Due Diligence

What Is Due Diligence?

Due diligence is the investigative process through which a buyer verifies the information presented about a target company, identifies risks and opportunities, and builds the factual foundation for transaction pricing and structuring. It is the bridge between preliminary interest and a binding commitment.

In practice, due diligence involves teams of financial, legal, commercial, and operational specialists combing through the target’s records, contracts, financial statements, and operations to confirm that the business is what the seller represents it to be. Our M&A due diligence checklist provides a comprehensive breakdown of each workstream.

Types of Due Diligence

Financial Due Diligence

The most fundamental workstream, typically led by an accounting firm:

• Quality of earnings analysis — normalising reported EBITDA for one-off, non-recurring, and non-operational items
• Working capital analysis — establishing a normalised working capital baseline for the closing adjustment mechanism
• Net debt confirmation — identifying all debt and debt-like items to bridge from enterprise value to equity value
• Cash flow analysis — verifying that reported earnings translate into actual cash generation
• Financial projections review — stress-testing management’s forward-looking assumptions

Legal Due Diligence

Conducted by the buyer’s legal counsel:

• Corporate structure — verifying the target’s legal organisation, ownership chain, and jurisdictional registrations
• Material contracts — reviewing key customer, supplier, and partnership agreements for change-of-control provisions, termination rights, and unusual terms
• Litigation — assessing pending, threatened, or historical legal proceedings
• Regulatory compliance — confirming adherence to applicable laws, licences, and permits
• Intellectual property — verifying ownership, registrations, and freedom to operate

Commercial Due Diligence

Evaluates the target’s market position and growth prospects:

• Market sizing — total addressable market, serviceable market, and growth trends
• Competitive landscape — market share, competitor analysis, and barriers to entry
• Customer analysis — concentration, retention rates, contract terms, and satisfaction
• Revenue sustainability — recurring vs. non-recurring revenue, pipeline quality

Operational Due Diligence

Assesses the target’s operational capabilities:

• Management and organisation — quality and depth of the leadership team, key person dependencies
• Technology and systems — IT infrastructure, software platforms, cybersecurity posture (Corporate Finance Institute)
• Supply chain — supplier dependencies, sourcing risks, logistics
• Human resources — employment contracts, benefits, retention risks, cultural considerations

Additional Workstreams

• Tax due diligence — historical compliance, exposures, structural optimisation opportunities
• Environmental due diligence — contamination, regulatory compliance, remediation liabilities
• Insurance due diligence — adequacy of coverage, claims history
• ESG due diligence — environmental, social, and governance risk assessment

The Data Room

Due diligence is conducted primarily through a virtual data room (VDR) — a secure online platform where the seller uploads documents organised by category. The VDR allows controlled access, tracks which documents each bidder has reviewed, and maintains an audit trail. Emerging AI-powered data rooms are making this process faster by automating document indexing and anomaly detection. Common VDR providers include Intralinks, Datasite, and Firmex.

Red Flags

Experienced acquirers watch for warning signs during diligence:

• Inconsistencies between management representations and documented evidence
• Customer concentration — a single customer representing more than 20–30% of revenue
• Revenue quality issues — aggressive revenue recognition, channel stuffing, or one-time contracts disguised as recurring
• Off-balance-sheet liabilities — unrecorded obligations, guarantees, or contingent liabilities
• Key person dependency — critical relationships or knowledge concentrated in one or two individuals
• Deferred maintenance — underinvestment in capex, technology, or compliance

Due Diligence in Asia Pacific

Cross-border due diligence in Asia Pacific presents unique challenges. Private companies in many markets lack audited financials, requiring more intensive financial reconstruction work. Language barriers necessitate document translation and bilingual advisors. Regulatory environments differ substantially — from Australia’s well-established disclosure frameworks to emerging markets where corporate records may be incomplete. AI-powered due diligence tools are helping streamline cross-border workflows by aggregating and analysing company data across jurisdictions, reducing the manual effort required to evaluate targets in fragmented markets.