How to Conduct Private Equity Due Diligence

‍

Due diligence is an essential part of the private equity investment process. In this phase, deal teams "check under the hood" by collecting information to explore and confirm management's financial and operational figures as they evaluate a potential investment.

The goal is to uncover and mitigate potential risks to make the correct investment decision. During this decision-making stage, private equity investors and their teams (consultants, accountants, lawyers, etc.) evaluate and identify significant red flags, including financial liabilities, operational, legal, cybersecurity, and other risks. Risk management is central to this process, helping investors assess whether identified issues can be mitigated or would jeopardize the investment thesis.

Historically, PE due diligence has focused on financial, commercial, and legal due diligence. Still, there are different areas, such as IT, management, ESG, and HR due diligence, that are part of a comprehensive due diligence audit process.

In the private markets world, thorough due diligence must overcome unique challenges. For example, most private equity funds focus on acquiring private companies with limited public information, including no SEC filings or other public records.

Additionally, PE firms tend to be financial rather than strategic buyers, meaning the investment strategy behind acquiring a potential portfolio company is to achieve a positive return on investment (ROI) and provide a return to the limited partners (LPs) (usually institutional investors) in a relatively short period.

This type of transaction differs from a traditional merger and acquisition (M&A) transaction, in which acquirers are not GPs in PE funds. Instead, they are enterprises looking for synergies, value creation, specific know-how, geographic reach, or to expand their business portfolio.

In this guide, we'll provide an overview of the due diligence process that every PE fund manager can use as a starting point when evaluating investment opportunities.

The Two-Phase Due Diligence Approach

Private equity firms typically approach due diligence in two phases: exploratory and confirmatory. While this framework provides structure, in reality, due diligence is rarely this linear. You'll often find yourself doing deeper confirmatory work on critical issues during the exploratory phase, while continuing to validate assumptions throughout the entire process.

Phase 1: Exploratory Due Diligence

The exploratory phase occurs during initial evaluation, often before submitting a letter of intent (LOI). This phase quickly identifies deal-breakers and validates your investment thesis at a high level.

During exploratory due diligence, private equity firms focus on market validation, business model viability, management team assessment, and preliminary legal reviews. The challenge here is determining which issues require immediate deep dives versus those that can wait until the confirmatory phase. Customer concentration above 30%? That needs attention now. Minor supplier contract terms? Those can wait.

This phase typically takes a few weeks, though timeline pressure in competitive situations can compress this significantly. The data room is often incomplete at this stage, and management may be defensive about sharing sensitive information with multiple bidders.

Phase 2: Confirmatory Due Diligence

Once a deal passes the exploratory phase and the firm has signed an LOI, confirmatory due diligence begins. Every assumption is validated, every revenue projection scrutinized, and every operational metric verified through third-party data, customer calls, and on-site visits.

Confirmatory due diligence requires coordination across multiple advisory teams, financial, legal, commercial, IT, and operational consultants. The output is a comprehensive report that informs the final valuation, deal structure, and 100-day post-acquisition plan.

This phase often reveals issues that weren't apparent in the data room, requiring ongoing dialogue with management to reconcile discrepancies between what they've represented and what your analysis shows.

When to Start The Due Diligence Process

Most private equity transactions follow a lifecycle: they engage in deal sourcing, conduct due diligence, develop a valuation, negotiate final terms, invest, support the business, and eventually execute their exit strategy.

However, PE firms prefer to acquire a controlling interest in well-established companies that meet their investment thesis and are expected to achieve a certain level of financial performance.

These potential investments usually have proven business models, established management teams, customer relationships, and more financial information than early-stage companies. As a result, their due diligence processes tend to be longer and more complex than those of a venture capital firm.

The private equity due diligence process typically involves the following areas:

• General Industry Research
• Financial Due Diligence
• Operational Due Diligence and Commercial Due Diligence
• Technology and IT Due Diligence
• Legal Due Diligence

The length of this process varies depending on multiple factors, including how in-depth the buyer wants to go, the nature of the deal, and the number of experts and service providers consulted.

But as the adage goes, "time kills deals, even the good ones," so firms with a solid track record in dealmaking try to complete their due diligence efficiently to make an informed decision.

Industry Research and Market Analysis

Most private equity firms are financial buyers. At the same time, PE firms tend to purchase well-established companies, where industry trends and future outlook significantly impact returns. Therefore, the due diligence process typically begins with in-depth industry research.

Key Industry Analysis Areas

Understanding where the target company actually competes, not where management claims they compete, is critical. This requires independent validation through industry reports, competitor analysis, and customer feedback. Look at market share trends over the past few years. Is the company gaining or losing ground?

Review recent industry transactions and their multiples. Pay attention to the deal rationale in these transactions; are buyers paying for scale, technology, geographic expansion, or talent?

Assess whether the industry is growing, stable, or declining. A company in a declining industry needs a very different value creation business plan than one riding a secular growth wave. Independent industry research from firms like IBISWorld, Gartner, or Frost & Sullivan can provide this perspective.

Every industry has its own performance benchmarks.

For software companies, you'll look at retention rates and customer acquisition cost payback. For manufacturing businesses, focus on capacity utilization and throughput. For distributors, inventory turns and gross margins by product category matter most.

Understanding current regulations and potential regulatory changes is essential, particularly in industries such as healthcare, financial services, and energy.

Finding the right industry expert can be challenging under tight timelines. Having a relationship intelligence platform that can quickly surface experts from your network, whether former executives in the space or consultants who've worked on similar deals, can significantly accelerate this research phase.

Financial Due Diligence: Going Beyond the Numbers

Financial due diligence is the foundation of any PE transaction.

Quality of Earnings (QoE) Analysis

PE firms typically use leverage in the form of a leveraged buyout to make acquisitions, meaning cash flow plays a critical role in their acquisitions. This reality drives the heavy focus on quality of earnings, determining how much the company will actually earn on an ongoing basis.

Key QoE Adjustments:

Revenue quality issues include one-time project revenue that won't recur, revenue pulled forward from future periods, revenue from customers who churn, and unsustainable pricing.

Expense normalization addresses owner compensation at above- or below-market rates, one-time professional fees, deferred maintenance or underinvestment, costs that will increase post-acquisition, and add-backs that aren't truly one-time.

Understanding working capital requirements is critical for valuation. Request detailed schedules including accounts receivable aging, DSO trends, reserve for doubtful accounts and write-off history, inventory aging, accounts payable terms, and deferred revenue.

Red Flags: Declining gross margins without a clear explanation, growing revenue but flat or declining cash flow, unusual transactions, frequent changes in accounting policies, aggressive revenue recognition practices, and large one-time adjustments that keep recurring.

Critical Questions for Management:

• "Walk me through your revenue recognition policy. When do you recognize revenue versus when you collect cash?"
• "What percentage of revenue comes from your top customer? Top 5? Top 10?"
• "Have you lost any major customers in the past two years? Why?"
• "What's your typical payment terms with customers compared to what you give suppliers?"
• "What CapEx will be required over the next 12-24 months? What's been deferred?"

Financial Statements and Reporting Analysis

Beyond QoE, examine the quality and reliability of financial reporting. Does the company have proper financial controls? Are there monthly closes? How long does it take to close the books?

Request and review audited or reviewed financial statements, monthly financial statements, budget vs. actual variance analysis, and management reporting packages.

Debt and Liabilities: Understand all outstanding debt instruments and their covenants, off-balance sheet liabilities, contingent liabilities, unfunded pension obligations, and operating lease commitments.

Tax Considerations: Review historical tax returns and identify effective tax rate vs. statutory rate, NOL carryforwards, open tax years and ongoing audits, and state and local tax exposures.

Commercial Due Diligence: Validating the Business Model

Commercial due diligence focuses on validating the target company's market position, competitive advantages, revenue sustainability, and growth potential.

Market and Competitive Analysis

Validate total addressable market through independent sources, not just management's claims. Be skeptical of market-sizing estimates that conveniently show massive growth opportunities. Break down TAM by segment, geography, and customer type.

Map the competitive landscape through customer interviews, not just management's perspective. Who does the company actually compete with for each customer segment? What's the win/loss rate? Why do they win or lose?

Identify what's truly defensible versus what management thinks is defensible: cost advantages, product or service differentiation that customers actually value, brand strength in the target customer base, switching costs or integration depth with customers, proprietary technology or IP, and network effects.

Red Flags: Customer feedback that contradicts management's value proposition, win rates declining over time, new competitors gaining share rapidly, pricing pressure across the board, technology or business model disruption on the horizon.

Customer Due Diligence

Customer diligence is often the most revealing part of DD. Analyze revenue by customer: top customers as a percentage of revenue, revenue concentration trends, contract terms and renewal dates for key customers, customer tenure and churn rates, and expansion revenue within existing customers.

Key Questions for Customers:

• "How long have you been a customer? How did you originally choose this vendor?"
• "What alternatives did you evaluate? What made you choose them?"
• "How would you rate their performance? What do they do well? Where do they fall short?"
• "Have you considered switching? What would cause you to switch?"
• "Are you spending more or less with them than you were a year ago? Why?"
• "If they raised prices 10%, what would you do?"

Revenue Quality Assessment: Distinguish between recurring revenue under contract, project-based revenue requiring constant new sales, one-time implementation fees vs. ongoing service revenue, and organic revenue growth vs. acquisition-driven growth.

Sales and Marketing Analysis

Understand the economics of customer acquisition: average deal size and sales cycle length, ramp time for new sales reps to full productivity, sales rep turnover, quota attainment across the sales team, customer acquisition cost by channel, and sales pipeline quality and conversion rates.

Assess marketing ROI and lead generation: lead sources and cost per lead by channel; lead-to-opportunity and opportunity-to-close conversion rates; marketing spend as a percentage of revenue; and digital presence and website traffic trends.

Operational Due Diligence: Understanding How the Business Actually Runs

Operational due diligence examines how the target company operates day to day, going beyond financial results to understand the people, processes, systems, and supply chain that drive performance.

Management and Organizational Assessment

Assess the depth and quality of leadership: functional expertise and relevant experience, track record of execution against plans, management turnover, succession planning for key roles, organizational structure, and compensation alignment with performance.

Key Questions for Management:

• "Walk me through your typical week. Where do you spend most of your time?"
• "What are the most important metrics you track? How often do you review them?"
• "What keeps you up at night about the business?"
• "What would you do differently if you had more capital?"
• "Where do you see the biggest opportunities for improvement?"
• "What's not working as well as you'd like? Why?"

Evaluate whether the company is overly dependent on a few key people. What happens if a key person leaves? Is institutional knowledge documented or all in people's heads?

Red Flags: High turnover, lack of depth below the CEO, absence of documented processes, resistance to change, unrealistic view of the company's capabilities, and poor communication between management and employees.

Operations and Process Analysis

Understand how the business actually delivers products or services: order-to-cash process and cycle time, production or service delivery workflows, quality control processes, capacity constraints, and bottlenecks.

Different industries require different operational lenses:

Software/SaaS: Monthly recurring revenue, gross and net retention, customer lifetime value to customer acquisition cost ratio, growth rate, plus profitability metrics.

Manufacturing: Overall equipment effectiveness, capacity utilization by facility, cost of goods sold breakdown by material and labor, inventory turns by product category, gross margin by product line.

Distribution: Inventory turns overall and by category; gross margin trends by vendor or product category; warehouse throughput; fill rates; and backorder frequency.

Supply Chain and Vendor Analysis

Assess dependency on key suppliers: top suppliers as percentage of cost of goods sold, contract terms and pricing arrangements, alternative suppliers and switching costs, supplier payment terms, any supply disruptions in recent years.

Critical Questions:

• "Who are your top suppliers? What percentage of your purchases come from each?"
• "Are you single-sourced for any critical materials or components?"
• "Have you had any supply disruptions in the past two years? How did you handle them?"
• "What are your payment terms with suppliers? Any early payment discounts you're not taking?"

For businesses that hold inventory, examine inventory turns by product category, slow-moving or obsolete inventory, inventory accuracy, and safety stock policies.

Technology and IT Infrastructure

Understand the company's technology foundation: core systems (ERP, CRM, financial systems), system integration and data flows, custom-built vs. off-the-shelf solutions, technical debt and required upgrades, IT staff capabilities.

Assess cybersecurity risks: security policies and procedures, access controls and authentication methods, backup and disaster recovery plans, history of security incidents, compliance with industry standards.

Red Flags: Critical systems running on outdated technology, heavy reliance on manual processes or spreadsheets, no documented disaster recovery plan, weak password policies, lack of regular security testing.

Legal Due Diligence: Uncovering Hidden Risks and Liabilities

The main objective of legal due diligence is to gain a legal perspective on the target company and uncover any legal issues or risks associated with completing the transaction.

Few companies have an immaculate legal history. Your firm's general counsel or outside law firm should develop a benchmark of what is acceptable versus what would be a deal-breaker.

Critical Contract Issues

Review all significant agreements: customer contracts (particularly top customers), vendor and supplier agreements, partnership and distribution agreements, licensing agreements, financing agreements and debt covenants, and real estate leases.

Key Questions About Contracts:

• "Which customer contracts have change of control provisions? What do they require?"
• "Are there any contracts that are unprofitable or below market rates? Why?"
• "What percentage of revenue is under contract vs. renewal-based?"
• "Which supplier agreements are set to expire in the next 12 months?"

Intellectual Property

Verify that the company owns or properly licenses all IP it uses: patents, trademarks, copyrights, trade secrets, employee IP assignment agreements, third-party IP licenses.

IP Red Flags: IP created by contractors without proper assignment agreements, ongoing IP litigation, key patents expiring soon, and trademarks not correctly registered.

Employment and Labor Matters

Review employment-related documents: executive employment agreements, non-compete and non-solicitation agreements, severance and change of control provisions, collective bargaining agreements if unionized.

Assess compliance with employment laws, including employee classification vs. contractor, wage and hour, and anti-discrimination.

Questions About Employment:

• "Have there been any employment-related lawsuits or EEOC charges in the past five years?"
• "Are any employees misclassified as contractors?"
• "What severance obligations exist if we need to reduce headcount?"

Litigation and Regulatory Compliance

Identify all legal proceedings: pending lawsuits and arbitrations, threatened litigation, past significant matters, insurance coverage.

Assess compliance with relevant regulations: environmental permits and compliance, workplace safety record, product safety and recalls, data privacy, industry-specific regulations.

Review all real estate holdings and leases: owned properties and title issues, lease agreements and renewal options, environmental assessments, zoning and permitted uses.

Red Flags: Significant pending litigation with unclear outcomes, pattern of customer or employment disputes, environmental issues requiring remediation, regulatory violations or consent orders, unclear IP ownership, key contracts terminating soon without renewal certainty.

How to Perform Due Diligence: A Practical Framework

Performing due diligence on a private company requires a systematic yet flexible approach. The reality is that DD never goes exactly as planned, data rooms are incomplete, management is defensive, and time is always short.

Develop Your Due Diligence Checklist: Create a comprehensive checklist tailored to the specific transaction. Customize based on industry-specific issues, known risk areas, deal size, and areas most critical to your investment thesis.

Request Information Early: Send your information request list as soon as possible. Be specific. Instead of requesting "financial statements," specify: "Monthly income statements, balance sheets, and cash flow statements for the past 36 months, including YTD current year."

Access the Data Room: The data room is never perfect. Common issues include mislabeled documents, multiple versions without clear dating, and missing key information. Track what's missing and follow up persistently.

Assemble Your Team: Identify the right experts for each workstream, financial advisor for quality of earnings, commercial consultant for market analysis, legal counsel, IT specialist, and industry experts. Having a relationship intelligence platform helps quickly identify the right service providers and experts from your network.

Conduct Management Interviews: Schedule comprehensive sessions with key executives. These conversations are critical for filling data room gaps, testing management's knowledge, and assessing their capabilities. Prepare specific questions, but be ready to go off-script when you hear something concerning.

Perform Customer and Vendor Diligence: Customer calls are often the most illuminating part of DD. Customers will tell you things management won't, about product quality, service issues, competitive alternatives, and pricing pressure.

Complete Site Visits: Visit facilities to observe operations firsthand. What you see on-site often contradicts what you read in the data room. Look for equipment condition, workplace organization, employee engagement, and production efficiency.

Synthesize Findings: Hold regular meetings with your full team to share findings. Issues discovered in one workstream often have implications for others.

Prepare Investment Committee Materials: Create a comprehensive memo with your recommendation, investment thesis and value creation plan, detailed findings from each DD workstream, key risks and mitigants, financial model and return expectations, and implementation plan.

When to Use External Due Diligence Advisors

Most private equity firms use a combination of internal resources and external advisors to conduct due diligence.

Nearly all PE firms use external accounting firms for quality-of-earnings analysis. An independent QoE report is also typically required by lenders.

Consider external commercial DD support when entering an unfamiliar industry, operating in a rapidly changing market, or needing independent market sizing analysis.

External legal counsel is standard for reviewing material contracts, assessing regulatory compliance, and identifying legal risks.

Bring in IT consultants when the target's technology is critical to operations, there are concerns about cybersecurity risks, or when assessing system integration requirements for post-close.

For specialized industries or technical products, subject matter experts provide invaluable perspective on competitive dynamics, technology trends, and regulatory changes. Finding these experts quickly is where relationship intelligence becomes valuable, being able to identify former executives or consultants from your network in minutes rather than days.

Enhanced Due Diligence: When Standard DD Isn't Enough

Some transactions require enhanced due diligence beyond standard procedures. Enhanced DD typically applies when there are elevated risks related to the target company's operations, industry, or geographic footprint.

For companies with international operations, complex ownership structures, or operations in high-risk jurisdictions, enhanced DD investigates beneficial ownership, source of funds, and compliance with anti-money laundering regulations.

As LPs increasingly demand responsible investing, many firms now conduct formal ESG assessments evaluating environmental impact and compliance, social initiatives and labor practices, and governance structures and ethics programs.

When there are inconsistencies in financial reporting, significant management turnover, or unusually aggressive accounting practices, forensic accountants can dig deeper into potential fraud indicators.

For highly regulated industries like healthcare, financial services, or energy, enhanced DD ensures full understanding of regulatory obligations, pending regulatory changes, and compliance history.

Evaluating Returns and Building the Investment Case

Private equity firms ultimately need to determine whether a deal will generate acceptable returns for their investors.

Build a detailed financial model that includes historical financials, normalized EBITDA from QoE analysis, revenue projections by segment, operating expense assumptions with specific cost initiatives, working capital requirements, capital expenditure needs, debt structure and interest expense, and exit multiple assumptions.

Identify specific initiatives to improve performance: revenue growth opportunities, margin improvement through purchasing or operations, working capital optimization, strategic acquisitions, pricing improvements, and technology investments. Each initiative should have a quantified impact, timeline, and required investment.

Calculate expected returns under multiple scenarios, base case, upside case, and downside case. Consider exit alternatives and their implications for returns.

Identify and quantify key risks: customer concentration, competitive threats, regulatory changes, management execution, market cyclicality, and integration complexity. The investment committee will want to understand not just the return potential, but what could go wrong and how you'd respond.

Private Equity Due Diligence Checklist

A comprehensive due diligence checklist helps ensure nothing gets missed. While each transaction has unique requirements, here are the core categories:

Financial Information: Audited financial statements, monthly financials, detailed general ledger, AR aging and analysis, AP aging, inventory records, debt agreements and covenants, budget vs actual analysis.

Revenue Analysis: Revenue by customer, product line, and geography, customer contracts and terms, pricing history, sales pipeline and conversion rates, churn analysis and retention trends.

Working Capital: Detailed schedules of AR, inventory, AP, accrued expenses, deferred revenue, monthly working capital history, definition of normalized working capital.

Industry and Market: Industry research reports, market size and growth analysis, competitive analysis, regulatory environment, technology trends.

Commercial Information: Customer lists and concentration analysis, customer contracts (particularly top customers), pricing analysis, distribution channel agreements.

Operational Information: Organizational chart with compensation, facility lists and capacity utilization, key operational metrics, quality metrics and customer complaints, supply chain analysis.

Technology and IT: System architecture and technology stack, IT organizational structure, cybersecurity policies and incident history, disaster recovery plans, software licenses and contracts.

Legal and Compliance: Material contracts, employment agreements for key employees, intellectual property registrations and licenses, litigation history and pending matters, regulatory compliance documentation, insurance policies, real estate leases.

Human Resources: Employee census with compensation, benefits plans and costs, employee handbook and HR policies, retention and turnover analysis.

Tax: Federal and state tax returns, tax provision analysis.

This checklist is a starting point. Each deal will require customization based on industry, deal size, and specific risk factors.

The Bottom Line

Due diligence is an essential part of any private equity investment process, but it's rarely as clean or straightforward as frameworks suggest. Successful due diligence requires balancing thoroughness with speed, dealing with incomplete information, and making judgment calls with imperfect data.

The best private equity professionals know which issues matter most for a given deal and where to focus their limited time and resources. They ask tough questions, trust but verify management's claims, and maintain healthy skepticism throughout the process.

The goal of due diligence is not to eliminate all risk—that's impossible. The goal is to understand the risks you're taking, price them appropriately into your valuation, and develop a clear plan for addressing them post-close.

To successfully execute due diligence under tight timelines, investors need access to the right experts at the right time. Whether it's finding industry specialists, connecting with former executives from target companies, or identifying qualified service providers, having strong relationships matters. A relationship intelligence platform with the right functionality can help investment teams quickly surface relevant experts from their network, saving valuable time during this critical phase.

To see how 4Degrees can help streamline your due diligence process, request a demo.

‍