Grantee due diligence is the process by which a funder assesses whether an applicant organisation is a legitimate, well-governed entity capable of using grant funds appropriately. It is distinct from the merit assessment of the application itself: due diligence concerns the organisation; assessment concerns the proposal.
Due diligence is a core funder responsibility — the obligation to demonstrate that public or charitable funds were distributed to organisations that were fit to receive them. It is also a risk management activity: inadequate due diligence is a leading cause of grant fraud and misuse.
Due diligence varies significantly by funder type, grant size, and grantee profile. At the lighter end:
Legal status verification. Confirming that the organisation is legally constituted as a charity, non-profit, incorporated entity, or government body. This is typically done through a charity register (ACNC, Charities Services NZ, Charity Commission England and Wales, CRA for Canadian charities) or company register.
Bank account verification. Confirming that the bank account to which funds will be paid is held by the applicant organisation — not a related entity or individual. This protects against fraud through account substitution.
Sanctions and debarment screening. Confirming the organisation and its principal officers are not on sanctions lists, government debarment lists, or anti-terrorism financing lists.
At the more thorough end:
Financial health assessment. Reviewing audited financial statements to assess the organisation's financial sustainability, reserves, and management practices. Funders making large grants may require current audited accounts as a condition of application.
Governance assessment. Reviewing the organisation's governance structure — board composition, meeting minutes, conflict of interest policies, financial management policies. Government funders and larger foundations often have structured governance checklists.
Organisational capacity. Assessing whether the organisation has the staffing, systems, and track record to deliver the proposed programme. For large or complex grants, this may involve site visits or reference checks.
Previous grant performance. For organisations that have received funding from the same funder before, reviewing their track record of delivery, reporting compliance, and financial accountability.
Not all applicants present the same risk profile. A large, well-established charity with a long relationship with the funder warrants less intensive due diligence than a new organisation receiving a first grant. Risk-based due diligence calibrates the depth of checks to the risk level — which is typically a function of grant size, grantee size and maturity, and programme type.
Most funders categorise due diligence into tiers:
Tier 1 (light): Legal status verification, bank account confirmation, sanctions check. Appropriate for small grants to established organisations.
Tier 2 (standard): Plus financial statements review, governance structure check, programme capacity assessment. Appropriate for mid-range grants or first-time grantees.
Tier 3 (enhanced): Plus audited accounts, site visit or reference checks, detailed governance review. Appropriate for large grants, complex programmes, or higher-risk contexts.
A risk matrix that assigns tiers based on grant size and grantee profile reduces both due diligence overhead for lower-risk grants and the risk of insufficient due diligence for higher-risk ones.
Document collection. Application forms that require applicants to upload specific documents — charity registration certificate, latest audited accounts, governing document, list of current trustees — at the time of application centralise document collection and make it easy for assessors to access what they need.
Due diligence checklist. A structured checklist within the assessment workflow — with checkboxes for each required verification element and fields for notes and document references — ensures that due diligence is completed systematically and documented, not just remembered.
Organisational profile with history. For returning applicants, the platform should maintain a profile showing previous grant history, previous due diligence records, and any compliance issues. This reduces redundant re-checking of stable information (legal status, bank account) while flagging if information has changed.
Sanctions screening integration. Some platforms integrate with sanctions screening services, triggering automated checks on application submission and alerting programme staff to potential matches. Others support a documented manual screening process within the platform.
Flagging and risk indicators. Platforms that can flag specific risk indicators — organisations that haven't provided required documents, organisations in jurisdictions with higher risk profiles, first-time applicants above a threshold grant size — allow programme staff to prioritise enhanced due diligence without reviewing every application at the same depth.
Audit trail. The due diligence record should be immutable once the grant is made — a clear log of what was checked, when, by whom, and what the outcome was. This is the evidence required for an audit finding that due diligence was conducted appropriately.
Over-reliance on applicant self-declaration. Application forms that ask organisations to declare their legal status, governance standards, and financial health without requiring supporting documents create a file of assertions, not verified facts.
Incomplete documentation for declined applications. Due diligence records are usually maintained for funded grants; they are sometimes not maintained for declined applications. If a declined application later raises concerns — an organisation that was funded elsewhere is found to have committed fraud — the record of what the funder checked (or didn't check) for that application matters.
Not re-running checks before payment. Legal status, sanctions, and bank account information can change between application and payment, particularly for multi-year grants or programmes with long assessment timelines. Running checks at application and not re-running before payment is a gap.
Treating due diligence as a box-ticking exercise. Due diligence records that are complete on paper but where the underlying documents were not reviewed are not due diligence — they are documentation of the appearance of due diligence. The audit trail needs to reflect genuine engagement with the materials.
Tahua supports grantee due diligence with structured document collection, due diligence checklists, organisational profiles with grant history, and immutable audit trails.