FCA and PRA licenses (authorisations) and ongoing compliance support, training, recruitment. Contact us 7 days a week, 8am-11pm. Free consultations. Phone / Whatsapp: +4478 3368 4449  Email: hirett.co.uk@gmail.com

[Your Company Name] Due Diligence Questionnaire

1 Company Details

Company Name:                                             ____________________

Company Number:                                         ____________________

Other Trading Names:                                    ____________________

Registered Address:                                       ____________________

Point of Contact:                                            ____________________

Position                                                          ____________________

Email Address:                                              ____________________

Direct Dial:                                                    ____________________

2 Company Structure

a. Provide a summary of your company strategy and background

___________________________

___________________________

___________________________

b. Copies of company registration documents, VAT/TAX Certificates attached?
YES/NO

c. Please indicate the formation of the company?

  • Sole Trader ____
  • Partnership ____
  • Public Limited Company (plc) ____
  • Private Limited Company (Ltd) ____
  • Limited Liability Company (Llp) ____
  • Subsidiary ____

d. Please indicate the size of the company?

  • Less than 10 employees ____
  • Between 11-50 employees ____
  • Between 51-100 employees ____
  • Between 101 – 500 employees ____
  • Over 501 employees ____

3 Financial/Business Information

a. Please attach copies of the below documents

  • A copy of the last 3 years audited accounts
  • A statement of turnover, P&L and cashflow for the past 2 years
  • A statement of the current cashflow forecast and Accountant letter on credit position

(If you are unable to provide any of these, please provide an explanation as to why)

___________________________

___________________________

b. Do you comply with current Data Protection Legislation?
YES/NO

Please provide details of your Data Protection Officer and registration number:

___________________________

___________________________

c. Do you hold any of the below ISO certifications? (If yes, please provide copy of certificate)

  • ISO9001 (Quality Management)
    YES/NO
  • ISO27001 (Information Security Management)
    YES/NO
  • ISO14001 (Environmental Management)
    YES/NO
  • ISO31000 (Risk Management)
    YES/NO
  • ISO15489 (Records Management)
    YES/NO

d. Please provide your current level of insurance for the below:

  • Public Liability Insurance:                                    ____________________
  • Employer’s Liability Insurance:                            ____________________
  • Professional Indemnity Insurance:                       ____________________
  • Other (please specify):                                         ____________________

e. Has the company or any named Partner/Director, ever entered (or are currently in) Bankruptcy, Insolvency, Compulsory Winding-Up, Receivership or are subject to any CCJ’s or legal proceedings?
YES/NO

(If yes, please provide full details)

___________________________

___________________________

f. Is the company a member of any trade associations?
YES/NO

(If yes, please provide details)

___________________________

___________________________

4 Compliance & Quality Assurance

a. Please put an x in the appropriate box for each question to confirm if the company has documented and approved processes for each area:

  • Anti-Bribery & Corruption Policy?
    YES ___ NO ___ N/A ___
  • Data Protection Policy?
    YES ___ NO ___ N/A ___
  • Information Security Policy?
    (Including policies & controls for Access Control, Asset Management, Passwords, Encryption & Remote Access)
    YES ___ NO ___ N/A ___
  • Anti-Money Laundering Policy?
    YES ___ NO ___ N/A ___
  • Whistleblower Policy?
    YES ___ NO ___ N/A ___
  • Complaint Handling Procedures?
    YES ___ NO ___ N/A ___
  • Health & Safety Policy?
    YES ___ NO ___ N/A ___
  • Employee Induction & Training Program?
    YES ___ NO ___ N/A ___
  • Equal Opportunities Policy?
    YES ___ NO ___ N/A ___
  • Disaster Recovery Plan?
    YES ___ NO ___ N/A ___
  • Confidential Waste/Device Disposal Policy?
    YES ___ NO ___ N/A ___
  • Records Management & Data Retention Policy?
    YES ___ NO ___ N/A ___
  • Compliance & Data Breach Policy & Procedures?
    YES ___ NO ___ N/A ___
  • Risk Management Policy & Procedures?
    YES ___ NO ___ N/A ___
  • Internal Audit & Monitoring Policy & Procedures?
    YES ___ NO ___ N/A ___

b. Are reviews on all policies & procedures conducted at least annually?
YES/NO

c. Are staff trained on handling and safeguarding confidential materials?
YES/NO

d. Describe the compliance training program you have in place for employees: 

___________________________

___________________________

e. Describe the information and physical security measures employed by the company:

___________________________

___________________________

f. Does the company have an appointed Compliance Officer?
YES/NO

g. Does the company have an appointed Money Laundering Reporting Officer?
YES/NO

h. Are all employees and visitors asked to sign Non-Disclosure Agreements?
YES/NO

i. Please describe the company’s approach to Risk Management:

___________________________

___________________________

j. Please describe the measures and controls in place for compliance audits & monitoring:

___________________________

___________________________

k. Please describe your approach to recruitment, induction & employee background checks:

___________________________

___________________________

l. Do you use any external service provider(s)?
YES/NO

If yes, for what services and what are your monitoring & due diligence controls?

___________________________

___________________________

m. Do you have defined procedures and training covering the below data protection areas?

  • Subject Access Request Procedures?
    YES ___ NO ___ N/A ___
  • How to handle personal data?
    YES ___ NO ___ N/A ___
  • GDPR Principles and requirements?
    YES ___ NO ___ N/A ___
  • Disclosures and transfers?
    YES ___ NO ___ N/A ___
  • Security of processing safeguards & measures?
    YES ___ NO ___ N/A ___
  • GDPR Principles and privacy notice obligations?
    YES ___ NO ___ N/A ___
  • Data subjects’ rights & procedures for exercising their rights?
    YES ___ NO ___ N/A ___
  • Controller & processor obligations and responsibilities?
    YES ___ NO ___ N/A ___

n. Please describe the company’s approach to Risk Management:

___________________________

___________________________

5 CONFIRMATION

I/We confirm that all answers and information provided on/with this questionnaire are accurate and provide a true representation of our organisation and services. I/We understand that the information provided in this form will be used to assess our suitability to provide the required product(s)/service(s) to [Insert Your Company Name].

To be completed by the service provider:

Company Name:        ______________________    Point of Contact:        ____________________

Date:                           ______________________    Tel Number:                  ____________________

Print Name:                ______________________    Signed:                        ____________________

To be completed by the Company:

Print Name:                ______________________    Signed:                        ____________________

Position:                     ______________________    Date:                           ____________________

  • Has full due diligence been completed on the supplier?
    YES/NO
  • Have all evidence documents been obtained and saved/scanned?
    YES/NO
  • Has the supplier been approved as a service provider?
    YES/NO

If answering NO to question 3, please provide a reason why:

___________________________

___________________________