Due diligence in M&A: what the buyer investigates about the company
Tempo de leitura
8 minutes
Due diligence in M&A is the detailed investigation process that the buyer conducts on the selling company before closing the transaction. The objective is to confirm the information presented throughout the process, identify hidden risks and decide whether — and under what conditions — the deal should move forward.
Due diligence takes place after the preferred buyer has been selected, usually after the signing of an LOI, or letter of intent. The buyer receives access to documents, systems and, in some cases, to the company’s leadership team in order to conduct its analyses.
From the seller’s perspective, this is a critical phase. Not because the deal is necessarily at risk — if it has reached this stage, the interest is real. But because what the buyer finds during this stage may justify price revisions, new conditions or the inclusion of clauses that change the profile of the deal.
The investigation is usually organized by thematic areas, each one conducted by specialized teams — accountants, lawyers, tax advisors and technology specialists. The main areas are financial, legal, tax, labor, operational, commercial and technology due diligence.
In financial due diligence, the buyer revisits the last three to five years of financial statements, analyzes adjusted EBITDA, reviews working capital and evaluates the quality of receivables. What the buyer wants to confirm is whether the numbers presented during the negotiation phase reflect the company’s actual reality.
In legal due diligence, the focus is on material contracts, ongoing litigation, corporate structure, intellectual property, licenses and potential contingencies. An undisclosed liability discovered at this stage may substantially change the conditions of the deal.
The tax area investigates the company’s tax history, the regularity of ancillary obligations and exposure to tax assessments or contested credits. This is one of the most sensitive areas in Brazilian companies, given the country’s complex tax environment.
Labor due diligence looks at ongoing claims, atypical contracts, benefits beyond legal requirements and the structure of the key personnel base. The operational and commercial area reviews customer and supplier contracts, revenue concentration and dependence on specific people.
In technology companies, or in businesses with relevant digital assets, IT due diligence gains specific importance: infrastructure, information security, ownership of source code and dependence on third parties.
The main areas of due diligence are financial, legal, tax, labor, operational, commercial and technology. Each one looks at a different part of the business and helps the buyer understand whether the company being acquired is consistent with what was presented during the negotiation.
Financial due diligence reviews the income statement, balance sheet, EBITDA, working capital and receivables. The buyer is looking for signs of inflated results, undisclosed seasonality, weak receivables quality or delinquency that may affect the company’s actual performance.
Legal due diligence analyzes contracts, litigation, corporate structure, intellectual property and licenses. The main risks are hidden liabilities, overly restrictive or unfavorable contracts, shareholder disputes and legal issues that may affect the continuity or value of the business.
Tax due diligence reviews ancillary obligations, the history of tax assessments and any contested credits. In this area, the buyer is looking for relevant tax exposure, unprovisioned contingencies or risks that may generate future liabilities after the closing.
Labor due diligence investigates employment claims, atypical contracts and benefits granted outside standard legal requirements. The objective is to identify labor liabilities that may not be properly accounted for in the company’s financial statements.
Operational and commercial due diligence looks at contracts with customers and suppliers, revenue concentration and potential dependence on a small number of accounts or key relationships. The buyer is also looking for clauses such as change of control provisions, which may be triggered by the transaction and affect the continuity of important contracts.
Technology due diligence reviews infrastructure, source code, information security and dependence on third-party systems. The main risks include intellectual property issues, obsolete systems, cybersecurity vulnerabilities and technology dependencies that may limit the company’s scalability.
When the buyer identifies risks during the investigation, there are a few possible paths. The most common is to negotiate a price adjustment — a reduction in the deal value proportional to the risk identified. Another alternative is to include an escrow clause, in which part of the price is retained for a period of time to cover potential losses.
In the case of specific and measurable liabilities, the buyer may request indemnity clauses: if that risk materializes after closing, the seller is responsible for the loss. The greater the potential liability identified, the more aggressive the negotiation around these clauses tends to be.
It is important to understand that due diligence findings rarely terminate a deal. Most of the time, they change the conditions. A buyer that has reached the investigation stage has real interest — it wants to close. But it will use what it found to adjust the price or protect itself contractually.
That is why the seller’s posture matters. A company that arrives well prepared — with organized documentation, mapped liabilities and inconsistencies resolved in advance — has much more negotiating power at this stage than one that discovers problems at the same time as the buyer.
It depends on the size and complexity of the company. In mid-market transactions, due diligence usually takes between four and twelve weeks. In larger transactions, with multiple business units, subsidiaries or international presence, it may take longer.
The timeline is also influenced by the seller’s level of preparation. A company that provides documents in an organized and agile way accelerates the process. A company that gathers information gradually — or that does not have consolidated historical data — extends the phase and increases tension in the deal.
Another factor is confidentiality. Due diligence takes place under strict confidentiality. Employees, customers, suppliers and competitors should not know. Access to information is controlled through a virtual data room, and the number of people involved on the seller’s side is restricted. A leak at this stage can harm the valuation and may even jeopardize the transaction.
The data room is the digital repository where the seller organizes and makes documents available to the buyer during due diligence. It is a controlled environment — access is restricted, traceable and can be revoked at any time.
A well-structured data room reduces back-and-forth, accelerates the buyer’s analysis and conveys professionalism. The seller’s advisor — whether an investment bank or an M&A boutique — usually coordinates the preparation of the data room and defines what is made available at each stage of the investigation.
Data room organization is not an operational detail. It is where prior preparation becomes visible to the buyer. An incomplete or disorganized data room raises doubts about the quality of management — and that has a cost.
Due diligence is the moment when the buyer tests everything that was presented. A seller that arrives prepared — with mapped liabilities, reviewed contracts, audited financial history and an organized corporate structure — enters this phase with more leverage.
At igc partners, prior preparation begins long before the buyer sits at the table. In the processes we lead, preparing the data room, mapping liabilities and organizing the financial history are part of the preparation work that takes place before any market approach.
Across more than five hundred sell-side deals over 29 years, the pattern we observe is consistent: well-prepared companies go through due diligence with fewer price adjustments, fewer escrow clauses and more favorable closing conditions. Negotiation does not save a poorly prepared deal.
The owner-to-owner process we practice means that a partner follows this phase from beginning to end — not a junior team. When the buyer raises an issue, the seller has someone on their side with transaction experience to assess whether it is noise or a real risk, and how to respond.
Yes, but with consequences. The seller has the right not to disclose sensitive strategic information that goes beyond the agreed scope. In practice, systematic refusals raise suspicion and may lead the buyer to harden the conditions. The seller’s advisor helps calibrate what to answer, how and when — protecting confidentiality without creating distrust.
The most common approach is for full due diligence to begin after the LOI, which formalizes the buyer’s interest and usually includes a period of exclusivity. Before that, there may be preliminary or confirmatory due diligence, with access to more superficial information. Opening the company to a detailed investigation before there is a formal commitment from the buyer is not recommended.
Escrow is a retention account where part of the deal value remains deposited for a period after closing. It appears when the buyer identifies potential liabilities during due diligence that cannot be precisely measured. If the risk materializes, the escrow amount covers the loss. If nothing happens, the seller receives the balance within the agreed timeframe.
The buyer conducts due diligence, usually with internal teams and external law firms, audit firms and specialized consultants. On the seller’s side, the advisor — whether an investment bank or an M&A boutique — coordinates access to information, organizes the data room and guides the entrepreneur on what to answer and how to manage the flow of requests without exposing unnecessary information.
Not necessarily. Minor findings, when well documented and already provisioned by the company, are often absorbed without a price adjustment. What impacts the final check are relevant undisclosed liabilities, inconsistencies in the numbers presented or risks that are difficult to measure. Adequate prior preparation significantly reduces the likelihood of findings that compromise valuation.
By Murilo Oliveira — Partner, igc partners
