Due diligence is generally recognized in three levels, and each level is appropriate for a different level of corruption risk. The key is for you to develop a mechanism to determine the appropriate level of due diligence and then implement that going forward.
First-level due diligence typically consists of checking individual names and company names through several hundred Global Watch lists comprised of anti-money laundering (AML), anti-bribery, sanctions lists, coupled with other financial corruption and criminal databases. These global lists create a useful first-level screening tool to detect potential red flags for corrupt activities. It is also a very inexpensive first step in compliance from an investigative viewpoint.
Level II due diligence encompasses supplementing these Global Watch lists with a deeper screening of international media, typically the major newspapers and periodicals from all countries plus detailed internet searches. Such inquiries will often reveal other forms of corruption-related information and may expose undisclosed or hidden information about the company; the third party’s key executives and associated parties. I believe that Level II should also include an in-country database search regarding the third party.
This level is the deep dive. It will require an in-country ‘boots-on-the-ground’ investigation. A Level III due diligence investigation is designed to supply your company with a comprehensive review of all available public records data overlaid with a detailed onsite investigation to identify known and more importantly unknown conditions.
The Level I, II & III trichotomy appears to have the greatest favor with the government and one that you should be able to implement in a straightforward manner. The key is that you must assess your company’s risk and then manage that risk. If you need to perform additional due diligence to answer questions or clear red flags you should do so. And do not forget to Document Document Document all your due diligence.