Free Word download β’ Edit online β’ Save & share with Drive β’ Export to PDF
A Due Diligence Requisition List is a formal, categorized document request issued by an acquirer, investor, or lender to a target company at the commencement of a transaction review. It identifies every record, contract, financial statement, and legal instrument the requesting party needs to evaluate the target's business, confirm the accuracy of its representations, and quantify undisclosed liabilities before signing a binding purchase or investment agreement. Unlike an informal checklist, a requisition list functions as a transactional instrument β it defines what the target has been asked to disclose, establishes a response framework with deadlines, and creates a documentary record that is incorporated by reference into the purchase agreement's disclosure schedule.
Entering a transaction without a structured requisition list is one of the most expensive procedural mistakes a buyer or investor can make. Undisclosed change-of-control clauses can terminate the revenue contracts that justified the deal price the day after closing. Contractor-created IP with no assignment agreement can strip the buyer of ownership of the target's core technology. Unregistered sales tax nexus across multiple states can surface a liability equal to two years of net income β invisible without an explicit request. A properly scoped due diligence requisition list surfaces each of these risks before signing, when they can be priced, indemnified, or resolved, rather than after closing, when the buyer owns them unconditionally. This template gives you a numbered, categorized starting point that organizes the entire review, tracks responses from both parties, and produces the completion record your purchase agreement requires as a closing condition.
| If your situation is⦠| Use this template |
|---|---|
| Full acquisition of a private company | Due Diligence Requisition List (M&A) |
| Minority equity investment or venture financing | Investment Due Diligence Checklist |
| Commercial real estate purchase or lease assignment | Real Estate Due Diligence Checklist |
| Debt financing or credit facility underwriting | Lender Due Diligence Request List |
| Selling a business and preparing a virtual data room | Sell-Side Due Diligence Checklist |
| Vendor or supplier onboarding for enterprise contracts | Vendor Due Diligence Questionnaire |
| Merger between two entities of comparable size | Merger Due Diligence Checklist |
Why it matters: An overly broad list issued to a 10-person startup overwhelms the target's management team and delays responses on the 20 items that actually matter to the deal.
Fix: Scope the list to the transaction type and target size. Remove categories that are clearly inapplicable and add industry-specific sections that a generic list omits.
Why it matters: Without a deadline and a shared tracking log, diligence drags on indefinitely β deal timelines slip, financing commitments expire, and the target's management loses confidence in the buyer.
Fix: Assign response deadlines to each category, share a joint tracking spreadsheet with both teams, and escalate outstanding items in weekly deal calls.
Why it matters: Summary cap tables routinely omit unvested options, expired warrants, and side letter rights β creating post-closing disputes over ownership and dilution that can unwind the transaction.
Fix: Request every option grant agreement, warrant certificate, and investor side letter individually and reconcile them against the summary table before signing the purchase agreement.
Why it matters: IP created by contractors remains the contractor's property by default in most jurisdictions unless a written assignment agreement exists. Discovering this post-close can invalidate the buyer's ownership of the target's core technology.
Fix: Add an explicit sub-item under the IP section requesting signed IP assignment agreements for every contractor who contributed to any material product or software.
Why it matters: A single customer contract representing 30% of revenue with an unwaived change-of-control clause can allow that customer to terminate the day after closing, immediately destroying the deal's value thesis.
Fix: Flag every contract containing change-of-control, consent-to-assignment, or anti-assignment language and resolve consents before signing, not after.
Why it matters: Sales tax nexus created by unregistered remote selling, and payroll tax liabilities from misclassified contractors, can equal or exceed disclosed income tax exposure and are not visible in income tax returns alone.
Fix: Add explicit requests for sales tax registration certificates by state, payroll tax filings, and any state or local tax authority correspondence alongside the standard income tax request.
In plain language: Requests the target's foundational corporate records β articles of incorporation, bylaws, board minutes, shareholder resolutions, and organizational chart β to confirm legal standing and decision-making authority.
Please provide: (1) Certificate/Articles of Incorporation and all amendments; (2) Bylaws or Operating Agreement; (3) Board and shareholder meeting minutes for the past [3] years; (4) Current organizational chart showing all subsidiaries and affiliates.
Common mistake: Failing to request minutes for all subsidiaries, not just the parent entity. Material decisions β asset sales, guarantees, equity grants β are often made at the subsidiary level and missed entirely.
In plain language: Requests the fully diluted cap table, all equity issuance documents, option plans, warrants, and any rights of first refusal or co-sale agreements to confirm who actually owns what.
Please provide: (1) Fully diluted capitalization table as of [DATE]; (2) All stock purchase agreements, option grants, and warrant agreements; (3) Investor rights, co-sale, and voting agreements; (4) Any convertible notes or SAFEs outstanding.
Common mistake: Accepting a summary cap table without requesting the underlying issuance documents. Phantom shares, unapproved grants, and expired options are only visible in the source instruments.
In plain language: Requests audited or reviewed financial statements, management accounts, tax returns, and any financial projections to allow an assessment of historical performance and financial health.
Please provide: (1) Audited financial statements for fiscal years [YEAR-2] through [YEAR]; (2) Unaudited monthly management accounts for the current year; (3) Federal and state/provincial tax returns for the past [3] years; (4) Current accounts receivable and payable aging reports.
Common mistake: Requesting only annual statements and missing interim management accounts. Seasonal businesses or companies with recent performance deterioration can look healthy on an annual basis and distressed on a monthly one.
In plain language: Requests all significant commercial agreements β customer contracts, supplier agreements, licenses, and partnership deals β with particular focus on change-of-control provisions that could unravel post-closing.
Please provide all contracts with annual value exceeding $[THRESHOLD] or that are otherwise material to the business, including: (1) Customer and revenue agreements; (2) Supplier and vendor agreements; (3) Distribution, reseller, and agency agreements; (4) Any agreements containing change-of-control, consent, or assignment restrictions.
Common mistake: Setting the dollar threshold too high and missing operationally critical contracts β an exclusive supply agreement worth $80,000 per year that cannot be assigned can shut down operations post-close.
In plain language: Requests all IP registrations, ownership chain documentation, licensing agreements, and employee/contractor IP assignment records to confirm the target actually owns the IP it represents it owns.
Please provide: (1) Schedule of all registered and applied-for patents, trademarks, copyrights, and domain names; (2) IP assignment agreements from all founders, employees, and contractors; (3) All in-bound and out-bound IP license agreements; (4) Any third-party claims, disputes, or cease-and-desist letters.
Common mistake: Assuming employment contracts automatically assign IP. In many jurisdictions, contractor-created IP remains with the contractor without an explicit assignment agreement β and most early startups used contractors extensively.
In plain language: Requests a complete disclosure of all pending, threatened, and settled legal proceedings, regulatory inquiries, and compliance violations to surface contingent liabilities that could survive closing.
Please provide: (1) Schedule of all pending, threatened, or settled litigation, arbitration, or regulatory proceedings; (2) All demand letters, government inquiries, or consent decrees received in the past [5] years; (3) Evidence of all required business licenses and regulatory permits; (4) Any compliance audits or self-assessments.
Common mistake: Accepting a representation that there is no material litigation without specifically asking for demand letters and informal regulatory correspondence. Pre-litigation threats are rarely volunteered unless explicitly requested.
In plain language: Requests employee headcount data, compensation schedules, employment agreements, benefit plan documents, and any claims history to identify workforce liabilities and key-person dependencies.
Please provide: (1) Complete employee roster with titles, locations, compensation, and start dates; (2) All executive and key-employee employment agreements; (3) Benefit plan documents (health, retirement, equity); (4) WARN Act, redundancy, or termination exposure analysis; (5) Any pending or settled employment claims.
Common mistake: Not requesting independent contractor agreements alongside employee data. Misclassified contractors represent unpaid payroll taxes, benefits exposure, and potential regulatory penalties β all of which transfer to the buyer.
In plain language: Requests filed tax returns, correspondence with tax authorities, any open audits or assessments, and transfer pricing documentation to identify undisclosed tax liabilities.
Please provide: (1) Federal, state/provincial, and local tax returns for the past [3β5] years; (2) All tax audit reports, revenue authority correspondence, and closing agreements; (3) Schedule of any open tax years and estimated exposures; (4) Transfer pricing documentation for intercompany transactions.
Common mistake: Reviewing only income tax filings and missing sales tax, payroll tax, and transfer pricing exposures β which can collectively exceed income tax liability, especially for companies that expanded into new states or countries without registering.
In plain language: Requests all lease agreements, owned property titles, and asset schedules to confirm the target's rights to occupy its premises and confirm the condition of physical assets.
Please provide: (1) All real property leases, subleases, and amendment letters; (2) Title insurance policies and surveys for owned properties; (3) Fixed asset register as of [DATE]; (4) Any landlord consents required for assignment of leases upon change of control.
Common mistake: Skipping lease assignment consent requirements. Many commercial leases require landlord consent upon a change of control β missing this can result in the buyer losing its most important operating location post-closing.
In plain language: Requests current insurance certificates, policy schedules, and claims history to confirm adequate coverage is in place and to identify any uninsured losses or gaps relevant to the transaction.
Please provide: (1) Certificates of insurance for all current policies (general liability, E&O, D&O, cyber, property, workers' comp); (2) Schedule of all insurance claims in the past [3] years; (3) Any notice of cancellation, non-renewal, or coverage disputes; (4) Any self-insurance arrangements or captive structures.
Common mistake: Not reviewing claims history alongside current coverage. A company with three denied or large claims in three years signals underwriting problems that could make coverage unavailable or prohibitively expensive post-closing.
Determine whether this is a full acquisition, minority investment, or financing, and whether assets or shares are being transferred. The transaction type determines which categories are mandatory β asset deals require more focus on title and lien searches; share deals require deeper cap table and liability review.
π‘ Confirm with deal counsel on day one which categories apply β issuing an overly broad list wastes both parties' time and signals inexperience.
Set the materiality threshold for contract requests (e.g., contracts with annual value over $50,000) and add any industry-specific categories β e.g., FDA approvals for healthcare, FCC licenses for media.
π‘ Set the threshold at 2β3% of target revenue rather than a fixed dollar amount so it scales correctly to the size of the business.
Number every line item sequentially within each category (e.g., 3.1, 3.2, 3.3 under Section 3 β Material Contracts) so that responses in the data room index mirror the requisition list exactly.
π‘ A consistent numbering system cuts the average data room review time significantly β reviewers can locate any document in under 30 seconds using the index.
State the date by which all documents must be uploaded to the virtual data room, the naming convention to use for uploaded files, and who at the target company is the designated point of contact for follow-up.
π‘ A rolling 5-business-day response window for each batch β rather than one hard deadline β keeps momentum and avoids a last-minute data dump that overwhelms reviewers.
Add a status column (e.g., Pending / Received / Not Applicable / Follow-Up Required) to every line item so the requesting team can monitor completion at a glance and identify open items before the review period closes.
π‘ Share the tracking version with the target's counsel so both sides see the same completion status β this eliminates the 'we uploaded it already' disputes that delay closings.
Transmit the requisition list under a formal cover letter referencing the LOI or engagement letter, confirming that the existing NDA covers all materials produced, and identifying the VDR platform where documents should be uploaded.
π‘ Reference the NDA date and parties explicitly in the cover letter β this removes any ambiguity about whether newly produced diligence materials are covered by the confidentiality agreement.
After the first review round, issue numbered supplemental request lists (Supplement No. 1, No. 2) that address gaps, inconsistencies, and follow-up questions identified by the review team.
π‘ Consolidate supplemental requests into batches rather than issuing them one by one β a daily drip of new requests creates friction and can stall a deal that is otherwise on track.
Have both parties sign a diligence completion certificate confirming that all requested materials have been produced and that no material information has been withheld β this document is attached to the purchase agreement as a closing condition.
π‘ A signed completion certificate shifts post-closing indemnification risk materially toward the seller β make its execution a hard closing condition, not an optional courtesy.
A due diligence requisition list is a formal, categorized document request issued by a buyer, investor, or lender to a target company at the start of a transaction review process. It identifies every record, contract, financial statement, and legal document the requesting party needs to evaluate before signing a binding purchase or investment agreement. It functions as both a roadmap for the review and a contractual instrument that defines what the target has been asked to disclose.
It is typically issued immediately after a letter of intent is signed and the target has agreed to provide access. Issuing it before an LOI is signed risks disclosing your review priorities to a target that may not transact with you. Issuing it too late compresses the diligence period and increases the risk of closing with unresolved issues. Most deals issue the initial list within five business days of LOI execution.
A complete list covers corporate organization and governance, capitalization and equity, financial statements, material contracts, intellectual property, litigation and regulatory compliance, employment and benefits, tax matters, real estate and tangible assets, and insurance coverage. Deals in regulated industries add sector-specific categories β FDA approvals for healthcare, data privacy compliance for technology companies, or environmental permits for manufacturing businesses.
The terms are often used interchangeably, but there is a meaningful distinction in formal practice. A requisition list is a legally framed document request issued to a counterparty that forms part of the transaction record and can be referenced in the purchase agreement. A checklist is typically an internal tool used by the reviewing team to track its own progress. The requisition list is external and binding in character; the checklist is internal and operational.
The target's obligation to respond depends on the terms of the LOI or transaction access agreement. In most deals, the target is obligated to produce all documents that exist and are reasonably within its possession or control. Where a document does not exist or a request is not applicable, the target typically provides a written "not applicable" response. Refusing to respond to material categories without explanation is a significant red flag and often triggers a MAC clause analysis.
For a mid-market M&A transaction, the diligence period runs 30 to 60 days from issuance of the requisition list. Complex transactions β regulated industries, international subsidiaries, or heavily litigated targets β can run 90 days or more. Sell-side processes with pre-prepared virtual data rooms can compress the buyer's review to 20 to 30 days. The length is driven more by responsiveness and completeness than by the number of requests.
Material findings typically result in one of four outcomes: a price reduction reflecting the identified risk, an escrow holdback to cover potential post-closing claims, a specific indemnification from the seller for the identified liability, or β in severe cases β termination of the transaction under the MAC or walk-away provisions of the LOI. The requisition list and the documents produced in response form the evidentiary basis for any post-closing indemnification claim.
The list itself is a document request, not a standalone binding contract. However, it becomes legally significant when incorporated into the purchase agreement's disclosure schedule β creating a record of what was asked and what was produced. A seller who fails to produce material documents responsive to a clear request may face indemnification liability for breach of representations and warranties, even if the purchase agreement does not explicitly list every requested document by name.
For standard domestic M&A transactions below $5 million in enterprise value, a well-structured template customized to the deal type is usually sufficient to organize the review. Engage counsel when the target operates in a regulated industry, has material international operations, has disclosed litigation or IP disputes, or when the transaction structure involves complex equity, earnouts, or cross-border elements. A lawyer's value in diligence is not writing the list β it is knowing which responses to probe and which gaps require renegotiation.
An NDA is a confidentiality contract that must be signed before any diligence materials are shared. The requisition list is issued after the NDA is in place β it specifies what confidential information is being requested. The two documents work in sequence: the NDA protects the process; the requisition list drives it.
A letter of intent establishes the proposed deal terms and grants the buyer the right to conduct diligence. The due diligence requisition list is the instrument through which that right is exercised. The LOI precedes the list; the list follows from it. Issuing a requisition list without a signed LOI is unusual and generally inadvisable.
An asset purchase agreement is the binding contract that closes the transaction. Due diligence is the investigative process that happens before the APA is negotiated in final form. The findings from the requisition list directly shape the representations, warranties, and indemnification provisions in the purchase agreement.
A stock purchase agreement transfers ownership of the target entity's shares rather than individual assets. Diligence for a share deal requires a deeper review of the target's entire liability history β since all liabilities transfer with the shares β making the cap table, litigation, and tax sections of the requisition list especially critical.
IP ownership chain for all software (especially contractor-built components), data privacy compliance (SOC 2, GDPR, CCPA), customer contract auto-renewal and termination rights, and open-source license obligations.
FDA clearance and approval records, HIPAA compliance documentation, clinical trial agreements, reimbursement coding exposure, and medical staff credentialing obligations.
Environmental permits and Phase I/II assessment reports, equipment title and lien searches, union collective bargaining agreements, and supply chain single-source dependency analysis.
Regulatory licensing by jurisdiction (broker-dealer, RIA, money transmitter), FINRA or FCA examination correspondence, client contract assignability, and AML/KYC program documentation.
US diligence must address state-by-state sales tax nexus, which has expanded significantly since the 2018 South Dakota v. Wayfair Supreme Court ruling. Delaware corporate governance records are standard for most targets. Employment law exposure varies sharply by state β California's wage and hour rules, non-compete bans, and WARN Act thresholds differ materially from other states. FCPA compliance is required for any target with international operations.
Canadian diligence must address both federal and provincial regulatory requirements β securities regulation is provincial, not federal. PIPEDA and provincial privacy laws (particularly Quebec's Law 25, which has GDPR-comparable requirements) require specific data handling disclosures. Employment standards vary by province, with Ontario and British Columbia imposing the most significant termination obligations. Non-compete clauses are enforceable only within narrow scope and duration limits.
UK diligence must address the Companies House register for accurate corporate record verification and the Land Registry for property title. TUPE regulations impose strict obligations when employees transfer with a business, making the employment section especially material. UK GDPR and the Data Protection Act 2018 require a thorough review of the target's data processing activities and ICO registration status. Post-Brexit regulatory divergence from the EU is ongoing and affects financial services and product compliance diligence.
EU diligence is complicated by the need to assess compliance across multiple member state legal systems simultaneously. GDPR compliance β including data processing agreements, DPIA records, and supervisory authority correspondence β is a mandatory diligence category for any target handling personal data. Works council consultation rights in Germany, France, and the Netherlands can impose mandatory pre-closing notification and delay timelines. The EU Foreign Subsidies Regulation now requires notification for certain acquisitions involving non-EU state aid.
| Path | Best for | Cost | Time |
|---|---|---|---|
| Use the template | Buyers or investors conducting diligence on small private companies with straightforward operations and no regulatory complexity | Free | 1β2 hours to customize, 30β60 days to complete review |
| Template + legal review | Mid-market transactions under $10M where the target has material contracts, IP assets, or disclosed litigation | $1,000β$3,000 for counsel to customize and review responses | 30β60 days |
| Custom drafted | Transactions above $10M, regulated industries, cross-border deals, or targets with complex equity structures, international subsidiaries, or active litigation | $5,000β$25,000+ depending on deal size and complexity | 45β90 days |
This document is one of 3,000+ business & legal templates included in Business in a Box.
Access over 3,000+ business and legal templates for any business task, project or initiative.
Customize your ready-made business document template and save it in the cloud.
Share your files and folders with your team. Create a space of seamless collaboration.
"Fantastic value! I'm not sure how I'd do without it. It's worth its weight in gold and paid back for itself many times."
"I have been using Business in a Box for years. It has been the most useful source of templates I have encountered. I recommend it to anyone."
"It has been a life saver so many times I have lost count. Business in a Box has saved me so much time and as you know, time is money."
Stop downloading documents. Start operating with clarity. Business in a Box gives you the Business Operating System used by over 250,000 companies worldwide to structure, run, and grow their business.
Start freeΒ Β·Β No credit card required
