Due Diligence and Ongoing Monitoring

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

Generally speaking, whenever you're required per your due diligence standards, you should attempt to gather financials, whether they are a public company or a privately held company.  Obviously, with a public company, it's much easier - they're available! With a privately held company, it's a bit more difficult, some may be unwilling to release them (but, notably, we have seen some softening of this stance as many companies realize that it's sort of necessary if they want to do business in the financial services sector nowadays there are certain pieces of due diligence and analysis financial institutions are going to expect (and are often required) to see)... that's where you may need to seek alternate solutions - a conversation between your financial analyst and their CFO, a webinar between your financial team and theirs, a Dun & Bradstreet report, an accountant's statement, etc... all are potentially viable alternatives, but consider the endgame - what are you trying to accomplish and will you gain relative comfort around their financial health? This certainly isn't to suggest that for all of your low risk vendors you need to insist on financials but certainly for your Critical or high risk ones, you really should be reviewing their financial condition on a regular basis and ensuring that the guidelines for doing so are baked into your third party risk management program. I'd also be interested in hearing from others about your perspectives on this... always eager to share best practices and helpful solutions.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

We normally place a phone call with the vendors point of contact and the accounting department and we ask some questions that will give us a comfort level. We have in the past requested a letter from their CPA  regarding the financial health of the company.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

In instances where the vendor will not release financial statements but will discuss their financial status, what questions are asked?
Original Message:
Sent: 09-11-2019 11:07 AM
From: Sandra Taylor
Subject: Private Companies - Conducting a Financial Review

We normally place a phone call with the vendors point of contact and the accounting department and we ask some questions that will give us a comfort level. We have in the past requested a letter from their CPA  regarding the financial health of the company.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

In those cases, I'd ask general questions around their financial health. I'd go through and try to gain comfort around their consistency of financial performance, certainly ask about any difficulties they are encountering.  If possible, have a financial analyst from your organization speak with their counterpart at their organization and just run through the highlights of their financial performance, much like you would hear on a public company's earnings call. As always, I'd love to hear what other companies are doing as well. We're always open to sharing best practices and common challenges. Thanks for a great question.
Original Message:
Sent: 09-18-2019 09:40 AM
From: Kyle Garner
Subject: Private Companies - Conducting a Financial Review

In instances where the vendor will not release financial statements but will discuss their financial status, what questions are asked?
Original Message:
Sent: 09-11-2019 11:07 AM
From: Sandra Taylor
Subject: Private Companies - Conducting a Financial Review

We normally place a phone call with the vendors point of contact and the accounting department and we ask some questions that will give us a comfort level. We have in the past requested a letter from their CPA  regarding the financial health of the company.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

For my organization, if the service provided is Critical we require financial data.  Sometimes its easy and the vendor sends over a SOC report or has a prepared package, etc for our use.  Other times the vendor gives me a straight out NO - in that case, I take their reply back to my Business Owner and let them make a decision (YES we will continue to use the vendor as they are a major player with sound reputation in the industry or NO, we can engage a more cooperative service provider).  Additionally, these "exceptions" are reported to our Risk Committee.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

We use a third party service to solicit private company financials.  We've been successful on most and once it is started the third party does ongoing follow up analysis​.  For those that will not comply, we automatically rank them at high risk and this information is reported up to the Risk Committee.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?

Mary Beth, would you share the name and contact information of that 3rd party service?   Feel free to email me directly.

Bill
Original Message:
Sent: 09-16-2019 11:08 AM
From: Mary Beth Rzegocki
Subject: Private Companies - Conducting a Financial Review

We use a third party service to solicit private company financials.  We've been successful on most and once it is started the third party does ongoing follow up analysis​.  For those that will not comply, we automatically rank them at high risk and this information is reported up to the Risk Committee.
Original Message:
Sent: 09-11-2019 10:17 AM
From: Cory Sawka
Subject: Private Companies - Conducting a Financial Review

When is appropriate to push a private company vendor for financial docs? 

Maybe we push them a bit for financial detail when we're onboarding but a much higher % of the contract life-cycle takes place while they're already approved and providing the service.  The ongoing monitoring financial check up usually proves that most private companies will choose not to send the details unless it's a dire need and we get senior levels involved on each side.

We usually pull business credit reports and ask them to attest that they are not in threat of bankruptcy which is usually good enough to appease us and our business heads but we don't usually push vendors too hard to provide financial details such as income statements, profit & loss, audited financials, etc.  When is it right to do so?