Legal-Due-Diligence-Guidelines May 2020
Legal-Due-Diligence-Guidelines May 2020
Legal-Due-Diligence-Guidelines May 2020
In Collaboration with:
Anti-Corruption Committee
Antitrust Section
Insolvency Section
Taxes Committee
The IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines are reproduced by kind permission of
the International Bar Association, London, UK, and are available at: https://www.ibanet.org/LPD/Corporate_Law_
Section/Corporate_MA_Law_Committee/Publications.aspx. © International Bar Association 2018.
The guidelines may be reproduced, downloaded, and distributed etc for non-commercial purposes.
[Distribution and reproduction for commercial purposes is strictly prohibited.]
Contents
Foreword 4
The Guidelines 5
Introduction5
5. How to define the scope of due diligence and customise the process to the context? 11
8. Artificial intelligence? 38
10. How to perform due diligence where US, EU, UN and/or UK sanctions are in place? 43
Annex 46
I. Practice areas 47
II. Sectors 59
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines1
Members of the Special Project
Project Chair
Rodrigo Ferreira Figueiredo
Mattos Filho, Veiga Filho, Marrey Jr. e Quiroga Advogados
London, UK
Special Projects Officer, Corporate and M&A Law Committee
2 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
Mariette Lafarre Jose Maria de Paz
Lafarre Law Firm Perez-Llorca Abogados SLP
Amsterdam, The Netherlands Madrid, Spain
Europe Regional Officer, Real Estate Section Regional Representative Europe, Water Law Committee
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines3
Foreword
At the IBA Council Meeting in Washington, DC in September 2016, IBA Executive Director Mark Ellis
noted that the IBA Legal Practice and Research Unit (LPRU) was expanding its assistance to the IBA
Legal Practice Division, and that since creating the IBA Special Projects Fund, significant amounts
had been invested in committee projects and enhancing the IBA. Subsequently, at the IBA Council
Meeting in Belfast in May 2017, LPRU head Jane Ellis reported on the Unit’s activities and reinforced
its commitment to promoting more interaction and cooperation among IBA Committees on projects
which make an important contribution to the goals of the IBA.
In the context of the current efforts the IBA has been making to encourage IBA Committees to
engage with each other on topics of relevance to the legal profession, in August 2017 the IBA
Corporate and M&A Law Committee, in coordination with several other IBA Committees, formally
proposed to the IBA a project envisaging ‘the production of a best practices guide for conducting
legal due diligence investigations in the context of merger and acquisition transactions’. By providing
practical guidance for carrying out legal due diligence processes, the project ‘would be relevant
to the IBA community as a whole since it would enable (...) the IBA to fulfil its leading role in
developing important international guidelines’, and ‘benefit legal practitioners around the world, of
various practice areas, especially in developing legal markets.’
In September 2017, the special project proposal was accepted by the IBA, and, in October 2017,
the project kicked-off during the IBA Annual Conference in Sydney. During the ten months that
followed, and with the support of the IBA Special Project Think Tank, officers representing as many
as 18 IBA committees worked together to produce the guide, covering topics such advising buyers
versus sellers, coordinating due diligence processes in multiple jurisdictions, human rights and social
due diligence, avoiding inappropriate information flows, managing and motivating due diligence
teams, using artificial intelligence, and complying with international sanctions.
In May 2018, Project Chair Rodrigo Ferreira Figueiredo, Special Projects Officer of the IBA
Corporate and M&A Law Committee, presented the project to the IBA Open Forum at the IBA
Officers’ Meeting in Oslo. The committees involved then worked together with the IBA to conclude
the project ahead of the 2018 IBA Annual Conference in Rome, where a special session was organised
to present the new guide.
These Legal Due Diligence Guidelines are the result of that IBA special project.
4 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
The Guidelines
Introduction
Mergers and acquisitions is a huge market, with thousands of transactions completed every year.
Legal due diligence carried out by potential acquirers in order to analyse the conditions of the
businesses they intend to buy are standard and frequently involve not only various legal practice areas
but also professionals from various jurisdictions. Well-conducted due diligence processes tend to bring
clarity to parties involved in transactions, thereby mitigating the risk of litigation post-closing between
buyers and sellers, and contributing to successful post-closing integration of targets into acquirers.
The objective of these guidelines for conducting legal due diligence investigations in the context of
M&A transactions (the ‘Guidelines’) is to provide useful information on topics that are relevant in
M&A legal due diligence, as well as practical guidance for conducting well-organised due diligence
processes. In this regard, these Guidelines are intended to serve as an overview and baseline to legal
practitioners around the world, promoting a broader comprehension of what would be expected by
clients and, therefore, helping to improve the quality of due diligence investigations.
Within that broader goal, these Guidelines also intend to serve the purpose of providing a document
that is of universal application and usefulness, irrespective of specific legal regimes, and identify key
principles and a useful methodology for other stakeholders who undertake due diligence outside
a classic M&A scenario as a way of identifying and mitigating legal, regulatory and business risks (it
being clear that local specificities and requirements need to be taken into account in the context of
specific transactions or situations).
There are many reasons why an interested party may want or need to perform due diligence.
In the context of corporate or asset transactions, due diligence is an instrument for a potential buyer
(and as the case may be for the seller itself) to get more information about the target company,
business or assets, its status, potential contingencies and liabilities, thereby enabling the parties to
make informed decisions while negotiating the deal. Following completion, the buyer can be helped
in its efforts to integrate the acquired business by using the information acquired during the course
of the due diligence process.
In issuances of securities, a properly conducted due diligence process may be used by underwriters
to establish a defence against claims for material misrepresentations or omissions contained in
registration statements or prospectuses.
In cases of improper corporate conduct, a due diligence investigation can enable a company to
reduce its losses, identify the perpetrator, gather evidence for a criminal prosecution or civil trial, and
recover losses, among other objectives.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines5
In health and safety and related situations, due diligence may help a company or its management to
defend themselves against claims filed by harmed third parties.
In the context of M&A, the due diligence process plays a key role in the valuation of the target by
the buyer, and in the structuring of the transaction and the contractual protections needed by the
buyer, as well as enabling the potential buyer to gain as much background information possible
about the business to be acquired. In terms of substantiating the valuation, the due diligence
exercise seeks to find and quantify (as the case may be) material facts, and potential contingencies
and liabilities relating to the target company, as well as possible obstacles for the completion of the
transaction. Therefore, its scope is usually comprehensive, involving different types of experts and,
on the legal side, various areas of practice. At the end of the process, buyers typically expect to receive
comprehensive reports describing the target, identifying red flags and helping them to quantify
liabilities (when possible) so that they may be able to confirm their interest in the target and properly
negotiate the transaction documents with the seller.
In offerings of shares, the legal due diligence process aims to confirm that all relevant information
about the issuer, including matters regarding the members of its management team and controlling
shareholders, if applicable, is properly disclosed in the offering documents. The scope of the revision
requires the involvement of various areas of practice of outside counsel engaged in the offering,
which review relevant information, observing certain threshold amounts and periods pre-agreed
among the issuer and underwriters through their respective counsel. The range of information
to be reviewed depends on the type of business activities developed by the issuer, including mostly
information about litigation in general against the issuer, environmental, tax, labour, regulatory,
real estate and criminal matters, among others. In addition, a review of the issuer’s key contracts
(including those of a financial nature) is essential in order to ensure that the offering will not lead
the issuer to breach any of its covenants. Furthermore, the due diligence process conducted in initial
public offerings of shares aims to identify possible practices and governance structures developed
by the issuer that may be incompatible with the rules and requirements applicable to a publicly held
company, allowing legal counsel to propose alternatives to solve any issues that could hamper or
prevent the issuer from listing its shares and carrying out the offering.
In the context of debt offerings conducted with disclosure documents, the legal due diligence process
also aims to confirm that all relevant information about the issuer, if applicable, is properly disclosed,
6 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
however, with less focus on shareholders and corporate governance structures, and more focus on the
overall indebtedness and liabilities of the issuer and its ability to manage its capital structure. In cases
of financing transactions or private placement of debt without disclosure documents, the scope of
the due diligence review is typically agreed with the banks and creditors involved, with no need for a
full-blown due diligence effort. In any case, the scope of review normally has a particular emphasis on
financial agreements and instruments, in order to ensure that the offering or financing transaction or
private placement of debt will not lead the issuer to breach any of its covenants.
In the context of an asset transaction, a due diligence investigation is performed on the targeted
assets, as well as on the seller with respect to its ability to sell the assets, focusing on potential liabilities
that may materialise as a matter of succession, group or joint and several liability. It is worth noting
that the analysis of the targeted assets focuses not only on issues of title and regularity but also
platform transfer and integration aspects. As far as the targeted assets are concerned, due diligence
may generally comprise the analysis of facilities, intellectual property (IP), contracts with suppliers
and clients to be assigned, and licences and permits. If the deal is structured as a carve-out, it may
be assumed that new licences will have to be obtained by the new owner of the assets. In reference to
liabilities, due diligence should cover contingencies that may be attached to the assets involved (eg,
environmental liabilities and lack of applicable licences) and those that may adversely affect such
assets (eg, material disputes with suppliers or clients, or involving IP). Due diligence on the seller is
also of special concern, first, to assure that the seller is in good standing and in a positive financial
situation (so as to assure that the transaction will not be subject to challenge by creditors) and
second, to analyse contingencies (eg, labour and tax) of the seller that may possibly be inherited by
the buyer as a matter of succession or similar concepts provided by law.
Internal investigations can be initiated for a variety of reasons, including allegations of corruption,
fraud and other improper conduct. A thorough due diligence investigation in these circumstances
may enable a company to reduce its losses, identify the perpetrator, gather evidence for a criminal
prosecution or civil trial, and recover some or all of its losses. It may also shed light on weaknesses in
the company’s control structure, thereby helping to shore up the company’s internal defences against
future employee misconduct. Once the factors to be considered are defined, boards of directors,
board committees and corporations must decide if they will be represented by the corporation’s
in-house counsel or outside counsel. Following that, an investigation plan should be developed: (1)
defining purpose and scope; (2) identifying all potential sources of information; (3) determining
custodians and employees to be interviewed; and (4) determining forensic accounting work. Prior to
the collection, preservation and processing of documents, hold notices should be addressed to the
custodians with instructions regarding the preservation of documents and information. The scope of
the work should comprise a review of internal documents, data and information, including those of a
contractual, financial and/or accounting nature. At the conclusion of the investigation, a final report,
in either oral or written form, or both (considering the advantages and disadvantages of both cases),
should be developed addressing the background, executive summary, review of the investigation,
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines7
findings, conclusions and recommendations on appropriate remedial actions, and enhancing of
internal controls the company may carry out in order to prevent future violations, following which a
decision on whether or not to disclose the report or the findings of the investigation to the relevant
authorities will typically be made.
In the context of M&A transactions, the legal due diligence process plays a key role in the valuation
of the target by the potential buyer, and in the structuring of the transaction and the contractual
protections needed by the buyer, as well as enabling the buyer to gain as much background
information as possible about the business to be acquired.
Legal due diligence may typically cover corporate, contracts, real estate, environmental, IP, insurance,
competition, regulatory, compliance, tax, employment and litigation legal aspects.
Legal due diligence is typically conducted by law firms enabled to practice the law of the jurisdictions
involved, which tend to play a leading role in the overall due diligence process, coordinating with
several other types of experts depending on the circumstances of each case.
As a precondition to identifying and analysing the relevant legal risks connected with a certain
site, factory or product, it is crucial to establish a solid factual basis. This will often necessitate the
involvement of external experts (eg, environmental scientists and technical experts), especially when
risks cannot be evaluated on the basis of existing documentation, but require on-site inspection.
In view of the manifold aspects of environmental investigations, the danger of overstretching the
limits as well as the costs and expenses of environmental due diligence is evident. In order to avoid
excessive expenditure, the scope of the investigation must always be customised to the context of the
transaction.
Forensic due diligence aims to uncover those risks that if undetected may lead to serious
consequences, such as financial damage, erosion of faith in the company and reputational damage
(eg, corruption and bribery, tax fraud, forgery, violation of environmental laws and other non-
compliance issues). The focus in forensic due diligence is to identify such threats. Forensic due
diligence is normally carried out by a forensics firm.
Financial due diligence, which is typically conducted by financial advisers, contains the investigative
financial analysis of a business. In financial due diligence, among other things, the key drivers behind
the financial, commercial, operational and strategic position of the target are analysed and validated.
8 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
Financial due diligence typically includes the analysis of the following aspects of the target: a review
of the business plan; historical performance; balance sheet; financial projections; cashflow generators
and predictions; working capital; capital expenditure; analysis of the markets, industries, competition
and countries; and risk management.
Financial due diligence should not be confused with an audit or review of the annual accounts in
accordance with generally accepted accounting standards. The scope of financial due diligence is
different from an audit. In financial due diligence, the information contained in the annual accounts
is typically not verified, unless explicitly stated in the report. Consequently, no opinion or any other
type of confirmation relating to the financial accounts or internal control systems of the target are
typically provided in financial due diligence.
Commercial (or market) due diligence refers to the due diligence and assessment of commercial
factors such as market, competition and external business environment. It helps potential buyers to
understand the market segments in which the target operates, the industry and business outlook for
its products, key competitors and the effectiveness of its operating model.
It can be critical when an acquisition is in a new area for the buyer, and should involve detailed
primary and secondary research, as well as interviews or surveys of competitors, suppliers and
customers.
Commercial due diligence may be carried out by the potential buyer itself, and consulting firms may
also be engaged to provide support in specific areas.
Operational due diligence examines core operations, as well as back-office functions to assess current
performance and downside risks. It includes the review of a wide range of operational risks across the
company, including regulatory compliance, information technology, sales and marketing, operations
and accounting, administration, valuation and service providers.
It allows for a better assessment of the target and prepares the acquirer for a more effective
integration of the business by assessing the state of the target, ability to support future growth, level of
investment that may be required and gaps that need to be remediated. It allows management to make
informed decisions, while reducing risk.
Operational due diligence may also be carried out by the potential acquirer itself, with the occasional
support of outside experts.
Last but not least, great emphasis needs to be placed on disciplined and thorough valuation analysis,
which is the key to guiding the negotiation, and structuring a deal in a way that makes financial sense
and increases shareholder value.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines9
The first step in the valuation process is to establish the market value of the target, without regard to
buyer-specific synergies. That provides the buyer perspective on a baseline valuation that the board of
the target company might expect to realise in the transaction. It also establishes a reference point by
which the buyer can analyse and evaluate how much additional synergy it brings to the table over and
above market-level synergy.
The next phase of valuation analysis involves assessing what the value of the acquirer will be pro forma
for the acquisition. This review is conducted from the perspective of a particular buyer and reflects
what the value of the acquisition is to that specific buyer.
Acquisition valuation involves the use of multiple analyses to determine a range of possible prices
to pay for an acquisition candidate. There are many ways to value a business, which can yield widely
varying results, depending upon the basis of each valuation method. Among the most commonly
used when valuing a company as a going concern are: (1) discount cashflow analysis; (2) comparable
company analysis; and (3) precedent transactions.
While advising the seller, outside counsel must help the client to maintain the confidentiality of its
non-public information. Non-public agreements impact the governance of corporations and contain
a great deal of confidential information. Even the act of disclosing the names of a corporation’s
shareholders may violate their expectation that such information would remain private.
A non-disclosure agreement (NDA) should be put in place before non-public documents are shared
with the buyer and its counsel. Alternatively, non-public agreements may be shared, but only after all
confidential information is redacted.
In order to control costs, if the seller expects to negotiate with more than one potential buyer, a due
diligence package should be prepared for distribution to potential buyers or for inclusion in a data
room. The initial package would include, without limitation, the constitutional documents of the
entity, evidence of the legal existence of the entity, search results regarding pending litigations, and
copies of trademark, patent and copyright filings.
Once an NDA is in place, a second package should be prepared that includes all documents that
affect the governance and financial attributes of the entity, including, but not limited to, finance and
security agreements, and all significant contracts between the entity and third parties.
On the other hand, when representing the buyer, counsel must help to ensure that: (1) the buyer
receives what it bargains for; and (2) once negotiated, there is nothing that would preclude the
transaction from coming to fruition.
10 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
To illustrate (1), outside counsel should consider the following: if the buyer negotiates for shares
of stock with preferential rights, then their value is less if the seller may issue new shares with
greater rights; if a seller’s subsidiary or affiliate is guaranteeing an obligation of the seller, then the
guarantee is of limited value, if any, to the buyer unless the guarantor’s expenditure is restricted
or the establishment of a reserve is required; and if the seller’s revenues are dependent upon a
small number of contracts such that the loss of one or more would be detrimental to the continued
existence of the seller, then the business risk must be evaluated.
To illustrate (2), counsel should consider the following: the likelihood of obtaining all requisite
approvals from seller’s investors and/or regulatory agencies; whether the structure of the transaction
is such that it will trigger the time, expense and distraction of one or more lawsuits; and provisions
in, or absent from, the constitutional documents of the seller that make the sale more expensive and
time-consuming.
If acting for the buyer, should counsel accept the information provided by the seller as true?
Alternatively, should it conduct a parallel due diligence review to make sure that the information
provided is accurate and none is missing? Should it demand the same level of due diligence with
respect to subsidiaries and affiliates of the seller? One must consider the cost and likelihood of
potential risks if a parallel review is not conducted or information related to affiliates is not provided.
Which party pays the cost? Will a breakup fee or liquidated damage payment offset the time and
expense of the negotiation process? Should the buyer’s counsel accept the legal opinion of the
seller’s counsel in lieu of some due diligence or should it require an opinion from counsel of its
choice? Will representations suffice?
When representing the seller, should counsel deny the buyer’s due diligence requests if they are too
broad? How much of the time and expense related to due diligence can be shifted onto the buyer?
What is the likelihood that the due diligence review will reveal a problem that would be best for the
seller to cure rather than having to meet the demands of the buyer as to what constitutes a cure?
Should counsel deliver legal opinions or subject the seller to the scrutiny of the buyer’s counsel?
Regardless of whether counsel represents the seller or buyer, the exact amount of due diligence
required is an ‘art’, not a science. There is no per se ‘rule’. The answer is determined based upon the
bargaining position of the parties, size of the transaction and amount of risk at issue.
5. How to define the scope of due diligence and customise the process
to the context?
Defining the scope of legal due diligence is crucial to an efficient process to meet the proposed
timetable of the transaction and adapt to buyers’ expectations that relate to the cost of due diligence.
Evidently, the scope, details and intensity of the due diligence process should be adapted to the timing,
value, materiality and specificities of each transaction, considering also the human resources available
for the parties involved. The main aspects to be considered are the type of business the target company
operates, the time period the review should comprehend and the context of the transaction.
The legal due diligence process will vary considerably from one business to another, and so will
the information to be analysed and reviewed. Therefore, the investigation has to be tailored to
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines11
the business of the target company and respective risks that may be associated therewith. A variety
of factors that relate to the business of the target company are typically considered, such as the
corporate purpose, business operations, structure, main products, sales format, strategies, and
portfolio of customers and main suppliers, among others. Outside counsel expertise in the relevant
sector is a valuable asset for defining an appropriate scope and avoiding inefficiencies in the process.
As far as the period to be reviewed is concerned, one criterion to be considered is the applicable
statute of limitation for third parties to bring claims against the target because, if practicable, the due
diligence review should cover the entire period with respect to which liabilities may be outstanding.
Finally, the scope of legal due diligence should be adapted to the context of the transaction, thereby
insuring that the investigation matches the buyer’s interests in the deal and avoiding unnecessary
expenses. For example, if the target is a reputable listed entity (therefore subject to regular public
disclosure), then the potential buyer may be able to become comfortable with a narrower due
diligence scope than when the target is a troubled private company. In addition, if the seller is
financially sound or will provide guarantees, and the transaction documents are pro-buyer, then the
potential buyer may need less due diligence effort than in the case in which the seller is in a weaker
financial position, will not offer any guarantees and insists on pro-seller transaction documents.
Below is a brief description of the various legal areas that may integrate the legal due diligence scope.
5.1. Corporate
Among the objectives of corporate legal due diligence are to confirm that the target is in good
standing and the shares to be acquired are free of any liens or encumbrances; to verify the corporate
structure of the target, composition of its corporate capital (especially the existence of shareholders
other than the seller and their rights) and possible outstanding obligations that the target may have
(relating, eg, to dividend distributions); to identify applicable corporate approvals that are required
for the consummation of the transaction; to check possible restrictions that may apply to transfers of
shares or voting rights; and to assess potential related risks that may affect the target or transaction, as
well as to provide inputs for the structuring of the deal itself.
In order to achieve these goals, corporate due diligence typically involves reviewing: (1) the
organisational documents and any other relevant corporate documents, including minutes of board
or committee meetings, corporate registries and shares certificates (if any) of the target; (2) any
shareholders’ or voting agreements and similar documents; (3) corporate reports and any other
communications to the company’s stakeholders, as well as press releases and communications to the
market (in the case of publicly held companies); and (4) possible other rights and obligations that
may still be in force, arising under past M&As in which the target may be involved.
When the target company is a Delaware entity, Delaware law requires some, but not all, of the
constitutional documents to be filed and available to the public. In contrast to the rules of other
countries, there is no central registration office that maintains all of the constitutional documents
related to a Delaware entity. As a result, there is typically the need to obtain certain constitutional
documents from the entity itself. If a corporation is at issue, its Certificate of Incorporation is
available from the Office of the Secretary of State of Delaware, but its bylaws are not. Nor are other
12 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
documents that affect the financial and structural aspects of an entity filed, such as shareholder
or stock option agreements. If the Delaware entity at issue is a limited liability company, limited
partnership or statutory trust, then a notice filing only is typically all that is available from the
Secretary of State of Delaware. Although it is possible to obtain a certificate from the Secretary of
State of Delaware that certifies the legal existence (ie, ‘good standing’) of a Delaware entity, such
a certificate does not address whether or not a Delaware entity can enter into the transaction at
issue. A review of the corporation’s bylaws is required because there may be restrictions against, or
conditions that must be fulfilled prior to, the ability of the Delaware entity to act.
5.2. Contracts
The first step in contracts due diligence is to identify the contracts that are material to the target
company’s business, among commercial contracts, operational contracts and financial contracts.
Materiality criteria may include amounts involved and strategic importance to the business from the
perspective of the buyer.
While reviewing material contracts, in addition to summarising the main rights and obligations, and
amounts involved, one must pay special attention to the clauses that may be triggered as a result of
the transaction, such as change of control, early termination and penalty clauses, as well as identifying
enforceability issues, default situations and other weaknesses that the buyer may need to consider
before committing to the transaction.
In this regard, if the transaction is likely to breach material contracts, or if there are other issues that
would need to be addressed prior to closing so that the buyer may get what it proposes to pay for, then
the parties may need to negotiate appropriate conditions precedent to the closing of the transaction,
such as the obtainment of third-party consents or amendments to existing contracts, in order to remove
any such obstacles.
5.3.1. IP
In most companies, IP rights (IPR) form a substantial part of the company’s assets and value, for
instance, rights in creative works, like music, audiovisual content, text, pictures or rights in software,
data, inventions, know-how, designs, marks, trademarks, or company or domain names. Depending
on the industry sector, other IPRs may also be of relevance, for instance, topography rights in
computer chips, geographic indications in the food industry or crop rights in agriculture. Usually, a
due diligence request list would provide a broad definition of the term IPR.
As a starting point, the due diligence exercise should investigate the status quo of the IPR owned or
licensed by or to the company, as well as IPR-related risks. It is of the essence to determine whether
the IPR can be transferred and whether it has been pledged or is otherwise subject to third-party
rights. It must be established whether the use of the IPR would violate third-party rights or whether
third parties would violate the IPR and whether there are any opposition procedures or any IPR-
related litigation.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines13
The relevant IPR register (eg, for domain names, patents or trademarks) is typically only declaratory;
the registered status may differ from actual ownership; this is relevant for the representations (reps)
and warranties in the purchase agreement.
Priority (ie, for registered rights, the date of application) is essential with regard to older or younger
conflicting rights. Due diligence should also determine the (remaining) duration of protection and
any measures taken to effect or prolong the registration.
As with most other assets, the transaction structure (asset or share deal) must be taken into account.
In an asset deal the buyer should determine whether the relevant IPR and licence agreements could
be freely transferred from the seller to the buyer without any third-party approval (licensor, licensee,
author, inventor or similar) being required. In share deals, change-of-control clauses may be relevant.
In the field of owned or licensed software, it may also be of interest whether the relevant software
contains open-source elements and licence terms.
5.3.2. Privacy
In the information age, the protection of data of identified or identifiable natural persons (‘personal
data’) has become an important element of legal compliance. Data protection and privacy laws
impose numerous duties on a company and gives the persons concerned personal rights and claims
against the company. In due diligence, the buyer should establish compliance by the target with data
protection laws. In an asset deal the buyer must determine whether a database with personal data
could be transferred to the buyer with or without approval by the persons concerned. Corresponding
provisions should be included in the purchase agreement.
In view of the substantial fines threatened by certain data protection laws (eg, the European Union
General Data Protection Regulation (GDPR)), the buyer would, for example, want to establish
whether the target or assets are under current investigation by the data protection authorities or
whether there are any claims asserted by the persons concerned.
5.4. Regulatory
Every country has its own rules and regulations with respect to M&A. These include a complex
regulatory framework involving matters such as structuring the acquisition, exchange controls,
governmental and third-party approvals and consents, and tax clearances, which should be taken into
consideration on the elaboration of the timeframe of the transaction.
Regulated sectors of the economy typically include airports, aviation, communications, financial, food
and beverage, healthcare and life sciences, insurance, mining, oil and gas, ports, power, real estate,
transport, and water and sanitation, among others.
Foreign investment is also subject to government control in many jurisdictions, an area that requires
special attention, especially as approval criteria may not be strictly objective.
14 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
5.5. Antitrust
Where there is reason to believe, based on publicly available information (eg, antitrust
agency decisions and press reports), that the target in a transaction is: (1) currently under
investigation by an antitrust agency; (2) subject to a consent order or other type of settlement
with an antitrust agency; or (3) active in an industr y in which cartel activity (or other types of
widespread anticompetitive conduct) has been found to have occurred, targeted due diligence
should be conducted to understand the potential antitrust risk that may be assumed as a result
of the transaction.
If the target is currently under investigation by an antitrust agency, additional due diligence should
be conducted to understand the nature of the alleged conduct that is under investigation; the results
of any internal company investigations conducted to date as to the conduct alleged; the status of the
overall investigation, including what the antitrust agency has requested from the target in the way of
information, documents and data, and what has already been produced in response to those requests;
the implications if the allegations are proven, including any fines, damages or other punishments that
may apply; and whether any settlement discussions are currently under way between the target and
the antitrust agency.
If the target is currently subject to a consent order or other form of settlement arrangement
with ongoing obligations with an antitrust agency, additional due diligence should be conducted
to understand the ongoing obligations of the target under the terms of settlement and the
length of those obligations; the target’s efforts to comply with those obligations; and whether
the antitrust or any third party has alleged non-compliance with the settlement arrangement.
If the target is active in an industry in which an antitrust agency has recently found that cartel
behaviour has occurred and any market participants are currently operating under a consent
decree, additional due diligence should be conducted to understand the compliance policies and
programmes put in place to avoid the recurrence of similar conduct going forward; whether there
have been any instances of non-compliance with those policies since their implementation; and any
systems put in place to identify the same or similar types of conduct should they recur.
In certain circumstances and industries, due diligence regarding other forms of anticompetitive
conduct may be warranted, including, for example, resale price maintenance and excessive pricing.
However, including such issues in the due diligence process is always the result of a balancing of
the costs of doing so and the potential risk associated with an infringement. One alternative to
conducting due diligence on a particular issue may be to address the risk through appropriate reps
and warranties in the transaction documents.
Antitrust rules and procedures can vary significantly from jurisdiction to jurisdiction, so practitioners
should consider engaging antitrust specialists in those jurisdictions in which investigations are
ongoing or settlements are in place to evaluate their potential implications.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines15
5.6. Labour and employment
The importance of labour and employment (L&E) due diligence in international M&A transactions,
while critical, is often downplayed. If the focus is on acquiring workforce and talent, a thorough due
diligence of ‘people issues’ assumes even greater importance. In the past, M&A deals have failed as
a result of ineffective employee communication, inability to retain key employees and/or failure of
cultural integration.
Depending on the type of transaction, due diligence on employment and human resources aspects
is not just time-consuming but also tricky. As such, employment is inherently local, with local issues
indigenous to each region.
In transactions that span the globe, a targeted international L&E due diligence approach requires
experts to be engaged across different fields, including L&E, compensation and benefits, ethics
and anti-bribery, compliance, human rights, accounting and tax, and immigration. The team must
look out for workers claims, pending or concluded proceedings, turnover of personnel, stability
issues, pattern of bias, discrimination, labour union strikes and lockouts, claims filed with labour
authorities, defined benefit and multi-employer plans, employee health and safety, and so on. In this
global economy, it is highly probable that an M&A will involve expats and foreign personnel, which
also requires immigration and social security experts. Failure to comply with applicable labour laws
or contractual arrangements could lead to long and contentious litigation, and could lead to high
reputational risk. Furthermore, it might damage the necessary trust between employer, employees
and employee representatives.
L&E due diligence should also focus on the information and consultation obligations required to
implement the transaction. Some jurisdictions recognise the doctrine of the continuing employer,
which mandates that the new employer must take over the service seniority and service conditions of
the employees. Employees who are taken over need to be integrated into the existing conditions of
service and benefits, something that could create a challenge, especially if the proposed changes are
detrimental to their interests. Most jurisdictions protect workers’ interests in such situations. M&A
transactions also entail redeployment of resources or a redesign of roles. This could involve playing
with job titles, descriptions and duties, and service conditions. Often, transfers and relocations may be
inevitable given the need to support some functions and reduce head count in other service verticals.
In addition, L&E due diligence should focus on cost-related issues that may have an impact on
price adjustment. In this connection, liabilities found during due diligence may impact the cost.
However, there are also a number of situations in which several workers are not taken over by the
buyer, leading to the seller terminating their employment (unless they can be redeployed) based on
compliance with applicable laws and contractual arrangements. There could be relevant severance
costs associated. In certain countries, this may trigger negotiations with a union or other employee
representatives, or the labour authorities as well.
Finally, L&E due diligence should also focus on executive issues because the implementation of the
deal may lead to a change in the management structure, involving high executive terminations, or
significant changes to contracts of employment and compensation structures applicable to executives.
Termination of service contracts might also be caused by change-of-control clauses.
16 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
Therefore, a global and regional L&E due diligence approach and checklist is needed; a one-size-fits-
all approach does not typically work to create a successful M&A.
5.7 Tax
The main objective of tax due diligence is to identify potential tax risk areas and, to the extent
possible, quantify the related potential tax exposure within the target company. Identified tax risks
can have a significant impact on the market value of the target company and might constitute a
crucial argument in the price negotiation process.
In addition, tax due diligence aims to define which contractual protections should be included in
the legal documents with respect to tax (ie, tax-related provisions, such as tax warranties and tax
indemnities).
The process of tax due diligence involves an investigation of the target company through reviewing
documents and interviewing management. The first step to be taken as part of this process is to
determine: (1) the tax areas to be investigated (this generally includes corporate income tax, value
added tax (VAT)/sales taxes and employee taxes (wage taxes and social security)); (2) the materiality
threshold to be applied; (3) the period to be reviewed (in practice, the last three to five years that
are open for reassessment by the tax authorities are generally taken into account, or otherwise the
relevant statute of limitation period); (4) the scope and depth of the tax due diligence mandate of
the due diligence team; and (5) the format of the tax due diligence report.
5.8. Litigation
In order to define an adequate scope for litigation due diligence, it is important to understand the
economic activity developed by the company under analysis, and the particularities and challenges of
its business. In the context of an M&A transaction, the main purpose of litigation due diligence is to
provide the most accurate information regarding the target’s existing contingencies in order to aid
the buyer to define a fair price to be paid for the company.
It is important to consider that often, the amount involved in a particular litigation proceeding
may be irrelevant to its materiality. Certain claims, for example, may not involve material
amounts; however, they may pose other types of threat to the target, such as negative reputational
consequences, or the creation of a precedent that may influence the outcome of similar existing or
future claims.
In the case in which real estate is involved in an M&A transaction, it is important to first assess
what type of M&A deal it concerns. For example, does it concern the merger or acquisition of
a real property (investment) company or a holding company (with foreign subsidiaries that are
the owner of the real property), or does the real property just come with the deal because, for
example, the target company only has its office there? The answer to these questions determine
the scope of real estate due diligence in the context of M&A transactions, and influence the
time and resources available for this type of due diligence. It also determines the extent to which
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines17
the buyer will rely on the information made available by the seller, and the reps and warranties
stipulated in the purchase agreement.
Typical real estate issues that need to be addressed in real estate due diligence in the context of an
M&A deal are, for example, as follows:
The first step to be taken is the assessment of the real property owned and/or used by the target
company. Therefore, a list with a description of the real property owned and/or used by the target
company needs to be provided by the seller. Then it should be established if the target company is
indeed the legal owner of the property, or in the case of a lease, the lessor is the legal owner. This can
be indicated by an excerpt of the property register or land register, or any other applicable public
register, but should be evidenced by original documentation, such as a notarial deed of transfer of the
property or title search. Further, due diligence should also focus on the existence of any attachment,
lien or encumbrance on the real property, including, but not limited to, option or similar (pre-
emption) rights to purchase the real property, rights of third parties to have access to the property,
and any other restriction on the real property pursuant to public law or private law.
It is of great importance to establish that the construction and use of the real property is in
conformity with the zoning plan in force and the (building) permit(s) granted. Also important is to
know if the competent authorities are in the process of amending this zoning plan or preparing a new
zoning plan, which could detract from the value of the real property.
In the case in which the real property is not owned but leased by the target company, the first aspect
to address is the issue of the assignability of the lease agreement. It could be that the prior approval of
the landlord is required because the envisaged M&A deal results in a change of control of the target
company and could therefore constitute an assignment under the lease agreement or applicable
statutes. It could also be that the lease agreement does not protect the lessee from the risk of early
termination of the lease by a third-party buyer in the event of a sale of the property prior to the
expiration of the lease, or that applicable law does not give the lessee the right to demand a renewal
of the agreement upon its termination. If prior consent of the landlord is required, its conditions
must also be assessed because they could detract from the value of the lease agreement, and, if they
do, it might result in the decision of the buyer to terminate the lease agreement or buy the real
property, if the lease agreement allows for these options.
5.9.4. Taxes
Taxes usually play an important role in the structuring of real estate deals, especially when the
real property is located in foreign countries or held by foreign legal entities. Due diligence should
therefore also focus on tax issues using a specialised tax lawyer. For example, what tax treaties
18 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
and declarations are applicable, and have their conditions been met in order to get, for example,
participation exemption for investment in the foreign property companies, and what are the
consequences of the envisaged M&A deal in relation thereto, potential risks in relation to dividends
that have been distributed, impact of any debt leverage financing, and the like? Another important
tax issue in M&A deals is transfer tax because it might also be incurred if the target company is the
owner of the real property and the shares in the target company will be (partly) purchased by the
buyer, depending on the applicable tax regime.
When the buyer is a foreign person, it is also important to assess whether there are restrictions on
foreign ownership of real estate in the target jurisdictions. Typical restrictions apply to real estate
in border areas, but may have a much broader scope depending on the jurisdiction and type of
property involved.
5.10. Environmental
As environmental law has manifold impacts on all kinds of industrial and business activities,
the object(s) of an M&A transaction will typically be subject to a vast corpus of regulations on
environmental law, involving both risks and opportunities. In many cases, especially when dealing
with large industrial sites located in several jurisdictions, it is virtually impossible to scrutinise all areas
of business and production as to their compliance with environmental law in every single aspect.
Thus, environmental due diligence should focus on issues of relevance for the decisions to be
made in the transaction at hand. What are the decisive factors for tailoring the scope and depth of
environmental due diligence to the needs of the transaction?
First and foremost, one needs to give due consideration to the object and objectives of the relevant
transaction. It makes a great difference whether one is dealing with an industrial plant producing
chemicals or with office buildings of an information technology (IT) company. In the same vein, it
is crucial to understand the objectives underlying the transaction: does the buyer want to continue
production or close down one or several departments? In the first case, environmental due diligence
needs to thoroughly investigate plant permits and technical standards employed. In the latter case,
the main focus is on issues arising in connection with decommissioning of installations.
Another decisive factor for customising the scope of environmental due diligence are the risks
involved in the business activities under review. These will guide the investigator in discerning
between issues that require in-depth examination and those where a rather rudimentary check will
do. For instance, where a company is involved in shipping hazardous waste, the investigator needs
to examine vast and detailed documentation (eg, notifications). By contrast, where companies
are engaged in online services, environmental risks are far lower, hence, reducing the scope of
investigation.
Finally, the scope of environmental due diligence depends considerably on whether and to what extent
a party chooses to rely on documents and data submitted by the counterparty, or whether it prefers to
consult environmental or technical experts independently. In this context, eco management and audit
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines19
schemes may play an important role. In addition, some jurisdictions keep public registers, listing, for
instance, contaminated sites (giving access to environmental reports and analyses), permits for use of
natural resources, or other licences and concessions (eg, under waste law).
With respect to these factors, environmental due diligence in M&A transactions often covers the
following topics: (1) industrial sites (soil and groundwater contamination); (2) operation of plants
and installations (permits and technical standards); (3) specific rights linked to the plants or
their operators (eg, greenhouse gas emission certificates, mining or waste treatment licences, and
concessions to distribute energy); (4) pending proceedings and litigations (eg, in the aftermath
of an industrial accident); and (5) weaknesses and vulnerabilities (eg, due to outdated production
technology and obligations to adapt to newer technology).
5.11. Insurance
In some countries, the insurance and reinsurance markets are regulated and supervised by regulatory
entities that are responsible for establishing core rules applicable to such sectors.
Therefore, if the target company’s corporate purpose involves (re)insurance-related activities (eg,
brokerage), the legal due diligence scope should be broader than usual, and encompass the analysis
of specific regulatory requirements set forth by applicable law and regulation.
For those companies not engaged in (re)insurance-related activities, the main goal of insurance due
diligence is to assess the risk exposure of the target company and its subsidiaries to potential issues
involving insurance matters.
In this case, the purpose of due diligence is to identify: (1) if the company retains mandatory
insurance coverage, if applicable; and (2) with respect to policies purchased by the target company,
the terms and conditions of the coverage, insured amounts and its effectiveness. Notwithstanding,
an insurance broker should always be consulted to assess the risks to which the target company is
exposed and the adequacy of the coverage purchased, vis-à-vis coverage availability in the insurance
market local to the target’s core business, considering its main assets, operations, production and any
other relevant aspects.
By conducting insurance due diligence, liabilities arising from insurance policies of the target may
also be revealed, such as: (1) lack of premium payment, which may result in loss of coverage; (2) non-
purchase of mandatory insurance coverage, which may trigger the application of penalties established
within the insurance legal framework of each location; (3) unpaid or denied claims under the
insurance policies purchased, which may impact on the financial stability of the target; and/or (4)
expired and non-renewed insurance policies, which expose the target to the risks previously covered
by proper insurance.
The lack of proper insurance policies purchased by the target may result in post-transaction liabilities
to the buyer. In order to avoid this issue, the parties under the potential transaction can establish that
certain insurance policies should be contracted and/or renewed, as the case may be, as a condition
precedent to the closing of the transaction.
20 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
It is also important to analyse if the company’s subsidiaries are covered by the insurance policies.
Usually, the parent company is named as a policyholder or insured of the insurance policy, while its
subsidiaries or affiliated companies are named as co-insureds.
Furthermore, insurance policies may contain ‘anti-assignment’ and/or ‘change of control’ provisions
that establish the early termination of the policy in the case in which the insured does not notify the
insurance company of any of such transactions prior to their occurrence, as the insurance company
may consider that the risks covered under the insurance policy have been substantially increased.
If such policies are considered relevant in the buyer’s perspective, then the parties may agree as a
condition precedent to closing that the insured company notifies the respective insurance company/
companies and obtains its/their agreement with the proposed transaction under the same terms and
conditions or upon payment of an additional premium.
5.12. Compliance
Violations of the relevant anti-corruption laws may lead to substantial civil and criminal penalties,
not to mention significant legal defence costs and reputational damage. Effective due diligence can
help a buyer to identify those risks at the same time that it mitigates the risk of liability if they are
discovered later.
Proper compliance due diligence should be risk-based and take into consideration the circumstances
of the target, such as geography, level of interaction with the government and use of third parties.
It typically involves analysing publicly available information, document requests and interviews with
management and key employees, and the target’s compliance programme, aiming at reviewing issues
such as corporate policy for anti-corruption; compliance; privacy and business practices; responsibility
for designing and developing these procedures and maintaining them; existence of a policy or
procedure for employees, agents, brokers, distributors and other stakeholders; role of the company
board; structure of the compliance department; existence of a regular assessment of the risk of non-
compliance; existence of training and education programmes in this field; and so on.
5.13.1. Introduction
The General Assembly of the United Nations adopted the UN Guiding Principles on Business and
Human Rights (the ‘UNGP’) in 2011. The three pillars of this framework are the state duty to protect
human rights, the corporate responsibility to respect human rights and the need for access to remedy
for victims of business-related abuse. According to Guiding Principle 13, business (which includes
law firms) should avoid causing or contributing to adverse human rights impacts through their own
activities, and address such impacts when they occur. Furthermore, they should seek to prevent
or mitigate adverse human rights impacts that are directly linked to their operations, products or
services by their business relationships, even if they have not contributed to those impacts. Guiding
Principles 17–21 set out an obligation to carry out human rights due diligence which, contrary to
the regular due diligence carried out in M&A transactions, focuses on human rights risks a (target)
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines21
company is causing (or is contributing to) concerning third parties, although these risks may
eventually, in a derivative sense, also become risks for the (acquiring) company itself.
Although the UNGP are not legally binding in themselves, they are highly respected and reflected in
the Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational
Enterprises and in legislation in several countries, as well as part of other binding instruments, such
as the Dutch International Responsible Business Conduct Agreement in the garment sector, and
government and public policy. France, for example, has adopted a statutory due diligence obligation
in connection with human rights and labour conditions for larger companies (also for their activities
abroad). The EU has adopted legislation regarding conflict minerals that are imported into the
EU that will come into force on 1 January 2021, also requiring human rights due diligence. Next to
these, the EU Non-Financial Reporting Directive requires EU Member States to implement legislation
requiring large public enterprises to report on human rights policies, risk management approaches
and issues in certain circumstances. Beyond that, for example, the United Kingdom has implemented
a legislative reporting requirement in connection with modern slavery.
Although human rights due diligence is still rarely, and certainly not systematically, carried out in
M&A transactions, overlooking human rights risks may result in legal or regulatory risk, financial risk
and high (reputational) damage for the (acquiring) company. For example, over 40 per cent of the
mining projects in Peru were delayed or even cancelled because of human rights issues resulting in
an overall damage of US$28bn in 2014. Furthermore, human rights issues may impact the ability to
secure equity financial support or investment from development banks or multilateral organisations,
public procurement and export credit guarantees, and there are situations in which debt funding has
been withdrawn from a project following the occurrence of human rights issues or abuses.
Human rights issues may arise in a variety of M&A transactions or scenarios. One may think of the
acquisition of a company or assets, but also of mergers, partnerships and joint ventures.
Although human rights due diligence differs from traditional transactional due diligence,
opportunities do exist to combine them. In that regard, one has to bear in mind that human rights
due diligence should focus on the most severe human rights risks (to others rather than the company
or target itself) and address those first. Obviously, it is up to the client to choose which resources
are most relevant to the transaction and which approach should be adopted, but (external) counsel
can and should advise the client about the use of these resources, and how to develop an approach
that is appropriate for identifying the most salient human rights issues. Local legal advice is likely
to be necessary to develop the structure of an appropriate approach and implementation of due
diligence investigations into human rights risks. Specific expert opinion may also be required on
particular issues, such as stakeholder concerns and/or the views of civil society or local communities.
Lawyers may not be best placed to undertake these aspects or local fact-finding, so it is important to
discuss with the client how to identify and contact skilled local facilitators or other experts. Obviously,
lawyers may still analyse the outcomes of these investigations and advise on their (legal/regulatory
and reputation risk) implications. The likelihood of relevant human rights risks materialising among
others things, depends on: (1) the sector, operating context and country; and (2) the expertise and
22 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
capacity of management to address these identified risks. All of these issues should be taken into
account when carrying out human rights due diligence to assist the client to build up a picture of its
human rights risks.
It is also important to ensure that the documents, information and personnel the acquiring or
merging company has access to is sufficiently wide to allow the buyer to carry out human rights
due diligence that is likely to be necessary in the given circumstances. The scope and timescales
for completion of this type of due diligence may pose different challenges when compared
with traditional due diligence, particularly if a broader range of issues must be considered (and
appropriately sequenced and/or supported by external expertise) to identify and understand the
different sources of human rights risks.
Many different types of human rights risks that may be connected to business activities, for example,
environmental, labour or consumer rights, are covered by local legal regimes and sometimes, also by
legal regimes in the home state of the acquiring or merging company. Thus, general due diligence
questions about legal compliance are also relevant for assessing human rights risks. That said, general
due diligence is not sufficient because, at best, it provides a partial picture of the potential human
rights impacts of a target and the legal, financial and reputational risk these may cause. Even if the
target is fully compliant with local laws, it may still face significant human rights challenges. This
is especially likely if legal standards are below or contrary to internationally recognised standards,
unclear, poorly enforced or, in case of weak governance zones, absent or non-functioning when
considered as part of the broader rule of law environment.
That said, combining these forms of due diligence may give rise to challenges, such as obtaining
timely, high-quality information relevant to human rights risks because of the constraints imposed
by confidentiality agreements between the client and target, and/or, in case of an auction sale
transaction, the terms upon and the manner in which information is made available through a data
room. In such cases, other ways of carrying out human rights due diligence may be necessary (eg,
feedback or engagement through (trusted) third parties) to supplement these traditional forms of
M&A information gathering and sharing.
Beyond this, human rights issues connected to the clients’ business activities may not be expressed,
perceived or analysed in human rights terms either by the client or external stakeholders. Thus,
M&A counsel should be able to identify and understand these issues in their broader context, and
independently from the way the client or external stakeholders frame these issues. In connection with
this, one should be aware that human rights impacts may occur vis-à-vis employees (and employees of
subcontractors), their customers and business partners, in supply chains and local communities, as
well as end users.
An NDA is usually the first document to be signed between a potential buyer and the seller in an
M&A process, especially those that involve due diligence.
Any due diligence process requires the execution of an NDA by the party that will receive
commercially sensitive information in order to avoid the unauthorised disclosure of confidential
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines23
information regarding the disclosing party’s businesses and the existence of any discussions regarding
the project to which the due diligence is related, and the misuse of the confidential information for
any purpose other than the evaluation and analysis of the potential project.
The NDA can typically be structured as a bilateral agreement, to be negotiated and signed by
the receiving and disclosing parties; as an adhesion term, to be fully adhered to and signed by
the receiving party; or a click through agreement, virtually agreed by the receiving party prior to
accessing an online data room.
The NDA should cover any and all information of the disclosing party that is made available to the
receiving party in any form, written or oral, that the disclosing party deems strictly confidential and
privileged, regarding its assets, financial statements, corporate structure, strategies, business, activities
and the segment in which it develops its business, as well as the interest of the parties in such a
project. Usually, the NDA carves out information that is or comes into the public domain or, in any
way other than the breach of the confidentiality obligation, ceases to be of a confidential nature, as
well as any information developed independently by the receiving party or disclosed to it by a third
party without a confidentiality obligation.
The NDA’s obligations may be judicially enforceable by the disclosing party in the case of the
violation of its obligations by the receiving party, so the disclosing party may seek indemnification
for losses and damages caused by the breach of the confidentiality obligation by the receiving party.
However, the indemnified party must generally prove the losses and damages effectively suffered, and
the link of causality existing between such losses and damages and the alleged violation of the NDA.
In some cases, a penalty is negotiated by the parties so that any proved violation of the confidentiality
obligation can be recovered more easily.
Due to the due diligence process, the access to key employees and representatives of the disclosing
party by the receiving party and its advisers is common, so a non-solicit provision is usual. Another
possible request by the disclosing party is a non-compete obligation by the receiving party due to its
access to business-sensitive information of the disclosing party.
Due diligence processes are difficult by nature. The volume of information to be reviewed, the
number of parties involved and the pressure to get it done so that the parties may be able to proceed
to signing as quickly as possible make it a rather challenging exercise. In that context, planning,
organisation and discipline are key.
Once the scope of the legal due diligence is defined, the M&A lawyers in charge of coordinating
the process should spend some time in assembling an appropriate and efficient due diligence team.
24 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
In doing so, the coordinators should think of the focal areas of the diligence, the level of seniority
needed for the task, how many people from each team should be involved, whether there are special
skills required for due diligence and other applicable considerations.
After the team is assembled, and ideally before starting work, the coordinators should hold a first
organisational meeting or conference call to brief the team. In this discussion, the team should be
informed about: (1) the characteristics of the transaction (industry of the buyer and target, type
of transaction and relevance of the stake to be acquired); (2) the expectations of the client, as
previously assessed by the coordinators; (3) potential points of attention that might have already been
identified; (4) mechanics of due diligence; and (5) timeline (as described in more detail below).
The coordinators should also take the opportunity to listen to the areas’ concerns and suggestions to
shape the work to be performed.
During the course of due diligence, it is important to have a focal point in the coordination team to
ease discussions with the different specialist teams involved. This person should be in close contact
with the teams to make sure that due diligence is kept on track and inefficiencies are minimised. This
includes keeping the team informed about the developments of the transaction, potential changes
to the client’s needs and concerns, overview of the different work fronts (including for purposes of
scope and cost control), and any other information deemed necessary or useful to keep the team
engaged and motivated.
After the conclusion of due diligence, the coordinator should take the opportunity to debrief each of
the teams, discussing potential feedback and improvements for future transactions.
In the end, coordinating legal due diligence teams involves dealing with people from different
backgrounds and with different sensitivities and particularities, and getting them to row together
in the same rhythm and direction. Soft skills, such as politeness and good relations, may be just as
important as technical skills.
7.2. Structuring and instructing the team to avoid inappropriate information flows
While the due diligence process is an essential part of the process of disposing of one’s property
(which, as a matter of national law, is often protected under constitutional rules), it is still subject
to competition laws. Competition law issues may arise from due diligence activities where parties
to a potential transaction: (1) are current or potential future competitors, or operate in vertically
linked adjacent parts of the supply chain (eg, a manufacturer and distributor, or distributor and
retailer); and (2) the information to be shared is confidential, and competitively sensitive about the
past activities or future business strategies and competitive strategies of either the target or potential
buyer.
Even if done as part of bona fide due diligence activities with the aim of preparing for an M&A
transaction, competition authorities may treat this type of information exchange as a potentially
serious infringement of competition law. These types of competition law violations can result in
significant financial penalties and, in some jurisdictions, even criminal sanctions. In order to avoid
these negative consequences, it is important to structure the due diligence process and team in a way
that is competition law compliant. This includes thinking about the following topics:
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines25
7.2.1. Avoiding inappropriate information flows
As a part of the due diligence process, information should only be shared if it is necessary for the
purpose of due diligence (evaluating the target in terms of its total value, including assets and –
actual or potential – liabilities, past performance and future market potential). Particularly at a
later stage of the M&A process, parties may wish to start integration planning. While such activities
may be legitimate within a certain framework, they are not part of the due diligence process and
should be organised separately.
• Is the information to be made available appropriate to the stage that the M&A process has
reached?
What is appropriate to be shared may depend on the stage of the process and number of potential
buyers involved. At the beginning of the process, it may be appropriate to make available only
general data (especially to a large group of potential bidders). As the process evolves (and gets
closer to signing) it may be appropriate to make more detailed/sensitive information available to
the remaining (serious) bidders that would allow them to fine-tune their bids.
Sometimes, parties to an M&A process are tempted to discuss the future of the combined entity, in
the process making information concerning the buyer available to the target. This is never part of
due diligence and must be avoided.
Competitively sensitive information (eg, prices, bids and proposals, competitive contract terms,
strategic plans, capital investment plans and employee benefits) may need to be considered.
• Is it possible to present the information in a less competitively sensitive form (eg, historical,
aggregated or blinded)?
Generally, competition law treats the exchange of current, individualised information most
critically as this is most likely to affect future competition. Thus, wherever the purpose of due
diligence can be achieved by making historical and/or aggregated information available to the
potential buyer, this route should be adopted. Members of the team should be required to justify
requests for current, individualised information.
• What will happen to the information shared if the transaction does not proceed?
Effective measures should be put into place to ensure that information is returned after due
diligence is completed (if the recipient does not pursue the deal) or kept appropriately separate
by the buyer until the transaction closes.
26 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
7.2.2. Structure of and behavioural rules for the due diligence team
• Does there exist a clearly defined due diligence team that is subject to an effective NDA?
Information should only be made available to a clearly defined team whose members are subject
to an effective NDA with appropriate procedural rules so as to ensure that information does not
flow to any other individuals in the buyer’s organisation except those that need to review the
information received in the course of due diligence.
• Has the due diligence team received competition law training and/or guidance to identify
potential issues and ensure compliant behaviour?
It is obviously important that the due diligence team be prepared to perform the task.
• Are the individuals receiving the competitively sensitive information responsible for the
competitive activities of the potential buyer?
Members of the buyer’s due diligence team designated to receive competitively sensitive
information should not be currently involved in the competing operations of the buyer.
Where this is not possible, however, a clean team may need to be put together. Clean teams should be
structured as follows: (1) individuals need to be effectively separated from their current tasks (ideally,
the separation should be physical, moving employees to a different location); (2) IT systems and
other means of communication must be effectively separated (eg, put into place a ring-fenced extra/
intranet for the due diligence team); (3) the movement of information – both within the clean team
and from there to other employees of the potential buyer – must be clearly documented; and (4) if
the transaction is not consummated, then those individuals should not for some time (eg, one year)
return to operations that compete with the former target’s business and to information concerning
which they were exposed.
While members of the due diligence team may be effectively separated from the relevant business,
this may be more difficult to achieve with regard to senior decision-makers, both in relation to
the transaction and the strategic positioning of the buyer. Care needs to be taken as to which
information, and at which level of granularity, is made available to such persons, and at which stage of
the process this is done.
An alternative to isolating the relevant employees of the potential buyer may be the use of consultants
from a third party (eg, consulting firm or outside counsel) to evaluate the most sensitive data and
then report aggregated results or conclusions to decision-makers.
The initial due diligence list is usually the starting point of the review process, contemplating
the information and documents requests of the buyer in relation to the target company. In
order to facilitate the buyer’s review of the target, it is not uncommon for the target to provide
the buyer with an information memorandum containing basic information (legal, operational,
etc) about the target. In addition, in competitive processes, in order to tr y to save time,
occasionally the target will disclose a pre-prepared vendor due diligence report put together
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines27
by outside counsel at the request of the target, so as to anticipate key issues to potential buyers
and have them focus on such issues. The extent to which potential buyers actually rely on a
vendor report instead of having their own counsel review the target’s information, however,
may vary from process to process depending on factors such as degree of competitiveness and
timetable of the sale process, quality of the vendor report and whether its authors will allow
potential buyers to rely on it, among others.
A typical legal due diligence information request list starts with a few organisational guidelines for
the target’s representatives to follow during the process, such as: (1) the documents, information
and/or answers to be provided in the data room (or otherwise) should use the same item
numbering as used in the list; (2) any reference to a document should include its amendments,
schedules and any other related documents; and (3) if a request is deemed not applicable by the
target, this answer must be provided. These measures help the analysis and review of documents
and information by the buyer’s advisers, making the process more agile and efficient.
The information request list should be tailored and customised, including and excluding items to
cover: (1) all the initial requests, duly specified, considering the buyer’s concerns in view of the
most common risks and liabilities usually affecting the target’s business, thereby anticipating the
crucial documents and information to be disclosed by the target; and (2) any particularity arising
from the pre-agreed due diligence scope.
Continuing the due diligence process will determine the additional documents, information and
questions that the buyer may consider requesting from the target for review.
Information that relates to the target is made available in the so-called ‘data room’, which is an
integral part of the due diligence process. Although the seller and buyer may have potentially
conflicting objectives, a clean and well-organised data room can add value to the process and bring
certain advantages to both sides by potentially expediting the process and improving its quality. Here
are some suggestions regarding the organisation of the data room:
A consistent naming scheme should be adopted for the documents saved in the target company’s
system in order to avoid difficulties in finding a particular document when uploading the documents
or reviewing the data room itself. For instance, it may be beneficial to name the documents according
to their type, relevant parties and dates, and/or any other element that will help to identify a
document’s content without having to open the file. This would make it easier to organise the data
room and find the documents at a later stage, when needed.
Folders should be created pursuant to the categories to which the documents are related, such as
accounting, human resources and legal. Then, within each category, subfolders should be created
to further divide and organise the documents based on type, content and scope. If the target has
28 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
subsidiaries that are part of the scope of the transaction, a subfolder should be created for each
subsidiary that reflects the same pattern as the target’s folder.
It is important to keep the data room duly updated and reflecting, as much as possible, the ongoing
changes and new circumstances of the target’s business in order to ensure accuracy.
Traditionally, data rooms have been organised in physical rooms in which authorised parties go to
review the target’s sensitive information, that is, a physical data room (PDR). Such a room is usually
located within the target’s premises; however, it is not uncommon for the target to use a room
somewhere else, such as in its lawyer’s office, where it is kept under constant surveillance. Because
this type of data room is in a physical location, the information should be reviewed in person.
While this ensures confidential information is not easily leaked, it creates additional costs and
inconvenience.
Nowadays, however, most data rooms are organised electronically – ‘virtual data rooms’ (VDRs) – in
which the target’s files are disclosed digitally. When the data room is in the form of a VDR, there is no
need to mobilise a party’s team to review the documents in loco; each member of the team can simply
be given access to the VDR’s specific files and review them in the comfort and convenience of his or
her own desk.
Moreover, through a VDR, multiple teams may easily access the same data simultaneously, which
facilitates competitive bidding processes.
To ensure security, some VDRs can block downloading and printing of the files, and access can be
revoked whenever necessary. Additionally, the VDR can register who has accessed files, when they
have done so and which documents have been accessed (which may allow the seller to identify
the most serious participants in the context of a competitive process, for instance), and the target
may be able to specify different access configurations for each group of individuals involved (legal,
accounting, financial and management), as well as restrict access to certain documents to be disclosed
only during the second stage of due diligence.
Information to be used when organising and uploading the data room must be strictly the target’s
truthful and complete information.
7.5. Managing timetables, weekly calls, Q&A and red flag warnings
A pre-agreed timetable between all the parties involved in the process (including the target, buyer,
and legal and financial advisers) will help to ensure a smooth process, while a constructive and
continuous dialogue between the parties involved and their advisers during the due diligence
exercise can help to reduce information asymmetry.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines29
7.5.1. Timetables
A well-structured timetable typically lists the main steps of the due diligence process, including the
execution of the NDA, distribution of the information memorandum, opening of the data room,
periodic delivery of question and answer (Q&A) lists, periodic conference calls, and delivery of
preliminary and final due diligence reports, specifying dates and parties involved in each step. In
competitive bidding processes, the target’s financial advisers may distribute process letters to bidders
communicating basic rules that will apply to the process, including important dates and deadlines to
be complied with.
Weekly calls allow the buyer to get closer to the seller and target, as well as have a better
understanding of the key findings of due diligence so as to help the parties adhere to the pre-agreed
timetable.
7.5.3. Q&A
During the course of the due diligence process, and based on the information and documentation
provided by the target and seller, the buyer’s advisers may send periodic (eg, weekly) lists of questions
to the seller and target in order to request additional or complementary documents, or even most
importantly, seek clarification regarding specific information provided by the target and seller.
Such Q&A lists allow the buyer to carry out tailor-made due diligence and focus on the main issues:
the issues that deserve special attention due to their potential impact on the transaction. This process
will develop through the entire due diligence exercise, and it is expected that, at each Q&A round,
the asymmetry of information is reduced. However, in order to have a satisfactory result, it is essential
to have the target’s key management and the seller directly involved in providing the information so
requested in the Q&A lists.
During the course of the due diligence process, the buyer’s counsel should keep the buyer appraised
of any issues discovered that may potentially impact the feasibility of the transaction or materially
affect its negotiation. Such red flag warnings should be made on a frequent basis (eg, weekly, or even
in shorter intervals), so that the deal team may be fully aware of them as they negotiate with the seller.
Examples of red flag warnings typically include: (1) in the corporate area, the existence of other
shareholders of the target having rights of first refusal or tag-along rights; (2) in the contracts
area, the need for third-party consent for the transaction, and the consequences of concluding the
deal without having obtained them; (3) in the labour and employment area, individuals having
been retained by the target not as regular employees but under alternative arrangements, such
as independent contractors, temporary workers, service providers, freelancers, contract labour,
outsourced vendors, trainees, interns and so on, giving rise to hidden contingencies and liabilities;
(4) in the tax area, the target appearing to be effectively managed outside the jurisdiction of which
it claims to be a tax resident, attracting several risks, among which, the risk of taxation in the country
30 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
where it is effectively managed, and attracting the risk of not being entitled to tax treaty benefits
claimed under a tax treaty with the jurisdiction of which it claims to be a tax resident; (5) in the
litigation area, proceedings that may disrupt, suspend or impede the development of the main activity
of the target; (6) in the environmental area, findings that fundamentally endanger the transaction
as a whole, such as the imminent expiry or withdrawal of a permit for a factory, a ban on a crucial
product, or a massive contamination or liability issue; and (7) in the compliance area, falsified
invoices, undocumented cashflows, disguised cashflows, unusually high commission payments, ties
with governmental officials and so on.
Management presentations typically include an operational and financial overview of the target, and
a review of the assumptions used in the financial projections, giving the target’s management an
opportunity to highlight certain key points. It is part of the preliminary stage of due diligence, and
usually gives potential buyers insight into the skills and mindset of the target’s managers.
When attending management presentations, the buyer’s team should have analysed most, if not all,
of the preliminary information disclosed by the target and seller, such as the teaser or executive
summary, confidential information memorandum and process letter, as well as the first set of
documents made available in the data room. Based on this analysis, the team should put together
a high-level list of questions or issues (ten to 20 questions at the most) to address throughout the
management presentation. If possible, the list should be sent to the target’s management a few days
before the presentation so that they can prepare themselves and address the relevant questions in the
presentation. In the case in which this is not possible, the buyer’s team should be prepared to narrow
down certain key questions to address during the Q&A section of the presentation.
In due diligence, conducting interviews can play a vital role. Employees could have information
crucial to the investigation and counsel will probably want them to answer as many questions as they
may have.
However, counsel must bear in mind that the employees being interviewed might have several reasons
not to answer all questions. First, they may be contractually obligated to confidentiality. Depending
on what has been agreed upon with the party being investigated, this may or may not pose a problem,
but it is good to keep in mind. In addition, depending on the country, the results of the interview
could be privileged. It is important to ascertain this beforehand and inform the client and the
employee being interviewed.
Employees may have a right not to incriminate themselves, which means that they may not have to
answer questions the answers to which might lead to them being criminally prosecuted. For example,
when questioning employees about tax compliance, they might reveal that they themselves had
something to do with shady invoices, cashflow to an offshore company that has not been recorded, or
bribery. Inform the employee whether or not the interview could be used against him or her in civil
or criminal proceedings.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines31
It is important to discuss these rights and obligations with employees before starting an interview,
especially so because most interviews are recorded (either on paper or audio/video). It is also good
to discuss with employees their right to have an attorney assist during the interview. By doing so,
discussions about the usability of the result of the interview can be prevented.
While the primary obligation of the lawyer for a company in due diligence is to the client, it is
important to remind other parties of their rights as they might not know them.
The format is very important in the preparation of the final report. Usually, smaller reports are
prepared by different teams within a law firm, each one indicating the findings of the respective areas
of law. When consolidating the document, the coordinator within the firm will adjust all of these into
one cohesive document in the format previously agreed with the client. There are different types of
report that can be used. Nevertheless, they are usually divided into four parts: a disclaimer section, an
executive summary of the report, the report itself and schedules.
7.8.1. Disclaimers
The legal due diligence report should contain proper disclaimers that contextualise the purposes for
and circumstances under which the report was prepared. Usually, such legal reviews are conducted
in accordance with a previously agreed scope (that should be indicated in the report), refer only
to certain legal aspects of the target, and are not intended to be, and should not be construed as,
a legal opinion on the matters contained therein. Typical disclaimers include, among others: (1)
an indication that the report has been prepared solely for the use of the client in the context of
the transaction and should not be disclosed to or relied upon for any other party or purpose; (2)
indication that, except if expressly indicated otherwise, the information in the report derives from a
review of the documents disclosed by the target and no independent research during the legal due
diligence process was conducted; and (3) an indication that it was assumed that documents provided
were executed and signed by all the parties thereto, conform to the originals, and were true, accurate,
complete and not misleading, and the like.
The main points of attention of which the client should be informed are summarised in an executive
summary so as to allow the client to have a quick overview of the target. The executive summary
typically has just a few pages and does not describe matters in full detail.
7.8.3. Report
The report usually describes, in a complete manner, the most important issues involving the target
as found during the course of legal due diligence. It may also contain specific recommendations in
order to help the buyer to mitigate or deal with such issues following the closing of the transaction.
32 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
7.8.4. Schedules
Depending on the buyer’s needs, counsel may be required to attach to the report detailed
information, or a summary of each document or set of documents reviewed, for the record and so
that the buyer may use that information while managing the target’s matters following the closing of
the transaction.
In a typical due diligence process, at an advanced stage (eg, when 80 per cent or so of the
information has already been reviewed), the buyer’s counsel will deliver to the buyer a preliminary
legal due diligence report (including the aforementioned four parts) so as to allow the buyer to
perform a more thorough review of the target’s issues, be able to make more informed decisions
within the scope of the negotiations with the seller, and, when necessary, push the seller to disclose
more information about the target. Then, once the buyer’s counsel has been able to finally conclude
its review, it will update the report and deliver a final version thereof to the buyer.
In the context of financed acquisitions, financial institutions that are proposing to finance the
acquisition may request that they review the legal due diligence report prepared by the buyer’s
legal advisers. Delivering or consenting to such a delivery may, however, potentially expose such
legal advisers to liability. In view of that, law firms are well advised to take certain precautions before
delivering or consenting to the delivery of their reports.
First, it is important to confirm that the legal due diligence report contains proper disclaimers that
contextualise the purposes for and circumstances under which the report was prepared.
Second, before delivering their report or consenting to such a delivery, law firms should: (1) become
comfortable with whom they are delivering it to (eg, that the recipients are reputable financial
institutions); and (2) request that such recipients execute a letter acknowledging and accepting certain
terms and conditions for them to be able to receive and, as the case may be, rely on the report.
The law firm may be requested to deliver or consent to the delivery of its report on a non-reliance
basis. In this case, the law firm should request that the recipients execute a non-reliance letter, expressly
accepting and agreeing that the report is not to be relied upon by such recipients for any purpose.
If and when the financial institutions that will finance the acquisition request that they receive the
legal due diligence report on a reliance basis, in addition to the precautions mentioned above, law
firms, in order to protect themselves, typically request such financial institutions to execute reliance
letters that contextualise the purposes for and circumstances under which the report was prepared,
and setting forth certain assumptions, limitations and qualifications. Typical conditions include,
among many others, that allowing financial institutions to rely on the report does not create a lawyer-
client relationship between the law firm and financial institution; that liability of the law firm is to be
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines33
limited to a certain amount; and that claims may only be brought against the law firm within a limited
period of time following delivery of the report (eg, one year).
Last but not least, when negotiating reliance letters, law firms should give careful consideration to
which law should govern them and where disputes arising out of such letters may be resolved so that
they are not inadvertently subject to unfavourable jurisdictions or laws.
As leaders of the legal due diligence exercise, M&A lawyers will often have to coordinate with other
experts in different fields. Such coordination is key so that the process may run smoothly and all
experts involved may be on track to make their contributions aligned with the timetable for the
transaction, thereby avoiding unnecessary delays. In addition, close coordination among all experts
involved may mitigate the risk of misunderstandings and communication failures between due
diligence teams and the team negotiating the deal, which could potentially create inefficiencies or
even jeopardise the transaction. Financial advisers, accounting firms, forensics experts, environmental
experts and client internal experts are just a few of the many other experts that could be involved in
due diligence.
Coordination with the buyer’s financial advisers is very important throughout the entire due
diligence process so that any risks, contingencies or liabilities may be duly considered in a timely
manner in the financial model used to inform the negotiation of the deal.
An accounting firm will typically be in charge of reviewing the target’s accounting, tax and labour,
employment and social security routines and procedures in order to identify possible contingencies
and liabilities that may affect the target, and therefore need to be considered by the buyer and its
advisers while evaluating the target, and negotiating the terms and conditions of the deal with the
seller. Close coordination between the lead law firm and accounting firm is important so that the
accounting firm may be able to properly evaluate and weigh the risk of loss of each contingency
identified and adequately report it to the buyer and its financial advisers.
In forensic due diligence the stakes could be high. Uncovered risks could have serious consequences
in ways of financial damage, erosion of faith in the target and reputation damage. Therefore, the
aforementioned experts need to work under the lead law firm’s legal privilege. By doing this, the law
firm maintains control of the flow of information and the outcome of due diligence.
34 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
which are regularly evaluated by public authorities, and may even contain soil mappings and statements
by environmental or technical experts, these sources of information are typically insufficient for the
purposes of environmental due diligence: while they do help with the understanding of the problem,
they do not offer sufficient data for the assessment of the costs and alternatives for possible solutions
and remediation measures. The same holds true for understanding problems identified in the context
of pending permit proceedings or litigation in the aftermath of the discharge of hazardous waste.
Thus, when undertaking environmental due diligence, it is essential to consult with environmental and
technical experts. Again, the need for technical or scientific expertise is not necessarily limited to issues
of soil or groundwater. Expertise may also be needed in regards to processing materials. This applies
especially to those jurisdictions in which recent or forthcoming legislation requires regular adaptation
to best available techniques.
Involving the client’s internal experts is also a crucial and delicate step in the due diligence process.
Outside counsel must help the client to identify the type of expertise required for a specific diligence
exercise (usually tax, controllership, environmental, compliance, regulatory, IP and employment
experts are involved) and assist it in coordinating the efforts of the internal subject matter experts.
A successful due diligence exercise requires that the internal experts not only have deep subject
matter expertise on their topic but also a general sense of how their area interplays with the other
specialised areas and fits within the overall deal structure to be able to contextualise individual facts
in light of the overall deal goals, and understand when to flag and/or discuss an issue with a different
subject matter expert.
A frequent issue in due diligence is restricting communications and involvement in the process
to only a few key resources because of concerns over confidentiality. However, there are ways to
effectively address the need for confidentiality while ensuring the involvement of a qualified team of
experts in the process.
7.11.1. Introduction
Although due diligence exercises vary from deal to deal, those that involve multiple jurisdictions
often introduce a range of challenges, including coordinating multiple law firms in multi-
jurisdictional due diligence processes that increase the scale and complexity of the undertaking.
To better meet clients’ objectives, practitioners must be flexible in their approach to due diligence
and knowledgeable about the types of issues that may arise in other jurisdictions but not the home
jurisdiction, and vice versa (ie, issues that may arise in the home jurisdiction, but not others).
Factors that may inform the proper scope of the due diligence investigation in a particular
jurisdiction include the target company’s industry; the client’s institutional experience and comfort
level with the jurisdiction; endogenous and exogenous time constraints on the due diligence process;
and the client’s budget for the transaction or the particular stage of the transaction process.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines35
Particularly in competitive auction situations, practitioners must be cognisant of local norms in each
jurisdiction in which due diligence is being conducted. The parties may come from different cultural
backgrounds, speak different languages or have different business practices. If due diligence requests
appear to be unreasonable or burdensome in the eyes of the target company or its advisers, the
buyer’s offer could be viewed as less attractive.
Target companies that operate in multiple jurisdictions may be subject to multiple, and sometimes
contradictory, legal regimes. Practitioners should also be aware of the areas of due diligence in which
United States and European buyers are increasing their focus and laws may have extraterritorial
reach, including data privacy and protection, antitrust, cybersecurity and compliance with anti-
corruption laws, and export and sanctions laws.
Labour and employment laws vary significantly from jurisdiction to jurisdiction and, in some
cases, allow target company employees to wield considerable leverage in a transaction, especially
if the buyer is expecting to realise employment-related cost synergies. In certain jurisdictions,
such as France and Germany, labour unions and works councils may have consultation and
consent rights in the acquisition context. In addition, many civil law countries in Europe, China
and Brazil require a minimum amount of severance to be paid to an employee that is terminated
without cause. Other countries may limit an employer’s ability to lay off employees or unilaterally
change the terms of employment.
In the US, the time it takes to obtain constitutional documents and other information publicly available
depends on the US state at issue. For example, documents filed with the Secretary of State of Delaware
and certificates requested from the Secretary of State of Delaware are available on the same day as the
request. If a document needs to be apostilled, the Secretary of State of Delaware will provide it in one
to two business days. By contrast, the foregoing information is not as readily available from all US states
and, as a result, time must be built into the due diligence schedule to allow for the time necessary to
obtain the documents.
Practitioners should also evaluate whether the transaction structure selected by the buyer may trigger
additional regulatory approvals in a particular jurisdiction that would otherwise not be required if a
different transaction structure were implemented.
Managing a multi-jurisdictional due diligence legal team can present significant substantive and
organisational challenges. Each due diligence process is unique and should be tailored to the
transaction for which it is being done, including, in particular, the target’s industry, the scale of the
target business or assets to be evaluated, and the number of jurisdictions potentially implicated. In
every case, however, careful attention to the following key issues can help to ensure that the process is
effective and efficient.
The composition of the local counsel team should be driven by the geographic scale of the
transaction, nature of the target’s business, potential business risks and other types of liability at
issue, and the client’s budget and tolerance for risk. In general, a useful starting point is to retain
local counsel in every jurisdiction where the target business has: (1) facilities or other significant
36 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
assets; or (2) material sales, whether the target itself sells products or services in the country, sells to
distributors or other intermediaries who make sales, or from which the target makes sales into other
jurisdictions.
Local counsel should be selected based on the particular issues and risks in the relevant jurisdiction
and, ideally, should have extensive experience in cross-border due diligence projects.
It is also important to ensure that an internal client team is put in place to both ensure that the due
diligence process accomplishes what it needs to, and also to evaluate the results of the due diligence
effort once the process is underway.
Regardless of the ultimate size of the local counsel team, one person (or firm) should be made
responsible for coordinating the overall process. This central coordinator must have visibility across
all due diligence work streams and jurisdictions, and be responsible for ensuring that the results are
reported in a consolidated and consistent manner to the client.
The scope of due diligence to be conducted in any particular jurisdiction should be clearly defined
at the outset, including topics and issues to be addressed, and the budget for those efforts. For each
jurisdiction, the coordinating counsel should provide clear assignments of responsibility to business,
financial and legal work streams.
The coordinating lawyer or firm should hold an ‘all-hands’ due diligence kick-off meeting or
conference call to ensure that all jurisdictions and work streams understand their responsibilities,
priorities, deadlines and the manner in which results should be reported. Regular update conference
calls should also be held throughout the process so that each work stream and jurisdiction can
provide status reports, and important information can be shared.
7.11.5. Beware local legal differences: legal privilege, data privacy and more
Variations in local legal regimes can significantly complicate and delay due diligence processes, so
it is critical to identify and evaluate these potential issues as early in the process as possible. Key
issues that routinely arise in a multi-jurisdictional due diligence process are legal privilege and,
increasingly, data privacy.
The circumstances under which attorney-client communications and attorney work product
are privileged and protected from discovery by government agencies and third-parties can vary
significantly from one jurisdiction to another. US laws about privilege differ from those of the EU,
its Member States and other jurisdictions. For example, in many jurisdictions, including the EU and
its Member States, the advice of a company’s internal counsel is not protected by legal privilege. The
disclosure of legally privileged materials in one jurisdiction can have significant implications in other
jurisdictions. In certain circumstances, the disclosure of documents or information in one jurisdiction
may waive the client’s right to claim privilege over those materials in another jurisdiction (eg, the US)
where they would otherwise be privileged.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines37
The risk of an inadvertent legal privilege waiver can often be managed with careful planning and
organisation. For example, clearly marking internal documents, information and reports prepared by
the client to assist external counsel as ‘Information prepared at the request of [relevant law firm] for
the purpose of legal advice’ is an effective strategy in many jurisdictions. Local counsel in jurisdictions
where there is waiver risk should advise on to how to structure the local process to protect privilege.
A growing number of jurisdictions have implemented privacy and data protection laws that limit the
manner in which certain types of information can be shared with third parties and across different
jurisdictions. Local counsel in each relevant jurisdiction should be consulted as early as possible in
the process to determine whether any such rules might apply in their jurisdiction.
Particularly where the target may have sales or operations in jurisdictions other than those where the
client operates, local counsel should be consulted to confirm whether there are any unique local laws
that may either be a relevant topic for substantive evaluation as part of the due diligence process or
may impact the process by which due diligence should be conducted.
8. Artificial intelligence?
8.1. Introduction
When, in 1950, mathematician Alan Turing asked, ‘Can machines think?’, he did not imagine that
this question would trigger decades of research and the rise of an entire new market. Artificial
intelligence (AI), is ‘[t]he theory and development of computer systems able to perform tasks
normally requiring human intelligence, such as visual perception, speech recognition, decision-
making, and translation between languages’.1 The progress from Siri to self-driving cars that has taken
place within a rather short span of time shows that AI is developing rapidly, improving our lives in
many ways.
Although it is not very likely (at least not for the time being) that AI will ever fully replace human
lawyers, there are certain areas in the legal profession that would benefit greatly from the use of AI;2
due diligence is one of them and this will be illustrated briefly in the following.
In order to ensure competitiveness, more and more law firms have started to use AI software for
due diligence. There is a very high demand for legal services, however, clients expect lawyers to do
the work in a very short period of time and they are not willing to spend a great deal of money on
low-value added services. The media discussion about AI has gravitated heavily around the idea that
machines will soon replace human labour, leaving humans with nothing to do, or at best forcing
humankind to become data scientists. If indeed technological development is inflecting the job
market by making some jobs obsolete while creating new ones, the truth is that AI is not about to
automate legal professions. Rather, it aims to complement human intelligence.
38 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
Manual due diligence is getting harder and harder; usually there is way too much data to
review everything, so you do not know what you will find and what you miss; the sources can be
geographically dispersed; and doing due diligence manually is prone to errors. This is where AI can
be particularly helpful for lawyers; instead of a reviewing hundreds, or even thousands, of documents
(which is not only a costly but also burdensome and tedious process), lawyers can focus on legal
analysis. In addition, assigning the tedious tasks to a platform with AI capabilities would arguably
better attract and retain top talent, which is an issue that has plagued the sector for years.
What does AI do in the due diligence process and how can it help? Machine learning systems are
extremely good at digesting data, drawing out significant patterns and correlations at near-instant
speeds. This is what makes them perfect for tasks like due diligence that involve the repetitive
processing of large volumes of information.3 AI is able to assist the lawyer in identifying, classifying,
organising, prioritising and highlighting documents that are relevant in the context of the transaction
and can therefore help to save a great deal of time and money.
Not only lawyers but also the buying and selling side of the transaction can benefit from the
application of AI software in the due diligence process. The accuracy of the extracted information
leads to the minimisation of liabilities and risks for the seller; furthermore, it is easy to keep control
over what goes into the virtual data room and protect IP, confidential information or privacy-
sensitive information by using pseudonyms. The issue of liability and risk minimisation is also highly
relevant for the buyer’s side. In addition, the post-transaction integration process and process for the
verification of reps and warranties is improved greatly by the broad access of information.4
As already mentioned, AI can certainly be used to improve the due diligence process; however, the
use of AI implies certain risks.
One of the main problems that AI software users face is that hardly anyone really knows what
the program is doing exactly and how it gets its results, except the few people that developed the
software, of course. However, lawyers that use AI for due diligence usually only see the results,
but they have to keep in mind that mistakes can still be caused by a failure in the software or by
insufficient training of the program; it might, for example, occur that the system overlooks or
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines39
misinterprets certain documents that contain ambiguous or not highly standardised terms.5 This leads
us to a second level of the problem, which is that the firm is obviously exposed to liability in this case;
another question is whether the software manufacturer could be liable too.
The carrying out of due diligence by a lawyer is always supposed to be a certain insurance, and risk
transfer for the involved parties of a transaction: by paying a lawyer to do the due diligence, the client
usually aims to outsource his own risk.
There are multiple ways to approach the topic of risk and liability: one simple solution is that the
law firm that is carrying out the due diligence takes out insurance and assumes the full risk. Because
the carrying out of due diligence with the help of AI software saves a great deal of money, it is also
conceivable that the law firm passes on the cost advantage to the customer, who can choose an AI
program itself; however, it has to assume the full risk. Another possible approach is that the law
firm passes on the cost advantage to the customer, but (unlike the second approach) it can choose
the program and has to assume the full risk; the client has to pay a risk premium as compensation.
Furthermore, it is possible for the lawyer who is using AI for due diligence to avoid any liability by
including a disclaimer. Because the client can save a rather large amount of money if AI software is
used for the due diligence process, it can be expected that it is very likely that the client is going to
accept the disclaimer and is willing to assume the full risk itself.
Finally, a further question law firms face is whether or not they have to inform the client about
the use of an AI software in the due diligence process. Can the client expect that only lawyers or
associates are responsible for carrying out the due diligence? Particularly because AI is not yet very
widely common, and people are still sceptical about it, this question is not an easy one to answer.
Another issue that has to be kept in mind is security and confidentiality; even though AI systems are
highly secure, law firms that use AI software could be the subject of cyberattacks, the platform might
be hacked or infected with malware.
IBM Watson is a data analytics processor that uses NLP. Today, IBM Watson is used in many industry
sectors.
What makes IBM Watson stand out compared with other analytics software is its direct relevance to
business problem solving. It uses cognitive learning practices that combine the data analytics and
statistical reasoning of machines with uniquely human qualities, such as self-directed goals, common
sense and ethical values. There are various versions of Watson to address specific business concerns.6
Watson also plays a key role in managing unstructured data. It is able to process unstructured text
and documentation by ‘learning’ a subject by pairing questions and answers after the user loads all
related materials. The platform is capable of processing millions of documents, and reading 800
million pages of data per second.
5 See Javier Tortuero, Artificial Intelligence and M&A Due Diligence Current Trends, 3, http://www.nysba.org/Sections/International/Events/2017/
Corporate_Wedding_Bells_Cross-Border_Mergers_and_Acquisitions/Coursebook/Panel_2/ARTIFICIAL_INTELLIGENCE_AND_MA_DUE_
DILIGENCE_CURRENT_TRENDS.html accessed 28 February 2018.
6 See www.techrepublic.com/article/ibm-watson-the-smart-persons-guide accessed 30 July 2018.
40 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
One of Watson’s applications is called ‘Financial Crimes Alerts Insight with Watson’. The program
is able to help lawyers and financial institutions to meet regulatory anti-money laundering (AML)
requirements and spot financial crime. Watson has been trained to understand complex legislation
and manage financial risk. IBM’s program can perform case investigations for AML alerts significantly
faster than any human ever could, moreover, the amount of false positives (red flags that turn out
to be innocent) can be reduced. Overall, Watson is able to improve the efficiency of manual, time-
consuming tasks; instead, law firms and banks can utilise their staff for high-value critical business
decisions rather than mundane work.
Other AI programs that can be used for due diligence include Luminance, Kira Systems and ZyLAB.
Data room providers such as Drooms started to combine AI in their platforms in order to perform
analysis of documents, and their potential risks and opportunities directly within the data room.
8.5. Conclusion
To summarise, it can be said that AI will most likely play a key role in the due diligence process in
the near future, although it should only be regarded as a helpful tool, not a substitute for lawyers.
However, it can help them to reduce their repetitive workflows. The reduction of cost and time that
goes hand in hand with the implementation of AI in the due diligence process will probably be the
main reason for law firms to adopt AI solutions. It is important for law firms to be mindful of the risks
and liability issues when choosing AI programs.
However, no matter how the use of AI in the due diligence process is going to evolve in the future,
it is important to note that the trend to forego due diligence at all or only perform very poor due
diligence is clearly the wrong approach and not responsible at all.
Due diligence findings are key to negotiations around price retention and escrow because these are, in
principle, the most liquid guarantees that the buyer will have in respect to indemnification owed by the
seller. Ideally (for the buyer), the amount of price retention and escrow should cover the amount involved
in contingencies identified during due diligence, and also take into consideration hidden contingencies
that were not identified during due diligence. Additionally, the release of price retention or escrow should
take into consideration the expected time of the materialisation of the contingencies identified during
due diligence, and, if possible, create mechanisms for the further retention of amounts related to specific
materialised contingencies that for some reason will take longer to finalise in the discussion and result in
an indemnifiable loss to buyer (eg, tax judicial proceedings in certain jurisdictions can take many years to
reach a final result). Price retention (holdback by the buyer) is usually preferable for the buyer in relation
to escrow because the buyer remains in control of the proceeds. Depositing a portion of the deferred price
in escrow provides additional payment certainty for the seller, but also involves costs associated with the
fees of the escrow agent, the negotiation of the escrow agreement, and analysis of potential tax impacts
that depend on the holder of the escrow account (buyer or seller).
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines41
9.2. Reps and warranties
Reps and warranties and due diligence findings walk hand in hand: the findings are extremely
important for negotiating the package of reps and warranties of the seller. The findings enable the
buyer to request specific reps and warranties of the seller that may not be covered in a standard set of
reps and warranties, and also to double check the disclosure schedules to be prepared by the seller.
This will be particularly relevant if the indemnification revolves around breach of reps and warranties,
and not a ‘my watch/your watch’ catch-all mechanism that is common in certain jurisdictions. The
buyer will push for detailed and objective reps and warranties, not leaving room for subjectivity or
interpretations in determining if there was a loss arising from a breach of reps and warranties.
As mentioned above, breach of reps and warranties is the cornerstone of indemnity in a vast number
of M&As transactions, and reps and warranties are inexorably tied to due diligence findings.
However, regardless of the indemnity revolving around breach of reps and warranties or a ‘your
watch/my watch’ catch-all mechanism, due diligence findings are relevant to other indemnification
clauses of a purchase agreement. In the same manner that the contingencies identified during due
diligence assist the buyer in negotiating the size and release of a deferred purchase price, it also
assists in negotiating the indemnification financial and time limitations. The indemnification cap
should take into consideration the total number of contingencies identified (and also leave room
for hidden contingencies); basket and de minimis should consider the nature and amounts involved
in the individual contingencies; and time limits should take into consideration the nature of the
contingencies vis-à-vis statutes of limitations of the applicable jurisdiction.
In certain jurisdictions, it is becoming more and more common for the buyer and/or seller to
contract reps and warranties insurance, assisting in protection from financial loss in the event of
breaches or inaccuracies in reps and warranties. The findings of due diligence, and the number of
contingencies identified, assist in selecting and negotiating the insurance coverage, and the premium
involved in purchasing it.
Prior to signing, it is important that the legal advisers of the parties involved double check the power
of the signatories of each signing party. Using corporate documents made available during due
diligence should assist the buyer in performing such checks, but it should not be a substitution for
requesting updated documentation that attests the power of the signatories immediately prior to
closing. Needless to say, this should also be done by the seller and its legal advisers, regardless of the
fact that no due diligence of the buyer was performed.
42 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
10. How to perform due diligence where US, EU, UN and/or UK
sanctions are in place?
Moreover, there are lists of individuals, organisations and institutions that are barred from either
investing or forming associations by entities from the sanction-imposing countries. They are classified
as ‘Specially Designated Nationals’ (SDN). Their names and details are published by the sanction-
imposing countries from time to time.
From the context described above, it is clear that it is extremely important that companies that wish to
do business/undertake commercial activities in the aforesaid 70-odd countries must carry out detailed
due diligence before acquiring any company, or even dealing with any entity located in the sanctioned
countries. This is because any breach of sanction terms may cost the loss of investment or business.
Before undertaking any commercial activity in the sanctioned country, generally speaking, the
following actions should be carried out: (1) conduct comprehensive due diligence in a pre-devised
format; (2) compile the SDN list through a professional agency; (3) clearly identify the final end-
customer in the sanction country to ensure that it is not involved with the SDN list of banned persons;
(4) prepare recusal for citizens of sanction-imposing countries working in a country that is outside
the sanction if the intention is to do business with a sanctioned country; (5) prepare detailed board
agenda papers for board meetings and minutes; and (6) take a view on whether the provisions of
sanctions are being complied with in letter and spirit.
It is possible to do business in sanctioned countries provided specific trade licences are obtained from
the regulatory authorities in the countries imposing the sanctions. For example, in the case of the US,
approval can be obtained from the Office of Foreign Assets Control (OFAC). Similarly, in respect of
UK sanctions, trade licences can be obtained from the Export Control Organisation (ECO).
As explained earlier, conducting detailed due diligence that considers the letter and spirit of
sanctions is extremely important. In the following are some of the parameters that need to be
considered while conducting such due diligence.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines43
1. Confirm the identity and location of the customer, end-user and any other third-party involved
in the transaction (eg, freight forwarders, transporters and agents). This is to identify whether
a direct/indirect customer or other party involved in the transaction is an SDN. This is also to
identify whether there is an elevated risk of the product being put to a prohibited end use and
whether more complex restrictions on dealing with sanctioned territory/persons are triggered.
2. Confirm the ultimate ownership of each counterparty (shareholders and group parent
companies), any known affiliates (companies known to be under the same control) and how
information on ultimate ownership has been verified (eg, company records and the internet).
This is to ensure that the corporate veil is pierced to understand the ultimate beneficial
ownership, not only extending to companies owned/controlled by an SDN but also by the
subsidiary/controlled entity of the SDN. This information will also assist with the analysis of
risk regarding the end-user to ascertain if a customer/end-user is owned or controlled by a
government authority in a sensitive destination, or perhaps by a parent company active in
an unrelated and sensitive sector, such as defence, or if there is some other discrepancy that
undermines the credibility of the customer/end-user ‘story’.
3. Confirm the identity of directors of each counterparty, and contact a person at each
counterparty. This is to confirm that the parties do not fall under the SDN category, which
should be verified independently, and the accuracy of the information should be ensured.
4. Confirm whether these are new counterparties or if there is an existing relationship and, if so,
verify the length of the relationship. This is to verify whether new customers can be typically
considered ‘higher-risk’ because less background information is known about them by the other
party, requiring, as appropriate, a greater degree of scrutiny than for an existing customer.
Conversely, where an existing customer inexplicably changes the payment details/route (eg,
requesting that a different entity be invoiced), this would require greater scrutiny.
5. Verify, if the customer/end-user is new, how the sales opportunity was identified. This seeks to
identify whether the channel through which the opportunity arose gives rise to any suspicions.
6. Verify whether there is a contract in place to cover a particular transaction, including details such
as term, value, volume and nature of the product. This is to ensure that there is no reluctance on
the part of the customer to enter into a formal contract, and there is no desire to conceal its true
identity or keep the transaction secret.
7. Verify the nature of the product. This is to understand whether the product is subject to arms
embargoes, general export control restrictions or specific sanctions regimes.
8. Confirm whether any non-standard modifications to the product have been requested and, if
so, what is their nature? In particular, any requests made for armour to be fitted to a vehicle,
or any fittings for a carriage or equipment that are potentially military or riot control-related
modifications. This is to ensure that there are no non-standard modifications that can be used to
oppress civilians.
9. Verify whether there are routine support services provided under the contract (eg, routine
installation and maintenance) and if not, why. This is to verify whether a customer has
opted out of standard support services, implying that the customer does not intend to use
44 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
the product in the usual manner or intends to transfer the product to a third-party without
informing the supplier.
10. Determine whether there are any non-standard services being requested and, if so, the details.
This is to ensure that such non-standard modifications are not used for sanction-related activities.
11. Verify the end use of the product with details. If the stated end use is not consistent with the
nature of the product or the profile of the customer, then this might imply that the true end use
is being concealed.
12. Verify the method of payment (eg, bank transfer or cash). This is important to ensure that funds
will be transferred through designated banks via normal banking channels, and also to ensure
that banks do not belong to dubious locations.
13. Verify whether the payment is a one-off or in instalments. Overly favourable payment terms (eg,
one-off lump sum payments when instalments are market practice) may raise suspicions.
14. Understand clearly the currency of business. For example, where the transaction has an Iranian,
Cuban, Syrian or Sudanese nexus and the payment is intended to be in US dollars, this should
be verified.
15. Verify details of the customer’s bank details involved in the transaction. Banks may themselves be
an SDN, and so they should also be screened in accordance with standard procedures.
16. Verify whether usual credit-checks have been carried out on the customer. If this has not been
done, it should raise concerns.
17. Check whether the US content in a product is within the sanctioned limits. This is to ensure that
US sanctions in respect of its permissible contents in a product are adhered to (normally ten per
cent of imported products).
Conducting due diligence in respect of sanctions is a complex job. This is because sanctions keep
changing all the time, and technical knowledge is required to understand whether the impact of the
sanctions on products covered under the sanctions is different in nature; similarly with commercial
details. Where it becomes a grey area, it is always advisable to obtain clarification or trade licences from
the regulatory authorities, or avoid commercial dealings altogether with the sanctioned countries.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines45
IBA Corporate and M&A Law Committee
Legal Due Diligence Guidelines
Annex
Issues to be considered while compiling a legal due diligence request list
While requesting the documents and information necessary for the purposes of performing legal
due diligence on a legal entity and its controlled companies, if any (the legal entity and its controlled
companies are referenced hereunder as ‘the Company’), it is important to consider what important
points should be covered by legal due diligence and reflected in the report, and the documents
that are necessary to assess such points. The non-exhaustive list below contains questions and issues
that may help practitioners in different jurisdictions while preparing or revising legal due diligence
request lists that cover various legal practice areas and industries.
In addition, in elaborating an information request list, practitioners should consider the following
practical tips:
1. ask the Company to organise the responses in accordance with the reference system provided;
2. indicate that, unless otherwise indicated in the list, the terms ‘contract’ and ‘agreement’ should
also include any obligation, commitment, understanding or other arrangement, whether written
or oral, and whether in final form or currently under negotiation;
3. ask the Company to include copies of all amendments, supplements, waivers, exhibits, schedules,
appendices and other attachments for all requested documents;
4. ask the Company to provide the most up-to-date and comprehensive information and
documentation as possible, and indicate if a request is not applicable, or there is no information
responsive to a request while responding to the list; and
5. indicate that the checklist is not exhaustive, and it may be the case that further information is to
be provided in due course. In particular, information given or documents supplied in response
to the checklist may themselves give rise to further enquiries.
It is important to mention that while preparing, or revising, a legal due diligence request list, it is
not possible to apply a one-size-fits-all approach. As mentioned in the Guidelines, each due diligence
investigation should take into consideration the specificities of the case at hand, including the
jurisdictions involved and their respective legal systems. Specific documents to be requested, as well as
the period to be covered, will vary case by case and jurisdiction by jurisdiction.
46 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
I. Practice areas
1. Corporate
• Is the Company duly constituted? Were all the corporate acts duly filed?
• Does the Company have the records, registrations and licences required to exercise its activities?
• Does the Company have the debt clearance certificates required for transfer of control and/or
corporate reorganisation?
• Does the seller have the property of shares free of any liens, arrears, obligations to pay and other
encumbrances?
• Are the corporate books (if applicable) duly updated? If not, what is pending?
• Are the shares subject to any shareholders’ agreement? If yes, are there any transfer restrictions?
(eg, pre-emptive rights, tag-along, call option or other third-party rights)?
• Has the Company issued convertible securities? Are there stock option plans?
• Does the Company have any branches? Does the Company have an equity interest in any other
Company? Does the Company have any collaborative partnerships or joint ventures, or is it part of
any consortium?
• If the Company has an equity interest in any other company/consortium, is there a corporate
control agreement (eg, shareholder agreement)? Is there any limitation to the indirect disposal of
this equity interest or stock option, pre-emptive/first offer rights or any other rights related to this
company/consortium?
• Has the Company acquired assets or equity interests from third parties or has it been the target of
acquisition by the seller? If yes, is there any right to indemnity?
• Did the Company dispose any assets or equity interests to third parties? If yes, is there any
obligation to indemnify third parties?
• Has the Company been involved in any corporate reorganisation? Is the Company a successor to
any of the obligations of another company, or subject to group or joint and several liability with
any other entity? Analyse the risks and the need to audit such other entities.
• Do the seller and its representative have full capacity and powers to sell shares of the Company and
practice all acts for the transaction? Do they depend on any corporate approval or consent of any third
party (including a spouse in community property jurisdictions or otherwise)? Were basic certifications
of the seller received to confirm that there is no insolvency or risk of fraudulent conveyance?
• Were the acts of the Company and its branches duly updated with relevant public authorities?
• Is the Company audited? Is the report of the auditors without provisos or qualifications?
• Does the Company have investments or did the Company receive any loans from abroad? If yes, is the
Company in compliance with all applicable foreign investment or exchange controls and regulations?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines47
2. Contracts
• Are there contracts between the Company and related parties? Are there dealings with related
parties that were not formalised?
• If there is a contract to which prior approval is required in the case of a change of control (or
corporate reorganisation or transfer of assets, depending on the structure of the transaction), is
early settlement possible? What is the outstanding amount in these contracts? Would any penalties
or obligations be triggered by the transaction? Are any third-party waivers required?
• Is the Company bound by any type of exclusivity, non-competition and/or non-solicitation right or
obligation?
• Is the Company party to contracts that foresee the maintenance of service levels? If yes, what are
the penalties in the case of non-compliance?
• Does the Company sell/distribute its products through commercial representatives? If yes, what
are the penalties/damage awards required in the event of termination?
3. IP and privacy
3.1. IP
For the purpose of this list, the following definition of IPRs is used (and the term ‘IP’ is to be
construed accordingly): all registered and unregistered inventions, improvements, patents
(including all reissues, continuations-in-part, revisions, extensions and reexaminations thereof),
works of authorship, copyrights, databases (including but not limited to databases that contain
personal data), semiconductor chip/mask work rights, trademarks, service marks, logos,
designs, titles, slogans, company names, trade names, domain names, package designs, product
designs, other design (model) rights and trade secrets; other proprietary rights, whether owned,
exploited or planned to be owned or exploited by the Company; and all registrations thereof
and applications thereof (as applicable) in countries and territories worldwide and under any
international convention.
• What are the principal goods and services provided by the Company? How are they marketed?
48 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• What are the Company’s registered IPRs or for which IPR applications have been filed? What are
the principal brand names and details of material unregistered IPRs owned by the Company or
used in its business?
• Are there arrangements with employees who create, write, invent, design and so on, and/or
who have any access to IP? Do such arrangements ensure that any IPRs deriving from work done
accrue to the Company?
• Are there intercompany arrangements and arrangements with third parties who create, write,
invent, design and so on, and/or who have any access to IP? Do they ensure that any IPRs deriving
from work done accrue to the Company?
• Is there any suspected or alleged infringement whether past, current or potential, including, without
limitation, any challenges as to the validity, subsistence or ownership of IPRs, by third parties of IPRs
owned by the Company or used in its business under a licence (formal or informal) or otherwise,
and any infringements or alleged infringements of any IPRs by the Company?
• Is there any suspected or alleged infringement, whether past, current or potential, of third-party
rights by the Company?
• Are there agreements pertaining to IP owned by the Company or used in its businesses in
place (eg, (intercompany) licences; consultancy agreements; options; franchise agreements;
sponsorship agreements; agreements not to enforce; consents; settlements; assignments; security
interests; liens; encumbrances or mortgages; and renewals, novations and terminations)?
3.2. Privacy*/**
• Does the Company use data on identified or identifiable natural persons (‘personal data’),
specially personal data revealing racial or ethnic origin, political opinions, religious or
philosophical beliefs, or trade union membership; and process genetic data, biometric data for
the purpose of uniquely identifying a natural person, data concerning health, or data concerning
a natural person’s sex life or sexual orientation (‘sensitive personal data’)?
• Does the Company have a data protection regime? Does the Company use internal and external
hosting and/or cloud solutions?
• What are the Company’s technical and organisational measures, including information of
encryption used when processing personal data?
• In which countries does the Company have employees or in which countries does it otherwise
process personal data, including information on third country transfers?
• What are the Company’s internal rules and regulations regarding data protection (including on
the use of the internet, email, etc for private purposes)?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines49
• Are there (intercompany) agreements related to data protection (data processing agreements, EU
standard clauses, binding corporate rules, etc) in place?
• Were there any data protection-related investigations or fines by or communication with data
protection authorities during the past [•] years?
• Were there claims by individuals against the Company with regard to data protection during the
past [•] years?
• Did any data breach or data loss occur in the Company during the past [•] years? If so, what
measures were taken in any of these cases?
• What are the hosting and cloud services used by the Company?
• Does the Company obtain consent from data subjects? Are there external data protection policies
(eg, on websites)?
• Does the Company use tracking mechanisms, including cookies, beacons/tags, JavaScript, local
storage, browser fingerprinting or similar means to track data subjects online for the purpose of
online advertising, personalisation or content delivery?
4. Regulatory
• To which licences, registrations, authorisations and grants is the Company subject due to its
activities? With which of them is the Company in compliance? Which are possibly pending? What
are the consequences of non-compliance?
• Is there any potential requirement from governmental agencies in the event of a change of
control or corporate reorganisation?
5. Antitrust
• Has local antitrust counsel been retained in each key risk area and jurisdiction (generally every
jurisdiction in which the Company has facilities or other significant assets or material sales)?
• Are any of the other parties involved in the transaction current or potential competitors of the
client, or do they operate in a vertically-linked adjacent part of the supply chain?
• Is the Company currently under investigation by an antitrust agency, subject to a consent order
or other form of settlement arrangement with ongoing obligations with an antitrust agency,
or otherwise active in an industry in which an antitrust agency has recently found that cartel
behaviour has occurred?
• Is the Company active in any industry in which certain types of antitrust issues are common that
may warrant additional due diligence (eg, resale price maintenance and excessive pricing)?
50 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• Have the parties put in place appropriate mechanisms to protect against improper information
sharing and inadvertent disclosure of privileged information? In particular, parties should
consider putting in place the following:
– A confidentiality agreement to restrict access to the due diligence materials shared between
the parties and to prohibit the parties from disclosing confidential business information to
individuals that are not a party to the agreement.
– A joint defence agreement to document a common interest privilege between parties for
purposes of exchanging otherwise privileged information. These agreements allow antitrust
counsel to work cooperatively to evaluate the antitrust and competition issues, and potential
challenges related to a transaction without waiving the privilege. Although such agreements
are not recognised in all jurisdictions, they are essential tools in jurisdictions in which waiver
of privilege is a significant risk.
– A clean team and clean team guidelines: Where a clean team is put in place to evaluate the most
sensitive information shared in the course of due diligence, it is important to give that team
specific written guidance regarding the restrictions that apply to the individuals on the team.
• With respect to any information the parties are considering exchanging in the course of due
diligence:
– Is the information to be made available appropriate to the stage that the M&A process has
reached?
– Is the information competitively sensitive, that is, in the absence of the transaction, would the
parties be willing to share the information with their competitors?
– Is it possible to present the information in a less competitively sensitive form (eg, historical,
aggregated or blinded)?
– What will happen to the information shared if the transaction does not proceed?
• Are appropriate measures being observed with respect to other key issues that commonly arise in
multi-jurisdictional due diligence processes, including specifically legal privilege and data privacy?
• What is the nature of the Company’s workforce (including the number of full-time, part-
time, international assignees and temporary employees by location and number) and of other
individuals providing services under a non-employment arrangement (including the number of
temporary workers, independent contractors, contract labour, freelance workers, consultants,
outsourcing, interns and service providers)?
• Are there standard employment contracts, past (provided still relevant) and/or currently in force?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines51
• Is there any employers association or any applicable collective agreement (including works
council agreements and regulations for severance payments)?
• Are there existing works council or other employee representative body at the branch, company
and group level (including union representation and employee representatives as members of a
supervisory board)?
• Are there pension and/or other retiree benefits and/or severance plans and/or obligations
promised or provided in excess of statutory minimums?
• What are the bonus regulations, profit-sharing plans or obligations, and company’s bonus/
incentive compensation plans in place globally (eg, number of participants, size of bonus pool,
criteria for payment and payment history)?
• Will the transaction rise to any employment-related obligations (eg, via change-in-control
provisions in individual or collective agreements, or approval requirements in collective
agreements or due to works council consultation obligations)?
• What are the Company’s internal policies on implementing terminations/redundancies? Was any
collective redundancy exercise carried out in the last [•] years?
• Were there mergers, acquisitions or divestitures in the last [•] years that involved the acquisition
or divestiture of employees? Do the contracts of employment and documentation on employee
benefits contain any change of control provisions?
• Are there any agreements or obligations (eg, from prior acquisitions or agreement with unions)
that limit the Company’s employment flexibility (eg, agreements limiting the ability to engage in
reductions in force or change of service conditions)?
• What are the individual and collective agreements implementing risk management and
compliance obligations for employees, independent contractors and other representatives?
What are the processes and protocols for compliance with human rights, ethics and anti-bribery
obligations (including policies and practices related to government procurement and other
government relationships)? Were there compliance problems during the last [•] years?
• What are the health and safety measures undertaken, including health and safety plans,
quality assurance manuals or process descriptions? Who are the authorised persons (including
employees) with responsibility for health, safety and environmental issues? Were there labour
accidents and/or professional diseases, and health and safety inspections and audits (internal or
external) during the last [•] years?
• What are the processes and protocols for compliance with data protection/privacy obligations?
Who are the data privacy officers?
• Are there other issues that are essential for the business of the Company and/or helpful and/or
necessary for the analysis of the legal and/or economic relationships of the Company?
52 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
7. Tax*
• What is the current group tax structure (eg, grouping arrangements (fiscal unity))?
• What past reorganisations (eg, application of tax facilities, tax rulings, claw-back periods and
tainted shares) have occurred?
• What tax attributes (eg, carry forward tax losses, tax credits, tax exemptions and tax allowances)
does the Company benefit from?
• What interest deduction limitations (eg, thin capitalisation rules, anti-abuse rules and earnings
stripping rules) apply?
• What tax planning or optimisation strategies, including tax rulings and pending tax ruling
requests, have been used?
7.2. Compliance issues (corporate income tax, VAT/sales taxes and employee taxes)
• What is the tax control environment, tax awareness and tax management?
• What are the tax provisions and liabilities for both current and deferred taxes, and tax
receivables?
• Are there any pending disputes with tax authorities, tax appeals and/or court proceedings?
• What input VAT recovery ratio is applied, and are there potential restrictions in input VAT
recovery?
• What is the VAT treatment of non-standard business activities (eg, share transactions, asset deals
and real estate transactions)?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines53
7.4. Employee taxes
• What are the most material personnel arrangements (bonus payments, expense allowances,
benefits in kind and work-related cost rules)?
• What are the intra-group transactions, intra-group pricing arrangements, transfer pricing
policies and guidelines?
• What is the transfer pricing documentation (procedures to comply with obligations and
current status)?
* only for jurisdictions in which tax compliance is part of legal due diligence.
8. Litigation
• What is the total number of administrative, judicial and arbitral proceedings in which the
Company is the defendant, and what is the total updated amount in dispute?
• What is the object of such proceedings and their updated progress? What is the value adjusted for
inflation? Is there any preliminary injunction or advance relief in force?
• How many proceedings are material (1) based on the individual value defined at the beginning
of the assessment; or (2) regardless of the value, based on materiality, according to the precedent
that it represents, regarding the possibility of repetition or impact on the way the Company
conducts its business), and together, what amount do they represent?
• Is there any risk of non-monetary judgment that may have a material impact?
• Indicate which judicial, administrative or arbitral procedures are accrued and the value of this
provision. Are there escrowed amounts in the proceedings reviewed?
• Are there ongoing proceedings not described in the report or under seal?
• Are there civil investigations involving the Company, officers, directors or shareholders?
• Are there agreements entered into with public authorities made in the course of public civil
actions or investigations?
• Are there any judicial orders in force that impact the Company’s activities?
• Are there actions against the majority shareholder (and/or the seller) of the Company that are
not described in the report? Is there any encumbrance of quotas/shares of the Company due to
any judicial decision?
54 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• Are there proceedings of any kind, regardless of value, involving a material matter that somehow
can impact on activities or results of the Company (eg, class actions, public civil actions, collective
actions and actions for managerial impropriety)?
• What are the criteria used for the indication of the value of contingency and risk of loss contained
in the management reports prepared by external attorneys appointed by the parties? Is there
some indication that the criteria adopted by such attorneys are not reliable?
• Were all the required certificates received in respect of the Company and its subsidiaries?
9. Real estate
• Does the Company own any property? What is the nature of title held and are there any
mortgages, liens or encumbrances on the property (including but not limited to option or similar
(pre-emption) rights to purchase the property, rights of third parties to have access to – parts of –
the property, rights relating to cables and sewers)?
• Are there burdens or ownership limitations over the property? If so, what is the impact that those
might have on the transaction? What is the relevance of the property? What is the value involved?
If it is a warranty for an obligation or for a dispute, is it possible to replace it?
• Does the Company rent any property? If so, are there other arrangements not disclosed in the
(lease) agreements with tenants, subtenants, licensees and occupiers of the property?
• Are there real estate contracts (rental, lease, lending, etc) for terms longer than the established
deadline? Is there any document between the lessor and lessee that formalises the extension of
this term? Is it a contract extended for an indeterminate term?
• Are there (1) any disputes or complaints in relation to any current tenancy, whether or not
resolved; and (2) any breaches or alleged breaches of covenant relating to the (lease) agreements
with tenants, subtenants, licensees and occupiers in the property, including details of any waiver,
whether express or implied?
• Are there other relevant agreements and covenants relating to the property?
• What are the due taxes regarding the real estate, whether federal, state or local?
• Is there any debt regarding the property tax granted by the corresponding governmental
authority (or any other applicable tax, be it federal, state or municipal)?
• Does the Company have all the necessary permits to use and operate the real estate it occupies?
Are these documents valid? Is there proof of a renewal application? What is the consequence of
not having these documents?
• Are there any pending or threatened lawsuits, arbitrations or other dispute resolution proceedings,
administrative or governmental actions (including tax-related claims or proceedings), claims,
disputes relating to property and/or arising out of any construction work on the property or to any
rights enjoyed with respect to the property or to which the property is subject?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines55
10. Environmental
• What are the facilities/sites owned, leased and/or operated by the Company?
• What are the activities presently carried out at such facilities/sites? What were the past activities?
• Does the Company have all the required environmental permits, licences, governmental
approvals, and/or authorisations and related applications (not limited to the following aspects:
air, water discharge, water withdrawal, waste management, hazardous substances, chemical
substances, endangered or sensitive species and habitat, and fuel)? Are they all valid? If not, has
the renewal process begun? Are the conditions being complied with? Are there conditions not
complied with yet? If not, what is the cost to bring them into compliance?
• What types of waste are generated or handled at the facilities? How are/were they handled, stored
and disposed?
• How and where are effluents discharged? Are they treated? Which constituents monitored them
and what is the result of such monitoring?
• What are the sources of air pollutants discharged from the facilities? Which constituents are
monitored and what is the result of such monitoring?
• What is the type, quantity and storage of fuels used at the facilities?
• Are there existing aboveground or underground storage tanks and tanks previously located at the
facilities/sites? Provide current and past uses. If no longer in use, determine the abandonment/
closure/removal procedure, and compliance with applicable registration and tank maintenance,
testing and safety requirements.
• Locations where any materials, waste or substances have been released, buried or disposed of,
providing when disposal or release occurred; nature of material waste or substance; and nature of
disposal or release; and any remedial action that took place and so on.
• Does the Company use asbestos, equipment containing polychlorinated biphenyls (PCBs), and
other controlled substances? If so, what are the procedures involved in the maintenance, labelling
and storage or management?
• Are there reports regarding environmental conditions or testing related to facilities/sites owned,
leased and/or operated by the Company (eg, groundwater and soil sampling and testing results,
Phase I Environmental Site Assessments, Phase II sampling reports, etc)?
• Are there any environmental commitments that have been entered into by the Company
with regulatory agencies? Are the obligations being met? What is the estimated cost to cover
obligations that have not yet been met?
56 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• Are there proceedings and processes (including investigative, administrative or judicial
proceedings in the civil or criminal courts) involving environmental issues and in which the
Company is a party? What are their current statuses? What is the amount involved? What is its
prognosis?
11. Insurance
• Is there any policy when the Company contracts? If yes, what is it?
• Are there reports prepared by external consultants? If yes, is there any material question to be
highlighted?
• Does the total value of the insurance premium paid in the last [•] years indicate any situation that
was not expected?
• Are there any pending issues in respect to claims incurred and not indemnified and/or being
negotiated with insurers? If yes, what is the status and the value involved?
• Are there complaints and lawsuits filed by the Company against its insurers or filed by them
against the Company? If yes, what is disputed? What is the value involved?
• Do the insurance policies name the Company as the insured party? Are they effective? Are all
Company assets insured? Has the premium being paid yet? Is the obtainment of insurance
obligatory due the activities of the Company? If yes, was such insurance obtained?
• Are the pension plans on behalf of Company employees and officers administered private pension
funds? If yes, indicate whether the plan is deficient and in what respects.
12. Compliance
• In what way are the employees of the Company (being) trained in these compliance issues?
• Does the Company have a special structure for compliance issues (is there a compliance officer)?
• What are the compliance risks for the Company and do the board and employees know them?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines57
13. Human rights
• Is there a public policy commitment, or a (written) human rights or general code of business
conduct? Does this form part of a systematic and documented approach, which includes due
diligence, monitoring and tracking, and is reported on (internally or externally) and/or verified
using internationally accepted standards and/or applicable laws?
• What has the Company identified as its main sources of human rights-related risk? What steps has
the Company taken to assess, address, mitigate and remedy any adverse human rights impacts
identified?
• Has the Company been the subject of any adverse comments or reports concerning: (1)
independent benchmarking or reporting initiatives; (2) adverse press comment; (3) shareholder
action; or (4) public demonstrations or consumer boycotts as a result of adverse human rights
impacts arising from its business activities, products or services?
• Have objections been raised to the grant of licences, permits or concessions on human rights
or governance grounds at any time? If so, of what type? Were they resolved in accordance with
international standards?
• Does any site development involve relocation or displacement of any inhabitants, and specifically
indigenous peoples?
• Do operations have the potential to negatively affect: (1) access by local inhabitants to water or
other resources or sources of livelihoods or sites of cultural value; and (2) the local environment,
for instance, through the introduction of contaminants into the local air, soil or water? Have any
complaints been made in relation to the environmental impacts or performance of the Company?
If so, of what nature? How were they resolved?
• What is the workforce profile and policies of Company in relation to: (1) contract workers;
and (2) migrant workers? Are issues and practices of the following addressed: (1) Freedom of
association; and (2) collective bargaining; (3) use of recruitment agents and payment of fees
addressed; (4) minimum age verification; (5) involvement of workers under 18 in potentially
hazardous work and how workers are recruited; (6) the use of subcontractors, and issues of
remuneration, incentives and monitoring, possession of and control over their passports and/
or other identity documents? How are workers informed about and able to enforce their
labour rights, and/or raise concerns and grievances about the Company’s performance? Are
information, and/or trends or systemic issues monitored and followed up?
• What steps are taken to ensure that suppliers of the Company comply with internationally recognised
labour standards, including prohibitions on the worst forms of child labour and forced or slave labour
(eg, through contractual provisions and management of identified or reported issues)?
• Does the Company engage with or take advice from civil society, non-governmental organisations
(NGOs) or community representatives with respect to the human rights impacts of the site/
operations? How – through one-off or integrated systematic processes? What issues have been
identified or addressed?
58 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• Are private security companies used by the Company for its operations? Are their staff and
contractors independent of government influence? Are they appropriately regulated? Do they
accept international voluntary standards applicable to this sector? Do private security personnel
receive sufficient training with respect to the use of force? Have any complaints been received in
relation to the performance of any private security providers or their employees? Is so, what was
the nature of those complaints and how were they resolved?
• Have actions by government or state agencies in connection with the Company, its operations
or assets had (or might they have the potential to have) an adverse impact on the human rights
of local inhabitants or others? What is the government’s record with respect to: (1) human
rights protection generally; (2) labour enforcement: (3) treatment of union representatives;
and (4) land rights and titling and acquisition? What are the Company’s policies with respect to
engagement with governments and state agencies? What are the Company’s policies with respect
to supply of goods and services to governments and state agencies?
II. Sectors
1. Communications
• What are the electronic communication services and networks that are provided by the Company?
• What are the permits, licences, approvals and/or registrations issued by the National Regulatory
Authority in the telecoms sector (the ‘NRA’) to the Company? Has the Company made
notifications? How is the network rolled out and what are the coverage obligations from, for
example, spectrum licences and the level of their fulfilment?
• Is authorisation required to transfer the spectrum? Can the NRA restrict such a transfer based on
spectrum trading/hoarding provisions?
• Are there specific ownership limitations (eg, combining cable and digital subscriber line (DSL)
networks, and foreign ownership)?
• Have the respective fees due under the effective telecoms permits, licences, approvals,
registrations and/or notifications been paid?
• Have there been decisions of the NRA by which the Company has been determined as a
significant market power (SMP) operator and by which specific obligations have been imposed to
the Company? What is the status of competition compliance (and clearance, if applicable)?
• Have there been decisions of the NRA by which sanctions have been imposed to the Company for
non-compliance with telecoms legislation? Have there been breaches of the terms of its permits,
licences, approvals, registrations and/or notifications?
• Has the Company applied for any new pending permit/other authorisation procedure?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines59
• Is there any pending dispute between the Company and the NRA, or between the Company and
other operator(s)?
• What have been the internal data protection rules issued and approved by the Company
(including for handling traffic data registries, data breaches and data destruction) and privacy
notices used, as well as the registries for the traffic data requests and traffic data disclosures,
protocols for destruction of retained data and data breaches during the last [•] years?
• Are there any recent past or pending investigations with the consumer protection public authority?
• What is the electronic communications network (‘the Network’), and its architecture (ducts,
towers and dark fibre) and ownership (owned, leased lines and indefeasible right of use (IRU))?
• Is the documentation for a material number of owned properties that are key to the business
(including base stations, key retail outlets and landed property for base stations) (the ‘Material
Owned Properties’) in order? What are the material obligations, security of tenure, ability to
pledge or assign, ability to let and termination rights (including change of control)? Are the
Company’s title and construction documents in respect of the Material Owned Properties as well
as historical title documents of the Company’s predecessors in title in order?
• What are the material lease agreements (including for stores and sales stands) and towers lease
agreements?
• What are the rights of way, easements or other rights over land that the Company does not own or
have any interest in, but which is required for the flawless operation of the Network?
• What is the state of repair and condition of the material Company’s properties? Are they fit for
their current use?
• What are the standard form agreements for the provision of services used by the Company?
• Has the Company provided the current prices to the NRA/competition authority in advance of
their publication?
• What are the material interconnection agreements to which the Company is a party, and have
copies thereof been submitted to the NRA (if required)?
• What are the material leased lines agreements to which the Company is a party?
• What are the agreements for the provision of network capacity/data transmission/network
sharing and all other types of material agreements that are essential for the core business of the
Company?
• What are the terms and conditions of contracts with material commitments towards equipment
vendors or other suppliers and other service providers, key outsourcing contracts and other
material contracts?
60 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
2. Maritime
2.1. Vessels
• Has the Company owned or still owns any vessel for the last [•] years? If so, what are the names,
official numbers, identifying signals, sizes, classes, registries and use of each vessel?
• What are the details of the registration and classification of each vessel (including an updated
class survey, certificate of registry, class certificate, confirmation from the classification society,
status report from the class and copy of international tonnage certificate)?
• What are the details of any inspections of any vessel in the last [•] years (including the vessel’s
deck and engine log books)?
• What are the details of any dry dock or divers inspections of any vessel in the last [•] years,
and inspection of the vessels underwater parts below the deepest load line (including rudder,
propeller and bottom parts below the deepest load line)?
• What are the results of any surveys of any vessel carried out in the last [•] years, whether as required
by the relevant classification society or otherwise, including but not limited to a tail shaft survey?
• Are there any desktop appraisal reports in relation to each vessel from the last [•] years appraising
the value of the applicable vessel?
• Are there any insurance policies covering the vessels? Have there been claims under the insurance
policies?
• Has there been any damage to the vessels and their equipment (including breakdowns) during
the last [•] years?
• What are the details of any permits or decisions in relation to the vessels from the last [•] years?
2.2. Contracts
• What are the details of current employment arrangements for the vessels (charters, contracts of
affreightment and contracts of carriage)?
• What are the details of the commercial and technical management arrangements for the vessels?
• For each product, for which countries have marketing authorisations been obtained and as of
what date? If marketing authorisation has been refused, why?
• Check that the same indications and dosages have been granted in each country and, if not, seek
an explanation.
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines61
• Where pricing authorisation is required, has it been obtained? Have any particular issues been
encountered?
• Have any products for which there is both marketing and pricing authorisation not been
launched? Why?
• Are the side effect profiles post-sale in line with those found during the clinical trials?
• Where the Company is manufacturing, what regulatory inspections have been carried out during
the last [•] years and what were their findings?
• Where products are in development, check the development against development plans and
query discrepancies.
• Have the products been the subject of any press coverage or political campaign?
4. Mining
• Has the Company complied with, and is it presently in compliance with, all applicable mining
laws? Does the Company have all permits, licences, registrations, consents, approvals and other
authorisations required under any law, whether foreign or local, or from any government agency
necessary for the proper carrying on of the business? Are there any facts or circumstances
in relation to the proposed transaction that could result in the revocation or variation of any
authorisations?
• Does the Company have an absolute and unencumbered interest in, and ultimate control of,
all its mining titles? Is the Company the registered proprietor of the mining titles, or does it
have all necessary rights to carry out operations on such mining titles? Have all relevant renewal
applications been made? Are there any restrictions on the exercise of rights, any unusual
conditions, any security? Has the Company complied with all applicable permit conditions of the
mining titles? Are all mining titles readily accessible? Does the Company or joint venture members
have all necessary ancillary titles to its mining titles (eg, leases, permits or licences for water, mines
or mining purposes, roads or other access arrangements, pipelines, power, other ancillary mining
or real property requirements)?
• Has the Company paid the rents, royalties or other amounts due under all the mining titles at
the time and in the manner prescribed by any applicable mining laws; used the land, the subject
of any mining title, only for purposes authorised in accordance with applicable mining laws; not
assigned, underlet or parted with possession of the land, any mining title, or any part thereof;
lodged with the relevant authorities such periodical reports and returns as are required by any
applicable mining laws; and not been convicted of any offence under any applicable mining laws?
• Have any of the mining titles: been surrendered in whole or in part; been subject to any
application for forfeiture made or threatened to be made by any relevant authority or any other
person, or has anything occurred that may result in forfeiture of any mining title or amendment
of the conditions applicable to any mining title; been encumbered, transmitted, seized under a
warrant or writ of execution, or otherwise disposed of or are the subject of a contract with, or
interest of, any third party, or subject to any equitable interests?
62 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• With respect to the land on which the mining titles are situated, are there any reserves, protected
areas, temporarily protected areas, sites or sanctuaries under any legislation? Have any notices,
licences, approvals, certificates or permissions been received under any applicable legislation? Are
any of the mining titles affected by any conservation or other applicable laws?
• Are there any existing, pending, likely or threatened claim or claims by or on behalf of indigenous
peoples over land within any mining titles? Has any agreement, arrangement or understanding
in relation to or in connection with any mining titles, or the protection of sacred sites, been or is
being negotiated with any indigenous communities?
5. Power
• Does the Company own the property where the plant is built? What is the nature of title held and
are there any mortgages, liens, burdens, ownership limitations or encumbrances on the property
(including but not limited to an option or similar (pre-emption) rights to purchase the property,
rights of third parties to have access to – parts of – the property, rights relating to cables, sewers,
etc)?
• Does the Company have the licences, registrations, authorisations and grants required in
order to regularly operate and fulfil its corporate purpose? Does the Company comply with
the requirements to be recognised as a Power Electricity Generation Agent in the Wholesale
Electricity Market (WEM) in order to deliver electricity and trade electricity? Does the Company
comply with the requirements to gain access to the electricity transmission lines that enables a
power electricity generation agent to deliver generated electricity to the national grid?
• In the case of renewable and hydro resources, are there any additional licences or concessions
requirements required? In the same, are there royalty payments requirements?
• In the case of power fire plants, does the Company comply with the requirements for the
usage of water for the cooling process and its final disposition? Does the Company comply with
the requirements to liberate gases to the atmosphere?
• In all cases, does the Company comply with the requirements to deal with hazardous waste?
Does the Company comply with the required licences, registrations, authorisations or grants?
Are any of those requirements missing or pending? If so, please identify them and provide any
available information.
• Which potential governmental requirements would the Company be subject to in the event of
a corporate transaction? Is antitrust filing required? Is it required previously or can it be
obtained after taking control of the Company? Is a filing within the Regulatory Body required?
Was it required previously or can it be obtained after taking control of the Company?
• Which are the agreements executed in order to design, build, operate and maintain the power
plant(s)? Has the Company executed an engineering, procurement and construction (EPC)
agreement? A maintenance agreement? A supply agreement? Has the Company executed national
transmission system connection agreements? An electricity transportation agreement? Has
the Company developed an electricity transmission line? If so, has the Company executed the
required easement agreements?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines63
• What are the agreements executed and/or terms and conditions in order to sell and/or
acquire electricity within the WEM or directly with an electricity large user? Has the Company
executed a power purchase agreement (PPA)? What are its deliver or pay/take or pay
commitments? Is there any prevision triggered by the change of control (both via controlling
shareholding transfer or assets transfer? Does the Company sell electricity in the spot market
within the WEM? How are prices established in the spot market? If so, please identify them and
provide any available information (ie, currency, major costs treatment, payment guaranties,
termination clauses, step in rights, force majeure and penalties).
• In all cases, are there any sanctioning proceedings in course or sanctions of any type applied
related to non-compliance with those requirements? If so, please identify them and provide any
available information.
6. Water
• What water assets are to be acquired that divert, store, transport, treat or manufacture water (eg,
water pipelines, dams, storage tanks, pump stations, treatment plants and metering, testing and
monitoring equipment)?
• What water sources are used in the operation of the water assets (eg, municipal supply, surface
water, groundwater, desalinated water and recycled water)?
• What water rights are relied upon (either in common law or by licence, permit or other document
authorising the use of water) to access water from the relevant water sources and operate the
water asset?
• Are the water rights attached to the rights in the underlying land or otherwise transfer
automatically with a transfer of ownership of the land or the water asset, or does an application
need to be made to transfer the authority or for the grant of a new authority?
• Are there volumetric, time, permitted use, priority or other restrictions associated with the water
rights? Do these restrictions constrain the operation of the water assets or otherwise impact the
value of the Company’s business?
• Who is responsible for metering water use associated with the relevant water assets?
• What existing or proposed water supply agreements or water transportation agreements are
relevant to the operation of the water asset, including agreements governing water supplied to
the asset (eg, as fuel in the case of a hydroelectric facility or as feedwater in the case of a recycled
water treatment plant) and water supplied from the asset to third parties?
64 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines SEPTEMBER 2018
• What water quality standards apply to the water asset, and who is responsible for testing and
monitoring compliance? What water treatment processes are employed?
• Are the prices, tariffs or other charges for water supplied to the water asset, or water supplied
from the water asset, subject to regulatory oversight?
• Are the water assets subject to any laws relating to critical security infrastructure such that they
may be subject to government control?
• Is the supply of water from the water asset considered an essential service, such that particular
laws may limit the ability to terminate certain water supplies from the water asset?
SEPTEMBER 2018 IBA Corporate and M&A Law Committee Legal Due Diligence Guidelines65
www.ibanet.org