Due diligence, before you buy
Due diligence is finding out what you are actually buying, while you can still do something about it. It is not a formality and it is not a checklist. It is a search for the handful of things in a company's paperwork that would change your mind, your price, or your protection. Here is the whole arc, in plain English, and an honest account of where the real work sits.
- Due diligence answers one question: is this company what the seller says it is? Everything else is detail.
- Buy the shares and you buy the company's whole history with it - every contract, claim and liability. Buy the assets and you choose what you take. That decision shapes the entire exercise.
- The failure is rarely missing a document. It is drowning in them. A report that flags everything tells you nothing.
- A document sitting in the data room is not evidence of anything. Filing is not content, and the gap between the two is where deals go wrong.
- A finding you do nothing with is a cost. There are five doors: the price, a warranty, an indemnity, a condition, or walking away.
Shares or assets, and everything that follows
The first decision shapes every other one, including how much diligence you need at all.
There are two ways to buy a company, and they are not variations on a theme. Buy the shares and you buy the company itself, exactly as it stands. It keeps everything: its contracts, its employees, its tax history, the dispute nobody mentioned, the guarantee someone signed in 2019. Buy the assets and you choose what you take - this contract, that equipment, those people - and most of the history stays behind with the seller.
That single choice decides how much diligence you need. A share purchase is an inheritance, so you have to go looking for what you are inheriting. An asset purchase narrows the question to what you are actually taking, and the diligence narrows with it. Sellers usually prefer a share sale for exactly the reason buyers should be careful of one.
Then agree the scope, in writing, before anyone opens a document. Scope is mostly about what you are not looking at: which jurisdictions, what value of contract is too small to bother with, whether tax and financial diligence are somebody else's job. An exercise without limits does not become more thorough. It becomes slower and more expensive while the important things wait.
The scope conversation is where the budget is really set. Everything after it is execution.
You cannot review what you never see
The data room, the request list, and the difference between an answer and a document.
The seller opens a data room and you send a request list. What comes back is rarely what you asked for, and the difference is the first real information you get about the company.
Some of it arrives as documents. Some of it arrives as a link to a folder somewhere, or an attachment on an email, or a sentence in a covering note explaining why the document is not needed, or a reassuring answer on a call. None of those is a disclosure. A document exists in the data room, placed and dated, or it does not exist at all - because in two years, when you are arguing about what you were told, the data room is the record and the phone call is not.
So chase placement rather than answers. Ask for the document, in the room, with a date on it. Keep a list of what is still outstanding and what has been promised, and keep it where both sides can see it.
The list of what never arrives is not an administrative annoyance. It is a finding. A company that cannot produce its own material contracts is telling you something about how it has been run, and that is worth knowing before you own it.
Flagging everything is the same as flagging nothing
Red flags, risk levels, and why thoroughness is not the goal.
Every document gets read, and anything that matters gets written down with a risk level against it. High means it has a material effect on your legal or financial position - it could block the deal, delay it, or cost you money after completion. Medium means somebody needs to deal with it. Low means it is a normal commercial term and you should know it is there.
The things that usually earn a high are unglamorous and predictable: a change of control clause letting a key customer walk when you buy; a liability cap that is far too low for the contract it sits in; termination on short notice in the agreement the business depends on; intellectual property the company uses every day but does not own; obligations that survive completion and land on you; a consent someone needs to give and might not.
Here is the part most people get backwards. The goal is not to demonstrate thoroughness. It is to surface the things you have to act on. A well-drafted liability cap in a routine supplier contract is unremarkable, and calling it a red flag is not caution, it is noise. It becomes a real issue only if the cap is unusually low, the carve-outs are missing, or that contract is material to the business.
A report that flags everything is a report nobody finishes, and the three findings that mattered are in there somewhere, indistinguishable from the ninety that did not. Over-flagging feels like diligence. It is the opposite: it hands the judgement back to you, unmade, in a longer document.
Filing is not content
A document in the data room is not the same as a document that answers the question.
The most common failure in due diligence is not missing a document. It is ticking one off without opening it.
That is not a hypothetical. A schedule of "material IT contracts" that turns out to say "available upon request" is not the contracts. A folder of compliance policies filed as evidence, every one of them still marked draft and awaiting sign-off, is not compliance. The filename said the request was answered. The document said otherwise, and only opening it revealed the difference.
So the rule is unforgiving and worth it: nothing moves to "provided" until somebody has opened it and read it. Not the index, not the filename, not the seller's covering email - the document. A status set on inference is a guess wearing a tick.
The same discipline applies when the story changes. If the other side reverses a position they have already given you, that gets recorded in the open, with both versions kept, and checked against the paperwork. One reversal is a correction. A pattern of them is a finding in itself, and what it tells you about the target's records is usually worth more than the point being argued.
And when an earlier answer turns out to have been an inference rather than a fact, it gets corrected visibly, in a version history, not quietly overwritten. The trail of what was believed and when is part of what you are buying.
A finding you do nothing with is just a cost
There are only five doors out of a red flag. Knowing which one you are walking through is the point of the exercise.
Diligence that ends in a report is half a job. The report exists so you can do one of five things with each finding.
You can pay less, because the thing you found makes the company worth less than the price assumed. You can take a warranty - the seller states something is true, and if it is not, you have a claim. You can take an indemnity - the seller promises to reimburse a specific cost if a specific problem materialises. You can make it a condition, so the problem is fixed before you pay rather than after. Or you can walk away, which is the option people forget is an option.
The warranty and the indemnity are not interchangeable, and the difference is where money is won and lost. A warranty is a statement of fact: to claim on it you have to prove the statement was wrong, prove your loss, and show you tried to mitigate it. An indemnity is a promise to cover a defined cost, pound for pound, without that fight. For a risk you have already found and can describe, you want the indemnity. Warranties are for the things you do not know about yet.
Then there is the sting in the tail. The seller discloses against the warranties, and anything they properly disclose, you cannot later claim on. Put bluntly: a warranty covers what the seller did not tell you. So the disclosure letter is where the real value of your warranties gets decided, and it is written at the exact moment everyone is tired and wants the deal done.
The problem is volume, not difficulty
Almost nothing in due diligence is hard. There is just an enormous amount of it, and a deadline.
Step back from the five stages and the real difficulty is obvious. Reading a contract and spotting a low liability cap is not intellectually demanding work. Reading four thousand of them, in three weeks, while staying alert enough to notice the one that matters on a Friday afternoon, is a different problem entirely. Due diligence is not hard. It is big.
The traditional answers are both bad. Put a team of junior lawyers on it and you get weeks of calendar time and a bill that makes the exercise feel like the risk. Or sample it - read the important-looking ten per cent and hope - which is the industry's polite word for guessing.
Silva does it differently. We run a proprietary agentic AI platform on your data room. There is nothing for you to buy, install or learn: you send the documents, we run the review, you get the outputs. Once the documents are in readable shape - PDFs and Word files, not photographs of a filing cabinet - a data room is reviewed within a day. And when a further tranche lands, as it always does, it is re-run within a day again, against everything that came before. Re-reading on new disclosure is the thing traditional diligence does worst, because by then the budget is gone.
You get four things, from £5,500 a data room: a detailed report; an index of the entire data room; a red flag review of every document in it; and a list of what is missing, with the questions to put to the other side. All four are produced by the platform.
Human review sits on top of that, at hourly rates, and here is the part we would rather say out loud than bury. The platform tells you which documents it thinks need a human pair of eyes - the scanned ones, the ambiguous ones, the ones where it read something that contradicts something else - and you decide whether to buy that. Every firm makes that judgement on every deal. Most make it silently, inside a fee. We show you ours and let you overrule it.
Before any AI-assisted output leaves us, you sign an AI Use Protocol: what the platform does, what it does not do, what we check, and what you are relying on. It exists because "is a machine doing my deal?" is a fair question, and the honest answer is long enough to need writing down.
Frequently asked questions
What is legal due diligence?
It is the legal examination of a company you are thinking of buying or investing in - its contracts, its ownership, its people, its property, its disputes and its compliance - to find out whether it is what the seller says it is. The point is not to produce a document. It is to find the things that should change your price, your protection, or your mind, while you can still act on them.
How long does due diligence take?
Traditionally, weeks - most of it spent reading rather than thinking. Silva reviews a data room within a day once the documents are in readable shape, and re-runs it within a day each time further documents are disclosed. The limit is usually not the reviewing. It is how quickly the other side produces what you have asked for.
What happens if due diligence finds a problem?
You have five options and they are worth knowing before you start. Reduce the price. Take a warranty, so you have a claim if a statement turns out to be untrue. Take an indemnity, so a specific known cost is reimbursed pound for pound. Make fixing it a condition of completion. Or walk away. Most findings are dealt with by the first three; the value is in choosing the right one for the problem.
Share purchase or asset purchase - does it change the due diligence?
Substantially. Buying shares means buying the company as it stands, with its whole history attached, so the diligence has to go looking for what you are inheriting. Buying assets means choosing what you take, and the diligence narrows to those things and whether they can actually be transferred to you. Sellers tend to prefer a share sale, which is the reason a buyer should look harder at one.
Can AI do due diligence?
It can do the volume, which is the part that breaks the traditional model - reading every document rather than a sample of them, and re-reading everything when a new tranche arrives. It cannot decide what matters to your deal, and it should not be trusted with a poorly scanned document or a genuine contradiction between two sources. That is why our platform produces the review and flags what warrants a human, rather than pretending the question does not arise.
Buying something? Let us look at it properly.
Silva runs legal due diligence for buyers - the whole data room reviewed, the red flags found and ranked, the missing documents chased, and a report you can act on rather than one you have to finish. Fixed fee per data room, with senior judgement where it counts.