Distress radar.
Payment patterns, site records and compliance signals correlated per subcontractor — so the default pattern surfaces sixty days earlier, while intervention is still a conversation rather than a claim and a re-tender.
Prequalification is a snapshot. Vendor risk is a movie.
Last updated
Zepth Vector module
70%
of general contractors report rising subcontractor distress — with roughly half suffering project disruption from a default
AGC / FMI Surety Bonding & Risk Management survey
17–18%
of all UK company insolvencies are construction — persistently the highest-insolvency sector
UK Insolvency Service statistics
Specialist trade subcontractors are worst hit. US business-survival data tells the same story from a different angle.
~50%
of construction fraud cases involve corruption — kickbacks, bribes, related-party dealing
ACFE, Report to the Nations
Which is why a vendor master needs ownership declarations and cross-checks, not just a trade licence on file.
~30%
of duplicate payments trace back to duplicate vendor records
Recovery-audit industry data
Industry data from recovery auditors rather than neutral research, and attributed as such. Master-data hygiene is risk management wearing an admin costume.
Vendor management is the lifecycle discipline behind every award: registering, prequalifying, scoring and monitoring the suppliers and subcontractors a contractor depends on.
Its central problem is time. Prequalification is a snapshot — but vendor risk is a movie, and the subcontractor who passed every check fourteen months ago can be insolvent today.
The downside is priced, and it is not small. Surety industry data puts the cost of a subcontractor default at 1.5 to 3 times the original subcontract value, once completion costs, delay and re-procurement have all landed. In a recent AGC/FMI survey, 70% of general contractors reported rising subcontractor distress, with roughly half suffering project disruption from an actual default.
The macro picture explains why. Construction is persistently the highest-insolvency sector in every economy that publishes the data — in the UK, around 17–18% of all company insolvencies, with specialist trade subcontractors worst hit. This is not a bad year. It is the shape of the industry.
And the cascade risk is the lesson of the last decade’s collapses. When a major contractor fails — Carillion, ISG — owing very large sums to its supply chain, the secondary insolvencies ripple outward through everybody’s approved vendor list at once. Capacity vanishes at exactly the moment re-tendering demands it, and the firms you would have turned to are the firms that were owed the money.
The fraud angle is quietly procurement-shaped too. Corruption — kickbacks, bribes, related-party dealing — features in roughly half of construction fraud cases. Which is why a vendor master needs ownership declarations and cross-checks against your own employee records, and not merely a trade licence scanned into a folder.
Prequalification checks capacity, not just paperwork. Financials, licences, HSE history, current workload, bonding capacity — the questions that actually predict whether the work gets delivered. In the Gulf, add the regulatory layer: a valid trade licence with the correct activity codes, municipal classification grades, and ICV certificates, which carry a 14-month validity tied to audited financials. Track those expiries exactly as you track insurance, because working with a lapsed licence can invalidate the contract you are relying on.
The loop that is almost always broken: scores feeding awards. Most contractors score vendors at closeout, if at all, file the score, and then the next tender committee never sees it. The performance system only works if the enquiry workflow surfaces prior scores and active suspensions at the moment of shortlisting — in the screen, in front of the people deciding. A rating nobody consults at award time is not a control. It is a diary.
Distress monitoring beats annual refresh. The prequalified-then-collapsed pattern is well documented: major failures have passed framework checks weeks before their insolvency. An annual refresh cannot catch that, because the information it needs did not exist a year ago. Continuous triggers can: payment-application slowdowns, labour thinning on site, sub-tier suppliers calling you about unpaid bills, insurances lapsing, a bank declining to renew a bond. Every one of those signals already exists somewhere in your project data. The trick is having systems connected enough to read them together.
Duplicate vendor records mask risk. “ABC Electromechanical LLC” and “ABC Electro Mech” are the same company and two records. Between them they split the performance history, dodge the suspension, understate your concentration exposure — and drive duplicate payments: recovery-audit data traces roughly 30% of duplicates to duplicate vendor records. Sometimes the second registration is innocent. Sometimes it is not. Either way, master-data hygiene is risk management wearing an admin costume.
Blacklisting needs due process. Distinguish a time-boxed, cause-coded suspension with a review date from permanent removal. Document the cause. Ad-hoc blacklisting creates legal exposure, and it quietly shrinks the bidder pool that your pricing depends on — which means the punishment lands partly on you, some months later, in a tender you did not connect to the decision.
Concentration is a project-level number. One MEP subcontractor carrying 40% of a project’s subcontract value — or holding five live packages across your portfolio — is an exposure that no company-level score will ever reveal. A vendor can be excellent and still be too much of your risk. Measure concentration where it actually bites: per project, and across the portfolio.
Weak prequalification, so a distressed subcontractor wins on lowest price — and the price was low precisely because they were distressed. They default mid-structure. The replacement costs up to triple the money, plus months of delay, plus your own liquidated-damages exposure upstream.
Fragmented records, so a suspended vendor is re-awarded under its second spelling, by people who genuinely did not know.
No expiry tracking, so a subcontractor is on site with lapsed insurance on the day of the incident — and the uninsured claim lands on the main contractor, which is to say on you.
And scores never consulted, so the same underperformer wins again. Not because anybody defended them. Because price was the only data on the table.
One vendor master across every project: registration, prequalification documents with expiry alerts, categories and ratings, and a performance history fed by live project records — purchase orders, deliveries, inspections, NCRs, payment behaviour — rather than by recollection at closeout.
Status controls that the tendering workflow actually enforces: active, suspended, blacklisted, with cause and review date. The suspension is not a note in a file; it is a gate at shortlisting.
And concentration and exposure visible per vendor across the portfolio — because the question that matters is rarely “is this vendor good?” It is “how much of us are they carrying?”
The vendor score reaches the people making the award — which is the only moment it can change anything.
Distress surfaces sixty days early, while it is still a conversation rather than a claim.
Duplicate records are caught at registration, so a suspension cannot be dodged with a second spelling.
Concentration is visible per project and across the portfolio, so “excellent vendor” and “too much of our risk” stop being the same answer.
Across every project, with fuzzy-matched duplicate detection at registration — names, licences, bank accounts, directors.
Trade licences and activity codes, classification grades, ICV certificates, insurance and bonding — alerted before they lapse, not after the incident.
Quality, delivery, commercial and HSE dimensions fed by POs, deliveries, inspections, NCRs and payment behaviour — not by committee recollection.
Active, suspended, blacklisted — with cause and review date, enforced by the tendering workflow rather than remembered by a person.
Payment slowdowns, thinning labour, sub-tier supplier contact, lapsing insurance, refused bond renewals — read together, per subcontractor.
Per project and across the portfolio, because a vendor can be excellent and still be too much of your risk.
Documents, ownership declarations and bank details verified at onboarding — with the ownership declaration cross-checked against your own employee records, because related-party dealing is half the fraud picture.
Financials, licences and classification grades, insurance and bonding, HSE history, current workload. Graded, categorised, and expiry-dated — ICV certificates included.
Quality, delivery, commercial behaviour and HSE — captured from live project records as the work happens. A score reconstructed at closeout is a memory, and memories are kind to people who were pleasant.
Expiries, distress signals, concentration exposure — on triggers rather than anniversaries. The subcontractor who passed last year’s check is not the subject; the one who is failing this month is.
Scores, active suspensions and current exposure in the shortlisting screen. This is the step that makes every other step worth doing.
Suspensions with cause and review date. An approved vendor list should be actively curated, not archaeologically accumulated.
Payment patterns, site records and compliance signals correlated per subcontractor — so the default pattern surfaces sixty days earlier, while intervention is still a conversation rather than a claim and a re-tender.
Fuzzy matching across names, licences, bank accounts and directors — catching the second spelling at registration. And related-party overlaps against your own employee records flagged for review, because corruption is half the construction fraud picture.
Performance ratings drafted from what actually happened — first-time pass rates, delivery discrepancies, NCR counts, payment disputes — rather than from what the committee remembers about a subcontractor who was easy to deal with.
“This bidder: score history, open NCRs, current exposure across three projects, licence expires in 40 days.” In the shortlisting screen, at the moment of the decision — not in a filing cabinet, after it.
The engineer’s judgment stays in charge; the AI removes the latency and the blind spots.
The vendor master with compliance expiries, performance scores by dimension, and status with cause and review date. Distress indicators trended per subcontractor. Concentration exposure per project and across the portfolio. And the award-time view — which is the only report on this page that changes an outcome, because it arrives before the decision instead of after it.
Financial capacity, licences and registrations — in the Gulf, trade-licence activity codes, municipal classification grades and ICV certification — insurance and bonding, HSE history, current workload, and references. Graded and expiry-dated, then refreshed on triggers rather than only on anniversaries.
Read the full answerAcross quality, delivery, commercial behaviour and HSE — from live project records rather than closeout recollection. And, critically, surfaced at the next shortlisting. A score nobody sees at award time changes precisely nothing.
Suspension is time-boxed and cause-coded, with a review date. Blacklisting is removal. Both need documented cause and due process — for fairness, for legal safety, and to protect the bidder pool that your own pricing quietly depends on.
Surety data puts it at 1.5 to 3 times the original subcontract value once completion, delay and re-procurement costs have landed — and that is before the liquidated-damages exposure you carry upstream.
Read the full answerSlowing payment applications. Thinning labour. Sub-tier suppliers contacting you about unpaid bills. Requests for advances. Lapsing insurance. A refused bond renewal. Every signal already lives in your project data — the trick is reading them together rather than one at a time, by four different people who never compare notes.
Read the full answerRe-registration under a name variant — sometimes innocent, sometimes deliberate. They fragment the performance history, evade suspensions, hide concentration exposure, and drive duplicate payments: recovery-audit data traces around 30% of duplicates back to them. Fuzzy-matched master data is the fix, and it is cheap.
Read the full answerRelated answers
Terms defined here
Zepth is the construction project delivery platform — it runs construction, procurement and asset management on one record, and does the work: reading the drawings, reviewing the submittals, matching the invoices and flagging the risks, with a human sign-off on anything consequential.
A short, tailored walkthrough on your real workflow — no generic demo.