Integrity Due Diligence – Towards an integrated approach to Compliance (II)

Corporations and institutions can attain a strategic and competitive advantage by pursuing an integrated approach to integrity due diligence.  By assessing the trustworthiness and reliability of customers, business partners and any third parties, organisations ensure the fulfilment of compliance requirements, whilst concurrently facilitating a concerted effort to combat money laundering, fraud and corruption (‘MLFC’) – (see figure below).

The strategic dimension

Furthermore, and as outlined in this article, the integrity due diligence tool kit can be tailored and flexibly implemented according to specific requirements, such as legal provisions, individual risk appetites and risk thresholds, of both public and private organisations.  Beyond this, the integrity due diligence toolbox not only fulfils certain risk management prerequisites, but also assists corporations and institutions in safeguarding their reputation, and in ensuring the success of their business ventures (see the ‘strategic dimension’ in the figure below).

Through the identification of integrity risks, management can put in place measures which can assist in mitigating the existing or potentially emerging risks. Moreover, corporations which take an integrated approach to integrity due diligence will also be more aware of interconnected risks, which might otherwise go undetected.  An integrated approach also enables companies to glean a competitive advantage through greater transparency.

In the following, the article will touch upon both the strategic and legal dimensions of the integrated approach to integrity due diligence, and provide insight into the integrity due diligence toolbox and the methodology necessary to use it.

Following the introduction and refinement of due diligence requirements, as mentioned in the first part of this article, the due diligence process, has become increasingly important within overall compliance programmes.

  • Anti-money laundering legislation requires Customer Due Diligence/KYC (‘Know Your Customer’) to be undertaken.
  • The US Sarbanes Oxley Act requires that companies undertake third-party due diligence on their business partners and associates.
  • Anti-corruption conventions and legislation requires companies to conduct appropriate business partner due diligence in this regard.

The integrity due diligence toolbox

The integrity due diligence toolkit includes a wide range of best practice research tools and sources, which can be adapted to any one situation, but which can also be standardised within a given process, if necessary.  Integrity due diligence includes research of critical ‘red flags’ attached to an individual or a company in relation to their reputation, whereby the aim is to detect any ‘deal breakers’ including all MLFC risks. The identification of such critical integrity risks can protect a company from becoming embroiled in criminal investigations and also from investing in businesses whose capital has been derived from the proceeds of crime.  Other issues include hidden interests, conflicts of interest or business relationships and affiliations with untoward businessmen and business circles.  Further instruments within the extended toolkit include political risk analysis and corruption risk assessment tools.

Identifying ‘red flags’

The typical ‘red flags’ which need to be addressed from the perspective of anti-money laundering legislation not only concerns money laundering itself, but also includes a long list of predicate crimes.  What defines a predicate crime to money laundering differs from country to country but often encompasses a wide range of other economic crimes such as corruption, fraud and tax evasion. Some of the key issues to be addressed within the context of a KYC assessment are issues relating to the beneficial owner of an entity for example, or to politically exposed persons (PEP).  Within the context of fraud-prevention, the financial stability and credit track record of an individual or an entity, the reputation and standing of a business, as well as an institution’s exposure to both active and passive corrupt practices, are of potential concern.  Within the context of anti-corruption legislation, the risk of corruption and bribery are central to all assessments, research and analysis thereof.  Given the far-reaching scope of the UK Bribery Act, the ‘red flags’ relating to corruption are no longer limited to public officials, but to all business associates.

By identifying any hidden risks lingering in the immediate or surrounding environment of the respective business, which could negatively impact the overall evaluation and jeopardise the investment endeavour, corporations can effectively manage the risks and mitigate their negative impact.

The role of political risk

In cases where the subject of an integrity due diligence assessment is located in a high risk country which is, for example, ranked as being highly corrupt or undemocratic or politically unpredictable, the integrity due diligence process should be combined with a Political Due Diligence  process.  In particular, in order to comprehensively ascertain the strategic risks within such a high-risk political environment, a political risk assessment must be integrated into the integrity due diligence process.

The wider context of risk assessment

The actual extent and level of required integrity due diligence should be derived from a systematic risk assessment process, in order to define an institution’s risk exposure according to the risk-based approach.  A forthcoming article on Global Risk Affairs will address the topic of strategic risk assessment in more detail.  Some of the key aspects which should be included in any risk assessment in relation to an investment decision or potential business partnership include country risk and MLFC risk evaluation.


The integrity due diligence process comprises a structured methodological approach which can also be broken down into various phases depending on the extent and depth of research and analysis required.

The research process typically includes two steps. This first phase of the research process is termed as public record research, which involves comprehensive research into the subject and its associates, using a wide range of secondary sources.  These sources include extensive press archives including both international and local media sources, as well as corporate registry entries, relevant regulatory filings, legal information, other publicly accessible online databases and internet information sites.  In a second stage, primary sources might be consulted. This step in the research process involves discreet interviews with experts with the aim of qualifying the information retrieved from public sources whilst also ascertaining the reputation of the target individuals and/or companies.

Following the research phase, a third analytical step is undertaken to complete the process.  In this final stage and based on the information retrieved, a risk profile can be established. The authenticity of a business partner’s résumé will be evaluated and his or her public profile and reputation portrayed based on media coverage. His commercial interests and comments on his business and political network, as well as potentially controversial relationships with government bodies will also be researched. Other issues which can be addressed, include any litigation or credit issues which may emerge in relation to the subject, based on the research of publicly available information.

The information retrieved is filtered and analysed by investigative research experts who are knowledgeable about sectors and regions and can put the information into the relevant context and who can differentiate between solid and reliable sources and incorrect and manipulated information as well as unfounded rumours.  The research and analysis of the information is the most fundamental part of the process in order to ensure the development an objective and reliable report on which a well-informed decision can be made.  Various graphical tools and risk analysis solutions, such as the Reputational Risk Meter, can be used and tailored to the requirements of individual projects.

The added value of an integrated approach

If established as a central pillar within the overall risk management and compliance structure of an organisation, the integrity due diligence approach can play a crucial strategic role in combating economic crimes such as MLFC.  Above that, integrity due diligence is an essential risk prevention and risk mitigation tool which will add value to any strategic decision making process.

Jennifer Hanley-Giersch is Managing Director at Business Risk Research Ltd.