Month: January 2020

What is Due Diligence in Risk Management

A successful due diligence process helps cover you and your company’s nether regions in the event of unethical activity. You don’t want to find yourself in an unethical situation. You can go to jail. You can be fined. You will become a hashtag. Cats will mock you. Lots of stuff can happen. Due diligence helps you avoid all that risk because due diligence helps you manage risk. So be risky, but be manageable.

The Thing About Ethics

Ethics and morals are subjective. The law is pretty clear. For example, an organization that contracts with a third party is responsible for knowing everything about the third party’s dealings in order to avoid any overlap between third party interests and the organization’s interests. Investigating overlap avoids a potential conflict of interest.

Conflicts of Interest

A pretty famous conflict of interest is when someone knows when a stock is going to drop and then tells all their friends to sell before the price drops. That’s insider trading. That’s not fair. How does something like this happen?

Exhibit A

Say Wanda works at a large box store. Wanda’s friend Lynn wants to buy some red cups for her son’s wedding reception. Wanda tells Lynn to wait and to buy those cups next week. Next week those very same red cups are selling at two-for-one prices. That’s right. Wanda just did something unethical.

Wanda’s tip conflicted with the box store’s mission to make money. Did Wanda steal from the box store? No. Did Wanda make any money off of Lynn? No. But something unethical just happened and if anyone looked into it Wanda could end up crying into some red cups at the after-party.

Managing Wanda

Wanda’s risk in this instance was pretty low. But here’s the twist: Wanda’s supervisor is responsible for MANAGING the risk that is Wanda. While Wanda might lack some ethical characteristics, Wanda’s superior must adhere to the characteristics of diligence in order to prevent or mitigate Wanda.

Characteristics of Diligence

First, Wanda’s supervisor Beth must assess the situation before anything risky occurs. This is the prioritization and planning side of due diligence. Beth needs to consider:

  • If someone in Wanda’s position needs to know future sales information. Beth must perform her due diligence and ensure that Wanda and her peers cannot access this kind of information.
  • Beth must consider other information Wanda can access. Beth conducts an audit. She finds out that Wanda has access to other employees’ contact information and has been giving it out to their ex-significant others. Beyond firing Wanda, Beth must now perform due diligence and take the steps needed to ensure the privacy of employee data.

Now that Beth has an understanding of the processes at work, she must find out what the legal mandates are for privacy protection and pricing information. She will then adhere to established regulatory protocols and ensure that those protocols are being followed.

Beth must follow these steps and document the ones that she has taken. This covers Beth’s nether regions because the documentation shows that she has made a reasonable attempt to fix data breaches and to protect product pricing information.

Wanda has been managed. Even better, Beth’s due diligence process has reduced the risk potential of future Wandas.