When a firm wants to purchase, collaborate with, or engage into a commercial partnership with another company, it performs vendor due diligence (VDD). Vendor due diligence, like customer due diligence (CDD), is an important part of AML/CFT since it reassures potential purchasers that their prospects are financially sound and pose a low risk of money laundering.

Firms must understand what sort of information is necessary to show financial health and how that information should be obtained in order to correctly complete the vendor due diligence process.

What is Vendor Due Diligence (VDD) ?

Prior to a transaction or collaboration, a target company does vendor due diligence. Customer due diligence helps financial institutions determine whether their customers are telling the truth about their identities and the level of money laundering risk they pose, and vendor due diligence does the same for companies, verifying the nature of their business and their risk of being involved in financial crime.

VDD entails the following stages at:

• The vendor (target business) hires an independent party to perform an audit as part of the due diligence process. The audit should be conducted by a third party who is independent, objective, and qualified.
• Prior to the start of the sale or partnership agreement, the third party conducts an audit on the vendor.
• On behalf of the target firm, the third party prepares a draught vendor due diligence report, which is given to all potential purchasers or partners.

The buyer receives a final version of the vendor due diligence report once the sale or partnership agreement is completed.

What Does Vendor Due Diligence Involve?

VDD comprises a variety of critical business concerns, including AML/CFT-specific ones, and sets duties on both the third-party auditor and the target organisation. The vendor due diligence process necessitates the following processes and information:

• Information on the target firm, including its location, taxpayer number, operating capacity, incorporation documents, and legal status.
• Beneficial ownership of the corporation in question.
• Financial data from the target firm in the past.
• The cash flow of the target firm, including asset expenditures.
• An assessment of the company’s risk and potential growth.
• Debt, contingencies, and other obligations of the target firm.
• The operational compliance performance of the target firm.

Read More: Third-party money laundering

Vendor due diligence best practices

When evaluating a vendor, keep these eight best practises in mind:

1.Gather information about the company

Begin by gathering basic company information to verify the company’s authenticity and ensuring that all compliance requirements and standards are satisfied.

2. Examine financial records

Before interacting with a vendor, it’s vital to check the organisation’s financial information to ensure it’s financially stable and up to date on any mandatory licencing fees or taxes.

3. Keep an eye out for operational dangers.

If a vendor in your supply chain suffers a data breach, your company will be held liable for any sensitive customer data that may have been exposed as a consequence.

4. Evaluate the legal risk

Some companies will have visibility of sensitive information about your business, clients, and workers. As a consequence, determining a company’s legal liability is a crucial aspect of due diligence.

5.Assess the potential for cyber-attacks

Third-party data breaches can cost more than $370,000, according to Ponemon’s 2019 Cost of a Data Breach Report. It’s critical to manage cybersecurity risk across partners, suppliers, and vendors so that risks may be discovered and addressed before a breach happens.

6. Risk profiles should be prioritised.

Certain third-party vendors will have more exposure to your company’s network than others, demanding more constant monitoring.

7. Maintain a constant eye on vendor risk

An efficient third-party risk management programme should keep an eye on emerging risks and verify that the vendor has a secure network.

What are the Goals of Due Diligence on Vendors?

VDD aids in the successful sale (or partnership) of businesses and their assets, but it may also assist suppliers in better understanding the risks that their businesses face. The following are the goals of vendor due diligence in further detail:

• Providing buyers and partners with assurances about the target company’s financial health and the type of its cash flow.
• The sales memorandum includes supporting facts, numbers, and other data.
• Assisting vendors in making suitable price selections for their company and assets.
• Keeping the sales process as smooth as possible.
• Identifying major risk problems as well as other obligations.
• Providing buyers and partners with assurances about the target company’s financial health and the type of its cash flow.
• Assisting all parties engaged in the sales process or partnership agreement to complete it quickly and efficiently.

Tookitaki provides due diligence solutions such as Onboarding Suite and Customer Risk Scoring that check third parties for potential AML/CFT risks. Please reach out to us to know more.