Enhanced Due Diligence, Explained
Before we talk about enhanced due diligence, we should preface its detailed explanation with the meaning of the standard due diligence process, which you may be more familiar with. As the Cambridge Dictionary defines it, due diligence is: “The detailed examination of a company and its financial records, done before becoming involved in a business arrangement with it.”
To put it another way, due diligence is a common practice for companies considering new business partners, mergers and acquisitions, or investments to ensure that there are no hidden risks or potential liabilities that could be deemed nonstarters. With traditional due diligence, the reports generated are typically limited because the processes used to create and inform those reports only have so many datasets at their disposal.
Globalization, however, has increased the risks companies face, making the use of enhanced due diligence processes capable of more than traditional financial health checks much more critical. We’ll touch on that more in a minute, but first let’s define enhanced due diligence.
Enhanced due diligence is a holistic risk-based monitoring process
Enhanced due diligence helps expose third-party risks across Political, Economic, Socio-cultural, Technological, Legal and Environmental (PESTLE) categories.
Through an enhanced due diligence process, companies can better safeguard their interests—whether those interests are related to potential mergers and acquisitions, supply chain continuity, or ensuring compliance with sanctions and corruption laws.
Why is enhanced due diligence becoming increasingly necessary?
Globally, the number of countries that have or are introducing anti-bribery and corruption (ABC) and anti-money laundering (AML) legislation is on the rise. Likewise, enforcement is climbing, with enforcement agencies of different countries collaborating on investigations and prosecutions. More than 40 countries currently have ABC or AML laws governing companies within their borders.
In addition to complying with the laws of their home country, companies conducting business in other countries—whether directly or indirectly through subsidiaries, partners, or other third-party entities—must also consider two relevant laws concerning the prevention of financial crime.
UK Bribery Act
The UK Bribery Act was enacted in 2010, and it serves as one of the strictest pieces of anti-bribery legislation in the world. Compliance is required for UK-based companies operating abroad, as well as multinational companies that have a presence in the UK. The act makes it an offense to offer or accept a bribe for the purposes of winning or retaining business or gaining a business advantage. It also further assesses significant corporate liability if a company fails to prevent bribery from taking place—anywhere within their third-party network or supply chain.
Foreign Corrupt Practices Act (FCPA)
Under FCPA, it is an offense to bribe foreign public officials such as government ministers and customs officers—and both the U.S. Department of Justice and the Securities and Exchange Commission vigorously enforce the law. In 2016 alone, enforcement actions led to 27 companies paying nearly $2.5 billion in penalties.
Both the UK Bribery Act and the FCPA have extraterritorial reach and, like other laws, define business partners in broad terms, including customers or clients, suppliers, subcontractors, vendors, sales representatives, and other third parties operating on behalf of a company.
Additionally, amendments to the UK Companies Act went into effect in January 2017, requiring large companies to include disclosures in their annual reports on issues ranging from employment matters and environmental concerns to anti-corruption measures and modern slavery laws.
As new and existing laws like the ones mentioned above continue to get passed and amended in an effort to regulate an increasingly global economy, the more important enhanced due diligence becomes for all companies—not just those in highly regulated industries.
How to adopt and use an enhanced due diligence process
To better mitigate risk, companies need to appraise existing and prospective business partners, as well as their subcontractors and authorized representatives. An initial assessment will include self-reported data from the entity being screened, along with independently verified information.
The 5 stages of an enhanced due diligence process
- Key information is obtained from the prospective partner, either directly or through a third party. This is often done using a simple questionnaire.
- A corporate entity may be required to submit information about the company, details on key shareholders and beneficiaries, group structure, board members, any political connections, and other details. Official documents and contracts can also be obtained at this stage.
- An individual will likely submit details such as sufficient proof of identity, their sources of wealth and funds, any potential political links, etc. depending on the nature of the proposed transaction.
- A prospective client or third party will be cross-checked against global sanction lists. Additional checks may be conducted against law enforcement lists and lists published by regulators of debarred or disqualified companies and individuals. Firms will often also have a proprietary “do not do business with” list.
- Politically exposed persons (PEPs) are identified and screened against PEP lists. A risk assessment is then carried out if any red flags appear.
The information gathered as part of these investigations is then used as a basis for a risk assessment and the development of a risk-based approach.
What does an enhanced due diligence report look like?
The purpose of a due diligence report is to show that duty of care was exercised in an appraisal. Various regulatory agencies have indicated that maintaining an audit trail of due diligence is a best practice that will receive consideration should a compliance issue arise.
To that end, an enhanced due diligence report serves the same purpose as a traditional one. But since an enhanced due diligence process utilizes greater amounts of data, the resulting report provides a much more detailed summary of the results of the assessment and subsequent investigation. The scope of the report differs from case to case, based on the risk assessment and depth of due diligence required. This may include:
- Financial, technical, and organizational due diligence including assessment of managers and employees
- Legal and tax-related due diligence
- Operational due diligence (ODD) to assess risks and the potential for value appreciation that accompany mergers and acquisitions
- Market due diligence to investigate the current and future market situation of the targeted firm
Companies can face serious consequences if their due diligence efforts fall short. As a rule of thumb, the greater the risk potential, the more resources should be invested in due diligence appraisal.
It makes sense to draw on specially trained personnel (employees) or external help (tax consultants, auditors, solicitors, technical appraisers, corporate advisors, etc.) when performing due diligence.
A manual due diligence process, however, is limited by its human resources and inadequate access to relevant, timely process. In other words: To achieve the ability to conduct enhanced due diligence, companies need to take advantage of technology designed to automate screening, assist in due diligence investigations, and support on-going risk monitoring to efficiently and cost-effectively manage the due diligence process and mitigate risk.
Online tools help companies conduct seamless due diligence and document the entire process, eliminating any risk in future audits. A high-performance tool such as Nexis Diligence can help you:
- Screen individuals against PEP and sanction lists
- Access relevant, global news sources with filtering for negative news
- Conduct targeted searches for board members and investors across biographical sources and legal references
- Set up alerts on individuals and firms during and after the search process to stay informed of potential risk events
- Use a built-in report builder to generate comprehensive due diligence reports—including time and date stamps, annotations related to findings, and more—to meet regulator expectations
- Leverage multiple databases for detailed information on businesses, corporate families, and other indicators of beneficial ownership
Resources to help you get started with enhanced due diligence
Here are some resources you can use as you take strides in going beyond traditional due diligence to effectively identify, verify, and mitigate risk.
Due diligence checklist
Most due diligence checklists are either too narrowly defined or too broad in their scope. Our checklist takes a different approach: It gives you step-by-step guidance and lays out precisely what you need to take into account when conducting due diligence for real estate, acquisitions, mergers, and many other scenarios where thorough risk mitigation is required.
You can download our checklist here, and you use to address these five key areas of due diligence:
- What questions you need to ask yourself when entering into a new business relationship
- When to start a due diligence investigation
- What risks you should consider when entering into a third-party business relationship
- Whether a simple due diligence inquiry is sufficient, or an enhanced due diligence investigation is recommended
- The tools suitable for your type of due diligence assessment
Acquisition due diligence checklist
Before fully committing to a transaction, you must first prepare an acquisition due diligence report. Download our acquisition due diligence checklist here, so you can make sure you get the documents needed for an in-depth understanding of target companies.
Ready to experience the benefits of enhanced due diligence firsthand?
Sign up to speak with a specialist and start your free trial of Nexis Diligence.