How to Onboard a New Vendor

Organizations can’t sustain themselves without vendors. Whether it’s a telephone service provider or outsourced IT provider, vendors help operations run smoothly. Some organizations may only require a handful of vendors, while others need hundreds or thousands. It should come as no surprise that vendor management becomes more complex as the number of vendors increases.

The vendor onboarding process (also known as vendor selection) is a critical step early in the vendor relationship. By taking special care in vendor onboarding, you’ll prevent a lot of headaches down the road. Every potential vendor should be subject to this comprehensive process which will thoroughly vet and ultimately select the best choice for an organization. Let’s review what the process entails.

8 Steps to Onboard a New Vendor

At a minimum, your onboarding process should consist of the following eight steps. Also, keep in mind that the process should be more rigorous for vendors with a higher level of criticality. Let’s dive in:

1. Always research.

Make sure you’re aware of all your vendor options by searching online, listening to sales pitches and asking others for recommendations. Remember that opinions by word of mouth can be very powerful.

2. Issue a Request for Proposal (RFP).

This document can be referenced by both your organization and any potential vendor to clarify exactly what product or service is being sought and how it fits into your business strategy. It’s recommended to send out an RFP to the top 3-5 vendors on your radar. Within the RFP, outline your organization’s business objectives and technical requirements. Make it crystal clear what you need the product/service to accomplish and request the vendor formally responds to every point in the RFP with an affirmation stating whether they can meet each requirement.

3. Begin to compare.

It’s a good idea to list out the features and functions that have been included in the RFP. A simple spreadsheet can be used, but a software platform with a vendor management comparison feature makes this process even easier and helps you see the big picture. You’ll be better prepared to draft a pros and cons list of each vendor, including details such as where each vendor excels or any critical requirements that may be lacking.

4. Complete a vendor risk assessment.

Don’t forget! This important step will determine if the vendor is high, moderate or low risk to your organization, as well as whether they’re critical or non-critical. The results of this assessment will factor into the due diligence you’ll collect.

5. Collect due diligence.

We can’t stress how important this is! Do your due diligence. The due diligence requirements are going to vary depending on the criticality and risk level of the vendor. The more critical or risky the vendor, the more due diligence you will need to perform. For example, you’re going to request a SOC report if you’re looking into a new core system processor, but you won’t request that if you’re seeking new landscaping services.

Here’s the due diligence you should always obtain:

• Mutual Non-Disclosure Agreement (MNDA) or Confidentiality Agreement
• Basic Information (i.e., full legal name, address, all physical locations, Website URL)
• Ownership structure and affiliated companies
• Tax ID
• State of Incorporation
• Articles of Incorporation
• Secretary of State Check
• Business license
• Certificate of Good Standing
• Credit report
• OFAC/PEP checks
• Any “doing business as” or “also/previously known as” (d/b/a, aka, pka)
• Dun & Bradstreet (D&B) report
• Vendor complaints research findings
• Vendor negative news search findings
• List of subcontractors/fourth parties
• Picture or Google map view of facility (if required)
• Conduct check of CFPB Complaint Database and/or Better Business Bureau rating

6. Obtain references.

After narrowing down your list of preferred vendors, ask them for professional references or case study/customer success story documentation. It’s always a best practice to learn about the customer’s firsthand experience by speaking to someone or reading more about the product/service.

7. Develop an exit strategy.

So now that you’ve compared vendors and completed your due diligence, what’s next? Before you sign the contract, you need to consider a backup plan if the vendor relationship strays off course. Yep, even before you enter the contract, you need to think about how to exit the contract because things happen.

You’ll want to know how any data will be returned to you or destroyed, how quickly you can replace the vendor or bring the product/service in-house, etc. This is also the perfect time to figure out who your backup vendor is going to be before you’re ready to move forward with the contract. Don’t forget to write the applicable portions of your exit strategy into the contract.

8. Keep senior management and the board informed.

Throughout the entire onboarding process keep senior management and the board updated. Be sure to present them with a summary of the due diligence, risk assessment, your planned ongoing monitoring and the proposed contract prior to signing on the dotted line.

These eight steps will save you from contracting with the wrong provider. Doing your due diligence right away helps guarantee that you’re selecting the best vendor in the space and best fit for your organization.