The Employee Recommending This Vendor Has an Undisclosed Personal Connection to the Supplier’s Principal. They Believe They’re Being Completely Objective. Is That Belief Sufficient?

Quick Answer

When an employee has a personal connection to a vendor’s principal and recommends that vendor without disclosing the relationship, is their belief that they are being objective a sufficient substitute for disclosure?

No. A conflict of interest exists in the structure of the situation — the personal relationship and the professional recommendation — regardless of the employee’s subjective belief about their own objectivity. Research on self-serving bias consistently shows that people systematically overestimate their ability to evaluate objectively when they have a personal stake in the outcome. The disclosure obligation exists not because the employee is assumed to be acting corruptly, but because the organization cannot assess whether the recommendation is merit-based without knowing about the relationship. Disclosure is what makes the process defensible. An undisclosed personal connection, however innocent, is not.

The Situation

An IT director at a professional services firm is leading a vendor selection process for a new cybersecurity software platform. The evaluation involves four vendors, a scoring rubric, and a recommendation to the CTO. During the process, the IT director’s long-time friend — someone they have known for 15 years through their professional network — is the Chief Revenue Officer at one of the four vendors being evaluated.

The IT director does not disclose this relationship to the evaluation committee or to their manager. Their reasoning: the friendship has never come up in a work context, the scoring rubric is objective, they have evaluated all four vendors using the same criteria, and they genuinely believe that the vendor with whom they have a personal connection is the superior product. Their recommendation reflects the scores — the connected vendor ranks first.

A junior team member on the evaluation committee is aware that the IT director and the CRO know each other. They are not sure whether to say anything.

Choice AThe IT director proceeds without disclosure. The process was objective, the scoring speaks for itself, and disclosing the friendship would raise unnecessary questions about a recommendation that is genuinely merit-based. The junior team member says nothing — it’s not their place to raise it.

Choice BThe IT director discloses the relationship to their manager and the evaluation committee before finalizing the recommendation — and accepts whatever recusal or oversight the organization determines is appropriate. The junior team member raises the relationship with their own manager if the IT director does not disclose it.

Choice CThe IT director recuses themselves from the final recommendation without disclosing why — handing the final scoring summary to the CTO and stepping back. The junior team member says nothing.

The Right Call

Choice B — Disclose before the recommendation is finalized. The junior team member raises it if the IT director does not.

Choice C — recusing without disclosing — creates a different problem: the organization approves a vendor recommendation without knowing that the person who led the evaluation had a personal connection to the recommended vendor’s senior leadership. The CTO’s decision is made without material information. Choice B is the only response that provides the organization with the information it needs to make an informed decision — including whether the IT director’s participation needs to be reviewed, whether a third-party assessment of the scoring is warranted, or whether the recommendation stands on its own merits. The junior team member who sees an undisclosed conflict and says nothing has an unfulfilled reporting obligation.

“I’m being objective” is the most convincing rationalization for undisclosed conflicts — and the least reliable self-assessment.

Self-serving bias is one of the most well-documented phenomena in behavioral psychology. People systematically overestimate their ability to evaluate impartially when they have a personal connection to the outcome. An IT director who has known a CRO for 15 years will unconsciously weight interactions with that vendor more positively, give the benefit of the doubt in ambiguous scoring decisions, and remember strengths more readily than weaknesses — without being aware that any of this is happening. “I scored them objectively” describes the IT director’s intention. It does not describe what actually happened.

The conflict exists in the structure — not in the outcome.

This is the fundamental principle of conflicts of interest that most training programs underemphasize. The conflict of interest exists because the IT director has a personal relationship with the recommended vendor’s senior leadership — regardless of whether that relationship influenced the recommendation. The question is not “did the relationship affect the scores?” It is “is the organization’s vendor selection process defensible given the relationship?” The answer is no, until the relationship is disclosed and the organization has the opportunity to assess it.

The junior team member who becomes aware of the undisclosed conflict has a reporting obligation.

This is the moment most employees miss in training. An observer who is aware of an undisclosed conflict of interest in a vendor selection process and says nothing has failed a reporting obligation — not a legal one, necessarily, but a compliance program obligation. The junior team member’s discomfort about “going above” the IT director is understandable. But a conflict of interest that is visible to an observer and not disclosed is a procurement integrity failure that the observer has the ability — and the obligation — to address.

What personal connections require disclosure in a vendor selection process?

Any personal relationship with a vendor’s principal, senior leadership, owners, or significant shareholders that could reasonably be perceived as influencing the evaluation. This includes close personal friendships, family relationships, former employer or colleague relationships, social connections, and any financial interests in the vendor. The test is not whether the relationship actually influenced the evaluation — it is whether a reasonable person would question the objectivity of the evaluation if they knew about the relationship.

Does disclosing a personal connection automatically disqualify an employee from the vendor selection process?

Not automatically. Disclosure gives the organization the opportunity to assess the relationship and determine the appropriate response — which may include recusal from the final decision, additional oversight of the evaluation, an independent scoring review, or in some cases a determination that the relationship is sufficiently distant that no further action is required. The outcome of disclosure depends on the nature of the relationship and the organization’s conflict of interest policy. The outcome of non-disclosure is that the organization makes a vendor decision without the information it needs to assess whether the process was fair.

Does an observer who is aware of an undisclosed conflict of interest have a reporting obligation?

Under most compliance programs and codes of conduct, yes. Employees who observe a potential compliance concern — including an undisclosed conflict of interest in a procurement process — have an obligation to report it through appropriate channels. This does not require certainty that a violation has occurred. It requires a good-faith belief that a situation warrants attention. The junior team member in this scenario who knows about the relationship and says nothing has failed to act on information that is material to the organization’s vendor selection integrity.

How to Use This Scenario in Training

Recommended for procurement, sourcing, IT, and any team involved in vendor evaluation and selection. This scenario has two training audiences simultaneously: the IT director (self-serving reasoning and the disclosure obligation) and the junior team member (the bystander reporting obligation). Both training moments are valuable, yet often missing from procurement integrity training.

For related conflicts of interest scenarios covering personal relationships and professional decisions, see the Conflicts of Interest scenario cluster →

This scenario demonstrates the self-serving reasoning pattern from the Decision Readiness Engine™. Decision-ready employees recognize that “I’m being objective” is not a compliance conclusion — it is a belief about their own reasoning that the disclosure obligation was specifically designed to bypass.

More Conflicts of Interest & Third-Party Risk Scenarios