In case you are not following all the latest scandals – Unaoil and the Panama Papers being two significant ones – we are seeing an evolution and possibly a revolution in due diligence expectations.

No matter what context or what your specific concern may be, the need for every compliance department to identify the beneficial owners of joint venture partners, third party intermediaries, distributors, agents suppliers and vendors, customers and account holders is converging on a basic requirement – you need to know who the beneficial owners of all entities that your company interacts with in the outside world.

The bottom line is basic and should be followed by every company conducting business. You want to know who the owners are of every entity you engage outside of the company. The idea sounds unrealistic and burdensome but it is becoming a basic risk management expectation. The sooner companies address this overarching requirement – the better.

In the anti-corruption context, companies have to identify and assess the risk of dealing with entities that act on the company’s behalf, and can thereby cause liability for the company for bribery and other misconduct. There is no minimum requirement or an illegal bribe so that ownership of an entity has to be confirmed all the way down to the smallest ownership interest.

For example, if a joint venture partner owns 10 percent of a venture, and a government official owns 1 percent of that 10 percent entity, the arrangement may be a screen for a bribery scheme.

In the anti-money laundering context, a bank account may be opened by an entity that includes a government owner (as small as 1 percent of the entity). Again, the account may be used to funnel illegal proceeds from a bribery scheme or other illegal activity. The government official may be using the account to carry out that scheme and the bank has to identify all of the beneficial owners of the entity to ensure there is no improper connection.

In the non bank or financial institution context, companies on occasion accept payments from third party payors, or make payments to third party entities at the direction of a vendor or supplier. If the company does not know who owns the recipient of the payment, or the entity making the payment to the company, the company is exposing itself to money laundering and reputational risks.

The same principles apply to sanctions compliance. If a business entity includes two owners of 25 percent each who are prohibited entities (SDNs), the company would be a prohibited entity through the ownership rule. Even if an SDN has an interest below 50 percent in an entity, it is important to know that for monitoring purposes and may raise reputational issues of concern.

Finally, when companies manage their supply chain risks, there are important reputational concerns that can develop. For example, a company does not want to engage entities or individuals who may be connected to child labor violations, slave labor or human trafficking, and a host of other significant issues. As a consequence, it makes sense for companies to identify the beneficial owners of all of their suppliers and vendors to make sure they are aware of reputational risks, along with legal risks that may be created.

The new compliance talismanic requirement is to know who you are dealing with in the outside world, be it a customer, a partner or a vendor or supplier. Companies can no longer ignore this risk and the multitude of concerns that surround interactions with entities and individuals outside of the company.