VeriSanction

Due Diligence Questionnaire

Review the auto-populated data-quality metrics, edit anything your team needs to, and download a PDF or JSON artifact for your vendor-risk file. No account required. The figures are pulled from our live 12-hourly regulator-grade reporting pipeline and are reproducible from the dataset snapshot shown in the Audit Metadata.

Awaiting first run

Generated 2026-04-23 10:09:40 UTC

1.Vendor Overview

Identifies the vendor entity and describes the service delivered to the requesting organization.

Legal Entity Name

Service Description

Primary Use Cases

Nature of Business Relationship

Primary Compliance Contact

2.Data Sources & Coverage

Lists the authoritative government publishers whose data is consumed, and the coverage scope the dataset provides.

Authoritative Publishers

Jurisdictions Covered

Number of CollectionsAuto-populated from latest report run.

Aggregate Entity CountAuto-populated from latest report run.

3.Data Quality Metrics

Auto-populated

Computed from the publisher's most recent bulk export and sampled during each report run. Values shown are editable but default to the latest measured figures.

Name Fill Rate (%)

Date-of-Birth Fill Rate (%)

Nationality Fill Rate (%)

Address Fill Rate (%)

Identifier Fill Rate (%)

Null Density (%)

Duplicate Rate (% of sample)

Per-Collection Metrics

No rows yet. This table will populate when the next data-quality run publishes.

Quality Controls Narrative

4.Data Recency & Update Cadence

Auto-populated

Tracks both the publisher's pipeline freshness (last successful export) and content volatility (last material change). Regulator review typically asks for both signals.

Report Generated At (UTC)

Update Frequency

Per-Collection Recency

No rows yet. This table will populate when the next data-quality run publishes.

5.Matching Methodology

Explains how identity resolution is performed.

Matching Methodology

6.Regulatory Compliance Alignment

Frameworks the service supports.

Regulatory Alignment

7.Data Security & Controls

Controls that protect the vendor platform and data.

Security Controls

Penetration Test Cadence

SOC 2 Status

8.Business Continuity & Disaster Recovery

Resilience posture.

Business Continuity Narrative

Recovery Point Objective (hours)

Recovery Time Objective (hours)

9.Subprocessors & Supply Chain

Downstream processors that touch customer or subject data.

Subprocessors

Name	Purpose	Data Categories	Residency
Google Cloud Platform	Compute, storage, secrets	All service data	us-west1 (Oregon, USA)
Stripe, Inc.	Billing + card processing	Tenant billing contact, card tokens	United States
pCloud AG	Distribution of regulator-grade artifacts	Public sanctions-dataset summaries only	Europe / United States
BetterStack	Uptime, incident, log telemetry	Operational logs (no PII)	European Union
Authoritative government publishers	Source sanctions data	Public sanctions data	Per publisher (US, EU, UK, UN, CA, AU, JP, CH)

10.Privacy, Data Protection & Data Subject Rights

Posture under GDPR, CCPA, and similar frameworks.

Privacy Narrative

GDPR Role

Data Residency

11.Incident Response & Breach Notification

How incidents are detected, triaged, and communicated.

Incident Response Narrative

Breach Notification SLA (hours)

12.Change Log & Version History

Auto-populated

Recent artifact runs and deltas. Auto-populated.

Recent Runs (last 10)

No rows yet. This table will populate when the next data-quality run publishes.

Current Dataset Version

Audit Metadata

Identifies the dataset snapshot and methodology behind this report. The downloaded PDF includes an equivalent block.

Report Version: 1.0
Content Version: 1.1
Dataset Version: —
Dataset Hash (SHA-256): —
Source Run ID: —
Generated (UTC): 2026-04-23 10:09:40 UTC
Report ID (this view): 3c62a940-e996-4d2b-87f5-0b8a838eac80
Generated By: VeriSanction Data

Awaiting first run

Generated 2026-04-23 10:09:40 UTC