing to take on assignments which may force them to go outside of the law, like most private investigators, surveillance companies, spy agencies and boutique due diligence ‘providers’ do.

Five takeaways

  • Deal with only experienced due diligence providers that adequately understands your risks and the need for compliance. Well-established firms led by former legal practitioners, in-house counsels and lawyers are recommended. They understand the law and wouldn’t dare to break it in the course of providing due diligence services to clients.
  • Avoid due diligence ‘providers’ that offer surveillance and tracking services, licenced private investigators, one-person entities or those led by people with no understanding of risk and compliance because they are highly likely to engage in illicit practices like spying, tracking and surveillance, which can expose you to risks and legal liability.
  • Do business with only due diligence providers that provide you data and business intelligence that is admissible in court and can help you make informed decisions. Don’t simply pay for cheap data that you can get online or through open sources. Pay for meaningful and enriched due diligence data that you can rely on to make million-dollar business decisions.
  • Avoid due diligence ‘providers’ that may compromise your integrity, reputation and brand like those referenced in this article earlier. Integrity and reputation preservation start with how lawful your due diligence provider conducts its business.
  • Work with a client-focused due diligence provider. A highly advisable due diligence provider must put your interests first, understand your needs, obligations, and provide you with tailored products, ratings and solutions fitting your requirements. Your due diligence provider must explain what every issue identified means to you and in your language. Your provider must provide after-sales services and 24-hours support to ensure minimum disruption to your business goals.

The starting point to managing risks created by bad due diligence providers is identifying and partnering with a firm that has built its reputation managing risks around the world and advising clients the importance of compliance. You must carefully select a due diligence provider that won’t engage in any illegal conduct at all costs. Your due diligence provider must have a rich proprietary repository of legally obtained data and business intelligence that is stored, used or transmitted in strict compliance with the law. We advise you partner with a due diligence provider that offer a wide range products and solutions regardless of your industry, size, type or country. This will give you a wider selection of solutions to help you meet your due diligence obligations.