Skip to content
Keelstar

Guide

How to Build a Vendor Onboarding Checklist

By Keelstar Team · Updated July 11, 2026

The short answer

Start with your risk tiers: what every vendor must provide before first PO, what high-spend vendors add, and what regulated categories require extra screening. List each document and approval as a discrete checklist item with an owner, deadline, and pass/fail criteria. Include W-9, COI, banking, contract execution, exclusion screening, and internal approval gates. Publish the checklist in your vendor portal or workflow tool so status is visible — not buried in a shared spreadsheet only one buyer maintains. Review the checklist quarterly against audit findings and payment holds to remove steps nobody uses and add gaps you discovered the hard way.

Define tiers before listing tasks

A checklist without tiers becomes either too heavy for small vendors or too light for critical suppliers. Map spend thresholds, data access, and regulatory exposure first. Tier 1 might require full packet plus legal review; Tier 3 might need W-9 and COI only.

  • Annual spend or contract value bands
  • Access to PHI, PII, or financial systems
  • On-site work vs remote-only services
  • Government or grant-funded spend rules

Separate collection from approval

Checklist items should distinguish document collection (vendor action) from internal approval (your action). Mixing them in one column hides who is blocking progress. Status views should show waiting on vendor vs waiting on internal reviewer.

Assign owners to every gate

Each checklist step needs a named owner and backup — tax for W-9, risk for COI, legal for contract, AP for banking. Unowned steps stall onboarding for weeks because everyone assumes someone else will act.

Tie checklist completion to payment release

The checklist only works when incomplete status blocks PO issuance or first payment. Publish the policy to vendors upfront so they understand why document requests are not optional administrative noise.

Version control and audit evidence

When you change requirements, version the checklist and apply the new version to vendors onboarded after the effective date. Retain which checklist version applied to each vendor for audit — especially after mergers or policy updates.

Frequently asked questions

What belongs on a minimum vendor onboarding checklist?
Legal name verification, W-9, COI meeting your limits, signed contract or PO terms acceptance, banking details with dual approval, and internal stakeholder sign-off. Add exclusion screening if you are in healthcare or government-adjacent spend.
Should procurement or AP own the checklist?
Procurement usually owns the master checklist; AP owns tax and payment gates. One published version prevents buyers from skipping steps finance requires later.
How often should we update the checklist?
Review quarterly and after every audit or significant payment hold incident. Tax, insurance, and screening requirements change — static checklists go stale within a year.
Can we use the same checklist for all vendor types?
Use a base checklist plus tier overlays. Contractors, SaaS vendors, and facilities vendors need different documents — tiering prevents over-collecting from low-risk vendors and under-collecting from high-risk ones.

Related guides

Put this into a monitored workflow

Vendor Packet handles this continuously — with reminders and an audit trail.