Transcription
DUE DILIGENCE FRAMEWORKAugust 2021
DUE DILIGENCE FRAMEWORK1. INTRODUCTIONThe Due Diligence Framework (Framework) is a risk management tool to assess a potential delivery partner’sability to deliver in line with the policy and legislative requirements of the Australian development program. Itresponds to the Australian development program’s reliance on partnerships and third party deliverymechanisms by better informing partner engagement, risk management and program delivery throughout theprogram cycle, while other DFAT processes inform partner performance and program impact.The Framework provides a structured and consistent approach for the identification and assessment ofdelivery partner risk prior to entering into agreements/arrangements and providing funding.The Framework reflects strengthens and streamlines existing due diligence arrangements and applies toindividuals, commercial contractors, private sector entities, multilateral organisations and development banks,international and regional organisations and civil and non-government organisations.Key risks identified in the due diligence process need to be assessed, documented and monitored in line withthe Aid Programming Guide, Chapter 8 Development Program Risk Management.1.1 OBJECTIVESThe key objectives of the Framework include: undertaking due diligence assessments in a consistent and pragmatic manner proportional to therisk of the agreement/arrangement strengthening risk management processes through identification and assessment of partner risksprior to selection and agreement finalisation assisting delegates to satisfy Public Governance, Performance and Accountability Act 2013 (PGPAAct) requirements by systematically identifying delivery partner risks and strengths prior to enteringinto agreements/arrangements to support funding decisions to be transparent, robust and defensible1.2 GUIDING PRINCIPLESThe operation of the Framework is guided by the following principles: Proportionality – the scope and depth of assessments are proportional to the risk and value of theproposal. Evidenced based assessment - assessments will be based on the best available and most current,objective and verifiable information and where appropriate will draw on third party assessments.Due diligence framework2
Validity – assessments will remain valid for up to three years. Centralised coordination and storage – centralised coordination and storage of assessments enablesa repository of information available for DFAT. Delegate responsibility – the financial delegate remains responsible for ensuring appropriate duediligence activities have been undertaken and will determine if any extra due diligence activities arerequired.1.3 KEY FEATURESThe key features of the development Due Diligence Assessment Process include: Financial delegates determine the scope and depth of the due diligence assessment undertakencommensurate to the size and risk of the agreement/arrangement. Assessment tools are available to support the conduct of assessments. Environment Safeguards, Public Finance Management and Aid Risk Management Section (SRS) willcentrally store due diligence assessment reports and make these available for use by program areasand decision makers. Individuals, Baseline and Baseline Downstream Partner due diligence assessments will normally becompleted by agreement/arrangement managers and typically involve a desktop review toaccomplish the assessment. Comprehensive and multilateral organisations and development banks and international andregional organisations due diligence assessments may be conducted with contractor support. Accessto the Due Diligence Services Panel is available through the Australian Government's AusTender'sDynamic Sourcing for Panels (DS4P).A risk-based approach is used to determine the scope of due diligence is conducted. Generally, we need tofocus on new partners or where the risk of using an existing partner has significantly changed. This may includewhen the partner is delivery higher value agreement/arrangements, the environment is higher risk, or whereperformance issues have been identified. Due Diligence is not required for most credit card purchases.2. WHEN TO CONDUCT A DUE DILIGENCEFinancial delegates are ultimately accountable for risk management undertaken and the extent to which theyapply due diligence prior to finalising an agreement/arrangement.The best time to apply due diligence will vary. In most cases due diligence assessments are envisaged to becommenced at the time a potential delivery partner is identified and to be concluded prior to the delegatefinalising the S.23 PGPA Act approval minute to commit and enter into an arrangement.Stand-alone due diligence assessments remain valid for a maximum of three years.3
A delegate may determine an earlier re-assessment is required where circumstances indicate that: partner risks have not been properly identifiedevents infer that partner risk control strategies are ineffectivethere is significant change in a partner’s circumstances such as a corporate restructurea shorter period between undertaking an assessment is deemed more appropriate.2.1 CONTRACT AMENDMENTSWhere there is the intention to extend a current agreement/arrangement, the program area should considerif the current due diligence assessment provides adequate level of assurance for their Delegate or if anotherdue diligence assessment is required. DFAT policies and partner operations would have evolved over theyears, the program area should consider the age of previous due diligence reports for continued relevance aswell as the broader program context. Particularly, if the extension means it will be more than three yearssince the last due diligence assessment was carried out.3. DFAT DUE DILIGENCE PROCESSESDue diligence occurs across the Australian development program for a range of objectives and through variousinstitutional capacity assessment processes including tender and grant evaluations, assessment of partnergovernment systems, multilateral organisation performance assessments and the Australian NGOAccreditation process.A Due Diligence Assessment based on the Due Diligence Framework constitutes just one type of assessmentto provide confidence in a potential delivery partner’s ability to deliver in line with the policy and legislativerequirements of the Australian development program.Financial delegates are responsible for due diligence undertaken for any funding agreement/arrangement aswell as its scope and depth – for example the decision between an Individual, Baseline, Baseline DownstreamPartner, or Comprehensive assessment. Delegates should exercise judgement in how best to apply theFramework to their program context and circumstances.A summary of the delivery partners and their Due Diligence Assessment requirements are in Table 1.4
Table 1: Delivery partners Due Diligence Assessment requirementsDELIVERY PARTNERDUE DILIGENCE ASSESSMENT REQUIREMENTSCommercial and Private SectorPartnersA due diligence assessment is required.Non-Government & CivilSociety OrganisationsA due diligence assessment is required unless accredited under theAustralian NGO Cooperation Program (ANCP).Direct Aid Program (DAP) partners are subject to due diligenceassessments.International & RegionalOrganisations(e.g.: ASEAN, SPC, USP)A due diligence assessment is required. The minimum requirement is aBaseline Multilateral due diligence assessment.Multilateral Organisations &Development BanksA due diligence assessment is required. The minimum requirement is aBaseline Multilateral due diligence assessment.Bilateral Partners(ie. other Donors)A due diligence assessment is not required.Reviewed as part of regular formal and informal engagement.Partner GovernmentsA due diligence assessment is not required.An assessment of national and sector‐level public financial managementand procurement systems must be undertaken.Australian GovernmentAgencies under the PGPA ActA due diligence assessment is not required.Australian Government governance and accountability mechanismsapplyAustralian EducationInstitutions (e.g.: Universitiesdelivering Australianawards/scholarships)A due diligence assessment is not required.Australian and State / Territory legal and policy compliance standardsand accountability mechanisms apply.5
3.1 DUE DILIGENCE FRAMEWORK ASSESSMENT TOOLSUnder the Due Diligence Framework delivery partners are assessed at the corporate governance level and thescope of assessments can be broadly categorised into two key pillars that focus on organisation capacity andrisk management of the delivery partner to comply with Australian development program requirements.Defined assessment criteria underpin the pillars. These assessment criteria reflect legislative requirements,areas of potential risk to the Australian development program and its policy priorities. Assessments optionsreflect the partner type and associated risk profile. Assessment options include: Individual, Baseline, BaselineDownstream Partners, Comprehensive or Baseline Multilateral .Assessments are a pragmatic evaluation of the best available evidence including the Australian developmentprogram’s existing information holdings, robust information already in the public domain, informationprovided by the partner for the purpose of the assessment, information reported to other Governmentagencies and departments and third party assessments (e.g. other donor assessments available to theAustralian development program).Figure 1 illustrates how each of the due diligence assessment criteria are organised under the two pillars. Howthe criteria are applied to each of the due diligence assessment options are included in the following Figures2 to 4, and the specific criteria applied to these due diligence assessment, respectively.Figure 1 Due Diligence Criteria Pillars6
3.2 INDIVIDUAL DUE DILIGENCE ASSESSMENTThe Individuals Baseline Due Diligence Assessment utilises five (5) of the seven (7) Baseline assessment criteriaand is typically conducted by program, agreement or relationship managers as a desktop review. Thisassessment is adapted from the Baseline due diligence criteria and reflets a commensurate approach toengaging individuals. The individual due diligence assessment includes five (5) mandatory criteria and aredetailed in Figure 2 below.Assessments of individual providers should be conducted by a DFAT officer/s using the individual assessmenttools and guidance. Individuals for the purposes of assessment means the engagement of a singleconsultant/person. The consultant/person must operate as either a sole trader/sole proprietor or other likeself-employed business type. For due diligence assessments on individuals who are engaged via consulting firmor other medium/large organisations, the Baseline Due Diligence Assessment should be utilised.Figure 2 Individual Due Diligence Criteria7
3.2 BASELINE DUE DILIGENCE ASSESSMENTA Baseline Due Diligence Assessment is the minimum assessment required for most organisations andaddresses seven (7) assessment criteria. The seven (7) mandatory criteria that make up the Baseline DueDiligence Assessment are shown in Figure 3 below.Program areas should consider due diligence assessments as an opportunity to develop a deeper, evidencebased, understanding of their potential delivery partners at an early stage of engagement and prior toagreement/arrangement signature. This can help identify and interpret any risks of working with the partneron a specific program and assess whether the partner has the capacity and capability to deliver.Baseline assessments are generally conducted by a DFAT officer/s as a desktop review using the baselineassessment tools and guidance. However, this assessment may also be conducted with contractor support.Access to the Due Diligence Services Panel is available through the Australian Government's AusTender'sDynamic Sourcing for Panels (DS4P). the use of contractor support will be commensurate to the risk and valueof the proposed agreement/arrangement.The Baseline Due Diligence Assessment Report is not appropriate for assessing a delivery partner who will makeuse of downstream partners or for assessing multilateral organisations and development banks or internationaland regional organisations. See sections 3.3 and 3.4 for more information on these types of assessments.Figure 3 Baseline Due Diligence Criteria8
3.3 BASELINE DOWNSTREAM DUE DILIGENCE ASSESSMENTThe Baseline Downstream Due Diligence Assessment expands on the minimum baseline assessmentrequirements. DFAT partners should be taking steps to understand their own downstream partners andmanaging the risks from working through them. This assessment focusses on how a delivery partner managestheir downstream risks and how due diligence is reflected further down the delivery chain. The seven (7)mandatory criteria that make up the Baseline Downstream Due Diligence Assessment are shown in Figure 4below.Although DFAT can transfer some delivery risk to the delivery partner, it is not possible to transfer all risks.Organisations using downstream partners should transfer risk management responsibly, otherwise DFAT couldbe exposed.Baseline downstream assessments are generally conducted by a DFAT officer/s using the baseline downstreamassessment tools and guidance, however this assessment may also be conducted with contractor support.Access to the Due Diligence Services Panel is available through the Australian Government's AusTender'sDynamic Sourcing for Panels (DS4P). The use of contractor support will be commensurate to the risk and valueof the proposed agreement/arrangement.The Baseline Downstream Due Diligence Assessment is not appropriate for assessing multilateral organisationsand development banks or international and regional organisations. For assessments on multilateralorganisations and development banks or international and regional organisations the minimum requirementsare detailed in section 3.4 below.Figure 4 Baseline Downstream Due Diligence Criteria9
3.4 BASELINE MULTILATERAL ORGANISATIONS, DEVELOPMENT BANKSOR INTERNATIONAL AND REGIONAL ORGANISATIONSFor due diligence assessment on a multilateral organisation, development bank or international and regionalorganisation, the minimum due diligence requirements are to conduct a Baseline multilateral assessment. Thebaseline multilateral assessment includes the seven (7) criteria as per Figure 5 below. However, theinformation and evidence to be considered when undertaking a multilateral assessment is appropriate andproportionate to the size and complexity of the organisation and the value of the proposedagreement/arrangement.Baseline multilateral assessments are generally conducted by a DFAT officer/s using the baseline multilateralassessment tools and guidance, however this assessment may also be conducted with contractor support.Access to the Due Diligence Services Panel is available through the Australian Government's AusTender'sDynamic Sourcing for Panels (DS4P). The use of contractor support will be commensurate to the risk and valueof the proposed agreement/arrangement. The due diligence assessment is conducted in close cooperationwith the multilateral organisation. The DFAT program area and contracted assessor should work with themultilateral organisation to gather evidence to evaluate the organisation against the assessment criteria.While many multilateral organisation, development bank or international and regional organisation are viewedas trusted partners, the aim of a due diligence assessment is to provide an overall judgement of the risksrelated to working with that particular partner. These risks should be underpinned by assurances from thepartner that they have an appropriate governance structure; that central policies, controls and processes ofsufficient quality are in place and well aligned to DFAT policies. Moreover, that these established policies andprocedures are well communicated across the organisation and to their delivery partners and that they areoperating effectively in practice, that it can effectively monitor, evaluate and improve its processes anddelivery, and that suspicions or allegations of fraud, corruption, SEAH or are identified, communicated anddealt with appropriately10
Figure 5 Baseline Multilateral Due Diligence CriteriaBaseline MultilateralDue Diligence Criteria1. Entity Details2. Past Performance3. Fraud and Corruption Control4. Proscribed List Checks5. Integrity Systems Checks6. Child Protection7. Preventing Sexual Exploitation,Abuse and Harassment3.5 COMPREHENSIVE DUE DILIGENCE ASSESSMENTComprehensive due assessments address the full fourteen (14) assessment criteria, including the baselineassessment criteria in greater depth as shown in Figure 6 below.Comprehensive assessments are generally conducted with contractor support using the comprehensiveassessment tools and guidance. Access to the Due Diligence Services Panel is available through the AustralianGovernment's AusTender's Dynamic Sourcing for Panels (DS4P).Given the level of detail and information required to accomplish this type of assessment, the delivery partneris often required respond to information requests with more frequency during the assessment process.Further, the findings and conclusions of the assessment are discussed, and fact checked with the deliverypartner prior to the finalisation of the report.The financial delegate is responsible for determining if a comprehensive assessment is required. The decisionabout the scope and depth of a due diligence assessment needs to be proportional to the risk of theagreement/arrangement and our knowledge about the performance of the proposed delivery partner.When making this determination the delegate will consider relevant factors including: current knowledge of the partner; the value and risk of the proposed agreement/arrangement; and partner type.11
The financial value of the assessment is one consideration, and if it is significant this alone may warrant acomprehensive due diligence assessment. However, other relevant criteria to be considered include thedelivery context, who the delivery partner will be working with and what they are being asked to do and how,what we know about the delivery partner and their ability to meet the requirements of Australian governmentpolicy, and the degree of public interest the agreement/arrangement may attract.Figure 6 Comprehensive Due Diligence CriteriaComprehensiveDue Diligence Criteria1. Entity Details8. Fraud and Corruption Control2. Past Performance9. Proscribed List Checks3. Technical/ Operational Capacity10. Integrity Systems4. Financial Viability11. Risk Management Processes5. Fiduciary Management12. Child Protection6. Results & PerformanceManagement13. Preventing Sexual Exploitation,Abuse and Harassment7. Value for Money14. Environmental & SocialSafeguards3.6 A NOTE ON PROPORTIONLITYAs has been discussed above, the scope of the due diligence assessment is to be proportional to the overallrisk of the agreement/arrangement. The S23 delegate responsible for approving the agreement/arrangementis also responsible for determining the scope of the due diligence assessment. Unless it is specified that adelivery partner is not subject to DFAT’s Due Diligence Assessment Process (as per Table 1) then due diligencerequirements apply to all proposed delivery partners; this includes commercial and private sector entities,non-government and civil society organisations, multilateral organisations and development banks andinternational and regional organisations.Generally, criteria that help us understand the overall risk associated with an agreement/arrangement involveconsideration of the following: Our prior experience of working with, and knowledge of, the proposed delivery partner’sperformance. In other words, what do we know of this delivery partner’s ability to meet our policyrequirements and their record of performance?12
The level of complexity associated with the agreement/arrangement accomplishing its objectives. Thistakes into consideration the operating environment including political context as well as thecomplexity of the agreement/arrangement design itself.The level of exposure, political and reputational risk associated with the agreement/arrangement.The financial value of the agreement/arrangement.For example, an agreement/arrangement of moderate value involving a delivery partner we have worked withbefore may still present significant potential risk. This may be because the agreement/arrangement designand the context in which it is being delivered are complex. Similarly, a low value agreement/arrangement witha delivery partner we have limited experience and understanding of – for example a local civil societyorganisation - may also present significant reputational risks if we do not apply a method to understand thatorganisation’s credentials and ability to meet DFAT’s policy requirements.4. DUE DILIGENCE REPORTS AND APPROVALMany due diligence assessment processes will require material to be obtained in-confidence from deliverypartners for the purposes of undertaking the due diligence assessment. Accordingly, assessment reports areto have a minimum classification of ‘Official’ and are not intended for external distribution.4.1 CENTRAL STORAGE AND USE OF EXISTING REPORTSThe Due Diligence Register should be examined before commencing any due diligence assessment process toavoid potential assessment duplication. If a current assessment report exists, they may be requested via emaildue.diligence@dfat.gov.au with the details of the report and reason for requesting a copy.Please note that although the listed reports are current and valid for the delivery partner for up to three yearsfrom the date of approval, it may be necessary for agreement/arrangement managers to reconsider theadequacy of the existing assessment to ensure the due diligence assessment addresses issues related to theirparticular program/activity. This decision is the responsibility of the S23 delegate for the proposedagreement/arrangement.Due Diligence assessments should be conducted using the templates and guidance materials available on thedue diligence page on the intranet.Original Due Diligence Reports and supporting material should be stored by the area conducting theassessment on EDRMS and relevant partner or initiative files.4.2 ROLES AND RESPONSIBILITIESAgreement/Arrangement Relationship Managers - must undertake due diligence appropriate to theirproposed funding agreement/arrangement.PGPA Financial Delegates - the financial delegate is responsible for due diligence undertaken for any fundingagreement/arrangement as well as its scope and depth. Where assessments reveal partner risks an informeddecision can be made by financial delegates as to: whether or not to proceed with the partner, andhow identified risks will be treated and monitored.Depending on assessment findings, the delegate may decide that the risks of partnering with a particular entityare too significant to be managed and it is not possible to work with this partner at the time.13
In the instance that the delegate considers the due diligence assessment to support partnering with aparticular entity, the Approval to Commit and Enter into an Arrangement Minute must reflect the delegate’sacknowledgement of: the completion of a due diligence assessment and its findings;any identified risks and proposed treatment and monitoring options.14
15
regional organisations due diligence assessments may be conducted with contractor support. Access to the Due Diligence Services Panel is available through the Australian Government's AusTender's Dynamic Sourcing for Panels (DS4P). A risk-based approach is used to determine the scope of due diligence is conducted. Generally, we need to
