Due Diligence and Ongoing Monitoring

 View Only

  • 1.  Different criteria for start-ups?

    This message was posted by a user wishing to remain anonymous
    Posted 01-09-2023 01:30 PM
    This message was posted by a user wishing to remain anonymous

    We are currently evaluating a 4-year-old start-up.  The financial information is limited, and what has been provided raises some red flags.

    Do you have different criteria for evaluating financial information for start-ups vs. established companies?  If so, what is different?  How do you mitigate the risks (e.g. additional contract provisions)?


  • 2.  RE: Different criteria for start-ups?

    Posted 01-10-2023 08:13 AM
    Evaluate the services they will be providing and ask yourself- how critical are these services? Will there be significant disruption to operations if this vendor goes belly up? Will they be accessing restricted or confidential information or do these services tie to potentially large financial losses if the vendor messes up?  In my organization if the financial review is considered a "fail",  but the business still wants to proceed with that vendor,  we work with the business to ensure all the possible risks to the organization are detailed, and describe any mitigating controls for those risks (or document the absence of them) and present in a memo to the executive operating committee for review and approval. Then we log it as a risk acceptance which then needs to be recertified annually. Also, make sure you have a well documented exit strategy with the vendor to detail what needs to occur for an abrupt or planned termination of services.          Good Luck!



    Original Message