Skip to content

Legal Due Diligence

Legal due diligence investigates the target company's legal structure, contractual relationships, regulatory compliance, intellectual property, litigation exposure, and potential liabilities. This workstream identifies deal-breaking issues, quantifies contingent liabilities, and ensures the buyer can operate the acquired business without unexpected legal impediments.

Corporate Structure and Organization

Understanding the target's legal entity structure, governance, and ownership provides the foundation for all subsequent legal investigation.

Entity Formation and Good Standing

Verify corporate documentation including articles of incorporation, bylaws or operating agreements, amendments, board and shareholder meeting minutes, stock ledgers, and capitalization tables. Confirm certificates of good standing from the jurisdiction of incorporation and all foreign jurisdictions where the company operates. Ensure annual report filing compliance and proper business license status.

Jurisdiction Mismatches

Companies incorporated in one state but primarily operating in another may face unexpected compliance requirements, taxes, or qualification obligations. Verify the company is properly qualified to do business in all jurisdictions where it maintains operations, employees, or significant assets.

Ownership and Capitalization

Analyze the capitalization table showing all classes of equity, outstanding options and warrants, vesting schedules, and shareholder rights. Confirm sellers collectively hold sufficient ownership to approve the transaction. Review voting agreements, drag-along and tag-along rights, and any preemptive rights that could block the sale.

For companies with subsidiaries, review organizational charts, formation documents for each entity, intercompany agreements, and tax structure arrangements.

Contracts and Commercial Agreements

Comprehensive contract review identifies revenue-generating relationships, essential vendor arrangements, and contractual provisions affecting post-close operations.

Material Contracts Review

The data room should include all "material contracts" - typically agreements involving annual consideration exceeding a threshold (e.g., $100,000) or otherwise critical to operations.

Customer Contracts: Review terms, pricing, volume commitments, contract duration, renewal terms, service level agreements, and change of control provisions requiring customer consent.

Vendor and Supplier Agreements: Assess sole source suppliers, concentration risk, pricing terms, termination rights, and change of control provisions.

Distribution and Sales Agreements: Evaluate geographic scope, exclusivity provisions, commission structures, minimum purchase requirements, and termination provisions.

Change of Control Provisions

Many contracts contain change of control provisions granting counterparties specific rights upon a transaction:

  • Consent Required: Contract terminates or requires counterparty consent to assign to buyer
  • Termination Right: Counterparty may terminate without cause following ownership change
  • Price Adjustment: Pricing terms change following acquisition
  • Acceleration: Payment obligations or milestones accelerate upon change of control

Revenue at Risk

Quantify revenue or cost savings associated with contracts containing adverse change of control provisions. If key customer contracts require consent and there's risk the customer may terminate, this revenue is "at risk" and should be factored into valuation.

Litigation and Disputes

Current and threatened litigation can represent significant contingent liabilities and disrupt post-close operations.

Litigation Inventory

Compile a complete list of all pending lawsuits, arbitrations, and administrative proceedings with case summaries, legal opinions on probable outcome and potential exposure, reserve amounts, insurance coverage, and estimated legal fees to defend.

Identify threatened claims including demand letters, settlement discussions, regulatory investigations, and customer or vendor disputes not yet in formal litigation. Review historical litigation (past 3-5 years) to identify patterns suggesting systematic issues.

Litigation Risk Assessment

For each matter, assess probable outcome, financial exposure range (best to worst case), insurance coverage and carrier solvency, and business impact beyond financial liability including reputational harm and operational disruption.

Materiality Thresholds

Purchase agreements typically require disclosure of all litigation exceeding specified thresholds (e.g., potential exposure exceeding $250,000). Review matters below disclosure thresholds to identify patterns suggesting larger issues.

Regulatory Compliance

Companies operate within complex regulatory frameworks varying by industry, geography, and business model.

Industry-Specific Regulation

Healthcare: HIPAA privacy and security, anti-kickback statutes, Stark Law self-referral restrictions, Medicare/Medicaid compliance.

Financial Services: Banking regulations, securities laws, anti-money laundering (AML), Know Your Customer (KYC), consumer protection laws.

Environmental: Air and water quality permits, waste disposal compliance, hazardous materials handling, Superfund liability.

Food and Drug: FDA regulations, food safety modernization, drug manufacturing good practices, medical device regulations.

General Compliance Areas

Regardless of industry, assess compliance with broadly applicable regulations:

Employment and Labor Law: Wage and hour compliance, anti-discrimination laws, OSHA workplace safety, WARN Act layoff notice requirements.

Tax Compliance: Federal, state, and local income tax filing and payment, sales and use tax, payroll tax withholding, transfer pricing for multi-jurisdictional operations.

Environmental Compliance: Environmental permits, Phase I and Phase II environmental site assessments, underground storage tanks, asbestos and lead paint concerns.

Data Privacy and Security: GDPR compliance (European data subjects), CCPA/CPRA compliance (California residents), industry-specific privacy regulations (HIPAA, GLBA, FERPA), data breach notification obligations.

Export Control and Sanctions: ITAR compliance for defense articles, EAR for dual-use items, OFAC sanctions compliance.

Compliance Risk Mitigation

Significant compliance deficiencies may require pre-close remediation, post-close compliance programs funded through escrows, or purchase price adjustments. Fundamental compliance failures can be deal-breakers.

Intellectual Property

Intellectual property often represents significant value, particularly for technology, consumer brand, and life sciences companies.

IP Portfolio Review

Patents: Review complete patent portfolio (issued patents and pending applications), patent family trees, maintenance fee payment status, validity and enforceability opinions, and prosecution history.

Trademarks: Document registered trademarks (USPTO and foreign jurisdictions), common law trademarks, trademark search and clearance documentation, and domain name registrations.

Copyrights: Identify registered copyrights for software and creative works, work-made-for-hire documentation for employee creations, and copyright licenses.

Trade Secrets: Document trade secret identification, confidentiality and non-disclosure agreements, access controls and information security measures, and employee confidentiality obligations.

IP Ownership Verification

Verify unbroken chain of ownership through employee and contractor IP assignment agreements, acquisition agreements for prior transactions including IP transfers, and university or research institution license agreements.

Common IP Ownership Issues

Frequent problems include: founders or early employees never formally assigned IP to the company, contractors retained ownership rights, joint development agreements creating co-ownership, university licenses with restrictive terms or ongoing royalty obligations.

IP Encumbrances and Licenses

Outbound Licenses: Review licenses granted to third parties, exclusive vs. non-exclusive terms, royalty obligations, and termination provisions.

Inbound Licenses: Assess licenses from third parties required to operate the business, open source software usage and license compliance, and material technology licenses.

Freedom to Operate: Confirm the company can operate without infringing third-party rights through freedom-to-operate opinions, patent landscape analysis, and review of prior cease-and-desist letters or infringement allegations.

Employment Agreements and Labor Matters

Key Employee Agreements

Review employment contracts for executives and key employees covering compensation terms, termination provisions, change of control provisions, and non-competition/non-solicitation covenants. Assess retention risk and plan retention incentives.

Compensation and Benefits

Equity Compensation: Document stock option plans, vesting schedules, exercise prices, and tax treatment.

Bonus and Incentive Plans: Review annual bonus plan terms, sales commission plans, and long-term incentive plans.

Employee Benefits: Assess health insurance, 401(k) plans, paid time off policies, and fringe benefits.

Transaction Bonus Obligations

Many employment agreements include change of control bonuses. Calculate total transaction-related bonus obligations and determine whether these are seller obligations (paid pre-close) or assumed by buyer (reducing post-close cash flow).

Labor and Employment Compliance

Verify independent contractor classification, wage and hour compliance, I-9 and work authorization documentation, employment discrimination or harassment complaints, and union relationships if applicable.

Material Permits and Licenses

Business licenses and permits required to operate legally vary by jurisdiction and industry.

Essential Permits

Business Operation Permits: General business licenses (state, county, municipal), professional licenses, occupational licenses, and zoning compliance.

Industry-Specific Permits: Environmental permits, health department permits, alcohol licenses, transportation permits, professional practice licenses.

Real Property Permits: Building permits, fire marshal inspections, elevator certifications, signage permits.

Determine whether permits transfer automatically, require regulatory approval for transfer, or require new application in buyer's name.

Non-Transferable Licenses

Certain professional licenses are entity-specific and don't transfer in an asset sale. For businesses dependent on such licenses (medical practices, law firms), deal structure may require stock purchase or careful transition planning.

Purchase Agreement Risk Allocation

Legal due diligence findings directly inform purchase agreement terms:

Representations and Warranties: Seller statements about legal condition of the business.

Disclosure Schedules: Detailed exceptions to representations (listing all litigation, contracts with change of control provisions, IP licenses).

Indemnification Provisions: Seller obligation to compensate buyer for losses from breaches or specific identified risks.

Survival Periods: How long representations survive post-close (general representations typically 12-24 months, tax and IP often 3-7 years).

Baskets and Caps: Minimum claim thresholds and maximum recovery limits.

Escrows and Holdbacks: Funds held at closing to satisfy potential indemnification claims.

Key Takeaways

Legal due diligence identifies risks that could impair post-close operations, create unexpected liabilities, or prevent the buyer from realizing anticipated value. Thorough investigation of corporate structure, contracts, litigation, regulatory compliance, intellectual property, employment matters, and operational permits allows informed decisions about transaction structure, purchase price, and risk allocation in the purchase agreement.