In the conclusion of this blog post series on levels of due diligence, I am drawing from Candice Tal, Founder and CEO of Infortal Worldwide, in her seminal article entitled, Deep Level Due Diligence: What You Need to Know.
Level II. Level II due diligence encompasses supplementing Global Watch lists with a deeper screening of international media, typically major newspapers and periodicals from all countries plus detailed internet searches. Such inquiries will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company; the third-party’s key executives and associated parties. I believe that Level II should also include in-country database searches. Other types of information you should consider obtaining are country of domicile and international government records; use of in-country sources to provide assessments; a check for international derogatory electronic and physical media searches, which should be performed both English and foreign-languages, in its country of domicile. Further, if you are in a specific industry, use technical specialists and obtain information from sector specific sources.
Level III. This level is a deep dive. It will require an in-country ‘boots-on-the-ground’ investigation. I agree with Tal that a Level III due diligence investigation is designed to supply your company “with a comprehensive analysis of all available public records data supplemented with detailed field intelligence to identify known and more importantly unknown conditions. Seasoned investigators who know the local language and are familiar with local politics bring an extra layer of depth assessment to an in-country investigation.” Further, “Direction of the work and analyzing the resulting data is often critical to a successful outcome; and key to understanding the results both from a technical perspective and understanding what the results mean in plain English. Investigative reports should include actionable recommendations based on clearly defined assumptions or preferably well-developed factual data points.”
Level III should also include deep dark and historical Internet searches, also known as Open Source Intelligence Investigations (OSINT). Although AI can be used for some of this work, it should be noted that AI without investigative analysis will yield less adverse information. Investigative analysis looks at hidden and undisclosed information and searches for information that should have been found but was not. It is an integrated approach incorporating ‘boots on the ground’, intelligence gathering, and due diligence investigations. Relying on basic Google searches is a certain mistake as hidden and undisclosed information are unlikely to be discovered.
But more than simply an investigation of the company, including a site visit and coupled with onsite interviews, Tal says that some other things you investigate include “an in-depth background check of key executives or principal players. These are not routine employment-type background checks, which are simply designed to confirm existing information; but rather executive due diligence checks designed to investigate hidden, secret or undisclosed information about that individual.” Tal believes that such “Reputational information, involvement in other businesses, direct or indirect involvement in other lawsuits, history of litigious and other lifestyle behaviors which can adversely affect your business, and public perceptions of impropriety, should they be disclosed publicly.”
Further, you may need to engage a foreign law firm to investigate the third-party in its home country to determine their compliance with its home country’s laws, licensing requirements and regulations. Lastly, and perhaps most importantly, you should use a Level III to look the proposed third-party in the eye and get a firm idea of his or her cooperation and attitude towards compliance as one of the most important inquiries is not legal but based upon the response and cooperation of the third-party. More than simply trying to determine if the third-party objected to any portion of the due diligence process or did they object to the scope, coverage or purpose of the FCPA; you can use a Level III to determine if the third-party is willing to stand up with you under the FCPA and are you willing to partner with the third-party?
There are many different approaches to the specifics of due diligence. By laying out some of the approaches, you can craft the relevant portions into your program. The Level I, II and III trichotomy appears to have the greatest favor and one that you should be able to implement in a straightforward manner. But the key is that you must assess your company’s risk and then manage that risk. If you need to perform additional due diligence to answer questions or clear red flags you should do so. And do not forget to “Document, Document, and Document” all your due diligence.