How to Do Due Diligence on a Private Company (Practical Steps)
Learn how to do due diligence on a private company: key types, step-by-step process, financial and legal checks, and best practices.
Understanding due diligence
Due diligence is how you test a private company before you buy or invest. It helps you spot risks early. Private firms share fewer public records. So you need a clear due diligence process to lower deal risk.
Start with one goal. Are you buying shares, assets, or making a partner deal. Each goal changes what you check first. In mergers and acquisitions, this work sets deal confidence.
Pick your top risk themes. Then plan your asks and interviews around those themes. For example, you may test revenue quality. You may also test deal terms tied to contracts and staff.
Keep two things in sync. Your requests must match your risk themes. Your team must also log findings fast. That keeps you from drowning in files.
- Set your deal goal and final decision.
- Name the risks you expect to find.
- Plan an early review, then deeper checks.
Types of due diligence you should expect
Many people treat a due diligence checklist like a box task. That can miss key risk areas. Different risks need different proof. In private company deals, four types show up most.
Financial due diligence checks whether numbers are real and stable. It also checks whether cash can fund the next months. It often uses financial analysis and cash checks. You then judge business valuation inputs with care.
Legal due diligence checks rules, disputes, and contract duties. It also checks if the company can legally make and keep key deals. You then map legal risk to deal terms. Compliance audit results may matter here.
Operational due diligence checks how work gets done. It looks at staff roles and daily steps. It also checks if systems can run the work. If systems are weak, costs may rise after close.
Commercial due diligence checks market demand and sales drivers. It uses market analysis to test growth claims. You also check customer mix and churn signals. This links back to revenue consistency.
| Type | What you verify | Common items |
|---|---|---|
| Financial | Revenue, cash, debts | Statements, bank links, debt notes |
| Legal | Rules, claims, contracts | Key deals, court list, notices |
| Operational | Teams, process, tools | Org chart, SOPs, system view |
| Commercial | Demand and customer risk | Pipeline, churn, win data |
Step-by-step due diligence process for private companies
If you ask how to do due diligence on a private company, stage it. First, do an early scan. Then go deep after signing a letter of intent. This saves time and focus.
In the early scan, you check only core facts. You also sort “must know” vs “nice to know.” After that, you plan deep dives on the risk areas. Many buyers share a confidential information memorandum to guide this flow.
Keep work moving in short cycles. Assign one owner per workstream. Then set a daily or twice weekly review. That helps you close gaps fast.
Use both files and live answers. Written docs can be edited. Interviews can explain why numbers move. Together they help you verify claims.
- Scope: name top risks and set a time plan.
- Ask for core docs: request statements, taxes, and key deals.
- Interview leaders: ask what drives results and costs.
- Deep tests after LOI: probe red flags with proof.
- Summarize findings: rank risks and suggest deal fixes.
Good due diligence process work gives clear next steps. It also shows what is still unknown. That is how you manage risk.
How to conduct financial due diligence (and what to look for)
Financial due diligence should link profit to cash. Reported gain is not the same as paid cash. So test both. This also supports risk management in the deal.
Start with financial statements. Compare totals across years and months. Look for sudden shifts in cost lines. Those shifts can signal a hidden issue.
Then test revenue consistency. Reconcile revenue to invoices and delivery records. If you see timing jumps, dig deeper. Also check whether refunds rise after sales.
Next, check liabilities. Build a list of debts, leases, taxes, and claims. Include any “maybe” risks like lawsuits or pending taxes. Quantify the range, not only the best guess.
- Match revenue to bills and cash receipts.
- Check margin changes against cost drivers.
- List debts, leases, taxes, and set risks.
- Review tax filings and any unpaid items.
Also review forecasts used for business valuation. Ask who built the plan and how they know it is true. Then test main assumptions with market data. If the forecast needs big change, treat it as a risk.
A helpful move is a “quality” view of earnings. You ask why the same sales level yields new profit. Then you check if the answer is real. If it is not, price may need a change.
Legal aspects to cover during due diligence
Legal due diligence finds duties and exposure that affect the deal. This is about compliance and contract risk. It also helps you avoid post-close surprises. For how to perform due diligence on a business, this work is core.
Start with compliance. Ask for past compliance audit items and any fix work. Then check whether gaps are still open. Also ask for proof of training and policy use.
Then assess litigation. Request a list of claims and disputes. Include threats, not only filed cases. Map each matter to money, time, and blame risk.
Review key contracts next. Focus on customer deals, leases, and major supplier terms. Look for change-of-control clauses and exit rights. If a deal can end at close, you need a plan.
Also check legal standing. Confirm who can sign deals and bind the firm. Check whether the firm can legally own key assets. If it cannot, the deal may need a new structure.
A common miss is reading contracts but not linking them to the deal plan.
- Check compliance status and fix history.
- List all claims, threats, and disputes.
- Review assignment and termination terms.
- Confirm who has power to sign and act.
If you need a quick compliance check, focus on the top rule areas. Then expand only if you find issues. That keeps time for deeper risk work.
Operational due diligence: efficiency, people, and systems
Operational due diligence tests execution risk. A firm can look good on paper but fail in daily work. So you must see how teams deliver value. This work also supports faster risk control.
Start with management structure. Map who owns sales, delivery, finance, and tech work. Then ask who makes key calls each week. If one person holds all knowledge, plan for key-person risk.
Next, review process and output. Look at lead times, pass rates, and rework. Also check staffing plans and skill mix. Then ask what happens when demand spikes.
Systems readiness is also key. Review the tools used for billing, orders, and data reports. Ask whether data is clean and updated on time. If reporting is manual, you may see gaps in key numbers.
Link your findings back to finance and legal. Slow delivery can raise refunds and churn. Weak data can hide billing risk. That link helps you set deal terms that match reality.
| Operational focus | Evidence to ask for | Risk you test |
|---|---|---|
| Process | SOPs, flow maps, issue logs | Work reliability |
| People | Org map, roles, key list | Dependence on few staff |
| Systems | Tool list, data flow view | Control and reporting gaps |
Final steps and best practices
Final steps turn findings into a deal plan. This is how you act after you learn risks. So build a clear report by workstream. Each section should name facts, proof, and impact.
Use documentation and interviews to verify claims. If a manager says a contract is “standard,” check the signed text. If revenue is “recurring,” verify renewals and cash timing. If claims conflict, ask for a corrected proof set.
Then decide what to do next. You may need price changes, added conditions, or a refund hold. You can also ask for a fix plan before close. Many teams also plan post-close steps to reduce future risk.
- Write a risk summary with proof.
- Quantify the money impact of key issues.
- Link legal fixes to contract terms.
- Plan post-close fixes with owners and dates.
Last, do not treat a due diligence checklist as the work itself. It is a tool for planning. Real value comes from testing reality and acting on gaps.
FAQ
What is the best way to do due diligence on a private company?
Stage it. Do an early scan first. Then do deeper checks after a letter of intent.
How do you perform due diligence on a business without wasting time?
Define top risks first. Then request proof that tests those risks. Go deeper only on red flags.
What should be included in a due diligence process?
Include document review and management interviews. Then summarize findings by workstream. Quantify what matters and link it to deal terms.
How do you perform a compliance audit during due diligence?
Ask for policies, training logs, and any audit results. Then check what was fixed and what remains open.
What financial analysis should I prioritize in due diligence?
Prioritize revenue quality and cash timing. Also review a liabilities list with debts and tax risks.
What matters most in operational due diligence?
Focus on staff roles, core process, and system readiness. Watch for key-person risk and manual workarounds.
FAQ
- What is the best way to do due diligence on a private company?
- Stage the work. Start with an initial assessment, then run deeper investigations after signing a letter of intent.
- How do you perform due diligence on a business without wasting time?
- Define top risks first. Request documents that test those risks, and only go deeper on red flags.
- What are the main types of due diligence?
- The core types are financial, legal, operational, and commercial due diligence. Each type has different evidence and verification methods.
- How do you perform a compliance audit during due diligence?
- Ask for compliance policies, training records, and prior audit findings. Verify what was fixed and whether any issues remain open.
- What should financial due diligence focus on?
- Focus on revenue consistency, cash collection patterns, and liabilities. Reconcile statements to supporting records where possible.
- What matters most in operational due diligence?
- Check management structure, key processes, and systems readiness. Look for bottlenecks, manual workarounds, and key-person dependence.
