Due Diligence and Ongoing Monitoring

 View Only
  • 1.  Start-up Financial Statements

    This message was posted by a user wishing to remain anonymous
    Posted 11-30-2023 12:58 PM
    This message was posted by a user wishing to remain anonymous

    Our organization invested in a Fund that provides capital to start-ups that develop technology specifically for our industry.

    We are starting to use some of these start-ups as vendors. 

    When performing initial due diligence, we've been getting pushback on financial statements - since they are start-ups, they hesitate to provide financial statements - "we're a start-up - our financials look bad."  Our Business Owners say "the Fund we invested in invested in them so they're good."

    For the first few, we focused on news, other investors, and the reputation of the start-up's principals to get a better feel for the company in general. Senior Management formally accepted the risk.  Now that these start-ups are coming through more frequently, we want to re-visit our approach on the lack of financial information.  

    Any tips or suggestions?

  • 2.  RE: Start-up Financial Statements

    Posted 11-30-2023 01:42 PM

    Have you requested a pro forma financial statement to compare alongside the current financial statements? This can be a good comparison of current state and what they believe to be their project near term future state they are working towards. You can then draw some conclusion on how feasible it would be to achieve the future state and how close/far they have to go.


    Stephen Meyer | Third Party Risk Analyst


  • 3.  RE: Start-up Financial Statements

    Posted 11-30-2023 02:11 PM

    It's still prudent to request and review financials. Assure the vendor, you are aware they are a start up, however financial viability is just one overall component of the overall due diligence process.  Enhance your program to include the residual risk of the financials in your overall analysis. And augment the risk with mitigating controls that brings the overall residual risk within your organizations risk appetite. For example, you can mitigate some of the risk in contract terms and business processes to ensure you can meet the financial and resiliency risk appetite for your organization. Think through what could go wrong if they become insolvent.  Do you have accurate language for use of code/software etc. Have you set up payment terms to begin upon "go live" instead of contract execution? Think about mitigating controls: a documented exit and contingency plan to address the risk of insolvency for the vendor as one example. 

    Hope this helps. 

    Veralyn Hensley