M&A Resource

M&A Due Diligence Checklist

171 items organized by category to ensure thorough investigation of your acquisition target. Never miss a critical document or question.

171

Total Items

104

Critical Items

What Is Due Diligence in M&A?

Due diligence is the comprehensive investigation a buyer conducts before completing an acquisition. It's the process of verifying everything the seller has represented about the business-and uncovering what they haven't disclosed.

Think of due diligence as a thorough home inspection before buying a house-except the "house" is an entire business with employees, contracts, legal obligations, and hidden risks. Inadequate due diligence is responsible for 31% of M&A failures.

Verify Claims

Confirm that the seller's representations about revenue, customers, and operations are accurate.

Identify Risks

Uncover hidden liabilities, pending litigation, customer concentration, and other deal-breakers.

Protect Investment

Inform deal structure, negotiate protections, and know what you're buying before closing.

Who Conducts Due Diligence?

M&A Attorneys

Legal DD: contracts, corporate docs, litigation, compliance

CPAs / Financial Advisors

Financial DD: statements, taxes, quality of earnings

Industry Consultants

Operational DD: processes, market, competitive analysis

Buyer's Internal Team

Coordination, integration planning, cultural assessment

Jump to Category

Financial Due Diligence (25) Legal Due Diligence (26) Operational Due Diligence (20) Human Resources Due Diligence (25) Technology & IT Due Diligence (25) Commercial Due Diligence (20) Environmental Due Diligence (15) Regulatory & Compliance Due Diligence (15)

Complete Due Diligence Checklist

171 items across 8 categories. Items marked with Critical are essential for every transaction.

Financial Due Diligence

Review financial statements, accounting practices, and fiscal health

items

Audited financial statements (3 years)

Critical

Unaudited monthly financials (24 months)

Critical

Federal and state tax returns (3 years)

Critical

Quality of earnings analysis

Critical

Accounts receivable aging report

Critical

Accounts payable aging report

Revenue recognition policies

Critical

Deferred revenue schedule

Working capital analysis

Critical

Capital expenditure history and projections

Debt schedule with terms and covenants

Critical

Bank statements (12 months)

Inventory valuation and aging

Fixed asset register

Chart of accounts

Intercompany transactions and balances

Related party transactions

Critical

Contingent liabilities and off-balance-sheet items

Critical

Insurance policies and claims history

Budget vs. actual variance analysis

Financial projections and assumptions

Critical

Cash flow statements and projections

Critical

Break-even analysis

Gross margin analysis by product/service

EBITDA adjustments and add-backs

Critical

Legal Due Diligence

Review corporate documents, contracts, and legal compliance

items

Certificate of incorporation and amendments

Critical

Bylaws and operating agreement

Critical

Good standing certificates (all jurisdictions)

Critical

Board meeting minutes (3 years)

Shareholder/member meeting minutes

Capitalization table and equity agreements

Critical

Stock option plans and grants

Critical

Material contracts list

Critical

Customer contracts (top 20)

Critical

Supplier/vendor contracts (top 10)

Critical

Lease agreements (real estate)

Critical

Equipment leases

Loan and credit agreements

Critical

Guarantees and security interests

Critical

Partnership and joint venture agreements

Licensing agreements (in and out)

Critical

Distribution and reseller agreements

Non-compete and non-solicitation agreements

Critical

Pending and threatened litigation

Critical

Litigation history (5 years)

Regulatory correspondence and investigations

Critical

Consent decrees and settlement agreements

Critical

Change of control provisions in contracts

Critical

Assignment and consent requirements

Critical

Powers of attorney

UCC filings and liens

Critical

Operational Due Diligence

Review business operations, facilities, and processes

items

Organization chart

Critical

Business process documentation

Facilities list with square footage

Critical

Equipment and machinery list

Maintenance and repair records

Production capacity analysis

Quality control procedures

Critical

Product/service delivery processes

Supply chain overview

Critical

Vendor concentration analysis

Critical

Inventory management systems

Logistics and distribution network

Key operational metrics and KPIs

Critical

Capacity utilization rates

Backlog and order pipeline

Critical

Product roadmap and development pipeline

Manufacturing agreements

Warranties and returns history

Critical

Business continuity and disaster recovery plans

Critical

Standard operating procedures (SOPs)

Human Resources Due Diligence

Review employees, compensation, benefits, and workplace matters

items

Employee census with titles and tenure

Critical

Executive team biographies

Critical

Employment agreements (key employees)

Critical

Compensation structure and salary ranges

Critical

Bonus and incentive plans

Critical

Commission structures

Health and welfare benefit plans

Critical

Retirement and pension plans

Critical

Stock option and equity compensation plans

Critical

Employee handbook and policies

Offer letter templates

Severance policies and agreements

Critical

Non-compete agreements (employees)

Critical

Non-disclosure agreements (employees)

Independent contractor agreements

Critical

Contractor vs. employee classification review

Critical

Union agreements and labor relations

Critical

OSHA compliance and workplace safety records

Workers' compensation claims history

Employee turnover statistics

Critical

Pending employment claims or litigation

Critical

I-9 and work authorization compliance

Critical

Key person risk assessment

Critical

Succession planning

Training and development programs

Technology & IT Due Diligence

Review technology systems, intellectual property, and cybersecurity

items

IT infrastructure overview

Critical

Software and systems inventory

Critical

Software license agreements

Critical

Cloud service agreements (AWS, Azure, etc.)

Critical

SaaS subscriptions and contracts

Data architecture and database documentation

API integrations and dependencies

Source code ownership and access

Critical

Technology development roadmap

Patent portfolio

Critical

Patent applications pending

Trademark registrations

Critical

Trade secrets inventory

Critical

IP assignment agreements

Critical

Open source software usage

Critical

Cybersecurity policies and procedures

Critical

Data breach history

Critical

Penetration testing results

SOC 2 or security audit reports

Critical

Data privacy policies (GDPR, CCPA)

Critical

IT disaster recovery plan

Critical

System uptime and reliability metrics

Technical debt assessment

IT budget and spending history

Commercial Due Diligence

Review customers, market position, and competitive landscape

items

Customer list with revenue by customer

Critical

Customer concentration analysis

Critical

Customer retention and churn rates

Critical

Customer satisfaction scores (NPS, CSAT)

Sales pipeline and forecasting

Critical

Win/loss analysis

Pricing strategy and history

Critical

Discount policies and practices

Sales compensation and incentives

Marketing strategy and budget

Brand and trademark assets

Critical

Website analytics and traffic data

Market size and growth analysis

Critical

Competitive landscape analysis

Critical

Market share estimates

Industry trends and outlook

Regulatory environment impact

Critical

Geographic market coverage

Channel partner relationships

Customer reference calls (5-10)

Critical

Environmental Due Diligence

Review environmental compliance, permits, and potential liabilities

items

Environmental permits and licenses

Critical

Environmental compliance history

Critical

Phase I Environmental Site Assessment

Critical

Phase II Assessment (if triggered)

Critical

Hazardous materials handling procedures

Critical

Waste disposal practices and records

Air and water discharge permits

Underground storage tank records

Critical

Asbestos and lead paint surveys

Contamination remediation history

Critical

EPA or state agency correspondence

Critical

Environmental insurance policies

Sustainability and ESG programs

Carbon footprint and emissions data

Environmental litigation history

Critical

Regulatory & Compliance Due Diligence

Review regulatory compliance, licenses, and government relations

items

Business licenses and permits

Critical

Professional licenses (if applicable)

Critical

Industry-specific regulatory compliance

Critical

FDA, FCC, or other agency approvals

Critical

Import/export licenses and compliance

Government contracts and compliance

Critical

Anti-corruption and FCPA compliance

Critical

Anti-money laundering (AML) compliance

Data privacy and protection compliance

Critical

HIPAA compliance (if applicable)

Critical

PCI DSS compliance (if applicable)

Critical

SEC filings and compliance (if public)

Critical

Regulatory examination history

Critical

Consent orders or regulatory settlements

Critical

Lobbying and political contributions

How to Use This Due Diligence Checklist

Customize for Your Deal

Not every item applies to every transaction. Remove items that don't apply to your target's industry or size. Add industry-specific items as needed.

Prioritize Critical Items

Start with items marked "Critical"-these are must-haves for every deal. They often reveal deal-breakers or major valuation adjustments.

Assign Workstreams

Divide the checklist among your deal team. Attorneys handle legal, CPAs handle financial, and your internal team coordinates everything.

Track in Data Room

Use your virtual data room's checklist feature to track which documents have been provided, reviewed, and flagged for follow-up.

Pro Tip: The Checklist Is Just the Start

A checklist ensures you don't miss obvious items, but thorough due diligence requires follow-up questions, verification of claims, and judgment about what the documents reveal. The checklist gets you documents-analysis turns them into insights.

Common Due Diligence Mistakes to Avoid

Rushing the Process

Compressing DD to under 45 days to meet arbitrary deadlines. Speed kills deals. Allow 60-90 days minimum for middle-market transactions.

Accepting Documents at Face Value

Getting the documents is step one. Verifying their accuracy through third-party confirmation, customer calls, and independent analysis is the actual work.

Ignoring Cultural Fit

Focusing exclusively on financials and legal issues while ignoring management style, employee culture, and integration challenges. 30% of integration failures cite cultural clash.

Not Talking to Customers

Relying on seller-provided customer data without conducting reference calls. Direct customer conversations reveal satisfaction, contract stability, and competitive threats.

Skipping Quality of Earnings

Trusting financial statements without independent QoE analysis. QoE reveals adjusted EBITDA, sustainability of earnings, and working capital true-ups that affect valuation.

Related Due Diligence Resources

Buyer's Guide to Due Diligence

Complete walkthrough of the DD process from LOI to closing

Due Diligence Red Flags

Warning signs that should make you walk away from a deal

Acquisition Timeline Guide

How long DD takes and what happens at each phase

M&A Failure Rate Statistics

31% of failures trace back to inadequate DD

Frequently Asked Questions

What is a due diligence checklist?

A due diligence checklist is a comprehensive list of documents, information, and questions that buyers use to investigate a target company before completing an acquisition. It ensures systematic review of all material aspects of the business including finances, legal matters, operations, employees, technology, and compliance.

How many items should be on a due diligence checklist?

A thorough M&A due diligence checklist typically contains 100-200+ items, organized by category. The exact number depends on deal complexity, industry, and company size. Small deals may require 75-100 items, while complex transactions may need 300+ items across specialized workstreams.

What are the main categories of due diligence?

The main due diligence categories are: Financial (statements, taxes, working capital), Legal (contracts, litigation, compliance), Operational (facilities, processes, supply chain), Human Resources (employees, benefits, key person risk), Technology/IT (systems, IP, cybersecurity), Commercial (customers, market, competition), and Environmental (permits, contamination, compliance).

Who is responsible for due diligence in M&A?

The buyer is primarily responsible for conducting due diligence, though the seller must provide requested information. Buyers typically engage specialists: M&A attorneys for legal DD, CPAs for financial DD, and industry consultants for operational DD. The buyer's deal team coordinates all workstreams.

How long does due diligence take?

Due diligence typically takes 6-12 weeks for middle-market deals. Small deals may complete in 4-6 weeks, while large or complex transactions can require 12-16+ weeks. Rushing below 45 days significantly increases risk-research shows deals with adequate DD time have 34% higher success rates.

What happens if due diligence finds problems?

When due diligence uncovers issues, buyers have several options: renegotiate the purchase price, require seller representations and warranties, demand escrow holdbacks for specific risks, include indemnification provisions, require issues to be resolved pre-closing, or walk away from the deal entirely.

What is a data room in M&A?

A data room (typically a virtual data room or VDR) is a secure online repository where sellers upload documents for buyer review during due diligence. Data rooms track who accesses what documents, maintain version control, and allow Q&A between parties. Common providers include Intralinks, Merrill, and Firmex.

What are common due diligence red flags?

Common red flags include: customer concentration over 20% with one client, key person dependencies, declining revenue trends, pending litigation, regulatory compliance gaps, off-balance-sheet liabilities, inconsistent financial records, high employee turnover, and reluctance to provide requested documents.

Need Help with Due Diligence?

A checklist is just the start. Acquisition Stars provides legal counsel for buyers navigating the due diligence process-from document review to issue negotiation to closing.

Request Engagement Assessment Read Our DD Guide

This checklist is for educational purposes and general guidance. Every transaction is different-some items may not apply, and industry-specific items may need to be added. Consult with qualified legal, financial, and industry advisors for due diligence specific to your transaction.