What this check is
Support nonprofit vendor files with structured public-source review. It is a structured public-source and adverse-media review for a specific procurement, grant or contracting decision. The work focuses on the organization, known or discoverable key people, former names, local-language variants and risk terms that may matter to the decision.
For procurement and grant files, the goal is to document the public-source review that sits beside eligibility checks, finance review, sanctions screening, legal review and internal approvals.
When to run it
- A supplier has been identified as the preferred option.
- The team is preparing an award, grant agreement, contract, consortium role, onboarding step or periodic renewal.
- A donor file, procurement file, partner file or internal approval memo needs a documented public-source review.
- Names, acronyms, former names, key officials or local-language variants should be checked before signing.
What risk categories it covers
A useful nonprofit vendor due diligence should be broader than a name search. IntegrityFile reports organize public-source signals into review categories so the file shows what was checked and why it mattered.
- adverse media, public complaints and reputation signals
- identity, governance, leadership and official registration indicators
- fraud, corruption and misuse of funds
- safeguarding and PSEA concerns
- aid diversion and restricted-party exposure
- political exposure and neutrality concerns
- conflicts of interest and related-party links
- rebranding, former names and identity continuity
- governance, registration and leadership concerns
- legal, regulatory and court-record signals
Practical checks to run
These are the checks that make the file useful to a real reviewer rather than just a generic screening note.
- Check the vendor, supplier, grantee or subcontractor name plus owners, directors, signatories and beneficial owners where public.
- Search procurement awards, contract termination notices, debarment lists, sanctions tools and court/regulator references.
- Record whether the company is active, dissolved, recently formed, re-registered or operating under a new trade name.
- Look for related-party risk: same address, shared directors, family names, unexplained subcontracting chains or donor staff links.
- Keep screenshots or exported records where a registry, exclusion search or debarment page may change over time.
What public sources may be reviewed
Source availability varies by country, entity type and language. The review should record the sources searched, the search terms used, and any limits in public coverage.
- official organization, company, charity or NGO registries where available
- beneficial ownership, director and officer records where public
- organization websites, annual reports, project pages and leadership pages
- donor, audit, inspector-general, debarment and procurement records
- government, regulator, court and legal records where accessible
- media archives, local-language searches and public web footprint indicators
Useful source notes
These reference points help reviewers understand what to capture, how to search, and why a name-only result is not enough.
- UN Security Council sanctions are organized by regime, so a possible match should be reviewed against the specific listing basis and measures, not just the name.
- OFAC search results include program codes; those codes are part of the review because different sanctions programs may imply different treatment.
- World Bank debarment search works better with partial names and without accents or generic company words such as Limited, Corp. or Ltd.
- For procurement files, record whether an exclusion or debarment check was searched by exact name, partial name, former name and key person name.
- For UN-facing supplier review, UNGM is relevant because it is the UN system procurement platform and includes supplier and sanctions-related functions.
Field focus for this review
Check vendors, suppliers and subcontractors before award or renewal, with attention to ownership, debarment, related parties, performance and legal status.
Do not turn a public-source signal into a conclusion. The file should show the source, identity match, relevance analysis, false-positive reasoning where applicable, and any follow-up or escalation taken.
- company registry, beneficial ownership and director records
- debarment, exclusion and procurement sanction pages
- contract award, termination and performance references
- court, tax, regulator and media records
- official registry records for legal name, status, address and officers
- organization website, annual report, donor pages and leadership biographies
- local-language media and civil-society references using spelling variants
Search terms to try
Replace the placeholders with the legal name, acronym, former name, original-language name, country, project location and known key officials. Keep the exact search terms in the file so the review can be repeated later.
"COMPANY NAME" debarred
"COMPANY NAME" "procurement fraud"
"COMPANY NAME" "contract terminated"
"DIRECTOR NAME" "COMPANY NAME"
"COMPANY NAME" "beneficial owner"
"COMPANY NAME" lawsuit "COUNTRY"
"ORGANIZATION NAME" "COUNTRY" "audit"
"ORGANIZATION NAME" "COUNTRY" "investigation"
"ORGANIZATION NAME" "COUNTRY" "fraud" OR "corruption"
"ACRONYM" "Executive Director" "COUNTRY"
What reviewers often miss
- Searching only the trading name and missing the legal company name.
- Not checking directors, owners and signatories.
- Ignoring recently incorporated vendors with no visible performance history.
- Missing related-party links to staff, partner officials or other bidders.
- Failing to save exclusion-search records that can change over time.
- Only searching the English name and missing the original-language legal name.
- Treating a same-name article as relevant before checking country, address, registration number or official title.
- Failing to search former names, abbreviations and local transliterations.
- Not recording the search term and access date, which makes the file hard to defend later.
- Saving only the conclusion instead of the source link, date, identity match and reviewer reasoning.
What to do when a signal appears
A useful file records the reviewer response, not only the search result. Use the table as a practical starting point and adapt it to internal policy.
| Situation | Reviewer action | Evidence to keep | Escalate when |
|---|---|---|---|
| Debarment result appears | Confirm exact entity, identifiers, sanctioning body, scope and dates. | Debarment record and identity notes. | Escalate to procurement and legal before award. |
| New company with no history | Ask for references, ownership, capability evidence and tax/registration status. | Registry extract and due diligence questions. | Escalate if high-value or high-risk work lacks capacity evidence. |
| Shared bidder address | Check whether bidders share directors, phones, emails or beneficial owners. | Registry and bid-file comparison. | Escalate to procurement for collusion or conflict review. |
| Court debt or insolvency | Check status and relevance to delivery capacity. | Court/registry source and date. | Escalate if it threatens performance or contract obligations. |
| Subcontracting chain unclear | Ask who will perform, own, transport or store goods. | Subcontractor names and response. | Escalate if restricted-party or conflict risk cannot be ruled out. |
Realistic review scenarios
| Scenario | Why it matters | How to document it |
|---|---|---|
| A vendor was incorporated two months before bidding for a complex logistics contract. | Newness is not misconduct, but capacity and ownership need closer review. | Save registry status and request references, ownership details and delivery-capacity evidence. |
| Two suppliers have different names but the same director and address. | The pattern can indicate collusion, related-party bidding or shared control. | Preserve registry extracts and escalate to procurement before award. |
| A subcontractor is not named until after preferred-bidder selection. | Hidden subcontracting can bypass due diligence and restricted-party checks. | Ask for full subcontractor chain and run the same public-source checks before signing. |
File-ready wording examples
Use cautious language. The wording should describe the public-source review and next step, not make the final selection decision.
No relevant findingsPublic-source searches were completed for the legal name, acronym, country, available local-language variants and named key officials. No relevant adverse public-source signals were identified within the scope of this review.
Clarification neededA public-source signal was identified that may relate to the organization under review. The reviewer has not treated it as a conclusion and has requested clarification on identity, context, current status and any remedial action.
False positiveA similar-name result was reviewed and dismissed because the available identifiers do not match the organization, country, address, role or time period in scope. The result has been logged as a false positive.
EscalationA potentially relevant public-source signal requires internal review before the file is finalized. The source, identity-match notes, reviewer assessment and recommended clarification questions have been saved in the file.
What the report includes
- organization name, country, acronym, legal or original-language name and known aliases
- known key officials, or a best-efforts public-source identification of relevant officials
- risk category summary with source-linked findings for human review
- search terms, source table, dates reviewed and evidence notes
- false positive log for unrelated names, outdated results or weak matches
- reviewer fields for relevance, clarification, escalation and final file notes
Evidence to capture in the file
- source title, publisher, URL and date accessed
- exact search term used, including language and spelling variant
- identity match notes: country, address, registration number, official title, date of birth if lawfully available
- finding type: relevant, irrelevant, false positive, needs clarification or escalation required
- reviewer note explaining why the item was included or dismissed
- follow-up question for the partner, vendor, grantee or internal reviewer
Common false positives to watch for
- same acronym used by an unrelated organization in another country
- same person name but different title, city, employer or date range
- old legal dispute involving a predecessor entity with no confirmed continuity
- media article about a sector-wide issue that does not identify the organization under review
- sanctions or debarment search result with weak fuzzy-match confidence and no matching identifiers
What it does not replace
This check does not replace sanctions screening, legal review, safeguarding investigation, procurement approval, vendor eligibility checks, finance review, donor clearance or any required internal decision process. It supports the public-source due diligence step by creating a documented record for human review.
Sample follow-up questions
- Does the public-source record confirm this is the same vendor, grantee or subcontractor under review?
- Are there former names, aliases, directors, signatories or related entities that should be searched separately?
- Are any findings current, serious and relevant to the proposed decision, or are they historical or likely unrelated?
- Should the organization be asked for clarification before approval, award or escalation?
- Do any findings trigger internal safeguarding, procurement, legal, donor, finance or management review requirements?
Reference sources for reviewers
OFAC Sanctions List SearchUses approximate string matching and program codes. A possible hit should be reviewed for identity, program, identifiers and relevance; the tool is not a substitute for due diligence.
World Bank listing of ineligible firms and individualsThe list identifies debarred and cross-debarred firms and individuals, updates every three hours, and recommends searching partial names without accents or generic company terms.
SAM.gov exclusions search guidanceU.S. government guidance links to quick-start instructions for searching exclusions on SAM.gov and printing exclusion records for the file.
UN Global MarketplaceThe official procurement platform of the UN system describes a database of more than 500,000 suppliers and consultants and procurement due diligence/sanctions-list functions.
USAID OIG pre-award risk management auditThe 2024 audit is useful because it names practical pre-award risk areas: past performance, organizational and financial capacity, documentation of required reviews, certifications and enterprise risk management.
FATF Recommendation 8 best practices for non-profit organisationsEmphasizes focused, proportionate, risk-based measures for the subset of NPOs that fall within FATF's definition, while avoiding undue disruption of legitimate activity.
Related due diligence guides
NGO Vendor Due Diligence: Public-Source Review Before ContractingCheck vendors before procurement award, onboarding or renewal.
Supplier Due Diligence for NGOs: Public-Source Checks Before AwardReview suppliers for reputation, integrity, ownership, governance and legal concerns.
Procurement Due Diligence Checklist for NGOs and Donor-Funded TeamsBuild a procurement file that documents public-source vendor and supplier risk review.
Grantee Due Diligence Report: What Foundations and Donors Should CheckReview grantees before award, renewal or monitoring decisions.
NGO Partner Due Diligence Report: What to Check Before SelectionReview a preferred NGO partner before award, agreement signing, onboarding or renewal.
Implementing Partner Due Diligence: Public-Source Checks Before Agreement SigningDocument the public-source review of an implementing partner before funds, responsibilities or program authority are assigned.