Due Diligence and Ongoing Monitoring

 View Only

  • 1.  Dun and Bradstreet report. Do you use it?

    Posted 04-23-2024 10:55 AM

    Hello,

    I recently became aware of the Dun and Bradstreet report. I wanted to see if others are leveraging this report in their TPRM due diligence. If so, do you purchase the report or are you requesting it from the vendor? Do you find much value and insight from the report? Do you want the report with every vendor or only critical ones? Anything else I should know? Thanks for the insight and discussion. 



  • 2.  RE: Dun and Bradstreet report. Do you use it?

    Posted 04-23-2024 07:51 PM

    Suggest that D&B reports have questionable value for TPVM.   The information has substantial timing issues, particularly since it relies on creditor provided information.  Public record resources for litigation, UCC filings and, where applicable, operating principal backgrounds and current public record reviews are much more effective.  



    ------------------------------
    Tony Schweiger
    Managing Principal
    The Tomorrow Group, LLC
    ------------------------------



  • 3.  RE: Dun and Bradstreet report. Do you use it?

    Posted 04-30-2024 05:37 PM

    Thanks for that insight. Much appreciated 


    Original Message


  • 4.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-01-2024 04:45 PM

    Hi Tony,

    We are currently building out our TPRM processes, and I was wondering if you could provide any resources you recommend for obtaining this information?



    ------------------------------
    Vanessa Rios
    Compliance Support Specialist
    State Employees Credit Union
    ------------------------------

    Original Message


  • 5.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-02-2024 07:29 AM

    Vanessa

     

    It's our experience that TPRM processes should be designed around the risk profile of each vendor.  We first evaluate the potential risks associated with a vendor's operations as well as the potential impact on the company's operations.  Then, depending on the results of that assessment we make certain the vendor management processes appropriately control and monitor the vendor's performance and the continuing risk profile.    While there are some common elements across all risk profiles,  TPVM doesn't work well with a "one size fits all" approach.  

     

    Most organizations typically use ratings such as high, moderate, or low to assess inherent risk, i.e., the risk of the product or service itself and cannot be separated from the vendor.  Criticality is not a risk rating, but it is a specific categorization of vendors.  All vendors fall into either the critical or non-critical category.  A vendor is deemed critical if its failure to deliver the product or service could materially impact the organization and/or its customers.  Can the organization continue to support mission critical functions if the product or service is unavailable or not delivered pursuant to the organization's standards? 

     

    We like the approach of designing the core TPVM process around vendors with critical risk and then reducing the qualification and ongoing management processes as the risk profile warrants.  If you need support to create a risk management framework geared to your individual needs, please don't hesitate to reach out.

                                   

     

    Tony

     

    Anthony W. Schweiger, MCMB

    Managing Principal/CEO




    Original Message


  • 6.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-02-2024 09:29 AM

    HI Anthony,

    Thank you for your response. I was hoping to get websites, vendors, or any other vetted resources for the following part of Tony's comment: "Public record resources for litigation, UCC filings and, where applicable, operating principal backgrounds and current public record reviews are much more effective." We do have a process to conduct a similar check, but we are looking at being more extensive with our research for certain vendors.



    ------------------------------
    Vanessa Rios
    Compliance Support Specialist
    State Employees Credit Union
    ------------------------------

    Original Message


  • 7.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-02-2024 11:13 AM

    I would love it if anyone has resources for background checks. We are vetting a new janitorial vendor and want to see about their company principals and whether they do background checks on their employees.

     

    Thanks

     

    Cheryl Turner

     




    Original Message


  • 8.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-02-2024 11:26 AM

    For a time we had a similar need of our contingent labor agencies where we utilized GoodHire (Background Check For Employment | GoodHire). As I recall, there are different package options to choose from which made it easy to determine which level of verification was appropriate based on our corporate policies and desired risk assurances. Our process was that if the 3rd party had no pre-work authorization procedures and we determined it was required, we deferred them to be cleared via GoodHire.

    GoodHire remove preview
    Background Check For Employment | GoodHire
    A background check helps you build a team you can trust. Join 100,000 employers & get your check from GoodHire today.
    View this on GoodHire >


    Original Message


  • 9.  RE: Dun and Bradstreet report. Do you use it?

    Posted 05-02-2024 11:38 AM

    I like the DNBI reports.  For me its a nice aggregator of information and helps identify concerns or issues that can be evaluated and researched in more detail. As Tom points out there are limitations and I would use it as a component of your TPRM process to supplement all of the other evidence you are gathering.  The other feature I like is easily being able to pull information on parent entities and review the corporate entity tree. For publicly traded companies, it provides the key financial indicators and ratios.  Finally, you can easily see bankruptcy and other filings- again as a trigger to go directly to those sources for more information

    We pull DNBi based on the criticality of the vendor or as a double check if we have concerns or want to dig deeper on an entity on a case by case basis.



    ------------------------------
    Shelly Chase
    VP Operational Risk
    ------------------------------