Due Diligence Checklist - BridgePoint Business Group

Due Diligence Checklist

BridgePoint Business Group

This comprehensive checklist outlines the key information and documents to review during a due diligence process. It is designed to ensure thorough evaluation of a company's operations, financials, assets, compliance, and strategic risks.

A. Organization and Good Standing

  • Articles of Incorporation and all amendments
  • Bylaws and all amendments
  • Minute book, including all minutes and resolutions of shareholders, directors, and committees
  • Organizational chart
  • List of shareholders and shares held
  • Agreements related to options, voting trusts, warrants, puts, calls, subscriptions, and convertible securities
  • Certificate of Good Standing from the state of incorporation
  • Active status reports for the last three years
  • List of states where authorized to do business and annual reports for the last three years
  • List of locations where the company owns/leases property, maintains employees, or conducts business
  • List of assumed names and registration copies

B. Financial Information

  • Audited financial statements for three years with Auditor's Reports
  • Most recent unaudited statements with prior year comparisons
  • Auditor’s letters and replies for the past five years
  • Credit report, if available
  • Projections, capital budgets, and strategic plans
  • Analyst reports, if available
  • Schedules of indebtedness, contingent liabilities, inventory, accounts receivable, and accounts payable
  • Description of depreciation, amortization, and accounting method changes over five years
  • Analysis of fixed/variable expenses and gross margins
  • General ledger
  • Internal control procedures

C. Physical Assets

  • Schedule of fixed assets and their locations
  • All U.C.C. filings
  • Equipment leases
  • Schedule of major capital equipment sales and purchases over the last three years

D. Real Estate

  • Schedule of business locations
  • Copies of real estate leases, deeds, mortgages, title policies, surveys, zoning approvals, variances, or use permits

E. Intellectual Property

  • Schedules of domestic/foreign patents, patent applications, trademarks, trade names, and copyrights
  • Description of technical know-how and methods to protect trade secrets
  • "Work for hire" agreements
  • Consulting agreements, invention agreements, and intellectual property licenses/assignments
  • Patent clearance documents
  • Summary of intellectual property claims or threatened claims

F. Employees and Employee Benefits

  • List of employees with positions, salaries, bonuses, and years of service
  • Employment, consulting, nondisclosure, nonsolicitation, or noncompetition agreements
  • Resumés of key employees
  • Personnel handbook and schedule of employee benefits, holiday, vacation, and sick leave policies
  • Summary plan descriptions of retirement plans
  • Collective bargaining agreements, if any
  • Description of employee problems (e.g., wrongful termination, harassment, discrimination) over three years
  • Labor disputes, arbitration requests, or grievance procedures
  • Employee health/welfare insurance benefits and self-funded arrangements
  • Worker’s compensation and unemployment insurance claim history
  • Stock option/purchase plans and grant schedules

G. Licenses and Permits

  • Governmental licenses, permits, or consents
  • Correspondence or documents related to regulatory agency proceedings

H. Environmental Issues

  • Environmental audits for leased properties
  • List of hazardous substances used in operations
  • Description of disposal methods
  • Environmental permits and licenses
  • Correspondence with EPA or state/local regulatory agencies
  • Environmental litigation or investigations
  • Known superfund exposure
  • Contingent environmental liabilities or indemnification obligations

I. Taxes

  • Federal, state, local, and foreign income tax returns for three years
  • State sales tax returns for three years
  • Audit and revenue agency reports
  • Tax settlement documents for three years
  • Employment and excise tax filings for three years
  • Tax liens

J. Material Contracts

  • Subsidiary, partnership, or joint venture agreements
  • Contracts with officers, directors, 5-percent shareholders, or affiliates
  • Loan agreements, bank financing, lines of credit, or promissory notes
  • Security agreements, mortgages, indentures, or collateral pledges
  • Guaranties
  • Installment sale agreements
  • Distribution, sales representative, marketing, and supply agreements
  • Letters of intent, contracts, and closing transcripts from mergers, acquisitions, or divestitures (last five years)
  • Options and stock purchase agreements involving other companies
  • Standard quote, purchase order, invoice, and warranty forms
  • Nondisclosure or noncompetition agreements
  • Other material contracts

K. Product or Service Lines

  • List of existing and under-development products or services
  • Correspondence/reports on regulatory approvals or disapprovals
  • Summary of complaints or warranty claims
  • Results of tests, evaluations, studies, surveys, or data on products/services

L. Customer Information

  • Schedule of twelve largest customers and sales over two years
  • Supply or service agreements
  • Purchasing and credit policies
  • Schedule of unfilled orders
  • List and explanation of major customers lost over two years
  • Surveys and market research reports
  • Current advertising programs, marketing plans, budgets, and materials
  • Major competitors

M. Litigation

  • Schedule of pending litigation
  • Description of threatened litigation
  • Insurance policies covering litigation
  • Documents related to injunctions, consent decrees, or settlements
  • List of unsatisfied judgments

N. Insurance Coverage

  • General liability, property, product liability, errors and omissions, key-man, directors and officers, worker’s compensation, and other insurance
  • Insurance claims history for three years

O. Professionals

  • Schedule of law firms, accounting firms, consulting firms, and similar professionals engaged over five years

P. Articles and Publicity

  • Copies of articles and press releases related to the company over three years

Q. Cybersecurity and Data Privacy

  • Description of cybersecurity policies, procedures, and incident response plans
  • Recent cybersecurity audits, penetration testing reports, or vulnerability assessments
  • List of past or current data breaches, including impact and remediation details
  • Documentation of compliance with data protection laws (e.g., GDPR, CCPA, HIPAA)
  • Schedule of data processing agreements with third parties
  • Employee training programs on cybersecurity and data privacy
  • Details of cyber insurance policies and claims history

R. Technology and IT Infrastructure

  • Schedule of critical software applications (proprietary and third-party) and licensing agreements
  • Documentation of IT infrastructure (hardware, servers, cloud services, data centers)
  • IT disaster recovery and business continuity plans
  • Service-level agreements (SLAs) with IT vendors or managed service providers
  • Details of open-source software usage and compliance with licenses (e.g., GPL, MIT)
  • Summary of planned or pending IT system upgrades or migrations

S. ESG (Environmental, Social, Governance) Practices

  • Description of ESG policies, goals, and performance metrics (e.g., carbon footprint)
  • ESG reports or sustainability disclosures
  • Compliance with ESG-related regulations or standards (e.g., EU Taxonomy, TCFD)
  • Summary of community engagement or corporate social responsibility (CSR) initiatives
  • Details of ESG-related controversies, litigation, or stakeholder complaints
  • Certifications related to ESG (e.g., B Corp, LEED)

T. Supply Chain and Vendor Management

  • Schedule of key suppliers, including contract terms, locations, and dependency levels
  • Vendor risk assessments or due diligence reports on critical suppliers
  • Description of supply chain resilience strategies (e.g., diversification, inventory buffers)
  • Documentation of supply chain disruptions or issues within the past three years
  • Compliance with modern slavery, human rights, or ethical sourcing regulations
  • Vendor performance metrics and monitoring processes

U. Regulatory and Industry-Specific Compliance

  • List of industry-specific licenses, certifications, or accreditations (e.g., FDA, FINRA)
  • Correspondence with industry regulators (e.g., SEC, FDA, FCC) over three years
  • Compliance with sector-specific standards (e.g., PCI-DSS, HIPAA)
  • Summary of pending or anticipated regulatory changes
  • Details of industry-specific audits or inspections over three years

V. Digital Presence and Brand Reputation

  • List of active social media accounts, websites, and digital marketing platforms
  • Recent social media or online sentiment analyses
  • Summary of negative publicity, online controversies, or crisis communications over three years
  • Documentation of domain name registrations and ownership
  • Description of digital marketing strategies and performance metrics (e.g., SEO, ad spend)

W. Business Continuity and Risk Management

  • Description of enterprise risk management (ERM) framework
  • Business continuity plans for natural disasters, pandemics, or economic downturns
  • Schedule of identified risks (e.g., financial, operational, geopolitical) and mitigation strategies
  • Details of stress testing or scenario planning exercises over three years

X. Artificial Intelligence and Emerging Technologies

  • Description of AI or machine learning models used, including development and deployment
  • Documentation of ethical AI policies or compliance with AI regulations (e.g., EU AI Act)
  • List of third-party AI tools or platforms and licensing agreements
  • Summary of risks associated with AI usage (e.g., bias, data privacy)
  • Details of patents, research, or proprietary advancements in emerging technologies

© 2025 BridgePoint Business Group. All rights reserved.

Check out our contracts page for anything you might need with BPBG