Strategic partnerships begin with informed decisions: why integrity due diligence matters

Entering into a business partnership is never just a formality, it is a big decision that can either help a company grow or cause major problems. While the right partnership can help a company unlock growth and strategic advantages, the wrong alliance can expose your organization to serious financial losses, reputational damage, and legal risks. The Association of Certified Fraud Examiners (ACFE) surveys released between February 2023 and March 2024 reveal that onboarding new businesses as a client or vendor can be challenging for many organizations. According to ACFE’s report, only 10% of organizations see new vendor onboarding as not challenging at all, while more than 60% find onboarding new vendors to be extremely challenging. Similarly, 52% of respondents report that onboarding a new business client is extremely or moderately challenging, while 14% do not find new client onboarding to be a challenge for their organizations.

Understanding the importance of Integrity Due Diligence

Integrity Due Diligence (IDD) is a component of risk management, focused on evaluating the integrity and reputation of a current or a potential business partner prior to any business engagement. Conducting IDD helps organizations uncover hidden problems and mitigate risks that could threaten the present and the future of the business. Failing to perform thorough IDD can expose a company to potential severe consequences. Depending on the jurisdiction, this may include substantial fines, restrictions on business operations or even criminal liability.

Beyond legal and regulatory penalties, insufficient due diligence can also result in significant reputational harm. If an organization is found to be associated with a partner linked to corruption or unethical practices, it may face damaging publicity and a loss of stakeholder trust, including from customers, investors, and regulators.

Key data gathered as part of onboarding and Integrity Due Diligence

ACFE reports that when onboarding a business partner, organizations must collect key pieces of information such as tax ID number, ID verification of business owner(s), ownership information, and sanctions/watchlists/denied-party information. Screening this information is directly linked to mitigating key fraud and reputational risks that organizations face when engaging with business partners.

The information collected during the IDD process should cover key areas, such as: identity and corporate structure, including identification of executive board members, shareholders, ultimate beneficial owners and additional corporate affiliations; market behavior; sanctions lists, including identification of persons, organizations or countries which are subject to economic sanctions issued by a government or by an international organization; negative media reporting, including allegations found in reputable news outlets and other publications that link a person or entity to fraud, money laundering, corruption, terrorism and other unlawful activities; checks on politically exposed persons lists and state-owned entities lists; financial results and balance sheets, as well as assets and liabilities.

What are the key risk factors that Integrity Due Diligence analysis can detect?

IDD analysis is a valuable tool for uncovering a wide range of potentials red flags. Some of the key risks that can be identified include: ownership hidden behind complex structures, that was not disclosed; ultimate beneficial owners with criminal backgrounds or adverse reputational histories; unofficial control of a business by individuals with political authority or political relationships; allegations of corruption and fraudulent activities; the use of a company as a potential vehicle for money laundering; conflicts of interest, where key personnel represent the interest of external parties; legal disputes that may impact financial or reputational stability and environmental, social and governance concerns such as violations of environmental laws or sustainability standards and poor labor practices or supply chain risks.

When to conduct Integrity Due Diligence?

The frequency with which organizations conduct IDD checks depends on several factors, including the nature of the business relationship, risk level, industry, and regulatory environment. They should always conduct IDD before entering a new partnership, investment or a material transaction to ensure that they are not exposing themselves to hidden risks. However, organizations should not treat IDD as a one-time exercise. Depending on the level of risk, the due diligence process should be revisited regularly. For organizations dealing with low-risk business partners, it may be appropriate to revisit the IDD process every two to three years. Moderate-risk relationships, however, require more frequent attention - commonly the IDD process should be conducted every twelve to twenty-four months. In high-risk scenarios or when dealing with business partners that are operating in jurisdictions known for weak regulatory environments or in countries with high level of corruption, organizations should reassess IDD as often as every six to twelve months, or even more frequently if circumstances demand it. Furthermore, beyond these periodical checks, organizations should approach it as an ongoing responsibility in order to be prepared to act when new developments emerge. This includes changes in the ownership structure, in leadership, negative media coverage, whistleblower reports and updates to regulatory frameworks. In these instances, timely IDD updates help organizations stay ahead of potential risks before they escalate.

In a global business landscape marked by increasing regulatory scrutiny, IDD practice can be essential in onboarding new business partners and in monitoring existing relationships with other businesses. Beyond simply checking compliance boxes, IDD serves as a safeguard against corruption, fraud, and hidden liabilities that can threaten an organization’s operations and credibility.