This message was posted by a user wishing to remain anonymous
Given the way our auditing periods run, if the completion date is within the same calendar year, I adjust it to a year from that date. If it crosses over to the next calendar year, I would not, but I might extend it a little. E.g., an Oct/23 review completed in Jan/24, I'd move it to Nov or Dec/24. My reasoning is that I want to make sure the next review will produce the updated testing/audit reports. Wouldn't want to stick with Oct/24, and get the same exact documents I got in Jan/24. I hope it makes sense.
Either way, I keep track of all reach out and follow up attempts, so I can show that he untimely completion was due to lack of response, not lack of reaching out.
Also, when that happens a warning is noted in the file and Senior Management is made aware.
Original Message:
Sent: 02-15-2024 06:49 PM
From: Anonymous Member
Subject: Due Diligence Cadence
This message was posted by a user wishing to remain anonymous
Our due diligence review, originally scheduled for October 2023, was not completed until January 2024 due to a lack of response from the vendor relationship owner. Our system automatically adjusts the next review date to the date the due diligence is completed, rather than retaining the previous due date. Audit has identified this as an issue, recommending that we adhere to the cadence outlined in our policy. We typically conduct reviews annually for highly rated vendors, and the delay in this instance may give the impression of untimely review completion. From a risk perspective, I believe it is reasonable to adjust the review date to align with the most recent due diligence completion because we have obtained the most up to date information. I would appreciate hearing others' thoughts on this matter.
When do you commence your due diligence for upcoming reviews? Do you adjust the next review date if due diligence is not completed on time, or do you maintain the original due date? What actions can be taken if the relationship owner is unresponsive? Have you established deadlines for due diligence completion, and are these outlined in your policy or procedures?