Donor due diligence:
5 notable cases of failure to exercise donor due diligence
And the lessons to learn from them
The importance of due diligence cannot be overstated. It is not only a foundational part of every organisation’s counterparty engagement across all sectors, but is the backbone for industries that rely on maintaining a positive public image, such as the nonprofit sector. But what can happen when you don’t properly conduct your due diligence? And what can you learn from those mistakes?
In this blog we’ll be taking you through five cases that show what’s at risk when due diligence isn’t exercised effectively and the lessons to learn from them. By looking at these case studies and the different ways that their due diligence fell short, we will help you develop due diligence processes of your own that are both extensive and rewarding. Let’s begin.
1. The Prince’s Foundation ‘cash-for-honours’ scandal
You’d be hard-pressed to find a family in the world that is more powerful than the British royals. The royals have long been involved with charitable endeavours that have no doubt played a huge role in cementing the British public’s trust in them as an institution. But even they are not exempt from the risks caused by ineffective due diligence.
The most recent example of this is when Prince Charles’ charity, the Prince’s Foundation, came under public fire for corruption. Allegations arose that middlemen involved with the foundation had been accepting bribes by wealthy donors to have personal access to the prince himself. These “cash for access” claims revealed that donors could pay up to £100,000 in exchange for a dinner with the prince as well as an exclusive stay at his Scotland mansion, while the middlemen involved could keep 25% of the fees for themselves.
The damage these revelations have caused for the trust were immediate and are ongoing. The Prince’s Foundation is still under investigation by police and has seen two of its major executives leave the charity in light of the allegations.
The lesson
- You’re never too big to fail: This case is a prime example of how reputational damage does not discriminate based on the size and status of your organisation. In fact, the larger your profile, the larger the potential risk of damage to your reputation.
2. Oxfam workers’ sexual misconduct in Haiti
Oxfam has long been a mainstay in the list of major UK charities. The organisation has made a name for itself as one of the biggest nonprofits dedicated to ending global poverty, a worthy achievement for any organisation looking to have a definable impact in the sector.
However, even one of the biggest names in charity could not avoid the damage posed by a failure to exercise due diligence. In 2018, it was reported that Oxfam senior staff members had solicited local sex workers while stationed there for aid relief after the 2010 earthquake. Though Oxfam had launched an internal investigation in 2011, it wasn’t until The Times reported on the allegations in 2018 that the story developed into a full-blown public scandal.
The Charity Commission opened a statutory inquiry into Oxfam and the European Commission threatened to cease its million euro funding to the charity altogether.
Years later, the nonprofit is still trying to piece itself back together but continuing to fail. Not only has it seen a £16 million overall fall in its budget since the misconduct was revealed, but newer allegations of sexual misconduct by Oxfam workers in the Democratic Republic of Congo has led to the UK suspending its aid funding to the charity altogether.
The lessons
- Don’t neglect internal DD: Due diligence has to be done on all parties that are involved with your organisation including, and especially, those in senior positions. It’s easy to assume that an advanced due diligence process is only necessary when assessing external risk — but ineffective internal due diligence poses just as much of a threat to your public reputation.
- Don’t forget your past: Learn from your mistakes and act upon past lessons. Despite immediately and continuing to face the consequences for the sexual misconduct claims in Haiti, Oxfam found itself in similar waters yet again with the allegations in the DRC. Major reputational damage here could have been offset by Oxfam had they identified the steps they missed in their initial due diligence and implemented them in their future processes.
3. Human Aid UK non-compliance
An egregious result of ineffective due diligence is falling short of the basic requirements that are expected of your organisation by regulators. Human Aid UK faced these repercussions in the form of an exhaustive investigation by the Charity Commission that concluded in 2017. The investigation was opened to examine the charity’s financial controls and the compliance of its trustees as per charity law. Although it was initially found that there was no misuse of funds under the charity, its trustees were ultimately deemed to have “failed to adequately protect the charity” due to a lack of satisfactory due diligence reporting. A significant number of financial records were found to be either incomplete or even entirely untraceable.
This inadequate filing and detailing of funds continued to backfire on Human Aid UK’s reputation. Another investigation was opened into the charity after police seized £20,000 in cash from members of the charity while travelling after they were unable to provide appropriate documentation of the money’s origins. It was later confirmed that the cash did belong to the charity and was intended for courier to Gaza. The Commission assessed that Human Aid UK’s decision to allow the money to be couriered without effective documentation was further proof of financial misconduct.
The lessons
- Fulfil your responsibilities: It is just as crucial for your organisation to comply with the regulations as it is to go the extra mile and find ways to grow. Legal compliance may seem like an obvious requirement, but it cannot be emphasised enough. Being able to prove that you’re fulfilling the duties and responsibilities you’ve been given is just as important as actually following them.
- Keep records: The organisation was also penalised for poor record-keeping. Prioritise keeping clearly marked, timestamped, and shareable records. These not only better your understanding of your subject(s) but also make for more effective tracking and reporting of your checks. This also helps in streamlining the due diligence procedures within your organisation as reports can be seamlessly shared across departments and teams.
4. Malaysian PPE manufacturer controversy
Even when an organisation’s due diligence is expected to be tried-and-true over several years of practice, there is still the risk of a case of reputational damage falling through the cracks. A perfect example of this is the fact that the UK government is now under the risk of legal action due to its partnership with a company accused of using forced labour.
Last month, the Malaysian glove manufacturer Supermax was announced as an approved supplier in a new £6 billion contract for disposable gloves for the NHS. The issue is that Supermax has been hit with allegations of its factories using forced labour, primarily on the manufacturer’s migrant workforce. These allegations have involved workers reportedly having to work for 30 days straight without time off and being forced to pay high fees in their home countries to secure their jobs.
As a result, the government is now being faced with a potential judicial review by a local London-law firm acting as representative for a group of Supermax workers. According to the lawyers associated with the firm, the fact that this partnership happened in the first place severely undermines the value claims of the government. The UK has consistently openly condemned modern slavery but the approval of Supermax now calls their championing of human rights into question.
The lessons
- Check all data: The key takeaway from this example is that it is crucial to use a wide array of sources when conducting due diligence. There had been ample evidence of Supermax’s controversial labour practices, namely news articles covering the allegations and subsequent bans on Supermax by international authorities. By inspecting all possible sources of reports and information on Supermax’s history and dealings, the controversy would have been immediately recognised. Do not neglect the growing plethora of data sources online — the more information you have to back up your understanding, the better your chances are of preventing reputational damage.
5. Tory donor involved in bribery
Nowhere is public perception more important than within politics. Conducting effective due diligence is central to the growth and survival of every political party and individual. By not doing so, political figures risk experiencing extreme pressure from the public for what will be perceived to be a lack of care and attention paid towards their work.
Prime Minister Boris Johnson recently faced that pressure when it was revealed that a major donor towards his leadership campaign had been involved in a $220 million dollar bribe.
Businessman Mohamed Amersi had been a lucrative force for the Tory party and the PM’s leadership campaign, having donated nearly £525,000 to the party since 2018. The Pandora Papers leak of last year revealed that Amersi, during his time as a consultant for Swedish telecoms company Telia, had been part of a controversial multimillion dollar payment to an offshore firm. The firm turned out to be a cover, as the payment actually went towards Gulnara Karimova, the daughter of the then-president of Uzbekistan, for the purpose of increasing Telia’s business within the country.
Something to take note of in this example is that Amersi claimed he initially saw nothing wrong with the involvement because he had relied on Telia’s due diligence process. The offshore company had apparently been “vetted and approved” by Telia and so the partnership did not strike Amersi as potentially risky.
Giving Amersi the benefit of the doubt and assuming this to be true, it further exemplifies the domino-effect that the failure to exercise due diligence can have. Telia’s lack of due diligence caused reputational damage for Amersi, which in turn led to further reputational damage for Boris Johnson and the Tory party as a whole later down the line.
The lessons
- Keep a stringent, standardised process: Tight and stringent due diligence processes are essential. In this case that means implementing a standardised process that leaves no room for error or gaps in information. As mentioned, due diligence procedures had already taken place throughout this story but these measures were clearly not thorough enough. Every institution will have its own method and processes and is fully responsible for its own reputation. If you’re depending on another organisation’s report, then it is essential to make sure that their due diligence processes are just as comprehensive as yours.
This is a problem that is especially common when due diligence is conducted manually. Despite best efforts and general expertise, multiple sources of data combine with fatigue and human error and can lead to omissions. Be on the lookout for ways to make your due diligence systematic and consistent. Automated technology platforms that can blend with your organisation’s needs are the quickest way to do this.
Adding these lessons to your due diligence
There remains one final and absolute lesson to be learned from the above examples: due diligence should never be taken lightly. The failure to exercise due diligence can lead to devastating consequences for even the most robust of organisations and foundations.
More importantly, it’s crucial that truly effective due diligence is being undertaken. The groups mentioned throughout this blog certainly aren’t rookies to their sector and definitely have performed due diligence procedures before — their mistake was not performing the right kind of due diligence that was both efficient and informative enough to alert them of the risks ahead.
That’s why we developed Xapien, a comprehensive AI tool that uses its powerful insights to supercharge your due diligence and reputational risk management. Seamlessly implement the lessons we’ve learned through Xapien’s technical capabilities, including:
- Automation: To perform highly detailed due diligence faster and more efficiently so that you can run it on all your customers, employees, and prospects. Advanced automation of the entire research process means that Xapien requires absolutely minimal user input and no training . You can get deep insights within 10 minutes. This might have saved the Prince’s Foundation or Oxfam quite a penny. Indeed, the Conservative Party might not have needed to rely on someone else’s due diligence.
- Natural language processing: To find the information that is relevant to your needs out of the millions of publicly available data sources. As we saw in the Supermax example, crucial information can come from a wide array of sources. But finding and reading all of these sources to find what is relevant is humanly impractical. Xapien will do it for you. Advanced NLP enables Xapien to surface risks, associated individuals, and other relevant information from any blog, article or biography online.
- Machine learning algorithms: To build a comprehensive understanding of your subject by finding connections and related information you should know. Xapien’s iterative research process integrates new information into its searches, building a truly intelligent and rounded picture of your subject.
- Concise reporting: To have your valuable insights delivered to you in a report that’s detailed, simple to understand, and shareable. Full sourcing on every piece of information provides a clear, time-stamped audit trail for all decision making.
To find out more about how Xapien can transform your due diligence process, get in touch with us today or go ahead and book a demo so that you can see it in action for yourself.
Monthly learnings and insights to your inbox
Xapien streamlines due diligence
Xapien's AI-powered research and due diligence tool goes faster than manual research and beyond traditional database checks. Fill in the form to the right to book in a 30 minute live demonstration.