Acquisition audit: the complete guide to M&A due diligence for SMEs in 2026

An acquisition audit — commonly called due diligence — is the in-depth investigation carried out by a buyer before finalising a business purchase or external growth transaction. It is an irreplaceable decision-support tool: it tests the reliability of the information provided by the seller, identifies genuine risk areas, calibrates the valuation more accurately and secures the contractual warranties.

In France, the acquisition audit sits within a precise legal framework. The asset and liability warranty (garantie d'actif et de passif, GAP), governed by general civil law provisions and the contractual terms negotiated between parties, is directly fed by due diligence findings. The Code de commerce (notably L235-1 to L235-12 on company nullities) also defines the legal risks to map when reviewing constitutional documents and shareholder resolutions.

A transaction carried out without serious due diligence exposes the buyer to unmeasured risks that frequently materialise within 12 to 24 months post-acquisition: unprovisioned tax or social reassessments, unknown client or employee litigation, overvalued inventory, undisclosed environmental liabilities, excessive dependence on a single manager or client.

The acquisition audit does not aim to kill the transaction — it enables the buyer to approach it with clarity. The results of a well-conducted due diligence directly feed:

• ▸the price: adjustment of the sale price based on identified risks and potential liabilities
• ▸the contractual warranties: calibration of the asset and liability warranty (GAP) and representations and warranties (reps & warranties)
• ▸the conditions precedent: certain findings may condition the completion of the sale
• ▸the integration plan: priority post-closing actions are identified during due diligence

Phase 1: Financial and accounting due diligence

This is the core of the exercise. The accountant or financial adviser conducts an in-depth analysis covering:

Quality of earnings: is the reported EBITDA recurring and defensible? This review restates non-recurring items (capital gains, exceptional charges, atypical management remuneration), normalises operating costs and verifies the consistency between accounting results and cash generation.

Normalised working capital requirement: what is the real BFR (besoin en fonds de roulement) of the business, and how does it evolve with seasonality and growth? An underestimated BFR built into the acquisition price can generate an immediate post-closing financing need.

Balance sheet structure: debt levels, real asset values vs net book values (especially for fixed assets), provisions made or missing, off-balance-sheet commitments (guarantees, pledges, unrecognised operating leases).

Cash flows: analysis of cash flows over the last 3 financial years distinguishes operational cash generation from cash influenced by the seller's management choices (delayed payments, reduced maintenance capex).

Phase 2: Tax due diligence

This is often the source of the most significant liabilities. The tax review covers:

• ▸Analysis of the last 3 tax years: corporate tax returns, VAT, local business taxes, tax package filings
• ▸Identification of aggressive or uncertain tax positions: transfer pricing, deductibility of certain costs, potential income reclassification
• ▸Verification of compliance for BSPCEs, AGAs and other equity incentive schemes if applicable
• ▸Review of applicable tax treaties for cross-border activities
• ▸Examination of prior tax audits and their resolution

Unprovisioned tax risks are typically the first subject for negotiation of the asset and liability warranty.

Phase 3: Legal and contractual due diligence

This phase, conducted in coordination with an M&A lawyer, covers:

• ▸Review of constitutional documents, articles of association, shareholders' agreements: verification of resolution validity, absence of blocking clauses
• ▸Analysis of strategic commercial contracts: client contracts (concentrations, change of control clauses), supplier contracts, IP licences
• ▸Inventory of ongoing litigation and potential dispute risks
• ▸Intellectual property: trademarks, patents, software rights, domain names
• ▸Regulatory compliance: administrative authorisations, licences, sector certifications

The verification of change of control clauses in client contracts is critical: some contracts provide for automatic termination or an option right in the event of a sale, which can fundamentally affect the value of the target.

Phase 4: HR and employment due diligence

Employment risks are frequently underestimated by inexperienced buyers:

• ▸Payroll analysis: age pyramid, turnover, discretionary bonuses paid by the owner-manager
• ▸Review of key management employment contracts and non-compete clauses
• ▸Verification of collective agreements, annual wage negotiations, staff representation
• ▸Social declarations audit: DSN, URSSAF, complementary pension contributions
• ▸Identification of key person dependencies (key man risk)

Practical example: in an 80-employee service company, due diligence uncovering 12 consultant contracts potentially reclassifiable as permanent employment contracts and delayed URSSAF payments led to a 15% price reduction and a specific GAP clause covering the 36 months following closing.

Phase 5: Operational and strategic due diligence

This phase completes the financial picture with a business-level analysis:

• ▸Client base analysis: concentration, recurrence, satisfaction, outstanding tickets
• ▸Product/service portfolio review: maturity, differentiation, competitive threats
• ▸Operational process review: production capacity, supplier dependencies, IT systems
• ▸Competitive positioning and market outlook analysis

Certain signals should systematically trigger deeper investigation:

• ▸Highly variable results from year to year without a logical explanation based on business cycles
• ▸High client concentration: a single client representing more than 20-30% of revenue creates critical concentration risk
• ▸Missing or undersized provisions for litigation, warranties, inventory write-downs
• ▸Cash flows materially below results over several periods (indicator of working capital manipulation or earnings management)
• ▸High staff turnover or recent resignations of key profiles
• ▸Multiple changes of accountant or statutory auditor within the last 5 years
• ▸Change of control clauses in the top 3 client or supplier contracts

Hayot Expertise advice: a good acquisition audit does not aim to kill the transaction. It aims to understand it better, price it more accurately and secure it more effectively. The findings serve to rebalance the negotiation — not to end it. A well-advised buyer enters the final negotiation with a precise risk map and solid contractual levers.

See also strategic SME audit, forecast income statement and anticipating a tax audit.

👉 Discover our accounting expertise service

👉 Discover our statutory audit service

👉 Book an appointment with an expert

What is financial due diligence in an acquisition audit?

Financial due diligence analyses the quality of earnings, normalised working capital, balance sheet structure and actual cash flows of the target over 3 to 5 years. Its purpose is to distinguish recurring results from exceptional items, identify unprovisioned liabilities and validate the consistency between accounting results and cash generation.

What is the difference between an acquisition audit and an asset and liability warranty?

The acquisition audit is the investigation procedure carried out before completion. The asset and liability warranty (garantie d'actif et de passif) is the contractual clause that protects the buyer after closing against undisclosed liabilities. Both are complementary: due diligence findings calibrate the scope, cap and trigger thresholds of the warranty.

How long does an acquisition audit take for an SME?

For an SME with revenues between €5 million and €20 million, a complete financial and tax due diligence typically takes 4 to 6 weeks. This can be reduced to 2-3 weeks for a lighter review, or extended to 8-12 weeks for a complex transaction involving multiple entities or jurisdictions.

Is an acquisition audit legally required in France?

No, an acquisition audit is not legally mandatory in France. But the absence of due diligence does not protect the buyer from the consequences of unidentified risks. In practice, all investment funds and the vast majority of serious industrial buyers conduct due diligence before any significant acquisition. Bpifrance also offers co-financing for external growth advisory mandates.