Skip to content
PresenceReady markPresenceReady
Volver al blog
·7 min lectura

Vendor onboarding: how to look ready before procurement opens your file

Corporate procurement teams ask the same questions in every vendor onboarding. The deal isn't won when you sign — it's won when their checklist comes back clean.

vendor-onboardingdue-diligenceb2bprocurement
Vendor onboarding: how to look ready before procurement opens your file

You closed the verbal deal with the buyer. You celebrated. Two days later, procurement emailed you a 14-tab vendor onboarding form. Three weeks later, the deal still hasn't started.

This is the most common pipeline killer for small B2B vendors selling to mid-market and enterprise. The buyer wants you. Procurement is paid to slow you down until you prove you exist. You can either accept those three weeks as cost-of-business, or remove the friction before procurement even opens the file.

Below is the operating manual for the second option.

What procurement actually checks

Every corporate procurement / vendor management team runs the same risk checklist, regardless of industry. They are looking for three things:

  1. The vendor is a real, legally constituted entity.
  2. The vendor is who they say they are.
  3. The vendor will not introduce legal, security, financial or reputational risk to the buyer.

Everything in the onboarding form, however bureaucratic, maps back to one of those three. If you make those three obvious before procurement starts asking, the form fills itself.

The website checks that come first

Procurement officers don't read your website end-to-end. They open the homepage, then /about, then /contact, then /privacy, then /terms. They are looking for internal consistency. If something doesn't match what the salesperson told them, the file goes to "review".

Specifically:

  • Company legal name on the site matches the legal name on the W-9 / W-8 / IBAN form. This is the single most-common reason onboarding stalls. If you registered as "Larrazabal Consulting S.L." but your site says "Larrazabal Studio" everywhere, procurement opens a ticket.
  • Activity description matches your tax classification. If your VAT registration says "consultancy services" and the site is selling SaaS subscriptions, expect questions.
  • Contact email is on your own domain. @gmail.com from a paid vendor is a flag. Some procurement systems silently lower the supplier's risk score for this.
  • Privacy policy is real and dated. Boilerplate copy-pasted from a generator is usually fine but must reference your actual entity.
  • Terms of service exist and are reachable from the home page.

The documents they will ask for

You will be asked to supply, in some order:

  • W-9 (US buyers) or W-8BEN-E (US buyer + non-US vendor) or local equivalent.
  • Certificate of incorporation / certificate of good standing.
  • IBAN or wire-transfer instructions on letterhead.
  • General liability insurance certificate (often $1M minimum).
  • Professional indemnity / E&O insurance certificate (often $1-5M for consulting).
  • Cybersecurity questionnaire (CAIQ Lite, SIG Lite, or buyer-specific) if you process their data.
  • Data Processing Addendum if you process personal data.
  • SOC 2 Type 1/2 report or "in progress" letter for higher-risk vendors.
  • ISO 27001 certificate (sometimes; mostly EU buyers).
  • Anti-bribery and anti-corruption policy (large buyers).
  • Anti-modern-slavery statement (UK, AU buyers).
  • Code of conduct acknowledgement.

If your business is small, you don't need every certificate. You need to have considered each one and have an honest answer ready. "We are SOC 2 in progress with X firm, expected Q4 2026" is acceptable. "We don't have SOC 2 and have no plans" is acceptable in many verticals. "Uh, what's SOC 2?" is not.

The Company Profile document

Some buyers will ask for a one-page Company Profile in PDF. Same content as your About page, formatted for sharing internally. It usually contains:

  • Legal entity name + jurisdiction + registration ID
  • Founding year + brief history
  • Services offered + tax classification
  • Team size + key personnel
  • Customer references (with their permission)
  • Insurance coverage summary
  • Compliance certifications status
  • Sustainability / DEI statement (large buyers, especially EU)
  • Primary contact for procurement

This document is filed in the buyer's vendor master record. It is referenced in audits years later. Make it accurate, conservative, and aligned with everything on your website.

How to compress three weeks into three days

Lessons from running this process repeatedly:

  1. Have all the documents in a single shared folder before you sign the first contract, organized by category. When procurement asks, you reply within the hour. Speed of response is itself a trust signal.
  2. Use the same legal name everywhere. Site, contracts, invoices, bank account, insurance policies. If you trade under a brand name, file the trade name properly and disclose it on the legal pages.
  3. Match your website activity description to your tax filing description. If there is drift, fix one of them this week.
  4. Standardize your contact email on the corporate domain. No more name@gmail.com on contracts.
  5. Pre-emptively share your CAIQ Lite or SIG Lite when you send the proposal, before procurement asks. Buyers who run security review are impressed when you don't make them chase it.
  6. Renew insurance certificates 60 days before expiry. A lapsed certificate during onboarding kills the deal more often than people admit.

The role of PresenceReady here

We don't issue your insurance certificates. We don't write your CAIQ. What we do is the layer in front of all that:

  • A corporate website your buyer will recognize as legitimate in 90 seconds.
  • A custom domain and corporate email aligned with your legal entity name.
  • Privacy, cookies, terms and contact pages that pass automated reviewer scans.
  • An optional Company Profile PDF, structured for vendor master records.

Delivered in under 24 hours. Adjusted, if a reviewer asks, within the first 30 days at no additional cost.

We don't promise that procurement will approve you. We deliver the public layer that, when missing, makes procurement say no by default.

If the buyer is ready and your file is the only thing slowing the deal, that is exactly the problem we solve.

Este artículo es informativo y no constituye asesoramiento legal, fiscal ni de compliance. PresenceReady no garantiza decisiones de aprobación de terceros.