Skip to content

Due Diligence Framework 


About the Due Diligence Framework

As part of ensuring good governance and ethical decision-making, due diligence is required in various areas on potential companies and personnel with whom the University may enter into agreements, contracts, associations or significant monetary exchanges. 

The Due Diligence Framework is available on this web page below and is an overarching document which sets out broad principles which will be employed to develop specific due diligence processes across the breadth of the University’s activity. 

For advice on the Due Diligence Framework, please contact the Student Conduct, Risk and Information Governance Team: 

Matthew Stephenson, Tel 01274 233021, Email: 

The Due Diligence Framework is available on this web page below:


Due Diligence Framework

Policy version control table.
Details when approved, committee approved by etc.
Approved by: Ethics Committee
Executive Board Lead: University Secretary
Author: Assistant Head (Casework, Risk and Information Governance), Legal and Governance Department
Date Approved: 9 February 2023
Next Review Date: 9 February 2026
Version Number: Version 1.1

This document can only be considered valid when viewed via the University website. If this document is printed into hard copy or saved to another location, you must check that the version number on your copy matches that of the one on the University website. Approved documents are valid for use after their approval date and remain in force beyond any expiry of their review date until a new version is available.

1. Introduction

1.1 When the University starts working with a new party it may wish to check that this party is a suitable partner to be working with. This may be to ensure that a new supplier is financially stable, that a new committee member does not have a poor reputation or that a new research partner has a reasonable track record. This type of activity is called due diligence.

1.2 Due enables an organisation to establish whether a new partnership or working arrangement:

1.2.1  aligns to its strategic objectives;

1.2.2  enables it to assess the level of risk presented by the proposed partnership; and

1.2.3  presents a risk commensurate with the benefits that partnership will bring;

1.2.4  supports ethical goals.

1.3 The term “partnership” in this context is very wide and could include collaborative academic partner, subcontractor, research funder, lay council or committee member, donor, sponsor, honorary graduate etc.

1.4 Due to the very wide number of different partners, it is not possible to have one single Due Diligence process and so individual departments need to determine what checks need to be undertaken for each type of partnership for which they are responsible using this framework and the principles within as a structure and standard.

1.5 This Due Diligence Framework is a tool intended to assist with the University of Bradford’s risk management and ethical obligations to assess whether the relationship with a potential partner is a suitable one and which is designed to formalise, strengthen and streamline due diligence arrangements already in place.

1.6 The Framework provides a structured and consistent approach for the identification and assessment of issues prior to entering into arrangements with a partner.

1.7 This Framework does not just cover the searching but also then what should be done with the results of the searches.

1.8 Support and guidance is available from the Legal and Governance Department but it is for individual Faculties and Directorates to design and implement their own due diligence processes.

2. Objectives

2.1 The objectives of this Framework include:

2.1.1  the definition of the types of partnership which will require the University to undertake due diligence;

2.1.2  ensuring that due diligence assessments are undertaken in a consistent manner;

2.1.3  ensuring that assessments undertaken are proportionate to the risk posed by the partnership;

2.1.4  enhancing processes through identification and assessment of any risks posed by any potential partner prior to any final decision being made about that potential partner;

2.1.5  enabling decisions about potential partners to be transparent, robust and defensible;

2.1.6  ensuring the department responsible for a function is aware that any due diligence in connection with that function is also its responsibility and that it must develop its own process accordingly.

3. Scope

3.1 Types of activity covered by due diligence:

3.1.1  The following areas will be subject to due diligence assessments, collectively they are henceforth referred to using the term “partnership”:

  • Entering into partnerships;
  • Collaborative academic provision;
  • Contracting of services;
  • Appointment of suppliers;
  • Receipt of gifts, donations and/or sponsorship (whether solicited or offered);
  • Conferment of honorary degrees;
  • Appointment of lay members of Council and its committees;
  • Appointment of international recruitment agents;
  • Receipt of funding for research, consultancy and innovation;
  • Recipients of donations made by the University (includes money, services, facilities);
  • Appointment of external investigators;
  • Appointment of staff, temporary staff and contractors;
  • Appointment of mentors and/or coaches;
  • Appointment of honorary, visiting and emeritus academic staff;
  • Engagement of Transfer of Undertakings (Protection of Employment) Regulations;
  • Any other type of partnership where it is thought an assessment may be required.

3.2 Types of person / body to which due diligence applies:

3.2.1 Due diligence assessments apply to individuals, commercial contractors, private sector entities and civil and non-government organisations.

3.2.2 It does not apply to research funding via UKRI or its members.

3.2.3  Nor does it apply to any funding from the government of the United Kingdom, the Scottish Government, Welsh Government or Northern Ireland Executive; any local government body or other public authority within the UK.

4. The Due Diligence Framework

4.1 General Principles

4.1.1 The University does not have a single approach but instead has a number of streams of activity, outlined in Section 3 above.

4.1.2 For each of the different activity streams there should be a separate Due Diligence Process.

4.1.3 The individual Faculties and Professional Services Directorates which have responsibility for these activity streams also have the responsibility for the formulation of the Due Diligence Processes which relate to them. For example, the Honorary Degrees process is the responsibility of the Legal and Governance Office and so the Honorary Degrees Due Diligence Process is also the responsibility of the Legal and Governance Office.

4.1.4 For each of the Due Diligence Processes, the following general principles shall be included:

    • Proportionality
    • Criteria and Sources
    • Assessment
    • Signoff

4.1.5 Where potential arrangements with another partner are not covered by the list in 3.1 but it is still felt that some due diligence should be undertaken, the processes for the most similar activity should be followed. Advice can also be sought from the Legal and Governance Office, or in the case of financial matters, from the Finance Directorate.

4.2 Proportionality

4.2.1 The level of due diligence undertaken should be proportional to the overall risk.

4.2.2 The Committee or University Officer responsible for approving the partnership, whatever that may be, is also responsible for ensuring that the extent of the due diligence and content of the assessment is adequate.

4.2.3 The potential consequences of entering into a partnership needs consideration, not only in terms of the impact on the department in question, but also upon the university as a whole as well as any specific categories of University stakeholders (e.g. students, local community, council members etc.).  For example, irrespective of good deeds and local connections, a specific person may not be a suitable recipient of an honorary award if their opinions oppose the University’s public statements or criticise its stance on a particular subject.

4.2.4 Due diligence requirements apply to all proposed partners within the scope of this framework.

4.2.5 Criteria to be considered in assessing the overall risk associated with a new partnership include, but are not limited to:

    • Previous experience of working with, and knowledge of, the proposed partner;
    • The level of complexity associated with the activity involved;
    • The level of exposure, political and reputational risk associated with the activity and partner;
    • The financial value of any partnership.

4.2.6 The level of overall risk for each type of partnership should then inform the level of due diligence undertaken. 

4.2.7 It is the responsibility of each department to judge the level of due diligence required and the appropriate assessment and approval processes: for example, the due diligence for a supplier of carpets for a small refurbishment project will require less due diligence than a 10-year IT supply contract.

4.2.8 The levels of due diligence are as follows: Basic (for low risk partnerships), Enhanced (for moderate risk partnerships) and Heightened (for higher risk partnerships).

4.2.9 The definition of each level will depend on the specific due diligence process but might relate to the financial value of the partnership, the strategic importance of the partnership or the profile of the partnership.

4.2.10 If differing levels of due diligence are put in place and where the level indicates that limited assessment is required, the staff member involved in developing the partnership should exercise their professional judgement and may determine nevertheless that a higher level of due diligence assessment should be undertaken.

4.3 Criteria and Sources

4.3.1 Each Due Diligence Process should include the criteria to be assessed, as determined by the department responsible.

4.3.2 Illustrative lists of possible due diligence criteria which could be checked are listed in Appendix 1.

4.3.2 Each process should also include sources where such information should be sought.

4.3.3 A list of sources is provided at Appendix 2 and indicates which of the criteria mentioned above can be ascertained from each source.

4.3.5 For some types of due diligence, particularly basic checks, it may be though that a relatively quick google search is all that is needed. In such cases however, there may not necessarily be many useful results.  This does not mean that there are no adverse impacts – only that nothing has been identified. This may leave the University open to risk and so it is up to the department to determine if further due diligence is required.

4.3.6 As each process is developed and evolves, the individual sets of criteria for each Due Diligence Process should be documented as part of that process. The appendices to this document may be withdrawn from future iterations of this document as the maturity of the University’s approach to due diligence improves.

4.4 Use of External Due Diligence Services

4.4.1 Departments should note that it will be extremely difficult for a lay person to undertake in-depth searching using only freely available internet resources.  

4.4.2 If a Department does not feel appropriately assured by such searching internally, it may wish to use a paid-for searching tool or commission an external due diligence search. This framework is not a guide for procuring such services.

4.4.3 Note; there is no central University-wide budget for either an External Due Diligence Service or for a subscription type due diligence searching system which can be used internally.

4.4.4 Departments which wish to use an external due diligence service or due diligence subscription will need to determine the best provider of such a service for their own needs and resources.

4.5 Assessment

4.5.1 Once due diligence has been performed, an assessment of the findings must take place.

4.5.2 This assessment could be undertaken by the person conducting the due diligence activity or by a more senior person.

4.5.3 In all cases, an indication of the level of risk should be provided. It is not for this Framework to dictate the type of indication that this could include but examples are:

    • A one to five scoring where one is no or little risk and five is an unacceptable level of risk;
    • A red/amber/green rating; or
    • An overall score where each element of a due diligence is given a certain weight (for example, if a due diligence process is given a score out of 100 made up of various elements, financial viability could be given a score out of 20 and human rights record a score out of 10)

4.6 Signoff by relevant University Officer or Committee

4.6.1 In all cases the due diligence assessment must be signed off by a named Committee or nominated University Officer.

4.6.2 This is not necessarily the same as the delegated authority for a particular matter but indicates that the due diligence activity and its assessment has been agreed at an appropriately senior level.

4.6.3 Where it is decided to proceed with a relationship which is deemed to carry a certain level of risk, this risk should be formally accepted and documented.  It should be raised with either the Legal and Governance Department or with the relevant risk owner (usually a member of the Executive Board or other senior manager).  This will ensure that the risk is documented and managed effectively.

5. Further Development, Monitoring and Review

5.1 The operation of the Due Diligence Framework and all subsidiary documents noted within it will be monitored on a regular basis by the University Secretary and further developed, as required, in the light of experience of its operation.

5.2 Departments responsible for due diligence are required to regularly monitor, and if required make amendments / improvements to their Due Diligence Processes.

Appendix A: Possible due diligence criteria

Possible due diligence search criteria.
Table lists possible search criteria i.e. questions you may want answered about a company or individual.
Possible due diligence criteria when checking companies:

Company information:

Incorporation Date/Years in Business

Directors, Secretary, Significant Persons

Years in Position

Current & Previous Auditors

Company House Filings on Time


Parent Company

Subsidiary Companies

Mission Statement

Strategic Plan

Risk Register


State / Public Funding



Governance Arrangements

Quality Arrangements

Departmental Operational Arrangements for Programmes

Data Protection Compliance


Companies House Charges


Employee Numbers

Employee Turnover

Employee Relations / Issues

Organisation Chart

Directors, Secretary, Significant Persons


Main Competitors

Market Position

Main Customers

Customer Reviews / Satisfaction

Customer Issues

Main Suppliers

Supplier Relationships

Previous Suppliers

Major Competitors


Credit Rating

% Likelihood of Company Failure


Financial Accounts

Financial Accounts Growth

Unusual Financial Activity

Turnover / Revenues




Shrinking reasons - Divesting Non-Core Business or Other Resources

Expenditure - Main Source / Any Large Unexpected Costs

Comparison of Annual Expenditure against Industry Norms

Large Assets Recently Gained or Disposed of

Appropriate Additional Recent Assets

Cash Amount

Company Has Liabilities - Size and Recent Activity

Main Shareholders

Financial Projections

Predictability of Business

Stability of Company


Sector specific legislation

Regulatory Bodies


Foreign - Abide by Human Rights Act

EDI commitment / compliance

Commitment to sustainability etc.



Alignment to University values

Possible due diligence criteria when checking individuals:





Relevant Experience

Previous Experience of a Similar Nature


Other Roles

Main Role

Company Works For


Spouse / Partner

Adult Children



Personal / political opinions


Current DBS


Appendix B: List of sources for due diligence intelligence

List of sources for due diligence intelligence and where to search.
The first column shows the information point, the second column shows the location i.e. public website or paid service, the third column shows the type of information the information point may provide, the fourth column shows notes on available data.
Information Point Location & Access Type of Information Notes
Companies House Public website Company accounts, company status, articles of association, filings, directors, Co. Secretary and Persons of Interest Can search by company or by person.
ENDOLE Public website Directors, basic company information. Can click on names and other companies they are associated with to drill further down.
Own or Company website Public website    
Google Search Public website Search for companies or individuals.  
Charity Commission Public website May have reports which mention companies or individuals. Only presents data if search term appears in a report.
BEIS Public website May have reports which mention companies or individuals. Only presents data if search term appears in a report.
Corporate Watch Public website Journalism on corporations and their social and environmental impacts.  
Business & Human Rights Resource Centre Public website    
Ethical Consumer Public website Information on companies' ethical, social and environmental behaviours. Public website Customer reviews.  
Credit Safe Paid service Money laundering, fraud. Information might be 12 months old or older.
World Check Paid service Delves further into the internet and finds other pertinent information on companies, companies finances and individuals. Cost per use.
NEUPC Paid service Credit check. Used by Directorate of Marketing, Recruitment & Outreach approx £70.
Net Positives Paid service Company policies, procedures. No longer used by the University.


Appendix C: Steps to Developing a Due Diligence Process

Steps to developing a due diligence process.
Step 1 to 4 from left to right.
Step 1. Proportionality Step 2. Criteria and Sources Step 3. Assessment Step 4. Signoff
Ascertain whether just one level of due diligence is adequate or whether more than one level is needed to account for more complex cases. Determine what information you need to be able to make a decision about a potential partner.  Then identify the sources for that information. Determine a scoring criteria to enable you to assess whether a particular partner presents a risk to the University. Identify which University officer or which committee will ratify the decision and determine.