Vendor intelligence
KnowVendor helps procurement teams and compliance buyers screen vendors using deterministic identifiers, source-backed risk event summaries, and federal records. No name-only matching. No unattributed risk flags.
Vendor risk management is the process of identifying and evaluating the risks that third-party vendors may introduce to your business before you engage them. This includes checking whether a vendor is registered with the US government, whether they have been excluded from federal contracting, whether they have an active out-of-service order, and whether their facilities have been subject to regulatory action.
In a federal procurement context, vendor risk management also means confirming that a vendor holds a valid Unique Entity Identifier (UEI) from SAM.gov and has not been placed on the excluded parties list. KnowVendor surfaces these checks using public federal data -- not proprietary scoring or unverified aggregates.
Many vendor risk platforms link risk events to companies using name matching: if a company name resembles a name in a regulatory database, the platform associates the risk record with that company. This approach produces false positives.
Common names like "ABC Construction" or "National Services LLC" appear thousands of times across different states, industries, and legal structures. A name-only match can attach a serious enforcement action to a vendor that had nothing to do with it.
At KnowVendor, the principle is: a false positive is worse than a missing data point. We only show risk as confirmed when the link to a legal entity is deterministic, scored, and supported by a verified identifier.
KnowVendor uses a three-tier entity resolution model. Risk events are only confirmed against a legal entity when linked via a strong public identifier:
UEI
Unique Entity Identifier
Issued by SAM.gov. The primary identifier for all federal vendors. 670,000+ entities in KnowVendor.
CAGE
Commercial and Government Entity Code
NATO/DoD identifier. Used alongside UEI in federal procurement. Supporting evidence, not standalone identity.
USDOT
US DOT Number
FMCSA-issued number for motor carriers. Used for FMCSA out-of-service checks when available.
Name, address, NAICS code, and state alone are never sufficient to confirm a risk link. A risk event without a verified identifier is flagged as a candidate and shown only with a clearly labelled “needs review” status.
SAM.gov exclusions
The federal Excluded Parties List System (EPLS). KnowVendor links exclusion records using UEI (confidence 0.99). CAGE-only matches are flagged for review. Name-only matches are never confirmed.
Exclusion records are historical. Not all excluded parties have a UEI match. A ~1% match rate is expected and correct.
SAM.gov entity registration
Vendor registration status, UEI, CAGE code, and registration history from the System for Award Management.
Federal Contracting Activity
Award volume and contract history from USASpending.gov. This is contracting activity data -- not risk data. A vendor with federal awards is not inherently safe or risky.
Federal contracting activity is shown as context. It is never used as a risk signal.
Facility-level records
OSHA inspection records and EPA enforcement actions are facility-level data. They describe a worksite, not necessarily the legal entity that operates it.
OSHA and EPA facility data are shown on individual vendor profiles only when a verified deterministic link to the legal entity exists. A facility citation is not attributed to the owning entity without that link.
A KnowVendor vendor profile is built from verified V2 entity data. Free search results show the vendor's legal name, identifier type, state, and how many sources were checked. Paid reports provide the full detail.
Free search
Full report ($9) or Pro
Browse SAM.gov-registered vendors by state. All entries are verified using deterministic identifiers.
KnowVendor Pro and Business plans remove search limits, add full risk event detail, and include source evidence. No bulk imports of unverified vendor lists. Every check uses the same deterministic methodology as the free tier.
View Pro and Business plansKnowVendor uses deterministic entity resolution. Every link between a risk event and a legal entity requires a verified public identifier: UEI (confidence 0.99), CAGE (0.97, supporting evidence only), or USDOT (1.00 within FMCSA context). Name matching alone is never sufficient to confirm a risk link. Facility-level data (OSHA worksites, EPA sites) is shown on vendor profiles only when a deterministic link to the legal entity has been established. This means our risk event count is intentionally conservative -- accuracy over volume.
KnowVendor provides informational data from public sources only. This is not legal advice. Always verify critical information independently before making procurement decisions.