Due Diligence in Grantmaking, Part III

In this three-part series, TechSoup’s General Counsel provides an overview of due diligence in the grantmaking context. Part III examines the obstacles and opportunities that due diligence presents for the sector, with a particular focus on international grantmaking in the humanitarian and development sectors.

Part III: Due Diligence: Obstacle or Opportunity?

In the grantmaking world, due diligence remains a donor-driven and donor-serving obligation. Grantees primarily undergo due diligence as a means to receive funds and to demonstrate their capacity to do so without presenting undue risk to the funder. But due diligence needn’t be a “necessary evil” for prospective grantees. Donors, government agencies, and funder networks have, in some instances, used due diligence as an opportunity to learn, innovate, and empower civil society. We’ll look at a few ways in which due diligence continues to be an obstacle, as well as ways in which it has been used as an instrument for change. There remain myriad opportunities for funders and governments to reimagine due diligence as a means to strengthen civil society and streamline onerous compliance exercises.

When Due Diligence Creates or Exacerbates Existing Barriers

Amidst increasing demand for more effective delivery of aid, the humanitarian sector continues to struggle with long-standing challenges, many of which were formally called out in the 2016 Grand Bargain commitments. Key amongst these challenges is the failure of funders to effectively localize and diversify aid. While changes to the way funders conduct due diligence cannot alone solve this problem, they represent a substantial step in the right direction.

There are at least three primary ways in which due diligence, in particular, continues to cause frustration and resource waste for both funders and their grantees, while further exacerbating the localization challenge:

  • No uniform standard: Without uniform standards or central repositories, due diligence exercises are redundant, inefficient, and expensive.
  • Western-focused: Because the principal goal of such exercises is to mitigate risk and liability from a funder’s perspective, and because the majority of funders are based in North America and Europe, due diligence exercises continue to be dictated by western norms and standards, despite overwhelming numbers of grantees in non-western regions.
  • Exclusive: As a pass/fail exercise, due diligence generally reinforces long-standing grantee relationships, at the exclusion of newer and, typically, more local organizations.

Each of these due diligence problems has a solution, and one that has been tested or is in progress, as we’ll describe in greater detail below. However, before we address potential solutions more fully, it’s important to understand three of their root causes.

1. Government Regulators and the Targeting of Charitable Dollars

As noted in Part I of this series, it is difficult to overstate the impact of counterterrorism regulations, and resultant bank "de-risking," on the charitable sector. Particularly after the 9/11 terrorist attacks, the proliferation of counterterrorism and anti-money-laundering regulations adopted by both U.S. and European governments has increasingly placed the onus of identifying and eliminating potential sources of terrorist funding on financial institutions.

Making matters worse for charitable funders, in October of 2001, the Financial Action Task Force (FATF) released a “Special Recommendation VIII (SRVIII): Nonprofit Organizations” specifying that nonprofit organizations were “particularly vulnerable” to “the clandestine diversion of funds intended for legitimate purposes to terrorist organisations.” As a result, most financial institutions chose to eliminate any perceived risks in banking, regardless of how real the risk.

A primary victim of this de-risking has been the nonprofit sector. Even with subsequent amendments to FATF guidance — each stepping away from this initial characterization of the nonprofit sector — financial institutions have been slow to trust that funding of nonprofit organizations is not inherently suspect.

Various other government statements regarding the risk of terrorist financing posed by the charitable sector compounded an already inflated concern. As Sue Eckert writes, in a pivotal paper on Financial Access for U.S. Nonprofits (PDF):

After the 9/11 attacks, the Bush Administration adopted a narrative of charities as “significant source of funds” for terrorist financing. In the following years, greater information on terrorist financing threats and a more nuanced and evidence-based view emerged. … A 2009 report from the UN Counter-Terrorism Implementation Task Force (CTITF) and the World Bank recognized growing concern for the overemphasis on NPOs [nonprofit organizations], cautioning, “States should avoid rhetoric that ties NPOs to terrorism financing in general terms because it overstates the threat and unduly damages the NPO sector as a whole.

The fact that the nonprofit sector is not particularly profitable as a client further fuels the unwillingness of banks to serve them. According to a report by the Global Center on Cooperative Security (PDF):

Low profitability of the customer base has often been cited as a key, if not the most important, driving factor behind de-risking practices. Although public image and publicity considerations are an issue for financial institutions, the core decision-making driver remains straightforward and clear: a cost-profit analysis. According to a study conducted by the British Financial Services Authority in 2011, the banks surveyed appeared willing to maintain what appeared to be unacceptable risks related to the handling of the proceeds of crime if the relationships were profitable.

Multiple studies and papers over the past decade have further demonstrated the harmful effects of counterterrorism and anti-money-laundering regulations, and the consequent de-risking phenomenon, on the charitable sector by prominent groups such as the Charity & Security Network, the European Center for Not-for-Profit Law, the Harvard Law School Program on International Law and Armed Conflict, and the Human Security Collective, to name just a few.

The late Barnett Baron aptly wrote, in an article on Deterring Donors: Anti-Terrorist Financing Rules and American Philanthropy, that “[g]rant-makers should not be treated as police, intelligence, or law enforcement agencies.” Doing so is as much ineffective as it is counterproductive. For example,

Requiring grant-makers to collect detailed information about a prospective grantee’s staff, trustees, donors, sub-contractors, and bankers, even if they are not directly involved in the program to be supported by the proposed grant, will inevitably raise questions about the role and objectives of U.S. grant-makers. In some cases, prospective grantees may view grant-makers as agents of the host government, which may be a repressive one, or as agents of the U.S. intelligence community. This could jeopardize the ability of U.S. foundations to operate effectively, and in extreme cases could even put in-country staff at physical risk.

Baron elaborates that intrusive and over-extensive due diligence exercises may actually damage the necessary trust that is built between funders, governments, and grantees, all essential partners in ensuring a thriving civil society.

While Baron’s article was published in 2004, his points are just as pertinent today, and even more so as regulators continue to expand the number and scope of counterterrorism regulations. The impact of this regulatory climate extends beyond just financial institutions but also to grantmakers, who may not have the resources or in-house expertise to identify ways to mitigate risk and help grantees do the same. Instead, many funders rely on long-standing relationships and existing networks, or simply limit their grants to prominent international NGOs as a means to “safely” distribute funds to various causes within their philanthropic portfolio. As a result, local NGOs on the front lines, serving communities in need, typically receive only a fraction of the flow of international aid directed to their home countries.

2. Disproportionate Discomfort with Risk

Many grantmakers’ reluctance to understand and take risks, even small ones, in the face of daunting regulatory compliance, is another reason that due diligence largely remains an exclusive pass/fail exercise, and one that is lengthy and difficult for grantees to complete. Kasper and Marcoux write, in The Re-Emerging Art of Funding Innovation, that, “[l]ike venture capitalists, foundations that choose to fund unconventional ideas can easily shy away from risk during the vetting process. Innovation funders still conduct thorough due diligence and uncover whatever is knowable about a new project, but they try hard not to let the need for proof and certainty screen out potentially transformative opportunities.”

Indeed, grantmakers should look at due diligence as a means to gain comfort with risk, while also helping their grantees better mitigate that risk. While certain high-profile foundations are increasingly embracing risk, many others, together with government funders, continue to deny funding to all but the largest, most established international NGOs (INGOs). While INGOs do excellent work in many fields, they are independent and often quite removed from the local NGOs who are implementing the funds on the ground.

3. Traditional Due Diligence and the Failure to Think Beyond

The third significant cause of persistent inefficiencies in due diligence is the stagnant nature of technological innovation in this area. The sector as a whole should be thinking of more innovative and more cost-effective ways to vet NGOs. Technology is transforming philanthropy just as it is in every other aspect of our lives, from crowdfunding platforms to mobile cash transfers and open-source humanitarian applications. And yet, few technological innovations exist when it comes to due diligence. Governments and grantmakers largely still rely on narrative questionnaires and document requests, manual reviews, and on-site audits. The vast majority of such exercises are conducted in English, or occasionally in one of several common western languages. Rarely is a due diligence assessment available in local dialects, and rarely by local assessors.

The traditional “site visit” is a good illustration of this problem. We didn’t need a global pandemic to identify the resource strain caused by mandatory site visits, but the pandemic certainly highlighted its impracticality. For many large grantmakers, an onsite review of a grantee’s operations is a necessary aspect of any grantmaker-grantee relationship. While in-person interactions are invaluable components of any trust-based relationship, they should not be an impediment to successful collaboration. Site visits are expensive and time consuming, and from a due diligence perspective, questionably effective. Many local organizations spend most of their days in the field, and others may maintain their documentation primarily in digital format.

In short, due diligence seems to be stuck in a pre-digital world, as though compliance would somehow be compromised by technology. Information continues to be collected in ways that defy ease of completion and potential collaboration; and local NGOs continue to be expected to expend valuable resources on responding to due diligence requests, often in a foreign language, and often regarding concepts foreign to their own compliance standards and cultures.

How Due Diligence Can Break Down Barriers: Two Case Studies

Now that we’ve addressed several key barriers to impactful delivery of aid, as well as several root causes of these barriers, let’s return to our potential solutions. First, funders can and should together create and rely on standard due diligence practices for international grants. A uniform standard accepted and utilized by a coalition of influential grantmakers can significantly move the needle in simplifying due diligence for both grantmakers and their grantees. Second, collecting results in a shared repository available to the sector equally prevents resource waste by ensuring that a grantee goes through the process only once for multiple potential funders. Third, by committing to provide assessments in local languages, and in user-friendly formats, such as mobile applications or other accessible interfaces, grantmakers will be vastly improving the experience for their grantees. Finally, by demonstrating the efficacy of these combined changes, the grantmaking community will be showing governments, financial institutions, and more conservative funders that such a model not only works, but improves the status quo.

Two programs, one well established, the other still in its early deployment, serve as useful case studies for the above recommendations. We’ll review each of them below.


NGOsource was born out of a coalition of U.S. grantmakers, led by the Council on Foundations, Foundation Center, and Independent Sector, who had a vision of creating an NGO repository to streamline the process of equivalency determinations. As described in Parts I and II of this series, equivalency determinations are a mechanism for U.S. private foundations and donor advised funds to recognize non-U.S. grantees as the “equivalent” to U.S. public charities in order to make general support grants to them without facing Internal Revenue Service (IRS) penalties. Equivalency determinations are a due diligence standard that requires a set of documents and explanations from non-U.S. NGOs that form the basis of a legal opinion drafted by a U.S. attorney or CPA. In 2008, TechSoup — a 501(c)(3) public charity— was chosen to build and manage the repository that would become NGOsource.

After several years of meetings with the U.S. Treasury and the IRS, engagement of law firms to advise on appropriate language, and a technology team building a multilingual branching questionnaire, NGOsource launched in March of 2013. Since that time, NGOsource has expanded to include a dozen global NGO partners, assisting non-U.S. grantees in eight languages, in over 150 countries. Where once no repository existed, NGOsource now maintains equivalency determinations, or EDs, on over 6,000 unique NGOs, for over 550 U.S. grantmakers. The total number of EDs issued between March 2013 and March 2021 is over 13,000. A single ED may be relied upon by five, six, or more grantmakers, saving the NGO many hours of redundant compliance exercises. The cost for grantmakers has also reduced drastically, ranging anywhere from a fraction of what an ED would typically entail, to at least a third of its lowest possible cost via traditional means.

Few would disagree that NGOsource has solved a major hurdle in international grantmaking for U.S. grantmakers. It did so by: (1) gathering consensus and moving forward as a coalition of influential actors in the space; (2) investing in robust technology that both cuts cost and makes completion easier for NGOs; and (3) investing in international partnerships allowing for multilingual and culturally appropriate deployment. NGOsource was no small investment and was the result of several years of hard work and dedication. Those investments have substantially paid off for the sector and have changed the way we envision compliance.

STEP: Reimagining Due Diligence in Humanitarian Aid

Following in the footsteps of NGOsource, TechSoup was engaged by the Start Network in 2018 to streamline and reimagine due diligence for this humanitarian membership organization based in the UK. The Start Network, a membership network of over 40 international aid organizations, was seeking a way to make membership in its network more inclusive, less costly, and more localized. As a recipient of government aid, the Start Network is bound to comply with strict compliance standards of its disparate government donors. However, the Network also set out to change the way humanitarian aid is delivered. Rather than simply downstreaming aid through international NGOs, the Network sought a way to bring in more local NGO members, and to provide more funds directly to such NGOs, cutting the cost of intermediaries and democratizing the delivery of aid.

The solution crafted by TechSoup was a tiered due diligence framework that places NGOs in one of four tiers, demonstrating their strengths and weaknesses in meeting each of the required standards among most institutional funders. The framework — called STEP — examines an organization across nine streams: governance, finance, legal compliance, operational sustainability and continuity, risk management, humanitarian best practices, data privacy and security, safeguarding, and working with implementing partners. Questions are asked with clear direction and often in a “select-all-that-apply” format that spells out for organizations exactly what kind of information is being sought, rather than asking open-ended questions, requiring long narrative responses. The framework has been translated and piloted in English, French, and Spanish, in each of India, Pakistan, the DRC, Guatemala, the Netherlands, the Czech Republic, and Palestine.

Requiring grant-makers  was reviewed by an international auditing firm, which concluded that the “due diligence framework covers all generally accepted areas” and “meets generally accepted due diligence standards within the humanitarian sector.” As TechSoup’s primary objective is to ease the burden on local NGOs, it developed tailored recommendations and an online resource portal aimed at ensuring that the due diligence exercise itself provides value to the NGOs completing it. Rather than simply telling an NGO on what tier it falls, the Framework provides a bespoke learning path for each NGO, with accessible resources to help it fill any identified gaps and “move up the tiers.” This organizational strengthening component is intended to ensure that local NGOs have more visibility into the requirements asked of them by international funders, as well as an opportunity to improve their risk management profile.

As the STEP Framework grows into a full-fledged solution, with a technical platform, and trained local assessors around the globe, the realm of possible applications continues to expand. A centralized repository of vetted NGOs, whose data is controlled by the NGOs themselves, and accessible (upon the NGOs’ choosing) by funders, financial institutions, and even small donors, could eliminate hundreds of thousands of hours spent on duplicative and onerous due diligence exercises. It could even break down barriers to financial access by making it easier for financial institutions to gather and rely on timely reviews of NGO profiles. To quote Sue Eckert again:

Technology-based solutions that enable effective and proportionate [financial institution] compliance, often referred to as ‘utilities,’ can tackle much of the paperwork and oversight that results in rising compliance costs and hence, restricted financial access for NPOs. These utilities can eliminate much of the burdensome and duplicative documentation requests cited by numerous focus group participants. One proposal calls for a repository created specifically for NPO financial access purposes that would set out customized criteria that allow all types of organizations — large and small, established and new, secular and religious — to be included. [Financial institutions] could then use the repository to collect information for their customer due diligence, obtaining it quickly and inexpensively.

Source: Financial Access for U.S. Nonprofits (PDF)

Finally, by helping local organizations improve their compliance and risk management processes as a necessary component of the review, STEP is creating new avenues of direct funding to local NGOs.

Much remains to be done before a STEP repository exists. Garnering broad consensus among funders and local NGOs will be critical to its success. Consensus requires deep engagement with NGOs in developing countries, as well as focused advocacy with funders, financial institutions, and regulatory agencies. However, the concept has been proven, and a path is in place to fully operationalize. STEP aims to tackle all three challenges outlined at the outset of this article: no uniform standard, overly western-focused, and exclusive of local NGOs. If it succeeds, it will serve as a second model for effective repurposing of due diligence as an instrument for change.


In response to the question posed in the title of this article, is due diligence an obstacle or an opportunity? At the moment, it remains largely an obstacle, with the exception of a few relatively recent, unique examples. We have an opportunity to drive due diligence toward greater opportunity and as a tool to help the nonprofit sector meet long-standing objectives toward localization and efficiency. Let’s not let this opportunity go to waste.

Do you have ideas or examples to share? Or, if you’d like to learn more about how TechSoup is working with its Global Network to improve due diligence and vetting services for the nonprofit sector, please reach out to us at STEP@techsoup.org.