Financial Data
Updated 26 Feb 2020


The critical importance of conducting effective due diligence

Too often the words ‘due diligence’ are automatically linked to a tedious and irrelevant exercise that is only seen as a hindrance for a business. But, this misconception takes away from the opportunity that a corporate due diligence process actually presents and the risks it can mitigate in the future. 


Arinda Truter, 07 February 2017  Share  0 comments  Print


Related stories


All the answers to your unique business lifestage questions

Due to the global nature of business today, companies need to adhere to a growing number of strict regulations internationally and locally. There is a much greater need to mitigate risk exposure when contracting with partners and third parties in order for a company to comply with these evolving high standards. 

It is common cause that should your company consider a merger or acquisition or even just dealing with a third-party company, you’ll want to be sure you have a clear understanding of the true value and risks of that business.

‘Due diligence’ refers to the process of reviewing all of the available information related to a business and the goal thereof is to ensure that all legal and financial issues pertaining to the business are in order and that there are no unpleasant surprises awaiting you in the future.

Where to begin?

Firstly, your due-diligence process needs to align with the strategic, financial, regulatory and reputational risks your company may face, especially if your dealings are with a third-party company in a country that attracts high levels of regulatory scrutiny. 

Related: Navigate a growing company in a crowded market with these 5 tips

For a corporate entity, organisations need to gather basic key information right from the start, including incorporation documents, details on key shareholders, board members, details on the group structure and official references. For an individual, organisations need to focus on gathering proof of identity and the person’s source of wealth and funds. 

A relatively lengthy amount of time would be required during the process to ensure that all uncertainties are explored. It is advisable to set up a proper timeframe nevertheless and to keep a checklist to ensure that you are able to thoroughly evaluate each specific area and identify liabilities, threats and any hidden costs. It would also mean no step is overlooked accidently. 

Once the basic information on the company you’re interested in has been obtained, prospective third parties should be subjected to a thorough screening process. This means checking names of companies, individuals and NGOs against global sanctions lists and lists of debarred or disqualified companies and individuals as well as credit bureau listings and other local regulatory lists.  

What to do with the data? 

The next step in the process will be to perform a risk assessment. The company should consider the other party’s country of origin risks, specific sector risks, entity risks that are relevant, and financial risks. It is important to note that the reputations, practices and transactions of the shareholders and board members of the company investigated might have an effect on the value of the business, the public perception and the market reaction of the company. Therefore, these individuals should also be evaluated to determine their track records, associations and conflicts of interest such as personal business interests and external sources.

Your due-diligence process should also include proper verification of all the information that has been collected and checking the details against public records, a credit check, specialised databases and filed reports and accounts as well as known associates, subsidiaries and other related entities to the company.  

Due diligence in the digital age 

Cyber-security due diligence is also becoming a critical factor of the decision-making for corporations. Information technology weaknesses represent a significant risk to the operations of a company. It should be standard practice for due diligence teams to do cyber-security checks with the traditional business, legal and technical due diligence exercise. 

An easy tool for due diligence is to use online research tools and to conduct negative news checks as this will establish potential reputational risks from media archives. Checks against legal databases will further detect any litigation history of the prospective partner or third party. 

Related: How to be safe in cyberspace

It is important for your business to maintain a comprehensive record of relevant documents, assessments and decisions to ensure you can demonstrate and prove that your ultimate decision was made in complete good faith. 

It is advisable that external experts be used during this process to ensure that effective due diligence is done and that your company is protected from future risks and uncertainty. At SchoemanLaw Inc, we offer our clients a speedy and cost effective holistic legal assessment to determine exactly where their risks lie and which issues are most pressing, alternatively get the assurance that everything is in order.

We assess the business holistically; from founding, overall legal compliance, business contracts, BBBEE to data protection, corporate governance and human resources policies – these are things you must also undertake when merging, acquiring and growing your operations in the new year and beyond.

Rate It12345rating

About the author


Arinda Truter

Arinda graduated with an LLB degree from the University of Stellenbosch in 2013 and completed her articles of clerkship at Malan Lourens Viljoen Inc in Strand. She was admitted as an Attorney of the High Court RSA in February 2016 and a Notary Public in December 2016. Arinda joined SchoemanLaw Inc. as a professional assistant in January 2016 and was promoted to Junior Associate in April 2016 and has experience in various aspects of law as well as litigious experience.

Introducing the theft & fidelity protection for your business

Theft and fidelity cover are often confused with each other. Bryan Verpoort discusses the difference between the two and why your business should be putting measures in place for both of these risks.

Login to comment