Supplier Due Diligence: What Importers Must Check Before Paying
A regulator-grounded checklist for supplier due diligence, structured by the four risks importers actually lose money to: identity, capacity, payment, and sanctions.
Table of contents
Supplier due diligence is not a single check. It is four checks that answer four distinct questions, each tied to a specific failure mode that costs importers money.
The four questions
1. Identity — Is this a real legal entity at the address on the invoice? 2. Capacity — Does the entity have the operational ability to deliver? 3. Payment — Is the bank account in the same legal name as the invoicing entity? 4. Sanctions — Is anyone in the ownership chain on a sanctions, PEP, or adverse-media list?
Skipping any one of these is not "lighter due diligence." It is leaving a specific door open.
Identity verification
The minimum is a current registry extract from the country's official company register, dated within 90 days. The extract must confirm:
- Legal name and registration number
- Registered address
- Legal representative or directors
- Status (active vs struck off, in liquidation, or dormant)
A copy of a "business license" supplied by the seller is not sufficient on its own — it must be cross-referenced with the live registry record.
Capacity verification
Identity is necessary but not sufficient. A real company can still be incapable of delivering. Capacity signals:
Payment verification
The single highest-frequency fraud pattern in cross-border supplier payments is the beneficiary name mismatch: the invoice is from Company A, the wire instructions name Company B or an individual. Always confirm:
- Bank account name matches the invoicing legal entity exactly.
- A bank account confirmation letter from the supplier's bank, on bank letterhead, naming the beneficiary.
- If a payment instruction changes mid-transaction, re-verify from scratch — never proceed on email instruction alone.
Sanctions and adverse media
Run the legal entity, the legal representatives, and the ultimate beneficial owners (≥25% stake) against:
- OFAC SDN list
- EU consolidated sanctions list
- UK OFSI consolidated list
- UN sanctions list
- Local PEP databases
- Adverse media for the last 36 months
A name-only match should be treated as a hit pending disambiguation, not dismissed.
What a real verification report looks like
Every KeyBS Trust report covers all four checks, with a named analyst sign-off and source links for every claim. See the sample report for the exact format.
Conflicts of interest: none disclosed. Last reviewed May 29, 2026.
Aisha leads KeyBS Trust's country risk desk. She previously ran KYB operations at a tier-1 West African bank and built fraud detection pipelines for cross-border SME lending. Her work focuses on Africa, the Gulf, and South Asia.
View profileElena owns editorial governance and operational risk review for KeyBS Trust Intelligence. She approves every published article and chairs the methodology review board.
View profileGet every new Insight in your inbox.
Trade-risk intelligence, country guides, KYB explainers and verification playbooks. Weekly. Free. No marketing.
Double opt-in. Unsubscribe in one click. Read our privacy policy.
Related insights
How to Verify a Chinese Supplier Before Sending Payment
A documents-and-registries checklist for verifying mainland Chinese suppliers — what AIC records prove, what they don't, and which red flags reliably predict non-delivery fraud.
How Verified Supplier Badges Help Buyers Trust Your Business
A verified-supplier badge is signalling that you have submitted to independent verification. When the badge links to a third-party-signed report, it materially shifts buyer behaviour.
Vendor Due Diligence vs Supplier Verification: What Is the Difference?
Vendor due diligence and supplier verification overlap, but the scope, evidence standard, and regulatory framing differ. Here is how to choose the right level of work.