Supplier Due Diligence: Why You Need To Know Who You’re Doing Business With
Table of contents
Knowing who you’re doing business with and ensuring both your organization and your partners are compliant is not just a legal requirement - it’s also an internal requirement that protects your bottom line.
Traditionally, procurement organizations only needed to ensure they comply with the law and satisfy regulators. Today, because supply chains have become global, that’s no longer enough - you need to also make sure you satisfy your end-users, prospects, the press, investors, and other suppliers.
And that’s where supplier due diligence comes in.
What is supplier due diligence?
Simply put, supplier due diligence refers to the actions an organization takes to know its partners. This involves making the relevant inquiries to determine whether a third party, existing or prospective, is honest and legitimate. The process is not very exact, though - you can be as thorough as you want or need to be.
However, keeping in mind that there is such a thing as being too diligent. If you’re asking too many questions, you might be offending your partners.
Why supplier due diligence is necessary
Supply chains today are longer than back in the day. They’re also global, which leaves them exposed to a plethora of threats such as trade wars, bankruptcies, cyber-attacks, extreme weather, or volatile foreign exchange markets.
This makes mitigating supplier risks a lot more difficult, but not impossible. For that, a trend has been growing in the direction of ensuring visibility and transparency into the supply chain. Procurement organizations need to be vigilant and monitor risk using accurate, timely data on exactly who is behind the businesses they work with.
There are main 4 drivers that need to be taken into consideration when you talk about due diligence:
Taking legally required steps to prevent corruption and money laundering. Almost all developed countries have some kind of regulation for this (e.g. UK Bribery Act or the US Foreign Corrupt Practices Act (FCPA), so it's important to protect yourself against being linked to bribery or other forms of corruption and money laundering via a business partner or a subcontractor within the supply chain.
Working with suppliers who lack the necessary integrity can lead to heavy financial penalties and even prison sentences.
Companies that are linked to any kind of crime risk severe damage to their reputation. Even if the company itself meets ethical and legal standards, inappropriate behavior by business partners can still damage its reputation. The most common example in recent years has been well-known companies whose suppliers have been found to be involved in practices such as dubious or illegal working conditions in China.
The quality of your supply chain is of strategic importance for the overall business. Having a clear picture on the risks you have and possible troubles head will help you prevent before is too late other bigger and possible fatal problems.
This may seem overwhelming and too grandiose project, however like with any other process you should start from your actually needs:
Understand compliance concerns
Define corporate objectives for due diligence
Define the due diligence policy (main information required, owners of the process, flow)
Supplier due diligence framework
The due diligence check enables you to protect yourself by checking the assumptions and conditions of a mutual relationship with the respective vendor and identifying relevant risks. But what form of due diligence is appropriate? How thorough you should go, and most importantly at what cost. Here is a simple mapping of the framework.
If you should go with a simple or enhanced due diligence is always a question of time, cost and the risk involved. There is no point of allocating extra-cost hours on a small, one-time contract, but on your most important supplier, that you depend 80% of the time on delivery dates you should go the extra-mile.
A manual due diligence process can quickly become problematic if a company has insufficient resources or cannot access relevant and up-to-date information. You should therefore make use of appropriate technology to automate checks, support due diligence investigations and ensure continuous risk monitoring.
5 steps to ensuring supply chain compliance
To properly carry out due diligence, we can envisage following 5 steps:
Checking business registrations and public documents.
Verify accreditations, certifications and any other similar documents.
Ask for specific due diligence calls and run on-sites visits.
Contact other customers and partners of your prospect supplier.
Hire an external consultant that can help you with an in-depth report.
Keep in mind, though, that supplier due diligence is an ongoing process. This is why we recommend you also:
implement an underlying data structure and ensure you’re collecting all the relevant data
make sure your data is always accurate and up to date
use data analytics to manage supply chain risk, identify potential areas of exposure, and protect your company’s reputation
So what kind of information you should look for?
You can find our due diligence checklist to download.
There are 180 points on the list.
However, this is usually something used for mergers and acquisition processes. Of course, not all the points can or should be covered in a supplier due diligence process, but hopefully it servers as a very good starting point for making an assessment of what you need. Below are the main categories in the list:
General Company Data
Legal & General Company Data
Intellectual Property Rights & Product Information
Employees And Human Resource
Customer And Marketing Information
Internal Controls & Information Systems
Sales Operational Information
Support Services & Product Pricing
Ensure supply chain compliance with Prokuria
Prokuria helps organizations gain better control over their supplier relationship management. Using our cloud-based solution will save you hours of manual work collecting documentation and filling in the information in different spreadsheets and systems.
Carry out supplier due diligence with Prokuria