Due Diligence: What you need to know
Do you need a summary of due diligence (DD)?We answer the most important questions.
*What is due diligence?
*Due diligence law
*Who needs a due diligence check?
*Why do companies and organizations need a due diligence check?
*What is checked?
*Who helps companies with the check?
*Forms of due diligence check
*The due diligence process
*Due diligence report
*What you should note
We also recommend our due diligence checklist
What is Due Diligence?
A definition of due diligence: the concept of due diligence enshrined in German law refers to the exercise of reasonable care in the course of business.A due diligence check involves careful investigation of the economic, legal, fiscal and financial circumstances of a business or individual.This covers aspects such as sales figures, shareholder structure and possible links with forms of economic crime such as corruption and tax evasion.A check of this sort is necessary as soon as a company initiates relationships with business partners or plans to buy up another company.
The German Institute for Compliance (DICO) defines a business partner as “any party which has business contact with a company and is not an employee or manager of the company”.Regardless of the extent or type of the business relationship, this includes customers, suppliers, subcontractors, sales representatives, advisors and partners in joint ventures as well as small service providers and intermediaries.
The due diligence check enables companies to protect themselves by checking the assumptions and conditions of a mutual relationship or an offer and identifying relevant risks.What form of due diligence is appropriate depends on the specific situation and the level of risk.
Forms of business partner screening
Download due diligence checklist
Enhanced Due Diligence
Enhanced due diligence involves collecting detailed information about individuals and companies.To ensure that this background research is thorough, companies need access to a number of different databases:
- Company databases
Identification of possible links between companies and other involved persons
- Watch lists
Identification of individuals and companies, such as terrorism suspects, that are subject to state monitoring
- Sanctions lists
Identification of individuals and companies subject to economic or legal sanctions (embargos)
- PEP (politically exposed persons)lists
Identification of politically exposed persons who are close to a member of government or a member of a government agency and hence particularly vulnerable to corruption or bribery
- Press reports
Cross-checks with news reports to ensure that business partners are not linked to forms of economic crime such as corruption, money laundering, fraud or bribery
On the basis of the results of the checks on new and existing business partners using these and other databases, companies may need to adjust the risk approach or terminate the initiation of a business relationship.
Due Diligence Law
All over the world there is an increase in the number of countries that are passing laws to prevent bribery, corruption and money laundering. Many of these national laws also have impacts on international trade relations.
Companies must therefore do more than just comply with their own country’s own laws such as Germany’s Money Laundering Act (GWG) of 2008, which sets out the legal background for performing due diligence and transfers the obligations in Section 3 of the actfrom the banks to their customers or business partners.
For internationally active companies there are two acts on the prevention of economic crime that are particularly important:
- The UK Bribery Act
- The US Foreign Corrupt Practices Act (FCPA)
Although both acts are national regulations of their respective countries, they affect German companies if they have links with these countries directly or via subsidiaries or subcontractors or their staff. The law enforcement agencies can initiate investigations of German companies, because the acts apply regardless of where the bribery takes place.
These acts have been recently been supplemented by laws designed to tackle modern slavery. For example, the UK Modern Slavery Act requires major non-British companies to report annually on the steps taken to prevent modern slavery.
The Panama Papers Scandal of 2016 led to international calls for greater transparency with regard to beneficial owners.
Why do companies and organizations need a due diligence check?
- Taking legally required steps to prevent corruption and money laundering, to assess risk and to screen business partners and subcontractors involved in international cooperation:
- Preventing financial consequences:
- Preventing reputational risks:
- For economic reasons when buying or merging with companies and organizations:
Legislation such as the UK Bribery Act and the US Foreign Corrupt Practices Act (FCPA) on the prevention of corruption and money laundering is binding on German companies if they are directly or indirectly represented in these countries.They must therefore protect themselves against being linked to bribery or other forms of corruption and money laundering via a business partner or a subcontractor within the supply chain.
Companies and organizations that are not internationally active are also subject to legislation such as the GWG.
Working with business partners who lack the necessary integrity can lead to heavy financial penalties and even prison sentences.
Companies that are linked to economic crime risk severe damage to their reputation.Even if the company itself meets ethical and legal standards, inappropriate behaviour by business partners can still damage its reputation.In recent years there have been a number of examples of well-known companies whose suppliers have been found to be involved in practices such as dubious or illegal working conditions in China.
Companies use a due diligence check to verify the quality of a takeover candidate or an acquisition prospect.The check is performed on the basis of a systematic analysis that includes an assessment of strengths and weaknesses and serves to safeguard the purchase and assess the risks.
What is checked?
The check covers existing and potential business partners and their subcontractors and the individuals with responsibility to act.The investigation includes:
What is being checked?
Both existing and potential business partners and their subcontractors as well as the responsible persons are assessed and reviewed. Among other things:
- Head Office
- Red flags
- Negative reporting in the international press
- Sanctions lists with regard to persons or companies involved
- PEP lists (Politically Exposed Person) with regard to persons involved
- Results and balance sheets
- Assets and liabilities, budgets
- Work processes
- Qualification of employees
- Company image
- Quality control
- Board members, shareholders, beneficiaries
Who helps companies with the check?
Because of the complexity of the requirements it is advisable to call on trained staff (in-house employees) or external advisors (tax consultants, auditors, lawyers, technical experts, management consultants) to perform a due diligence check. There are also due diligence checklists that provide a good (initial) overview of the subject. However, they do not always cover the specific circumstances.
As a general rule, the greater the potential risk, the greater the resources that should be invested in a check.
A manual due diligence process can quickly become problematic if a company has insufficient employee resources or cannot access relevant and up-to-date information. Companies should therefore make use of appropriate technology to automate checks, support due diligence investigations and ensure continuous risk monitoring.
Forms of Due Diligence Check
There are various forms of due diligence check covering various areas. The most common are:
- economic, technical and organizational due diligence checks
- checks of managers and staff
- legal and tax checks
- operational due diligence (ODD) to assess the risks and appreciation potential of the target object
- market due diligence to explore the current and future market position of the targeted company
The Due Diligence Process
The due diligence process typically starts with identification.The most important information is collected directly from the future partner or via a third party.Simple questionnaires can be used for this purpose.
- In the case of incorporated companies, the information collected includes details of the company, shareholders, beneficiaries, group structure, and members of the board and their political links.Official documents and contracts may also be requested at this stage.
- In relation to individuals, the information required may include proof of identify and sources of financing, political links and other details depending on the nature of the planned transaction.
2. Sanctions list check:
The second step involves cross-checks with global sanctions lists.Lists relating to prosecutions, disqualification and individuals named by government agencies are also consulted.Frequently, too, companies have lists of other companies with whom they do not wish to do business. Politically exposed persons (PEPs) are identified, checked against PEP lists and if necessary subjected to a risk assessment.
3. Risk assessment:
On the basis of the results of the investigations, the risk assessment is now performed and a risk-based approach is drawn up.Further information is available in the white paper “Due Diligence - from Business Burden to Business Benefit”.
Due Diligence Report
The due diligence report provides a detailed summary of the checks and also records the process involved.The scope of the report varies from case to case.Sample reports are available as templates.The report serves as evidence of compliance with due diligence requirements.