DE
Important facts
- What is due diligence?
- Due diligence is the systematic and thorough examination of a company, project or investment in order to assess opportunities and risks before an important decision is made.
- Why is due diligence important?
- It is important because it creates transparency, minimizes risks, fulfills legal obligations and provides a sound basis for decision-making.
- What types of examination are there?
- There are different types, such as financial, legal, tax, operational, commercial and ESG due diligence.
- When is due diligence used?
- It is used before company takeovers, investments, real estate purchases, in supply chain audits and when selecting business partners.
- What are the benefits of thorough due diligence?
- A thorough company audit reduces the risk of wrong decisions, strengthens the confidence of investors and partners and can ensure the long-term success of the company.
Due diligence refers to the careful examination of all relevant information prior to important business decisions, such as takeovers, investments or major projects. The aim is to realistically assess opportunities, identify risks at an early stage and comply with legal due diligence obligations.
The process comprises different areas of examination: Financial due diligence analyzes balance sheets, sources of income, cost structures and liquidity. Legal due diligence examines the corporate structure, contracts, approvals, ongoing proceedings and compliance issues. Tax due diligence examines tax risks, outstanding receivables and optimization opportunities. The operational due diligence examines the business model, processes, IT, organization and employee structure. Commercial due diligence evaluates the market, competition, customer structures and industry trends. ESG due diligence, which focuses on environmental, social and governance aspects - from CO₂ emissions to human rights in the supply chain - is becoming increasingly important.
Challenges arise primarily due to incomplete data, high time and cost expenditure, international differences and the handling of confidential information. A successful audit therefore requires a clear structure, interdisciplinary cooperation and, if necessary, the use of external experts. If implemented correctly, it not only reduces risks, but also creates strategic advantages, strengthens the trust of investors and business partners and supports compliance with national and international standards.
Never miss an update on compliance again.
New specialist articles, regulatory updates and practical tips, straight to your inbox. Once a week, no spam.
What is due diligence - and why is it important?
Definition of due diligence
By definition, due diligence means "due care" and describes the thorough examination of companies, real estate, projects or transactions before an important decision is made - for example, when buying a company, entering into a partnership or making a major investment. Synonyms are company audit or due diligence.
The term originates from Anglo-American law and finance. In the 1930s, it was mainly used in securities law in the USA: Banks and brokers were obliged to carefully check all key information before selling securities. Today, due diligence is standard in many areas - from company takeovers and real estate transactions to sustainability assessments.
Due diligence is not just a formal mandatory step, but a strategic tool. It creates transparency, provides a sound basis for decision-making and, in the event of a dispute, can prove that all available facts have been taken into account.
It examines finances, contracts, tax aspects, internal processes, technical structures, market conditions and sustainability factors (ESG: environmental, social and governance). From a legal perspective, due diligence also serves as proof of compliance with due diligence obligations.
A careful review uncovers potential problems - from financial discrepancies and unresolved legal issues to weaknesses in the business model. This significantly reduces the likelihood of costly mistakes. Critical points, so-called deal breakers, can be identified early on before they jeopardize the success of the transaction.
Conversely, a thorough review also opens up strategic advantages: Potential for value enhancement, possible synergies and obstacles to integration identified at an early stage can be incorporated directly into the contract design - for example through tax optimization, better financing conditions or adjustments to the organizational structure.
Where due diligence is used
Mergers & Acquisitions (M&A)
The most common use case is the acquisition or merger of a company. Buyers want to be sure that all the information is correct and that there are no hidden risks - such as undisclosed debts or ongoing legal proceedings. The review often begins during the price negotiations and includes management meetings and the analysis of extensive documents, which are typically provided in a virtual data room.
Real estate and infrastructure projects
In the case of real estate, the audit focuses on technology, law and economics: the building fabric, infrastructure, rental agreements, permits, possible contaminated sites and rentability are the focus. In the case of infrastructure projects - such as wind farms - expert opinions on soil conditions, grid connections and expected electricity yields are also included.
Supply chain and partner audits
The German Supply Chain Due Diligence Act (LkSG), which has been in force since January 2023, significantly increases the requirements for corporate due diligence. Companies with 1,000 or more employees are obliged to uphold human rights and identify environmental risks along the entire value chain. The audit covers working conditions, environmental standards and measures against child labor and corruption.
Financing decisions and investments
Banks, venture capital firms, private equity investors and other lenders use due diligence reports to scrutinize risks before investing or lending and thus the financial situation. Depending on internal rules and strategy, the focus is often on analyzing the business model, market prospects, financial reports and corporate governance. Crowdfunding platforms also require companies to provide comprehensive disclosure.
The six most important types of due diligence
Financial due diligence (financial due diligence)
Financial due diligence is the basis of almost every company audit. It should provide a clear picture of the economic situation and the financial situation and identify potential risks at an early stage. Among other things, the annual financial statements of recent years, profit and loss statements, liquidity reports, existing liabilities, cash flow forecasts and business plans are examined. The focus is on questions such as: Do the figures presented match the audited documents? Are there any one-off effects that distort the results? And how does the debt burden affect future investments?
This process often uncovers weaknesses that were not previously visible - such as overly optimistic sales forecasts, excessive stock levels or a lack of provisions.
Typical focal points are
- Revenue sources: Efficiency, stability and sustainability of income
- Cost structure: development of margins and fixed costs
- Financial obligations: Loans, leasing contracts, contingent liabilities
- Working capital: ratio of receivables, liabilities and inventories
Legal due diligence (legal due diligence)
The purpose of legal due diligence is to examine all legal aspects of a company or project. The aim is to identify potential legal risks and ensure the legal certainty of the transaction. This involves examining not only the legal existence and structure of the target company, but also compliance with all relevant legislation and regulations. The focus is on questions such as: Are there any ongoing or impending legal disputes? Are all permits and licenses valid? Are data protection regulations and labor law requirements being complied with?
Compliance with anti-corruption and money laundering laws - such as the UK Bribery Act or the US Foreign Corrupt Practices Act (FCPA) - is particularly important for international transactions. The results of this analysis can have a direct influence on the purchase price, the contract design or even the decision for or against the transaction.
Typical test fields are
- Corporate law: incorporation documents, shareholders' agreements, shareholding structures
- Contracts: Important supplier and customer contracts, loan and leasing agreements, license agreements
- Permits and licenses: Validity, completeness and transferability
- Legal disputes: Ongoing proceedings, potential liability risks, arbitration proceedings
- Compliance: compliance with anti-corruption laws, competition and antitrust law, sanctions lists
- Employment law: collective agreements, works agreements, termination regulations
Tax due diligence (tax due diligence)
Tax due diligence examines all of a company's tax risks and obligations. The aim is to identify possible back payments, outstanding receivables or future charges at an early stage and to take advantage of any room for maneuver. Not only past tax years are considered, but also current tax periods and planned transactions. The focus is on questions such as: Are there any unresolved tax claims or outstanding assessments? Are tax audits pending? Have aggressive tax structures been used that could be contested by the authorities?
The analysis of the tax structure is particularly crucial in an international environment, as differing legal situations, double taxation agreements or new changes to the law can have a significant financial impact. The results of the tax due diligence often flow directly into the drafting of the contract - for example in the form of guarantees, exemption clauses or adjustments to the purchase price.
Typical test fields are
- Tax items and provisions: Completeness and appropriateness of the reserves recognized
- Outstanding tax claims: Tax assessments not yet settled or pending proceedings
- Transfer pricing: Review and determination of compliance with international transfer pricing rules
- Tax loss carryforwards: Scope, usability and possible restrictions
- VAT: Proper recording and payment, possible reclaims
- Country and sector-specific taxes: e.g. land transfer tax for real estate or energy taxes
- Tax compliance: compliance with reporting and declaration obligations
Operational due diligence
Operational due diligence examines how a company works on a day-to-day basis. The aim is to find opportunities for improvement and identify risks in ongoing operations at an early stage. This also helps to avoid potential problems during integration following a takeover.
According to the Harvard Business Review, 70-90% of company acquisitions fail - mainly due to problems with integration after the takeover. Problems can be overlooked, particularly in the operational area. One example is the takeover of a manufacturing company: here, the audit can show whether there are bottlenecks in production, whether machines are being maintained and whether quality standards are being met. The results not only help with purchasing decisions or planning. They also form a basis for improving the company in a targeted manner after the takeover and integrating it smoothly into the existing structure.
Important test points are:
- Business model and value chain - how the company earns money and the steps involved
- Procedures and processes - whether they are efficient and work well together
- Organization - how tasks are distributed and how decisions are made
- IT systems and technology - whether they are efficient, secure and compatible
- Employees - qualification, motivation and loyalty to the company
- Production and service - quality, capacity utilization, maintenance status and delivery capability
Commercial Due Diligence
Commercial due diligence evaluates the market and competitive situation of a company. The aim is to realistically assess the viability of the business model and the opportunities for growth. Market size, market growth, competition, entry barriers and customer structures are examined.
This analysis is particularly important in dynamic sectors such as technology, energy or healthcare, where market conditions can change rapidly. The results help investors and buyers to assess whether the sales and profit forecasts are realistic and whether the company can survive in the market in the long term.
Typical test fields are
- Market volume and growth potential
- Competitive situation and market shares
- Customer and supplier dependencies
- Entry barriers for new competitors
- Industry trends and disruptive developments
- Effects of regulatory changes on the market
ESG due diligence
ESG due diligence is becoming increasingly important - driven by stricter laws such as the EU Taxonomy Regulation and the Corporate Sustainability Reporting Directive (CSRD) as well as rising investor expectations. ESG stands for Environmental, Social & Governance.
Important checkpoints with regard to ESG are:
- Environment - CO₂ emissions, energy consumption, resource efficiency, waste and water management
- Social - human rights, working conditions, health protection, responsibility in the supply chain
- Corporate governance - transparency, diversity in management, combating corruption
According to a study by PwC, ESG is an integral part of the corporate strategy for 82% of investors - in order to identify long-term opportunities and reduce reputational risks.
Due diligence review - information and documents that are reviewed
Financial reports, balance sheets and business plans
An important part of any due diligence audit is a company's financial documentation. These include annual financial statements, profit and loss accounts, balance sheets for recent years, financial plans and proof of liquidity. These documents are examined closely in order to understand the economic situation and identify potential risks at an early stage. Business plans and forecasts also play a major role. They show whether the company is marketable, how profitable it is and what growth is possible. Comparing previous results with the planned figures helps to assess whether the assumptions are realistic. Large deviations can be a warning signal - for example, if previous plans have not been achieved or new sales forecasts seem too optimistic. Positive deviations, on the other hand, can indicate opportunities that have not yet been exploited.
The figures are often not only checked internally, but also compared with market and industry analyses. This creates a more complete picture that provides a reliable basis for decisions.
Contracts, agreements and legal documents
A thorough due diligence should also focus on all of a company's important contracts. These include rental, employment, loan and supply agreements as well as license agreements and articles of association. Documents relating to trademark and patent rights are also examined. The aim of this process is to identify potential legal and financial risks at an early stage. In addition to contracts, ongoing or impending legal disputes are also recorded. Equally important is the examination of official requirements and approvals to ensure that all legal requirements are met.
For international business, there is a further step: the legal framework in the respective country must be checked. This also includes checking whether export control regulations and other country-specific rules are being complied with.
Market analyses and competition reports
The market and competitive context has a major influence on the success of an investment or company takeover. This is why extensive analyses are carried out as part of commercial due diligence. These include market studies, industry reports, customer lists, forecasts, SWOT analyses and benchmarks. Among other things, the market volume, growth potential, competitive situation, entry barriers and dependencies on individual customers or suppliers are examined. Trends, possible market changes due to new technologies and regulatory adjustments are also closely examined.
This analysis is particularly important in dynamic sectors such as technology or energy, where innovations or new regulations can change the market very quickly - and therefore also the prospects of a successful investment.
Environmental and social responsibility reports
Today, investors and business partners often expect evidence of environmental and social standards. This includes reports on CO₂ emissions, the consumption of energy and raw materials, the handling of hazardous substances, existing environmental certificates and the results of social audits. Other important topics include compliance with human rights, programs for more diversity in the company and measures for fair working conditions. When companies disclose this information, they create transparency. This strengthens the trust of investors, customers and authorities and can improve their position on the market.
Due diligence with regard to sustainability and ESG
Integration of ESG criteria into the due diligence process
The integration of ESG criteria into the due diligence process is often mandatory today. The reasons for this include legal requirements such as the Disclosure Regulation or the EU Taxonomy. Companies must therefore systematically review their business activities with regard toenvironmental,social andgovernance aspects. This includes, for example, the assessment of sustainable supply chains, compliance with social standards and responsible corporate governance.
Assessment of climate risks and environmental aspects
Today, companies and investors pay great attention to climate risks and environmental aspects during due diligence. This includes analyzing CO2 balances, energy concepts and strategies for reducing the ecological footprint. Real estate and infrastructure projects are evaluated for climate resilience, resource efficiency and compliance with environmental guidelines.
For example, when purchasing an industrial company, the buyer not only checks official permits, but also potential contaminated sites and measures to reduce emissions.
Review of working conditions and social standards
Social criteria are playing an increasingly important role in due diligence. These include occupational health and safety, fair pay, diversity in the company and the prohibition of child labor. These points are systematically checked. Evidence is provided, for example, through social audits, certificates such as SA8000, reports in accordance with the GRI standards or official declarations by the management. Companies that create transparency early and openly improve their risk profile. At the same time, they strengthen their attractiveness as an employer and reduce the risk of penalties for violations of human rights or labor law obligations.
Challenges in practice
Incomplete or unreliable data
A major challenge during the audit is often access to complete, up-to-date and reliable information. Important documents are often provided late or only partially in the data room. Sometimes the other party is also slow to answer relevant questions. The situation is particularly difficult for start-ups or in markets with little transparency. There is often a lack of reliable financial data, audited contracts or reliable documentation of processes. Another obstacle is a lack of digitization - if documents are only available in paper form or unsorted, this prolongs and complicates the audit. To avoid such problems, a clearly structured list of questions that covers all important topics is recommended. In addition, the use of external specialists - such as auditors, lawyers or industry experts - can help to close information gaps and ensure the quality of the analysis.
In complex projects, it also makes sense to agree a schedule for data provision at an early stage in order to avoid delays.
Time and cost expenditure
Thorough due diligence can cost a lot of time and money - especially for large or international projects. The effort involved increases with the complexity of the transaction. Typical cost drivers include setting up and managing virtual data rooms, coordinating external consultants such as auditors, lawyers and tax experts, as well as on-site visits and discussions with management. For very large deals, such as those worth billions, the total costs can easily rise into the six-figure euro range. In order to keep time and budget under control, clear prioritization is important. Not every detail needs to be examined in equal detail - the key is to focus on the biggest areas of risk. A fixed schedule, agreed with all parties involved, ensures that the audit runs efficiently. In practice, it helps to clearly structure the work packages and determine early on who is responsible for which topics. This avoids duplication of work and the most important results are available in good time to be included in the negotiations.
International and cultural differences
International transactions often make due diligence more difficult. One reason for this is different accounting standards. In Europe, for example, IFRS applies, in the USA US GAAP. Using different standards means that figures cannot always be directly compared. Laws also differ from country to country. This applies, for example, to labor law, tax regulations or environmental requirements. These differences make it difficult to assess risks. In addition, there are cultural factors, as confidentiality, communication style or the handling of compliance are assessed differently internationally. Informal agreements are common in some countries, while in others everything is precisely documented. One example is employee rights and tax practices in emerging countries. There is often less protection for employees and less transparent tax rules. This can lead to uncertainty when compared with stricter standards in industrialized countries.
Different accounting standards (IFRS in Europe vs. US GAAP in the USA), divergent legislation and culturally different compliance concepts make valuation difficult - especially in emerging markets. Local experts are indispensable here.
Protection of confidential information
An important topic in any due diligence is the protection of confidential company data. This information may contain sensitive details about finances, contracts, customers or technologies. Access to the virtual data room must therefore be precisely controlled. Only authorized persons should have access and all access should be logged on a dedicated page. Backup strategies are also crucial to prevent data loss. In addition, non-disclosure agreements (NDAs) are usually concluded with all parties involved. These oblige them not to pass on confidential information or use it for other purposes.
A particular challenge is getting the timing right when disclosing critical information. If it is shared too early, this can jeopardize competitive advantages. If it is disclosed too late, the audit may remain incomplete and call into question compliance with due diligence obligations. In practice, a staged disclosure concept has proven its worth. General information is shared first, while particularly sensitive data is only made available at a later stage and often only under stricter access conditions. This allows a balance to be struck between transparency and the protection of one's own interests.
Granular rights, watermarks and audit trails are the gold standard for the secure exchange of sensitive documents - for example in M&A transactions or audits. They guarantee adherence to the highest compliance standards and prevent data leaks. The combination of these protective measures offers you the following benefits:
- Granular access rights: You control exactly who can open, download, print, copy or forward documents. Access can be revoked at any time if required.
- Watermarks: Dynamic watermarks (often with the name and IP address of the viewer) deter unauthorized disclosure and facilitate tracing.
- Complete audit trails: seamless logs record who has viewed, edited or exported which document and when. This ensures maximum transparency and audit compliance
The role of due diligence in complying with legal requirements and standards
Compliance with legal requirements (e.g. anti-corruption laws)
Carefully conducted due diligence helps companies to comply with laws and regulations. This applies to national regulations such as the Supply Chain Act, but also to international laws such as the UK Bribery Act or the US Foreign Corrupt Practices Act (FCPA). It is important to clearly document all audits and results and to describe them accordingly. This enables a company to prove that it has complied with its duty of care in the event of an emergency. This documentation can protect against fines, reputational damage or liability.
In practice, this includes audit logs, risk reports, action plans and the definition of responsibilities.
Connection to compliance and supply chain laws
Due diligence is now an integral part of many companies' compliance management. Laws such as the Supply Chain Due Diligence Act in Germany and similar regulations in the EU require companies to continuously review their supply chains and projects. They must identify and assess risks and take preventive measures to reduce them. A well-structured due diligence process not only creates legal certainty, but also increases transparency towards business partners, investors and customers. In practice, this means regular risk analyses, clear responsibilities, documented action plans and continuous monitoring. Companies that take this process seriously benefit twice over. They reduce the risk of violating the law and at the same time strengthen their market position because they are perceived as a reliable and responsible partner.
Support in meeting international standards (e.g. OECD guidelines)
International standards such as the OECD Guidelines for Multinational Enterprises or the UN Guiding Principles on Business and Human Rights (UNGPs) require a systematic risk analysis through due diligence. These standards are particularly important for companies that operate internationally or do business with foreign partners. Companies that incorporate these rules into their processes benefit in several ways. They increase their legal certainty, strengthen the trust of investors and business partners and improve access to international markets and financing.
Conclusion
Whether a company takeover, investment or partnership - the success of such projects depends largely on the quality of the preparation. Due diligence is far more than a formal compulsory step. It is a strategic tool that makes risks visible, identifies opportunities and creates the basis for well-founded, legally sound decisions.
Those who carry out the process in a structured, interdisciplinary manner and with an eye on current market and ESG requirements will gain a clear competitive advantage. After all, a thorough audit not only protects against costly mistakes, but also opens up new ways of increasing value and positioning in the market. In an increasingly complex and regulated business world, company audits are therefore not just a question of due diligence - but a decisive factor for long-term corporate success.
Frequently asked questions
Due diligence is the structured and systematic analysis and evaluation of all relevant information about a company, project or transaction in order to weigh up risks and opportunities before making business decisions.
The most important types include financial, legal, tax, operational, sustainability and ESG due diligence. Depending on the objective of the transaction, these individual fields are combined and weighted differently.
In the M&A process, due diligence helps to identify and safeguard against hidden risks, unclear legal situations or accounting irregularities before the purchase. This enables companies to avoid inflated purchase prices, integration problems and subsequent liability risks.
As part of the due diligence process, financial reports, balance sheets, business plans, contracts, licenses, market analyses, official approvals and sustainability reports are reviewed. The details depend on the type and scope of the project or company.
The duration of an audit varies depending on the scope and complexity of the project and often ranges from a few weeks to several months - especially in the case of international or particularly large transactions. A clear schedule and structured preparation of information are crucial for an efficient process.
Larissa Ragg
LinkedInMarketing Managerin · lawcode GmbH
Larissa Ragg verantwortet die Content-Strategie bei lawcode und erstellt Fachbeiträge zu den Themen EUDR, ESG-Compliance, HinSchG, Supply Chain und CSRD. Ihre Beiträge auf dem lawcode Blog machen komplexe regulatorische Anforderungen verständlich und liefern Unternehmen praxisnahe Orientierung.
