Due diligence is a commonly used phrase that is applied to a range of different scenarios and circumstances, but in the security world it means doing the investigative and review work required for an organization to know who or what they are dealing with. It encompasses financial history, criminal history, and any problematic personal or professional experiences or affiliations that could pose a risk to the organization.
Due diligence is especially valuable for compliance, when entering into new business relationships (prior to a merger or acquisition, for example), when considering terminating an employee, or when suspicious or concerning circumstances suggest the need to look deeper into a situation. It might be something obvious like suspected theft or embezzlement, but it could also be prompted by a change in employee behavior or demeanor that raises a red flag. Fundamentally, it’s a way to protect your employees and your bottom line by making sure there is not any potentially concerning or problematic history that might pose a threat.
What should be included in due diligence investigations?
Due diligence involves various methods, including surveillance or physically retrieving and examining court records. It also extends to the digital realm, both safeguarding virtual assets and conducting online research to identify potential threats, risks, and connections. Open-source channels and social media platforms are especially valuable for gathering background information about individuals and organizations.
Security professionals who specialize in due diligence also monitor different sanctions and watch lists to be sure they know who they’re dealing with or when there is cause for concern. There are two primary categories of sanctions. The first is the Fraud Abuse Control Information System (FACIS), a healthcare sanctions system that monitors disciplinary action against individuals and businesses. Healthcare organizations obviously have a vested interest in knowing, for example, if a prospective hire has sanctions against his or her license.
The second category of sanctions includes global watch lists like the No-Fly List and the sanctions list maintained by the Office of Foreign Asset Controls (OFAC), which is part of the U.S. Department of the Treasury. This sanctions list includes “targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States.” It isn’t just foreign nationals who may appear on this list but also U.S. citizens who have engaged in activities or affiliated with politically problematic or violent groups. Appearances on lists like these are not always disqualifying, however it is always better to know what you are dealing with.
The role of a due diligence professional in the security space is not just to comb through thousands of sources and millions of records to determine if an individual or business is on one of these lists but also to do the detailed investigative work to determine the context of why they are on that list, getting a better understanding of the circumstances to ensure organizations have all the information they need to make an informed decision.
Is there a one-size-fits-all due diligence checklist?
Due diligence experts understand that, because every client looks at things a little differently and has their own unique concerns and priorities, it’s important to make customized investigative recommendations designed to deliver relevant information specific to the situation in question.
It’s also important to recognize that while many organizations conduct background checks, there is a significant difference between a standard background check for basic employee screening and the deep research and scrutiny provided by a due diligence review. Comparatively speaking, a standard background check only scratches the surface.
Due diligence minimizes variables and risks
One of the most prevalent trends in recent years is a growing focus on mitigating the risk of workplace violence. For decision makers, not performing their due diligence incurs a degree of risk and potentially exposes their organizations and teams to an elevated level of risk. Due diligence and sanctions reviews can go a long way toward informing an accurate risk assessment, transforming an organization from a passive participant to a proactive and engaged steward of their team and its best interests. At a time when stress and uncertainty are more prevalent than ever, minimizing variables and staying as informed as possible is one of the smartest investments that any organization can make.
SCOUT by Pinkerton is designed to meet the needs of even the most complex due diligence situations — everything from business transactions and verifications to proactive investigations where there is a suspicion of wrongdoing or threats of potential violence by individuals. Trust SCOUT to provide your organization with the insights and intelligence you need to navigate critical decision-making processes with confidence.
This blog was originally published May 23, 2022. It has been updated.