Due Diligence Red Flags: Buyer and Seller Checklist

Alehar Team·Laatst bijgewerkt 2 juni 2026·9 min leestijd

Deal team reviewing due diligence red flags across financial, commercial, legal, operational, cyber, and integration workstreams

Verkent u opties voor uw bedrijf?

Short answer: Due diligence red flags are warning signs that a business may be riskier, less valuable, harder to finance, or harder to integrate than expected. In M&A, red flags do not always mean a buyer should walk away. They do mean the buyer should investigate further, adjust valuation, change deal terms, request protections, or pause until the issue is understood.

For sellers, red flags are equally important. Many deal problems can be reduced before buyer diligence starts if the seller cleans up financials, contracts, customer evidence, governance records, data room files, and management explanations early.

This guide explains the major red flags buyers should investigate and the practical steps sellers can take before a sale process, financial due diligence review, or LOI.

Due diligence red flags at a glance

Red flag	Why it matters	Buyer response	Seller preparation
Financials do not reconcile	Reported performance may not match accounting records, tax filings, bank data, or management dashboards.	Request a quality of earnings review, source documents, and a bridge between systems.	Reconcile monthly accounts, reporting packs, tax filings, and CIM figures before outreach.
Revenue concentration	Loss of one customer can change valuation, debt capacity, and integration plans.	Review contracts, renewal history, customer calls, gross margin by customer, and churn risk.	Prepare customer concentration, retention, and renewal analysis.
Aggressive add-backs	Adjusted EBITDA may overstate sustainable earnings.	Challenge each adjustment and tie valuation to defensible earnings.	Document each add-back and remove weak adjustments before buyer review.
Unclear ownership or IP rights	The buyer may not receive the assets it thinks it is buying.	Review IP assignments, contractor agreements, open-source use, and product dependencies.	Clean up assignments, contractor records, and product documentation.
Weak cyber or data controls	Breaches, downtime, compliance issues, and customer trust risk can survive closing.	Run technical diligence and compare controls to a recognized framework such as NIST.	Prepare incident history, access controls, policies, backups, and remediation plans.
No integration owner	Deal value can leak after close even if diligence findings are acceptable.	Define Day 1 priorities, decision rights, synergy owners, and reporting cadence before signing.	Clarify transition support, management roles, and post-closing dependencies.

1. Financial red flags

Financial red flags are often the most direct route to price reductions, working-capital disputes, earnouts, escrow demands, or a failed process. They are usually tested through financial due diligence, quality of earnings, and detailed data-room requests.

Inconsistent financial records

If management accounts, tax filings, bank statements, invoices, dashboards, and the information memorandum tell different stories, buyers will question the reliability of the whole process. Sellers should prepare reconciliations before buyer access expands.

Poor cash conversion

A business can show EBITDA but still struggle to convert earnings into cash. Red flags include slow collections, stretched payables, inventory write-down risk, heavy capex, deferred revenue pressure, or recurring cash leaks not visible in the headline profit number.

Aggressive adjusted EBITDA

Add-backs are not automatically wrong, but weak add-backs create valuation risk. Buyers will test whether adjustments are truly one-off, non-recurring, owner-specific, or already reflected in the forecast. See Alehar's guide to adjusted EBITDA for more detail.

Hidden debt-like items

Unpaid tax, overdue supplier balances, customer deposits, litigation provisions, related-party loans, off-balance-sheet obligations, deferred compensation, and lease obligations can reduce equity value even if enterprise value stays the same.

2. Commercial red flags

Commercial red flags test whether revenue is durable and whether the market story is supported by evidence. These issues can affect valuation, buyer appetite, and integration planning.

Customer concentration

High customer concentration is not always fatal, but it changes the diligence question. Buyers will want contract terms, renewal history, customer calls, account profitability, switching risk, and the likelihood that customers remain after closing.

Revenue quality problems

Red flags include revenue pulled forward before sale, heavy discounting, weak renewals, one-time project revenue presented as recurring, poor cohort retention, channel conflict, or pipeline that does not support the forecast.

Market thesis mismatch

If the seller claims to be in a high-growth market but the company's actual customers, margins, retention, or product roadmap do not support that thesis, buyers may reduce value or shift the deal structure.

3. Legal, tax, and regulatory red flags

Legal and regulatory red flags can delay closing, change transaction structure, or require specific indemnities. Common issues include:

Unclear ownership, missing approvals, or shareholder disputes.
Change-of-control restrictions in customer, supplier, debt, lease, or license agreements.
Pending litigation, threatened claims, warranty issues, or unresolved disputes.
Unpaid tax, uncertain tax positions, weak payroll or sales-tax records, or cross-border tax exposure.
Licensing, industry regulation, environmental, privacy, or antitrust issues.

For larger or strategically sensitive transactions, competition analysis may also matter. The DOJ and FTC's 2023 Merger Guidelines are an official reference point for how U.S. agencies discuss merger analysis, but transaction-specific legal advice is essential.

4. Operational and people red flags

Operational diligence asks whether the company can keep performing after closing. Red flags include:

Founder or key-person dependency: customer relationships, product knowledge, or supplier access sit with one person.
High employee turnover: retention risk may weaken delivery, culture, customer service, or integration.
Supplier dependency: one supplier, facility, license, or platform is essential and hard to replace.
Weak processes: operations rely on informal knowledge, manual workarounds, or undocumented procedures.
Underinvestment: margins look strong only because the business has deferred hiring, maintenance, security, or systems investment.

Sellers can reduce these risks by documenting roles, processes, suppliers, systems, and transition plans before diligence starts.

5. Technology, cyber, and data red flags

Technology issues can become valuation, legal, operational, and customer-retention problems. Buyers should investigate cyber controls, data privacy, uptime, technical debt, source-code ownership, open-source dependencies, access rights, backups, incident history, and product scalability.

The NIST Cybersecurity Framework is a useful official reference for discussing cyber risk management, but each transaction needs company-specific technical diligence.

6. Integration red flags

Some red flags do not stop a deal before signing. They destroy value after closing. Integration red flags include unclear Day 1 ownership, no plan for customer communication, incompatible systems, culture mismatch, unrealistic synergy assumptions, missing transition services, and weak reporting cadence.

Buyers should connect diligence findings to integration planning before signing. Sellers should also understand integration risk because it can affect earnouts, rollover equity, employee retention, and post-closing obligations.

What is a red flag due diligence report?

A red flag due diligence report is a focused report that highlights the most important issues found in diligence rather than documenting every workstream in full detail. It is often used when timing is tight, when a buyer needs an early go/no-go view, or when investors need a concise summary of deal risks.

Report type	Best use	Limitation
Red flag report	Early risk scan, bid support, investment committee summary, time-sensitive review.	May not cover every issue deeply enough for signing or closing.
Full diligence report	Confirmatory diligence, financing support, purchase agreement negotiation, detailed risk allocation.	Requires more time, data, and adviser effort.

For sellers, a red flag review before buyer outreach can be useful because it identifies the issues most likely to damage price or certainty later.

What to do when you find a red flag

A red flag should lead to a decision, not just a note in a tracker. Buyers and sellers should decide whether the issue requires more diligence, a price adjustment, legal protection, operational remediation, staged access, or a change in process.

Clarify the fact pattern: request source documents and avoid relying on summaries alone.
Quantify the impact: estimate effect on revenue, EBITDA, cash, working capital, liabilities, or integration cost.
Test persistence: decide whether the issue is one-off, fixable, structural, or likely to worsen.
Allocate risk: use price, structure, escrow, indemnity, earnout, closing condition, or walk-away rights where appropriate.
Update the process: add owners, deadlines, open questions, and required evidence.

Buyer and seller checklist

Question	Buyer use	Seller preparation
Do the financials reconcile?	Test reliability of reported performance.	Prepare reconciliations and source files before sharing the data room.
Are earnings sustainable?	Challenge EBITDA, margins, add-backs, and cash conversion.	Document recurring earnings and remove weak adjustments.
Is revenue durable?	Review concentration, churn, renewals, contract terms, and pipeline.	Prepare customer, contract, and retention analysis.
Can the business transfer?	Check consents, IP, licenses, employees, suppliers, and key-person risk.	Resolve missing approvals and document dependencies.
Can the buyer integrate it?	Assess systems, culture, reporting, management depth, and Day 1 priorities.	Prepare transition support and realistic integration assumptions.

Related Alehar resources

Financial due diligence scope for the FDD workstreams behind many red flags.
M&A due diligence preparation for seller readiness before buyer review.
Sell-side M&A process for where red flags usually surface in the sale timeline.
M&A information memorandum checklist for making sure the buyer story matches the evidence.
Questions to ask a potential acquirer before accepting exclusivity or deep diligence access.

How Alehar can help

Alehar helps sellers identify red flags before buyer outreach, prepare diligence evidence, organize data rooms, test the financial story, and respond to buyer questions without losing process control. For buyers, Alehar can help review financial and commercial risk, assess deal assumptions, and frame follow-up diligence questions.

If you are preparing for a sale, reviewing buyer interest, or evaluating a target, see Alehar's sell-side M&A advisory work or contact Alehar to discuss the transaction context.

De hier geuite standpunten zijn die van de individuele auteurs van Alehar Advisors Inc. („Alehar”) en vertegenwoordigen niet de standpunten van Alehar of haar gelieerde ondernemingen. Bepaalde hierin opgenomen informatie is verkregen uit bronnen van derden; hoewel deze als betrouwbaar worden beschouwd, heeft Alehar dergelijke informatie niet onafhankelijk geverifieerd en doet geen uitspraken over de blijvende juistheid van de informatie of de geschiktheid ervan voor een bepaalde situatie. Daarnaast kan deze content advertenties van derden bevatten; Alehar heeft dergelijke advertenties niet beoordeeld en onderschrijft geen daarin opgenomen advertentie-inhoud. Deze content wordt uitsluitend ter informatie verstrekt en mag niet worden beschouwd als juridisch, zakelijk, beleggings- of belastingadvies. U dient uw eigen adviseurs te raadplegen voor dergelijke aangelegenheden. Verwijzingen naar effecten of digitale activa dienen uitsluitend ter illustratie en vormen geen beleggingsaanbeveling of aanbod tot het verlenen van beleggingsadviesdiensten. Grafieken en diagrammen in deze content dienen uitsluitend ter informatie en mogen niet als basis dienen bij het nemen van beleggingsbeslissingen. In het verleden behaalde resultaten bieden geen garantie voor de toekomst. De content heeft uitsluitend betrekking op de aangegeven datum. Alle prognoses, schattingen, voorspellingen, doelstellingen, vooruitzichten en/of meningen in dit materiaal kunnen zonder voorafgaande kennisgeving worden gewijzigd en kunnen afwijken van of in strijd zijn met meningen van anderen.

Ontdek wat Alehar voor u kan betekenen

Krijg de vrijheid om te doen waar u het beste in bent door samen te werken met ons corporate finance team

Neem contact op