Gain a 360-degree view of third-party risk by using our SaaS software to centralize, track, automate, assess and report on your vendors. 

Managed Services

Let us handle the manual labor of third-party risk management by collaborating with our experts to reduce the workload and mature your program. 

Document Collection
Policy/Program Template/Consulting
Virtual Vendor Management Office
Vendor Site Audit

Ongoing Monitoring

Let us handle the manual labor of third-party risk management by collaborating with our experts.

Venminder Exchange

As Venminder completes assessments for clients on new vendors, they are then made available inside the Venminder Exchange for you to preview scores and purchase as you need.


Use Cases

Learn more on how customers are using Venminder to transform their third-party risk management programs. 


Venminder is used by organizations of all sizes in all industries to mitigate vendor risk and streamline processes

Why Venminder

We focus on the needs of our customers by working closely and creating a collaborative partnership

Sample Vendor Risk Assessments

Venminder experts complete 30,000 vendor risk assessments annually. Download samples to see how outsourcing to Venminder can reduce your workload.



Trends, best practices and insights to keep you current in your knowledge of third-party risk.


Earn CPE credit and stay current on the latest best practices and trends in third-party risk management.  

See Upcoming Webinars

On-Demand Webinars



Join a free community dedicated to third-party risk professionals where you can network with your peers. 

Weekly Newsletter

Receive the popular Third Party Thursday newsletter into your inbox every Thursday with the latest and greatest updates.



Venminder Samples

Download samples of Venminder's vendor risk assessments and see how we can help reduce the workload. 

State of Third-Party Risk Management 2023!

Venminder's seventh annual whitepaper provides insight from a variety of surveyed individuals into how organizations manage third-party risk today.


Requesting Financial Health of a Private Vendor

7 min read
Featured Image

Many organizations must work with privately held vendors to meet an operational need. As organizations seek or have these relationships, there are some unique challenges when it comes to assessing a private vendor’s financial health. Unlike publicly traded vendors that are obligated to release their financial documents to regulatory agencies to be listed on stock exchanges, private vendors don’t have this requirement. Therefore, they can sometimes be reluctant to disclose information during the due diligence process.

This lack of cooperation and responsiveness from private vendors regarding their financial information can be overcome through tailored approaches, organization from your team, and alternative data and documents you can use to perform your financial due diligence. But how do you begin the process? Are there guidelines on what documents or details to collect or request from a private company? Let’s review these questions and more. 

Document and Data Collection: What to Request from Your Private Vendor

When dealing with private vendors, ensure you have a response for how and why you’re requesting their financial documentation. This can help assuage a private vendor’s concern that they’re sharing confidential information that can be leaked or shared with parties other than your organization. 

Be prepared to address how you will store their financial data and limit access to only the subject matter experts (SMEs) on your team or your outsourced team that will be reviewing this information. Also, explain to your vendor why you need this information. This will provide additional context and explanation to give the private vendor more assurance on the importance of providing their financial information. 

Example: You might communicate something like, “You’re a critical vendor to my operations, and given you provide a product/service that my organization depends on, I need to best understand your financial health and viability. Once I understand this aspect of your organization, I can be comfortable with my contract with your team and your ability to fulfill that contract without any downstream issues or interruptions in the product/service due to potential financial health concerns.”

Here are some suggestions of what you can request:

  • Audited or reviewed financial statements – The private vendor might have conducted a financial audit or review, performed by an independent third-party accounting/audit company. These are the ‘gold standard’ of financial information you should always request, but be aware that:

    1. Not every private vendor is required to be audited
    2. Not every private vendor will send you this information given its confidentiality
  • Internal financial statements – Although these financial statements are internally prepared by management and are unaudited/don’t have assurance from an independent third-party firm, they’re still very valuable and can provide information about a vendor’s financial sustainability and potentially highlight areas of concern. Request a balance sheet, income statement, and cash flow statement, and try to get multiple years (2-3 years) for a trend analysis.
  • Tax filings – All corporations/private vendors must file taxes with the IRS (if they’re based in the U.S. or have significant operations in the U.S.). An annual tax filing like the IRS Form 1120 can give you a snapshot of the vendor’s expenses, revenue, and profitability. It may be a failsafe if audited financials or internally prepared financial statements aren’t available.
  • Financial health letter – This is often prepared by the vendor’s management team and may not contain a lot of financial data, but it can still offer insight into the company’s financial performance, health, and any trends directly from the private vendor’s financial officer or other key executives/owners that have insight into the private vendor’s financial profile and health.
  • Credit report – A credit report from Dun & Bradstreet or a similar organization can also clarify a vendor’s financial health. These may be limited in information based on the size and availability of data on the private vendor, but can be used if all other avenues are exhausted, and the private vendor refuses to respond or provide any information for your team to review.

private vendor financial health

Alternate Solutions If Still Unable to Obtain Private Vendor Financials 

If the vendor still declines to disclose certain documents and you’re uncomfortable using a third-party credit report, you can always reach directly out to the private vendor and suggest other avenues. One example might be to conduct a diligence call or webinar between your organization/financial experts and the private vendor’s executives, CFO, or other knowledgeable team members with the private vendor that are aware of its financial health and standing.

Tip: Defining the Scope

Due diligence should always be risk-based, which means a financial assessment probably won’t be necessary for every vendor. In general, it’s important to create a list of standard items to collect in your due diligence processes. This includes some financial documentation to gather from all vendors, both public and private. This helps to streamline your processes and get repeatable, scalable actions in your vendor risk management program during your onboarding and ongoing due diligence activities. 

For financial health assessments, here’s a good rule of thumb to keep your due diligence scope focused, effective, and efficient – focus on performing financial assessments on all your critical and/or high-risk vendors (regardless of whether they may be publicly held or privately held). 

Document Review: What to Assess In Your Private Vendor’s Documentation

Once you’ve gathered whatever you can on the private vendor, make sure you’re organized on what information you should review with scrutiny. Financial documents contain a lot of details, so it’s essential that they’re assessed by a qualified SME and that the SME or your organization has a templated, organized approach that is consistent from vendor to vendor (even between public and private vendors). 

At times, based on the information received from a private vendor, you may have to develop multiple standardized approaches that consider the availability and depth of the data provided to your organization. Nevertheless, it’s important to focus on the three primary financial statements: the balance sheet, the income statement, and the cash flow statement.

No one metric is a tell-all about a private vendor’s financial health and standing, so having multiple metrics can ensure you’re comprehensively evaluating their financial viability and identifying where potential risks may exist in the private vendor’s financial profile. 

To keep your execution tight and limit time spent on reviewing too much detail, it’s essential to tailor your review and focus on some of the most critical items within each of these key statements, listed here: 

  • Revenue and profit – These numbers reveal how much money the vendor is making through selling its product/service to customers, can show trends on its growth or decline, and can identify how the vendor makes profit (or not) on the revenue the vendor generates. 
  • Assets and liabilities – The vendor’s assets and liabilities and the details therein can help reveal whether the vendor has enough liquidity and assets to meet its debts and obligations. 
  • Cash flow – This tells you whether the vendor generates or uses cash from its primary operations, investing activities, and financing activities. 
  • Qualitative information – Beyond the financial statements, looking within the footnotes for management discussion, analysis, or commentary about the vendor’s financial statements can identify key items that may be risks or red flags, such as: 

    • Outstanding legal issues/litigation
    • Subsequent events
    • Breaches
    • Customer or supplier concentration
    • Churn events
    • Risk factors that are insightful beyond the numbers

Next Steps: How to Determine a Private Vendor’s Viability

Unfortunately, there is no single comprehensive and official checklist to be applied for every vendor that is assessed within your risk management program. However, there are common best practices we have listed here that you can apply and utilize as you see fit during your financial due diligence workflows. 

Here are some questions and guidelines to consider as you perform/look to perform financial health assessments on your private vendors:

  1. Was the vendor non-responsive when we requested the documents? It’s understandable for a private vendor to be hesitant when you’re requesting financial documents, but non-responsiveness may indicate a larger issue. If the vendor isn’t responsive during this critical process, how might they communicate after you sign the contract if you require insight into its service levels or risks?
  2. Did the vendor address the red flags or risks that were identified in our organization’s reviews? Maybe the vendor provided additional documentation that explains any red flags and helps give a larger picture of its overall financial health. If not, it may be necessary for your organization to consider procuring other vendors/suppliers that may be more suitable from a risk appetite perspective to your organization’s requirements.
  3. What are the options if we decline this vendor? Whether you’re assessing a new or existing vendor, it’s essential to consider your options if you decide against beginning or continuing the engagement. During an initial assessment of a new vendor, your organization might decide against signing the contract and select a different vendor. A financial assessment of an existing vendor might lead to contract termination, in which case your organization must follow the steps outlined in your exit strategy as defined or considered within your overall risk management program and practices.

A vendor’s financial health should be thoroughly assessed, regardless of its status as a private or public company. Private vendors may require a little extra work to evaluate, but it’s an essential process that helps you avoid some significant risks that can impact your operations.  

Subscribe to Venminder

Get expert insights straight to your inbox.

Ready to Get Started?

Schedule a personalized solution demonstration to see if Venminder is a fit for you.

Request a Demo