M&A Due Diligence · Cluster 2

What Is Due Diligence in M&A? (And Why Skipping It Kills Deals)

HP lost $8.8 billion. Bayer destroyed $50 billion in shareholder value. Sprint wrote off $30 billion. All because due diligence failed. Here's what it actually means, what it costs, and why it's the single most important phase of any acquisition.

By Alex Lubyansky | | 18 min read

Key Takeaways

  • 1 Due diligence is the investigation phase where buyers verify everything the seller claimed about the business - before money changes hands.
  • 2 There are 9 distinct types - financial, legal, operational, tax, environmental, IT/cyber, HR, commercial, and insurance - each catching different risks.
  • 3 70-90% of M&A deals fail to deliver expected value, and inadequate due diligence is a leading cause in most post-mortems.
  • 4 Expect to invest $50K-$250K on due diligence for a middle-market deal - a fraction of what you'll lose if you skip it.
  • 5 Due diligence findings don't kill deals - they reshape them. Most issues lead to price adjustments, stronger reps and warranties, or seller remediation.

What Due Diligence Actually Means in M&A

Due diligence is the comprehensive investigation a buyer conducts after signing a letter of intent (LOI) to verify that the business they're buying is actually worth what they agreed to pay.

Think of it like a home inspection - but instead of checking for termites and foundation cracks, you're examining financial statements, contracts, lawsuits, tax returns, employee agreements, customer relationships, and dozens of other risk areas that could destroy your investment.

The critical difference: a home inspector might find $20,000 in repairs. Inadequate M&A due diligence can cost you millions. In some cases, billions.

Due Diligence in One Sentence

1

Verify

Is what the seller told you actually true?

2

Identify

What risks exist that nobody mentioned?

3

Decide

Should you close, renegotiate, or walk away?

What Happens When Due Diligence Fails

These aren't hypothetical scenarios. These are real companies that lost real money because due diligence was either skipped, rushed, or conducted by the wrong team.

HP Acquires Autonomy (2011)

Acquisition Price: $11 billion

Write-Down

$8.8B

What went wrong: HP's financial due diligence failed to detect alleged accounting misrepresentations at Autonomy. Revenue was inflated through creative recognition practices, and hardware sales were disguised as software revenue.

Lesson: Financial DD must go beyond audited statements. A proper Quality of Earnings analysis would have caught the discrepancies.

Bayer Acquires Monsanto (2018)

Acquisition Price: $63 billion

Value Destroyed

$50B+

What went wrong: Legal due diligence underestimated the Roundup litigation risk. Bayer has since paid over $10 billion in legal settlements, and the company's stock price cratered as lawsuits multiplied.

Lesson: Legal DD must assess not just current lawsuits but future litigation exposure - especially for products with regulatory scrutiny.

Sprint Acquires Nextel (2005)

Acquisition Price: $35 billion

Write-Down

$30B

What went wrong: Operational and technical due diligence failed to identify that Sprint and Nextel ran incompatible network technologies. Cultural clashes between the two companies made integration impossible.

Lesson: Operational DD and cultural assessment aren't optional. Technology incompatibility and culture clashes kill more deals than financial problems.

Verizon Acquires Yahoo (2017)

Original Price: Undisclosed

Price Reduction

$350M

What went wrong: IT/cyber due diligence failed to discover massive data breaches affecting billions of user accounts until after the deal was announced. Verizon negotiated a $350 million price reduction.

Lesson: Cybersecurity DD is no longer optional. Every deal needs an IT security assessment, especially for companies holding customer data.

The Middle-Market Reality

These are billion-dollar headlines, but the same failures happen in $2M deals and $20M deals every day. The difference? When a middle-market deal blows up, it doesn't make the news - it just destroys the buyer's personal wealth.

70-90%

of M&A deals fail to deliver expected value

40%+

have inadequate due diligence (McKinsey)

30-40%

of LOI-stage deals die in due diligence

50%

of merger value missed by poor DD (McKinsey)

AL

Attorney Insight - Alex Lubyansky

"In my experience, I've never seen a deal where due diligence found nothing. The question isn't whether problems exist - it's whether you find them before or after you write the check. The most expensive due diligence is the kind you didn't do."

The 9 Types of Due Diligence Every Buyer Needs

Most guides list 3-4 types. In practice, a thorough middle-market deal touches all nine. Here's what each covers, who conducts it, what it costs, and the red flags that should make you pause.

Type Who Conducts Timeline Cost Range Top Red Flag
Financial CPA / QoE Firm 4-6 weeks $25K-$100K Earnings don't match tax returns
Legal M&A Attorney 4-8 weeks $15K-$75K Undisclosed litigation
Operational Buyer / Consultants 3-6 weeks $10K-$60K Owner-dependent operations
Tax Tax Attorney / CPA 2-4 weeks $15K-$50K Unfiled returns or pending audits
Environmental Environmental Consultant 4-6 weeks $10K-$50K Contamination on property
IT / Cyber IT Specialist / Security Firm 3-5 weeks $15K-$80K Breach history or weak controls
HR / People HR Consultant / Attorney 2-4 weeks $10K-$40K Key employees planning to leave
Commercial Market Research / Buyer 3-5 weeks $15K-$60K Customer concentration >20%
Insurance Insurance Broker / Attorney 1-3 weeks $5K-$20K Inadequate coverage or pending claims
1

Financial Due Diligence

Financial DD is the backbone of every deal. It answers the fundamental question: Is this business actually making the money the seller says it is?

What It Examines

  • • 3-5 years of financial statements
  • • Tax returns vs. reported earnings
  • • Revenue quality and sustainability
  • • Add-backs and EBITDA adjustments
  • • Working capital trends
  • • Accounts receivable aging
  • • Debt and off-balance-sheet items

Red Flags to Watch

  • • Add-backs exceeding 30% of EBITDA
  • • Revenue declining but seller claims "growth"
  • • Tax returns don't match P&L statements
  • • Large accounts receivable over 90 days
  • • Unusual year-end journal entries
  • • Related-party transactions inflating revenue
  • • Cash basis hiding true receivables position

Pro Tip: The centerpiece of financial DD is the Quality of Earnings (QoE) report - an independent analysis that strips away creative accounting to show what the business actually earns on a normalized, recurring basis. Every deal over $1M should have one.

2

Legal Due Diligence

Legal DD identifies liabilities that survive the closing - lawsuits, contract issues, regulatory violations, and IP problems that become your problems the moment you sign.

What It Examines

  • • All material contracts and agreements
  • • Pending and threatened litigation
  • • Intellectual property ownership
  • • Corporate governance documents
  • • Change-of-control provisions
  • • Regulatory compliance history
  • • Related-party transactions

Red Flags to Watch

  • • Contracts with change-of-control termination rights
  • • IP that's licensed, not owned
  • • Active or threatened lawsuits
  • • Non-assignable permits or licenses
  • • Non-compete violations by current owners
  • • Missing corporate minutes or resolutions
  • • Seller-favorable terms with no market basis

Pro Tip: Pay special attention to change-of-control clauses in customer contracts, leases, and vendor agreements. A contract that automatically terminates upon sale can wipe out the revenue you're paying for. Your M&A attorney should flag these immediately.

3

Operational Due Diligence

Operational DD answers: Can this business run without the current owner? It examines processes, systems, supply chains, and the day-to-day reality of how the business functions.

What It Examines

  • • Process documentation and SOPs
  • • Supply chain dependencies
  • • Equipment condition and capex needs
  • • Facility leases and conditions
  • • Technology stack and systems
  • • Owner involvement in daily operations
  • • Scalability constraints

Red Flags to Watch

  • • Owner handles all key relationships personally
  • • No documented processes or training materials
  • • Single-source supplier dependencies
  • • Deferred maintenance on critical equipment
  • • Facility lease expiring within 12 months
  • • Legacy systems with no migration path
  • • Revenue tied to owner's personal reputation
4

Tax Due Diligence

Tax DD uncovers liabilities that the seller may not even know exist - unfiled returns, aggressive tax positions, and exposure to audits that become your problem in an asset purchase or stock deal.

What It Examines

  • • Federal and state tax returns (3-5 years)
  • • Sales tax compliance across jurisdictions
  • • Payroll tax filings and payments
  • • Tax audit history and outcomes
  • • Transfer pricing (multi-entity)
  • • R&D tax credit documentation
  • • Deal structure tax implications

Red Flags to Watch

  • • Unfiled state or local returns
  • • Worker misclassification (1099 vs. W-2)
  • • Sales tax nexus in states without filings
  • • Pending or recent IRS audits
  • • Aggressive deductions without documentation
  • • Payroll tax deposits not current
  • • Entity structure that doesn't match operations
5

Environmental Due Diligence

Environmental DD is critical for any deal involving real property, manufacturing, or industrial operations. Contamination liability can exceed the purchase price.

What It Examines

  • • Phase I Environmental Site Assessment
  • • Hazardous material storage and disposal
  • • EPA/state regulatory compliance
  • • Underground storage tanks
  • • Air and water discharge permits
  • • Historical use of the property

Red Flags to Watch

  • • Prior use as gas station, dry cleaner, or manufacturer
  • • Soil or groundwater contamination
  • • Expired or missing environmental permits
  • • Asbestos or lead paint in structures
  • • Nearby Superfund sites
  • • No Phase I assessment on record
6

IT / Cybersecurity Due Diligence

The Verizon/Yahoo deal proved that cybersecurity isn't optional. IT DD assesses the technology infrastructure, data security posture, and digital risks that come with the acquisition.

What It Examines

  • • IT infrastructure and architecture
  • • Cybersecurity policies and breach history
  • • Data privacy compliance (CCPA, GDPR)
  • • Software licenses and IP ownership
  • • Technology debt and upgrade needs
  • • Disaster recovery and backup systems

Red Flags to Watch

  • • Prior data breaches or security incidents
  • • No written cybersecurity policy
  • • Software built on unlicensed code
  • • No data backup or disaster recovery plan
  • • Single person managing all IT
  • • Non-compliance with industry data standards
7

HR / People Due Diligence

People DD is increasingly recognized as a make-or-break factor. The employees who stay (or leave) after closing determine whether the business maintains its value.

What It Examines

  • • Employment agreements and offer letters
  • • Compensation and benefits structure
  • • Organizational chart and key personnel
  • • Non-compete and non-solicitation agreements
  • • Union contracts and labor disputes
  • • Worker classification (employee vs. contractor)

Red Flags to Watch

  • • Key employees with no non-competes
  • • High turnover in critical positions
  • • Pending EEOC complaints or labor disputes
  • • Unfunded pension or retirement obligations
  • • Misclassified independent contractors
  • • Change-of-control triggers in employment agreements
8

Commercial / Market Due Diligence

Commercial DD validates whether the market opportunity the seller described actually exists - and whether it's growing, stable, or declining.

What It Examines

  • • Market size, trends, and growth rate
  • • Customer base diversity and loyalty
  • • Competitive landscape and positioning
  • • Sales pipeline and conversion rates
  • • Pricing power and margin sustainability
  • • Distribution channel dependencies

Red Flags to Watch

  • • Top customer is >20% of revenue
  • • Market is shrinking or commoditizing
  • • No recurring revenue or long-term contracts
  • • Competitors with significant cost advantages
  • • Regulatory changes threatening the industry
  • • Customer acquisition cost rising year-over-year
9

Insurance Due Diligence

Insurance DD is often overlooked but can reveal both hidden liabilities and gaps in coverage that you'll need to address immediately after closing.

What It Examines

  • • All active insurance policies
  • • Claims history (5 years)
  • • D&O, E&O, and general liability coverage
  • • Workers' compensation claims and rates
  • • Cyber insurance (if applicable)
  • • Policy assignability post-acquisition

Red Flags to Watch

  • • Frequent workers' comp claims
  • • Policies that don't transfer to new owner
  • • Coverage gaps in key risk areas
  • • Pending claims against the business
  • • Premium increases suggesting hidden risks
  • • No cyber insurance despite handling customer data

What Due Diligence Actually Costs

Due diligence isn't free - but it's a fraction of the losses you'll absorb if you skip it. Here's a realistic budget for a middle-market deal.

Deal Size Financial DD Legal DD Other DD Total DD Budget % of Deal
Under $1M $5K-$15K $10K-$25K $5K-$10K $20K-$50K 2-5%
$1M-$5M $25K-$50K $15K-$40K $15K-$40K $55K-$130K 2-4%
$5M-$15M $50K-$100K $30K-$75K $30K-$75K $110K-$250K 1-3%
$15M-$50M $75K-$150K $50K-$100K $50K-$100K $175K-$350K 1-2%

The ROI math: Spending 1-3% of the deal value on due diligence protects the other 97-99%.
Compare this to HP's $8.8 billion write-down on an $11 billion deal - that's an 80% loss.

Don't Discover Problems After Closing

Our due diligence team has deep M&A experience. We know exactly where deals hide their problems - and we find them before you write the check.

Request Engagement Assessment 15+ years M&A experience at competitive rates · Nationwide · Managing partner on every deal

The Due Diligence Process: Step by Step

Here's how due diligence actually unfolds in a typical middle-market acquisition, from LOI signing to final report.

1

Scoping & Planning

Week 1

Your M&A attorney and financial advisor define the scope of due diligence based on the deal size, industry, and risk profile. They create a document request list and establish the data room structure.

Key Deliverables

  • • Due diligence document request list (100-300+ items)
  • • Virtual data room setup and access
  • • DD timeline and responsibility matrix
  • • Advisor engagement letters signed
2

Document Collection & Review

Weeks 2-4

The seller populates the data room with requested documents. Your team reviews them in parallel - attorney on legal docs, CPA on financial docs, and you on operational items.

Watch for: Sellers who are slow to upload documents. Delay is often a red flag - either the documents don't exist, or they contain information the seller doesn't want you to see.

3

Deep-Dive Analysis

Weeks 3-6

This is where the real investigation happens. Your QoE firm analyzes financial records, your attorney reviews every material contract, and you conduct site visits and management interviews.

Critical Activities

  • • Quality of Earnings analysis completed
  • • Customer and vendor reference calls
  • • Site visits and facility inspections
  • • Management team interviews
  • • Environmental assessments (if applicable)
4

Issue Identification & Follow-Up

Weeks 5-8

As findings emerge, your team creates a running issue log. Each issue is categorized by severity and potential impact on deal terms. Follow-up questions go to the seller for clarification.

Issue Severity Framework

LOW

Note for post-close

MEDIUM

Adjust terms or price

HIGH

Deal-breaker territory

5

Report & Negotiation

Weeks 8-10

Your team compiles all findings into a due diligence report. This report drives the final negotiation of the purchase agreement - including representations and warranties, indemnification provisions, and any purchase price adjustments.

What Happens When Due Diligence Finds Problems

Here's the part most guides skip: due diligence findings don't automatically kill deals. They reshape them. Here are the four most common outcomes.

1

Purchase Price Reduction

The most common outcome. Material findings justify renegotiating the price - typically 5-15% for moderate issues, 15-30% for significant problems.

Example

QoE reveals EBITDA is $200K less than represented. At a 4x multiple, buyer negotiates a $800K price reduction.

2

Enhanced Reps & Warranties

For risks that may or may not materialize, the seller provides stronger representations and warranties backed by indemnification.

Example

Pending lawsuit found. Seller provides a special indemnity with a 3-year survival period and $500K escrow holdback.

3

Seller Remediation

Seller agrees to fix the problem before closing - resolving the lawsuit, correcting the tax filing, or fixing the environmental issue at their expense.

Example

Worker misclassification found for 12 contractors. Seller reclassifies them as W-2 employees and pays back payroll taxes before closing.

4

Deal Termination

When the findings are severe enough - fraud, environmental contamination, or fundamental business misrepresentation - the buyer walks away.

Example

Financial records show 60% of revenue comes from one customer who is planning to leave. Buyer terminates under the LOI's DD contingency.

The 10 Most Common Due Diligence Findings

After years of focused M&A practice, these are the findings we see most often - ranked by how frequently they reduce purchase price or kill deals entirely.

1

EBITDA Doesn't Match Reality

Seller's add-backs don't hold up under QoE scrutiny. "One-time expenses" that recur annually, personal expenses buried in COGS, or revenue recognized before delivery.

Impact: Price reduction of 1-3x the EBITDA gap at deal multiple

2

Customer Concentration

One customer represents 20%+ of revenue. If that customer leaves post-acquisition, the business value drops dramatically.

Impact: Earnout structures, price reduction, or deal termination

3

Undisclosed Litigation

Pending lawsuits, threatened claims, or regulatory actions the seller "forgot" to mention. Especially dangerous in stock/equity purchases where all liabilities transfer.

Impact: Special indemnity, escrow holdback, or deal termination

4

Tax Compliance Problems

Unfiled returns, worker misclassification, sales tax nexus issues, or aggressive deductions without documentation.

Impact: Seller remediation required before closing, or tax escrow

5

Key Employee Flight Risk

Critical employees with no non-competes, no retention agreements, or who are personally loyal only to the seller. They leave, and the business value walks out the door.

Impact: Employment agreements and retention bonuses as closing condition

6

Contract Assignment Issues

Key customer or vendor contracts that can't be assigned without consent, or that contain change-of-control termination provisions.

Impact: Consent as closing condition, or restructured deal to avoid triggering provisions

7

Working Capital Shortfall

Seller has been depleting working capital in anticipation of the sale - running down inventory, collecting receivables aggressively, or delaying vendor payments.

Impact: Working capital adjustment at closing

8

Environmental Contamination

Phase I assessment reveals potential contamination requiring Phase II testing. Cleanup costs can range from $50K to millions depending on severity.

Impact: Environmental escrow, seller cleanup, or deal restructuring

9

Lease Problems

Facility lease expiring soon, above-market rent, landlord consent required for assignment, or personal guarantees that don't transfer.

Impact: Lease extension as closing condition, or new lease negotiation

10

IP Ownership Gaps

The company's core technology, brand, or trade secrets aren't properly protected - no IP assignment agreements from founders or developers, expired trademarks, or disputed patents.

Impact: IP assignment as closing condition, or R&W insurance

For Sellers: How to Prepare for Due Diligence

If you're selling your business, proactive preparation can accelerate closing by weeks and protect your sale price. Here's the 90-day pre-market checklist.

MONTHS 1-2

Organize & Clean Up

  • • Compile 3-5 years of financial statements
  • • Ensure tax returns are filed and current
  • • Organize all contracts in one location
  • • Review and update employee files
  • • Identify and document all IP assets
  • • Get any deferred maintenance completed
  • • Resolve any pending legal issues
MONTH 2-3

Pre-DD Self-Audit

  • • Run your own QoE-style financial review
  • • Identify any customer concentration risks
  • • Verify all licenses and permits are current
  • • Review insurance coverage adequacy
  • • Check for worker classification issues
  • • Document key processes and SOPs
  • • Brief your management team
PRE-MARKET

Data Room Prep

  • • Set up virtual data room (VDR)
  • • Upload documents organized by category
  • • Prepare a seller disclosure schedule
  • • Draft an executive business summary
  • • Identify items that need explanation
  • • Prepare answers to common DD questions
  • • Engage your own M&A attorney
AL

Attorney Insight - Alex Lubyansky

"Sellers who do their own pre-sale due diligence consistently get higher purchase prices and faster closings. When a buyer's team finds a clean data room with answers ready for every question, it builds confidence - and confident buyers don't look for reasons to cut the price."

Case Study: How Due Diligence Saved a $3.2M Deal

Deal Type

Asset Purchase

Purchase Price

$3.2M

Industry

B2B Services

DD Duration

75 Days

The Situation

A buyer agreed to acquire a B2B services company for $3.2M based on seller-reported EBITDA of $800K (4x multiple). The business appeared clean on the surface - strong revenue growth, long-term customer contracts, and experienced management team.

What Due Diligence Found

!

Financial: QoE revealed $150K in non-recurring add-backs that the seller treated as recurring. True EBITDA was $650K, not $800K.

!

Legal: One customer contract (18% of revenue) had a change-of-control termination clause. Customer consent was needed.

!

Tax: 3 independent contractors were misclassified - back payroll taxes of approximately $45K owed.

!

Operational: The owner personally managed the top 5 accounts, with no transition plan for post-closing.

How It Was Resolved

Finding Resolution Financial Impact
EBITDA gap ($150K) Price reduction at 4x multiple -$600K
Customer consent needed Consent obtained as closing condition $0
Contractor misclassification Seller remediation before close -$45K (seller paid)
Owner-dependent operations 12-month consulting agreement + earnout Structured
Final Purchase Price $2.6M (was $3.2M)

Result: The buyer saved $600K+ through thorough due diligence - more than 10x the cost of the DD process itself. The deal closed successfully with adjusted terms that properly reflected the business's true value and risk profile.

The Most Expensive Due Diligence Is the Kind You Didn't Do

Whether you're buying or selling, Acquisition Stars provides comprehensive due diligence guidance that protects your deal from hidden risks.

Every Deal

Partner-Led

50 States

Nationwide Practice

Personal

Alex on Every Deal

Request Engagement Assessment

Managing partner on every deal. Response within 24 hours.

Frequently Asked Questions

What is due diligence in mergers and acquisitions? +
Due diligence in M&A is the comprehensive investigation a buyer conducts after signing a letter of intent (LOI) to verify everything the seller has represented about the business. It covers financial records, legal matters, operations, tax compliance, HR, IT systems, and more. The goal is to confirm the business is worth the agreed price and identify any hidden risks before closing.
How long does M&A due diligence take? +
Most middle-market due diligence periods run 60-90 days from the start of the investigation to completion. Complex deals with regulatory approvals, multi-location operations, or international components can extend to 120 days. The timeline depends on seller responsiveness, data room organization, and the number of advisors involved.
How much does due diligence cost? +
For middle-market deals ($1M-$50M), total due diligence costs typically range from $50,000 to $250,000, covering legal review ($15,000-$75,000), Quality of Earnings analysis ($25,000-$100,000), environmental assessments ($10,000-$50,000), and specialized consultants as needed. The cost generally runs 1-3% of the deal value.
What happens if due diligence reveals problems? +
Due diligence findings typically lead to one of four outcomes: purchase price reduction (most common - buyers negotiate 5-15% reductions for material issues), enhanced representations and warranties in the purchase agreement, seller remediation before closing (fixing the problem), or deal termination if the issues are severe enough. Most deals survive due diligence with adjusted terms.
Can you skip due diligence to close faster? +
Technically yes, but it's extremely risky. Buyers who skip or rush due diligence face successor liability for unknown debts, undisclosed litigation, tax liens, environmental contamination, and contract violations. The cost of proper due diligence ($50,000-$250,000) is a fraction of the potential exposure from unknown liabilities that could reach millions.
What is a Quality of Earnings (QoE) report? +
A Quality of Earnings report is a financial due diligence analysis conducted by an independent accounting firm that verifies the target's reported earnings are real, recurring, and sustainable. It examines add-backs, one-time adjustments, revenue recognition, and normalized EBITDA. QoE reports cost $25,000-$100,000 and are considered essential for any deal over $1M.
What's the difference between buyer and seller due diligence? +
Buyer due diligence investigates the target to verify value and identify risks. Seller due diligence (also called vendor due diligence) is when the seller proactively investigates their own business before going to market, identifying and fixing issues in advance. Seller-side DD typically results in faster closings and higher sale prices because it reduces buyer uncertainty.
Who conducts due diligence in an M&A deal? +
The buyer's team conducts due diligence, typically including an M&A attorney (legal review, contracts, litigation), a CPA or financial advisor (Quality of Earnings, tax analysis), and the buyer themselves (operational review, customer conversations). For deals over $10M, specialized consultants may handle environmental, IT/cyber, or regulatory assessments.
What is a data room in M&A due diligence? +
A virtual data room (VDR) is a secure online platform where the seller uploads all documents requested during due diligence - financial statements, contracts, tax returns, employee records, and more. Common platforms include Datasite, Intralinks, and Firmex. A well-organized data room accelerates due diligence by weeks and signals seller professionalism.
What are the most common due diligence red flags? +
The most frequent deal-threatening findings include: customer concentration (one customer representing 20%+ of revenue), financial discrepancies between reported and actual earnings, undisclosed litigation or pending lawsuits, tax compliance issues, key employee flight risk, environmental contamination, expiring or non-assignable contracts, and regulatory non-compliance. Any of these can reduce purchase price by 10-30% or kill the deal entirely.

Related Resources

DD

M&A Due Diligence: The Complete Guide

The comprehensive pillar guide covering every aspect of M&A due diligence
7S

Business Acquisition Process: 7 Steps

Where due diligence fits in the broader acquisition timeline
RW

Representations and Warranties in M&A

How DD findings translate into purchase agreement protections
AP

Asset Purchase Agreement Guide

Understanding the document that captures your DD findings