Due Diligence & Risk Intelligence

Overview

Effective risk management begins with comprehensive due diligence. Regulators and investors expect companies to thoroughly evaluate third parties to uncover potential red flags and prevent legal, financial and reputational harm. Due diligence helps verify capabilities, financial stability, legal compliance, security posture and ethical practices Beyond initial checks, continuous monitoring is essential because risk profiles evolve over time.

Why Due Diligence Matters

Regulatory Compliance: Laws on anti‑money‑laundering, anti‑bribery, sanctions, modern slavery and supply‑chain due diligence impose strict obligations on organisations to know their business partners. Failure to conduct appropriate due diligence can result in fines, debarment or criminal liability.

Risk Mitigation: A World Economic Forum study cited by industry experts found that 98 % of organisations experienced a data breach linked to a third party, and 41 % faced a major cyber incident. Thorough due diligence reduces vulnerability to cyber, operational and reputational risks.

ESG & Ethical Considerations: Investors and regulators increasingly demand assessments of environmental, social and governance practices. ESG due diligence examines a third party’s impact on climate, biodiversity, labour rights and ethical conduct.

Continuous Monitoring: Enhanced due diligence and ongoing monitoring are now recognised as regulatory requirements in sectors such as financial services. Risk profiles change when ownership structures, operations or market conditions evolve; continuous monitoring keeps risk assessments current.

Types of Due Diligence

Third‑Party & Supplier Due Diligence: Screening of customers, suppliers, distributors, agents and joint‑venture partners for legal, compliance and reputational risks.

Reputational Background Checks: Investigation of public records, media sources, sanctions and watchlists to uncover integrity issues.

M&A Due Diligence: Assessment of acquisition or investment targets, focusing on compliance, governance, operational and ESG risks.

Governance Due Diligence: Evaluation of governance structures, independence of boards, transparency, tax governance and data ethics.

ESG & Human‑Rights Due Diligence: Review of environmental impacts, social practices (e.g., labour conditions, human rights, privacy) and governance practices, aligned with international standards and principles.

Supply‑Chain Risk Due Diligence: Analysis of supplier networks to identify exposure to forced labour, environmental harm or geopolitical risks.

Politically Exposed Persons (PEP) & Sanctions Review: Identification of PEPs, sanctions exposure and heightened risk individuals or entities.

Continuous Monitoring: Ongoing surveillance of counterparties to detect changes in risk profile, ownership or media coverage.

Methodology

Our due diligence process follows a structured methodology combining technology and expert judgement:

  1. Scoping & Risk Assessment: Define objectives, key risk areas and jurisdictional scope.

  2. Open‑Source Intelligence Research: Gather data from public records, corporate registries, litigation databases, media archives, social media and regulatory filings.

  3. Sanctions & Restrictive List Screening: Search against global sanctions lists, PEP databases and law‑enforcement watchlists.

  4. Specialised Software & Databases: Use proprietary compliance tools and subscription databases to retrieve corporate ownership information, beneficial ownership structures, legal proceedings and reputational indicators.

  5. Corporate Registry & Financial Analysis: Review official company filings, shareholder structures, financial statements (where available) and cross‑border ownership chains.

  6. Reputational Analysis: Conduct negative‑news searches and media reputation assessments to identify controversies, litigation, regulatory actions or ethical concerns.

  7. Red Flag Identification: Identify and categorise compliance, legal and ESG red flags; assess their impact and likelihood.

  8. Human Expert Review: Experienced analysts contextualise the findings, evaluate inconsistencies and provide strategic insights.

  9. Continuous Monitoring: For ongoing engagements, we set up periodic or real‑time monitoring alerts and reassess risks as circumstances change.

Deliverables
  • Technical Due Diligence Report: A structured report summarising findings, risk assessments and red flags.

  • Compliance Risk Analysis: An evaluation of the entity’s regulatory compliance, including AML/ABC, sanctions, human rights, governance and ESG practices.

  • Monitoring Alerts & Updates: For continuous monitoring, periodic alerts summarise material changes in ownership, sanctions status, litigation or media coverage.

  • Strategic Insights Discussions: Optional debriefings with our consultants to interpret findings, prioritise mitigation measures and support decision‑making.

Subjective Market Opinion (Complementary)

In addition to the written technical deliverables, NOHOU may provide a Subjective Market Opinion as a complementary service. This optional assessment offers a qualitative perspective on how the market perceives a company or individual, highlighting potential discrepancies between factual information and market sentiment. Key characteristics include:

  • Purpose: To provide an informed opinion on market perception, helping clients understand reputational nuances that may not be apparent through technical data alone. It is an opinion—not a fact—and should be interpreted in conjunction with the technical due diligence report.

  • Integration with Due Diligence: The Subjective Market Opinion is always linked to a technical due diligence engagement. It is not offered as a standalone service.

  • Confidential Delivery: The opinion is not incorporated into the final written report; instead, the report will simply note that the opinion was provided. The assessment is explained in a dedicated meeting—conducted via teleconference or in person—tailored to the sensitivity of the matter.

  • Logistics & Expenses: Should an in‑person presentation be required, or if on‑site visits are necessary to collect or validate subjective information, the client will bear associated travel and logistical expenses, which will be communicated in advance.

This complementary service enables clients to make more informed decisions when technical data alone may not capture the full picture of market perception.

Please note: our due diligence services provide risk insights and do not guarantee the absence of risks nor replace legal, financial or statutory audits. Where required, we collaborate with specialist law firms, auditors or technical experts.

Contact

Email

contacto@nohou-esg.com

+34 919.146.270

© 2026. All rights reserved.

PHONE

address

Paseo de la Castellana, 216, planta 1, oficina 107. Plaza de Castilla. 28046. Madrid