It’s now common knowledge among corporate compliance officers that performing due diligence on third parties is a must for large organizations. Still, too many organizations continue to use a standardized, one-size-fits-all method to assessing their universe of third parties — screening all third parties against a set of databases, for example, and dropping the ones that exceed some predetermined level of negative results.

That approach inevitably causes errors in one’s perception of risk. Hence we see regulators around the world push companies to use a risk-based approach to due diligence. Their guidance confirms the plain fact that different market segments and different parts of the world carry different risks. Compliance programs need to acknowledge that fact too, and respond accordingly. That means certain business activities, parts of the world, or even specific third parties will require investigative due diligence: probing, thorough procedures that verify all the information about a company’s highest risk third parties.

Download our whitepaper to learn more.