SAMPLE PROCESS
Third Party Due Diligence
Easily initiate and conduct assessment of third parties on Extended ECM.
WOULD YOU LIKE TO TRY IT?
just click below and fill in the form.
so you can install it on your Extended ECM platform and test it.
Key Challenges
Third-party due diligence is the process of appraising a third party before engaging in a business relationship with them, in order to ensure that they are compliant with laws, regulations, and the ethical standards of the engaging organization.
To build such a solution on Extended ECM, some key elements should be considered:
- Efficiently managing tasks and roles between internal and external Extended ECM users
- According to the type of data collected, automatically generating a task list with the activities to be performed
- Effectively interact and collaborate with external users to collect data, exchange documents, share comments etc.
Process Walkthrough
1/22
Functional dashboard
The main dashboard shows an overview of the results. A smart Data Grid widget allows you to handle data pagination, sort and filter results, as well as simply combine data and sort multiple columns simultaneously for a more comprehensive view. The results can be easily downloaded in Excel format.
2/22
Starting a new Due Diligence process
A form opens directly in a panel to start a new Due Diligence process. Form fields are completed with the required information related to the 3rd party to be assessed.
3/22
Key milestones and dynamic task lists
Upon submission, a new Business Workspace is generated automatically. This will include team members, specific documents, and 3rd party details. The process is segmented by key milestones and their related subtasks. A key milestone is automatically ‘unlocked’ once all the activities of the previous milestone have been completed, so that the business user can view and work only with the tasks still to be performed.
4/22
Preliminary screening
The user starts with the first task: a preliminary screening to verify the status of the organization. The screening implies cross-referencing the organization against external lists and sources of suspected breachers of laws or regulations. If the company is not included in a ‘black list’, the process continues.
5/22
Moving along the tasklist
The status of the fulfilled task will be marked as COMPLETED, so that the user can proceed with the next one.
6/22
Reviewing the Business Compliance document
Moving on to the subsequent task, the user reviews the company Business Compliance document.
7/22
Editing the document before sending it
The document is composed of placeholders that are automatically replaced with the 3rd party information collected in the initial form. The user can easily edit the document before sending it for approval.
8/22
Triggering an approval workflow
The user uploads additional documents relevant for the approval of the Business Compliance. By clicking on the Start Process button, an approval workflow is triggered.
9/22
Receiving an e-mail notification to approve documents
The approvers receive an e-mail notification to review and approve the documents.
10/22
Making comments and approving documents
By opening the task, they can easily make comments and preview documents.
11/22
Unlocking the new milestone and related tasks
Once the documents have been authorized by all the approvers, the related key milestone is closed and the next one is automatically ‘unlocked’. The user can then view and work on the new tasks.
12/22
Sending documents for signature
The reviewed and approved documents, together with other mandatory standard documents, are then sent to the 3rd party for their signature.
13/22
Monitoring the task status
The third party receives the documents via the preferred e-signature tool. The task status will remain IN PROCESS until the signed documents are synchronized back on Extended ECM.
14/22
Requesting documents to the 3rd party
This is when the mandatory Due Diligence documents are requested to the 3rd party. The required documents are already selected according to to the purpose for which Due Diligence process is being conducted. The user may even request additional documents by simply flagging them, or by manually requesting them – if not present in the checkbox list.
15/22
Receiving PIN code to access the external form
The 3d party receives an email with a PIN code in order to securely access an external web form and provide the required documents.
16/22
Adding the required documentation
After entering the PIN code, the 3rd party user can easily add the required documents, as well as upload additional documents and make comments.
17/22
Providing details for missing documents
If a required document has not been uploaded, an error message appears requesting to type the reasons why the document is missing.
18/22
Synchronizing documents back on Extended ECM
Once the third-party user submits the form, the provided documents and information will be synchronized back on the platform.
19/22
Sharing documentation externally with the legal team
The collected documents, together with other required documents, are then shared with the external legal office through Core Share for their final review and approval.
20/22
Reviewing documents in CoreShare
The legal office reviews and approves the shared documents. If needed, they can also add extra documents that will be synchronized directly on Extended ECM.
The user can always monitor the task status.
21/22
Evaluating Risks
The last task regards risk analysis. The user answers a set of questions that are then used to assess and calculate the organization’s risk level. According to the outcome of the analysis, the company may decide to either accept the risk level and establish a new relationship…
22/22
Evaluating Risks
… or not to engage with the 3rd party organization, if the resulting risk level is too high.
Process Walkthrough
1/22
Functional dashboard
The main dashboard shows an overview of the results. A smart Data Grid widget allows you to handle data pagination, sort and filter results, as well as simply combine data and sort multiple columns simultaneously for a more comprehensive view. The results can be easily downloaded in Excel format.
2/22
Starting a new Due Diligence process
A form opens directly in a panel to start a new Due Diligence process. Form fields are completed with the required information related to the 3rd party to be assessed.
3/22
Key milestones and dynamic task lists
Upon submission, a new Business Workspace is generated automatically. This will include team members, specific documents, and 3rd party details. The process is segmented by key milestones and their related subtasks. A key milestone is automatically ‘unlocked’ once all the activities of the previous milestone have been completed, so that the business user can view and work only with the tasks still to be performed.
4/22
Preliminary screening
The user starts with the first task: a preliminary screening to verify the status of the organization. The screening implies cross-referencing the organization against external lists and sources of suspected breachers of laws or regulations. If the company is not included in a ‘black list’, the process continues.
5/22
Moving along the tasklist
The status of the fulfilled task will be marked as COMPLETED, so that the user can proceed with the next one.
6/22
Reviewing the Business Compliance document
Moving on to the subsequent task, the user reviews the company Business Compliance document.
7/22
Editing the document before sending it
The document is composed of placeholders that are automatically replaced with the 3rd party information collected in the initial form. The user can easily edit the document before sending it for approval.
8/22
Triggering an approval workflow
The user uploads additional documents relevant for the approval of the Business Compliance. By clicking on the Start Process button, an approval workflow is triggered.
9/22
Receiving an e-mail notification to approve documents
The approvers receive an e-mail notification to review and approve the documents.
10/22
Making comments and approving documents
By opening the task, they can easily make comments and preview documents.
11/22
Unlocking the new milestone and related tasks
Once the documents have been authorized by all the approvers, the related key milestone is closed and the next one is automatically ‘unlocked’. The user can then view and work on the new tasks.
12/22
Sending documents for signature
The reviewed and approved documents, together with other mandatory standard documents, are then sent to the 3rd party for their signature.
13/22
Monitoring the task status
The third party receives the documents via the preferred e-signature tool. The task status will remain IN PROCESS until the signed documents are synchronized back on Extended ECM.
14/22
Requesting documents to the 3rd party
This is when the mandatory Due Diligence documents are requested to the 3rd party. The required documents are already selected according to to the purpose for which Due Diligence process is being conducted. The user may even request additional documents by simply flagging them, or by manually requesting them – if not present in the checkbox list.
15/22
Receiving PIN code to access the external form
The 3d party receives an email with a PIN code in order to securely access an external web form and provide the required documents.
16/22
Adding the required documentation
After entering the PIN code, the 3rd party user can easily add the required documents, as well as upload additional documents and make comments.
17/22
Providing details for missing documents
If a required document has not been uploaded, an error message appears requesting to type the reasons why the document is missing.
18/22
Synchronizing documents back on Extended ECM
Once the third-party user submits the form, the provided documents and information will be synchronized back on the platform.
19/22
Sharing documentation externally with the legal team
The collected documents, together with other required documents, are then shared with the external legal office through Core Share for their final review and approval.
20/22
Reviewing documents in CoreShare
The legal office reviews and approves the shared documents. If needed, they can also add extra documents that will be synchronized directly on Extended ECM.
The user can always monitor the task status.
21/22
Evaluating Risks
The last task regards risk analysis. The user answers a set of questions that are then used to assess and calculate the organization’s risk level. According to the outcome of the analysis, the company may decide to either accept the risk level and establish a new relationship…
22/22
Evaluating Risks
… or not to engage with the 3rd party organization, if the resulting risk level is too high.
Key Features
- Tasks automatically change their status as they progress. Key milestones are automatically ‘unlocked’ once all the activities of the previous milestone have been completed
- Company information is automatically injected into the document to replace the related placeholders
- Check boxes for Mandatory documents are automatically flagged and selected based on the type of Due Diligence process to be performed
- Easily connect to external systems to perform a preliminary screening and verify 3° party status.
- Integrate Extended ECM with the preferred e-signature tool exposing SOAP Web Services or REST APIs
- Seamlessly share files and documents with the external legal office through Core Share
- Smart Data Grid widgets to effortlessly handle data pagination, sort and filter results, as well as simply combine data and sort multiple columns simultaneously for a more comprehensive view.
Script Console is one of the core components of Module Suite that allows to expose forms – designed and implemented within Extended ECM – to external users with no access to the platform. In this way, external users are able to share & upload documentation, edit data and make comments that will be synchronized back on Extended ECM.
As described in the graphic above, form data submitted by external users (form data packages) are synchronized back to OT Extended ECM using direct service calls.
