Five differences between compliance and due diligence
Due diligence background investigations and compliance background checks. It’s easy to get them confused. Both processes verify that people and companies are who they say they are, and they’re both used for risk reduction. They help you decide – Do you want to, can you, do business with these people or entities?
But due diligence and compliance are not the same. What makes them different starts at the beginning. It starts with your reasons for investigating and what you’re trying to accomplish.
That’s an important distinction, because your purpose and goals will drive your process and your research. They’ll help you decide how deep you need to go, what sources you should use, and what your findings will mean to you or your organization.
So, what makes them different? Here are five differences between compliance and due diligence:
Reactive vs. proactive – Compliance is usually something that’s required by a government or a regulatory agency. Due diligence isn’t usually mandated, although it may be part of an organization’s policies and procedures. In certain industries it’s considered best practice.
Tactical vs. strategic – With compliance, your goal is generally short-term; complete what’s required in the required time frame. In due diligence, you take look at what’s known and unknown, weigh it against your organization’s goals, consider what’s at risk and your level of comfort, and move towards a decision or action.
Limits vs. no limits – For compliance checks such as Know-Your-Customer, vendor approvals, or licensing requirements, you’re often limited by what you can check or how far back you can go. In due diligence investigations, these restrictions don’t apply.
Looking for problems vs. creating a profile – Compliance checks aim for uncovering what’s gone wrong in someone’s or some company’s past. The goal of a due diligence investigation is to look at the good and the bad – and then make decisions based on the full picture that you’ve put together.
Checklist-oriented vs. open-ended – Compliance looks for specific items and checks them off a list, while due diligence looks for what happened, why it might have happened, and what happened next. Again, you’re creating a full profile, not just making sure certain things didn’t occur.
Investigations for due diligence and for compliance have their purposes. They’re both necessary parts of doing business these days, but be clear of your reasons and your goals – your why – because it does make a difference.