due diligence tunnel vision, due diligence investigations, vcheck global

The sheer size and significance of Foreign Corrupt Practices Act (FCPA) fines and enforcement actions over the past few years, with 2019 marking a peak year of FCPA enforcement, are good indicators that SEC and DOJ enforcement will continue their upward trend for the foreseeable future. Moreover, the role that third-party risk occupies in these actions reinforces the need for organizations reliant on third parties in high risk jurisdictions to obtain “finished intelligence products” as part of their due diligence rather than surface-level screenings and traditional public records research alone. By finished intelligence products, I am referring to due diligence investigations that combine both deep-dive open source research (OSINT) as well as human-intelligence inquiries (HUMINT), also known as source inquiries in the industry, which not only identify risks but convey the significance and long-term implications of those findings.

The Role of Source Inquiries in ‘Finished Intelligence Products’

Source inquiries represent a critical step in conducting integrity due diligence, particularly in jurisdictions that have historically posed a high FCPA risk and/or have sparse public records availability. Transparency International’s Corruption Perceptions Index visualizes what these high risk jurisdictions are, although some of the jurisdictions on its heat map do not accurately capture high levels of corruption in certain countries, so it should be referenced in conjunction with additional tools. While source inquiries may not always result in a smoking gun, a synergy of OSINT and HUMINT provides a fuller understanding of a target’s risk profile. Furthermore, neglecting source inquiries with regard to high risk relationships exposes decision makers to the worst risks of inadequate due diligence. Inflammatory information found in public sources should be corroborated, contextualized, or debunked before making a decision based on such information.

Map courtesy of Transparency International

Traditionally, conducting source inquiries has consisted of obtaining reputational commentary on a company and its principals. This commentary helps assess the subjects’ past performance and any risks associated with them, including corruption, litigation, sanctions, and political exposure. These lines of inquiry cannot be overlooked. However, companies or their due diligence providers often fall into the trap of “due diligence tunnel vision” by failing to obtain a broader analysis when initiating an investigation that contains both OSINT and HUMINT elements, which can enhance visibility into different forms of risk, contextualize the findings, and convey the findings’ long-term implications. These implications can range from business and ethical concerns (including FCPA-focused issues) to understanding how your partner manages their business in shifting regulatory environments and foreign markets. 

Sample Scenario: Understanding Risk Through a Finished Intelligence Product 

A majority investor in a Latin American mining company is considering a foreign state-owned partner in a development project. The foreign partner is a mining company that has operated throughout the region, having been involved in several high-profile projects. The majority investor needs to identify any high-level risks associated with this potential partner. In many instances, traditional due diligence investigations can uncover red flags reported in media, litigation databases, regulatory enforcement records, and high-level source inquiries; however, these findings alone may not be enough to provide a complete picture of an event and, in most instances, will not provide the necessary context to help you understand the political, cultural, and industry-specific risks at play. 

In order to avoid due diligence tunnel vision one must think outside the box and ask the further probing questions to uncover, corroborate, or alleviate potential risks:

  • As a state-owned company, what has been the appetite of the potential partner and its government to allow local companies and their management to operate unencumbered?
  • Have other state-owned entities from this nation operating in the region shown an increasing commitment to corporate governance and compliance, and is it genuine throughout the tenure of the project/partnership?
  • Several years ago, the potential partner was fined significant amounts for environmental violations resulting from weak corporate governance. Since then, the company has enacted what appear to be serious reforms to prevent future incidents. Are the company and government committed to genuine environmental controls and strong corporate governance, or are these superficial measures?
  • The partner is one of many foreign companies that prefers to send their management abroad to oversee its business operations, which are in turn staffed by locals. This policy often leads to cultural tensions and clashes between the foreign management and the local populace. How has the partner managed this trend within its own operations? Are the circumstances of the project ripe for a potential conflict between foreign management and the local population?

These considerations and how they play into a target’s risk profile can be answered through a ‘finished intelligence product’ that deploys comprehensive OSINT and source inquiries that provide contextual risk analysis and are not so focused on the rear-view mirror that they miss what may lay ahead. Merely inquiring about the subject’s past performance and industry reputation cannot provide adequate information to make an informed decision. 

Thinking outside the box of traditional lines of inquiry will result in broader insight into both immediate and long-term risks. Outside the box thinking in the context of due diligence includes understanding the nexus of OSINT research and human intelligence inquiries. By asking specific questions that are informed by public records information, raised by initial source inquires, and tailored to the industry and/or jurisdiction in question, a ‘finished intelligence product’ will not only identify relevant risks, but will deliver the proper color and context to alleviate or validate concerns that on the surface appear to be showstoppers but may be more complicated or benign than initially thought.  

Alex Sorin is a Director at Vcheck Global and leads the company’s human intelligence driven due diligence Level II product.

Photo Source

Leave a Reply

Your email address will not be published. Required fields are marked *