Today, I am joined by Candice Tal, founder of Infortal, to explain the 3 levels of due diligence. Due diligence is generally recognized in Level I, Level II, and Level III. Each level is appropriate for a different level of corruption risk. The key is to develop a mechanism to determine the appropriate level of due diligence and then implement that going forward.
The question becomes how you use the information you obtained in the business justification and the questionnaire to determine an appropriate level of due diligence for the next step in the five-step process of third-party management. A three-step approach of varying levels of due diligence is the appropriate analysis to take going forward.
There are many different approaches to the specifics of due diligence. By laying out some of the approaches, you can craft the relevant portions of your program. The Level I, II, and III trichotomy appear to have the greatest favor and one that you should be able to implement straightforwardly. But the key is to assess your company’s risk and then manage that risk. If you need to perform additional due diligence to answer questions or clear red flags, you should do so. And do not forget to “Document, Document, and Document” all your due diligence.
Three key takeaways:
- Level I due diligence should only be used where there is a low risk of corruption.
- A Level II due diligence is sufficient in a high-risk jurisdiction if there are no red flags to be cleared.
- Level III due diligence is deep dive, boots-on-the-ground investigation.