The M&A Due Diligence Process

Due diligence is a key aspect of any acquisition or investment. It is a programme of critical analysis undertaken prior to an acquisition or investment to ensure that there are no undisclosed liabilities or risks.

There are potentially enormous risks associated with buying or investing in any business and the legal adage of caveat emptor or “let the buyer beware” applies. The buyer must be satisfied as to the prospects and viability of the business and should undertake extensive due diligence investigations before committing to a purchase.

While appropriate review will not eliminate all risks, the knowledge gained can alert buyers as to what risks may exist, so that they can mitigate them going forward and ensure the deal structure and associated documentation are appropriately tailored.

Benefits of due diligence

Too often parties view due diligence as merely a “tick the box” exercise, particularly if it does not uncover any issues. However, when the process uncovers previously unknown risks, trends or shortcomings, or the process is handled poorly and loses the confidence of the buyer, the need for, and value of, undertaking appropriate due diligence becomes clear.

Some of the key benefits include:

  • Opportunity to withdraw if serious risks found

  • Opportunity to restructure, amend sale documents or reduce the purchase price if the process reveals large but non-fatal liabilities

  • Avoidance of enforcement costs

  • Verification of financial projections

  • Tailored warranties and conditions

  • Ability to invest with confidence

  • Integration and 90- or 100-day post-acquisition plans

Maximising the benefits of due diligence

In order to maximise the benefits of the due diligence process, it is essential to ensure that it has:

  • The right scope to build the right framework, questionnaire and team within the budget allocated.

  • A logical framework including a clear timetable, a list of major areas of concern and clear scope of review, an effective system for managing the process and effective confidentiality controls.

  • Cohesive teams of advisers who understand the needs of the buyer, can implement the due diligence framework, who can understand the target’s business and identify issues affecting the target industry.

  • Clear communication between the buyer and its advisers and between the advisers themselves as the issues which arise in one stream of due diligence may be relevant to other streams.

  • A co-operative target.

Inadequately planned due diligence programmes will be of limited value to the buyer. Time and energy can be wasted undertaking unnecessary due diligence or pursuing post-completion remedies forcing the buyer to recover losses under the warranties in the sale agreement.

Transaction risk

Some businesses are less risky than others. The key is for buyers to know how much risk they are prepared to accept, identify risks before a deal is struck and do what they can to reduce the impact of these on the deal and the future business.

Buyers should be clear that the breadth of their due diligence is not the only factor influencing the risk of a deal. The overall “transaction risk” (the risk of finding out undisclosed information about the business after the deal is done) is comprised of three factors — inherent risk, liability risk and due diligence risk.

Overall transaction risk can be reduced if inherent risk, liability risk and due diligence risk are reduced. It is important to note that while risk cannot be eliminated, it can be reduced with the right transaction approach.

Overall transaction risk can be reduced if inherent risk, liability risk and due diligence risk are reduced. It is important to note that while risk cannot be eliminated, it can be reduced with the right transaction approach.


The level and scope of due diligence undertaken will depend on the particular transaction, the number of parties involved and the specific needs of the buyer. For instance, in the case of a management buyout where a vendor is only prepared to provide limited warranties, PE providers and debt providers will want to carry out an extensive due diligence review, in contrast to the management team who should already have good knowledge and understanding of the business.


Due diligence can take weeks and sometimes months to complete. During the due diligence process, the due diligence team is likely to have an ongoing presence at the target’s premises.

Types of due diligence

There are four main types of due diligence undertaken:

Commercial due diligence

Commercial due diligence (CDD) is designed to test the assumptions underpinning the financial projections. It assesses how credible the assumptions are about the market and the company’s positioning within the market. CDD appraisal is more subjective than financial due diligence reviews.

Legal due diligence

A key aspect of legal due diligence (LDD) is determining the scope of the investigations by setting risk or materiality thresholds and identifying any areas of concern and often overlaps with other areas (eg tax or environment). The principal areas covered by the LDD review will include:

• Key contracts

• Financial arrangements

• Constituent documents

• Insurance

• Employees

• Intellectual property

• Superannuation/pensions

• Property

• Litigation/disputes

• Regulatory

• Tax

• Licences/permits

• Environmental

• Public registers

• Anti-money laundering

• Environmental, social and governance

Financial due diligence

Financial due diligence (FDD) occurs at an early stage in the transaction. The FDD report will consider the internal consistency of the financial information provided, however, it is not an audit and typically does not include any general opinions or assurances about a company. These are typically beyond the scope of FDD. A firm of accountants with a specialist due diligence division (“Transaction Support” or TS) is usually retained to undertake an FDD review.

At its core, it should provide a view of earnings historical and forecast, working capital, cash flows and capital expenditure. Even if a “Vendor Due Diligence Report” is provided, FDD should be carried out to review the vendor report and provide any “top-up” FDD focused on specific risk areas.

Management due diligence

An appropriate cultural fit and a management team aligned with the buyer’s vision and expectations are critical elements to achieving a successful outcome for the buyer. As a result, a buyer will be continually appraising the management team throughout a transaction from the first “pitch meeting” and beyond.

Buyers need to assess the management team and its strengths, weaknesses and experience against their view of an optimum management structure and ideal personnel to meet their requirements post-acquisition looking for any gaps in expertise, under- or over-capacity issues, or key person risk, ie. risk that key personnel will leave after the transaction resulting in material detriment to the business.

Other types of due diligence

In addition to the main due diligence investigations noted earlier, which are undertaken essentially in all transactions, there are numerous specialised due diligence reports that can be done which cater to specific aspects of a transaction, such as:

  • Environmental due diligence: environmental due diligence is important for target businesses operating in certain sectors, such as manufacturing/storage, mining, motor, chemical and heavy engineering. Environmental liability for contamination attaches to the present occupier of the property and this is the case even if the present occupier was not originally responsible for the contamination.

  • · Technical due diligence: when a target is acquired on the back of its technical position, its intellectual property or product superiority over its competition, or being the first to market and able to leverage its intellectual property monopolies, then buyers may commission a report focused on these aspects.

  • · Information technology (IT) due diligence: depending on the criticality of the systems to the overall operation of the business, specialist review may need to be given to this area. If the business has in-house developed and supported systems or systems that are critical to day-to-day business operation, IT due diligence should be undertaken to assess risk areas, quality of support and potential development/capex requirements.

Due diligence reports

Once the information has been collected and reviewed, the reviewers will prepare their due diligence report which will highlight areas of concern, draw conclusions and provide recommendations, and request further information if needed.

A report which merely lists or summarises the information collected but provides no analysis or conclusions on the risks and viability of the target will be of limited use.

“Hold harmless” letters

“Hold harmless” letters are commonly encountered in the context of a financial due diligence where the investigating accountant seeks access to the working papers of the target’s auditors for the audit of the previous years’ accounts.

Before releasing these papers, the auditors may ask for a “hold harmless” letter which prevents the buyer from suing them for any decisions the buyer makes based on the auditor’s information. Typically, the auditor’s reason is that they prepared the papers in the context of an audit only and not for the purpose of analysing the value of the target for acquisition purposes.

If the buyer does not provide a “hold harmless” letter the auditor may withhold the information. While this is not likely to be fatal to the due diligence process it will involve additional work and lower quality information may need to be relied upon.


A consistent and well thought-out due diligence protocol will help a buyer compare the merits of different investment proposals. While a buyer leads the due diligence process, much of the detailed work will be sourced to outside specialists such as bankers, accountants and lawyers. For more information on the due diligence process, contact us.

The information contained in this article is for information purposes only and does not constitute legal advice.

About the author

Nick Humphrey is the managing partner of Hamilton Locke. He is the Chairman of the Australian Growth Company Awards and author of a number of best-selling books on business and leadership including Negotiated Acquisitions and Buyouts, a plain English reference guide for mergers and acquisitions and buyouts with step-by-step advice on the key legal, tax and structuring issues when implementing transactions, published by Wolters Kluwer.


  • Nick Humphrey, Negotiated Acquisitions and Buyouts (Wolters Kluwer 2016)

  • Peter Martin and Andrew Fearon “Acquisition of the Business” (2003) PLC Private Equity Practice Manual 2.3.

  • Sunil Patel “Commercial Due Diligence — Is It Worth It?” (paper presented at seminar, Due Diligence in Business Acquisitions hosted by Legal and Accounting Management Seminars (LAAMS) NSW, 8 March 2001).

  • Garry Sharp, Alex Shinder (ed) Buyouts: A Guide for the Management Team (Euromoney Books and Montagu Private Equity, London, 2003).

Get in touch

Hamilton Locke

Address - Sydney

Suite 4201, Level 42, Australia Square

264 George Street, Sydney NSW 2000

Tel +61 2 8072 8271

Address - Melbourne

Level 13, 461 Bourke Street

Melbourne VIC 3000

Tel +61 3 8676 7735028



  • White LinkedIn Icon

Copyright Hamilton Locke 2020

Hamilton Locke is an incorporated legal practice, and not a partnership. References to ‘partners’ of Hamilton Locke are references to title only.


Liability limited by a scheme approved under Professional Standards Legislation.