Due Diligence Report Format (India): A Practical Guide

Due diligence report format

The due diligence report format linked below uses a standard structure followed in India, with an executive summary, scope and limitations, a red-amber-green risk table, detailed findings by module, and annexures.

Due diligence report format

Disclaimer: This template is for general reference only and does not constitute legal, tax, or financial advice. Due diligence scope and reporting requirements vary by transaction type, industry, and stakeholder expectations. If you’re using this report for a live fundraising, acquisition, or lending process, it’s recommended to tailor it with qualified legal and financial professionals.

What is a due diligence report?

When investors say they want “due diligence”, what they really want is proof.

Proof that the company’s legal structure is clean, the cap table matches reality, filings are up to date, risks are understood, and there are no hidden liabilities waiting to surface later.

A due diligence report is a structured summary of what you uncover after reviewing a company’s legal, financial, compliance, and operational records.

At its core, it answers one question: is this company safe to invest in or acquire, and what risks need to be fixed or priced into the deal?

Who conducts due diligence?

Due diligence is usually carried out by a mix of internal stakeholders and external advisors. 

In fundraising and M&A, the reviewing team is typically led by the investor or acquirer, while the company supports the process by sharing documents and clarifications. 

The diligence work itself is commonly handled by legal and finance teams, along with external lawyers, chartered accountants, and company secretaries. In larger or regulated deals, specialists may also be brought in for areas like tax, intellectual property, or sector-specific compliance.

When is a due diligence report required?

A due diligence report is typically required anytime money, ownership, or liability is changing hands. 

In practice, this usually comes up in four scenarios

1. During fundraising, investors will want to validate the cap table and past issuances, check whether ESOP approvals and grant documentation are clean, confirm that ROC filings match the company’s records, and ensure there are no hidden liabilities that can derail the round later.

2. In M&A transactions, diligence becomes deeper. The focus shifts to understanding liabilities that may transfer, reviewing litigation and compliance exposure, checking major contracts for termination or consent clauses, and confirming that key intellectual property actually belongs to the company.

3. For loans and bank diligence, the report is used to assess repayment ability and enforceability. Lenders review financial statements, existing debt, charges on assets, and whether the business has enough cashflow and collateral to service the loan.

Types of due diligence (and what each one covers)

Due diligence is a set of checks across different areas of the business, often handled by different specialists. Most transactions cover the same core areas, but the depth of review varies depending on what the diligence is for.

1. Legal and corporate

This is the foundation layer for most diligence exercises. It focuses on whether the company is properly incorporated, whether its key corporate actions have been validly approved, and whether its records and filings support the ownership story. It typically includes company documents, governance records, material contracts, litigation exposure, and regulatory compliance.

2. Financial

Financial due diligence typically reviews audited financial statements, management accounts, bank statements, working capital trends, debt and liabilities, and cashflow visibility. For growing companies, it may also assess revenue quality, customer concentration risk, and whether projections are grounded in actual operating performance.

3. Tax

Tax diligence focuses on whether the company has complied with its tax obligations and whether there are exposures that could turn into future liabilities. This usually includes income tax positions, GST compliance (where applicable), TDS filings, assessments or notices, and the company’s approach to tax deductions and classifications.

4. Commercial and contractual

This type of diligence reviews the company’s key contracts to understand what could affect day-to-day operations. It covers major customer and vendor agreements, partnership deals, leases, and any commitments that could create risk during or after a transaction. The focus is on whether these contracts can be enforced, how easily they can be ended, what renewal risks exist, and whether approvals are needed before ownership changes.

5. Intellectual property and technology

This is especially relevant for product-driven companies where value is tied to code, brand, or proprietary systems. It typically checks ownership of trademarks and domains, software authorship, contractor and agency agreements, and whether IP has been properly assigned to the company.

6. HR and employment

HR diligence focuses on employment documentation, compliance exposure, and continuity risk. It typically reviews employee contracts, consultant agreements, policy frameworks, key employee dependencies, and statutory obligations such as PF/ESI where applicable.

7. Regulatory and sector-specific

If a company is in a heavily regulated sector, a deal can get delayed, blocked, or repriced if approvals are missing or compliance isn’t clean. In such cases, diligence will include sector-specific checks such as licensing, approvals, reporting obligations, and regulatory restrictions. This is common in areas like fintech, NBFC-linked businesses, payments, health, education, and listed-company contexts.

Unlike general corporate compliance, this diligence stream is often shaped by regulator expectations and the company’s operating model.

8. Operational (when relevant)

Operational diligence checks whether the company can keep delivering results during and after the deal. It looks at how reliable the business operations are today, what the business depends on (founders, key vendors, core systems), where the bottlenecks are, and what might break as the company scales.

In early-stage fundraising, operational diligence is usually lighter. In larger M&A deals, it can become a significant part of the overall diligence scope.

Due diligence report format (India): Standard structure

While there’s no single “legal standard” template that everyone follows, most Indian law firms, CAs, and diligence teams use a structure that looks like below:

Section 1: Cover page

The cover page should clearly mention the report title, the company’s name and CIN, the date of the report, and who it has been prepared for (investor, buyer, board, or lender). 

Most teams also include a confidentiality note here, because diligence reports often contain sensitive commercial and legal information.

Section 2: Executive summary

This is the most-read section of the report and often the only section senior stakeholders go through end-to-end. 

It should clearly state the purpose of the diligence, outline the scope in one paragraph, and then highlight the key observations that matter commercially.

A good executive summary doesn’t just list issues; it classifies them. Even a simple risk rating snapshot helps the reader understand whether the report is largely clean or whether there are high-impact concerns that need attention.

It also helps to end with a clear conclusion, written in plain language: proceed, proceed subject to closing conditions, or do not proceed.

Section 3: Scope, assumptions and limitations

This section protects both the preparer and the reader of the report. It clarifies what was reviewed, what wasn’t available, and what the report is relying on.

Section 4: Risk summary table 

This is what makes the report actionable. 

A strong risk summary table includes the issue, its impact, and what needs to be done next, along with who owns the fix and how quickly it can be resolved. This becomes the practical reference point for closing conditions, cleanup items, and pricing discussions.

Most teams use three levels:

• Red for deal blockers that must be fixed before closing
• Amber for items that can be fixed soon, sometimes post-close
• Green for areas that are clean or require no action

Section 5 onwards: Detailed findings (module-wise)

This is where each area is reviewed and documented, such as corporate compliance, cap table history, financials, contracts, and litigation.

Most diligence reports cover broadly the same modules. What changes from deal to deal is emphasis and depth. For example, a fundraising report usually goes deeper on ownership and equity records, while an M&A report tends to expand further into contracts, liabilities, and transfer-related risks.

This is also where the report should point to annexures and supporting documents, so readers can trace each observation back to the underlying record.

What to include in a due diligence report?

Once the format is in place, the next question is what exactly should the report cover?

Below is the standard checklist of modules that typically sit inside the ‘detailed findings’ section.

1. Corporate and ROC compliance

This part verifies whether the company’s internal records and approvals are in order.

• It usually includes a review of the Certificate of Incorporation, the MOA and AOA, statutory registers (including board and shareholder registers), board and shareholder meeting minutes, and supporting resolutions for key actions taken by the company.
  
• Annual filings (AOC-4, MGT-7/7A) and key event-based filings (PAS-3, SH-7, MGT-14 where applicable), plus CHG forms for charges if the company has borrowings.

2. Capital structure and ownership

This section validates ownership and equity history. It typically covers the current shareholding, the breakup of instruments issued (equity shares, CCPS, CCDs, SAFEs, warrants, or any other convertibles), and how those instruments convert.

It should also cover key shareholder rights and obligations that affect governance or economic outcomes.

3. ESOPs and employee equity

A diligence report should confirm whether the ESOP pool was created through the right approvals, whether grants were properly issued and accepted, whether vesting rules are consistently applied across employees, and whether exercises (if any) have been recorded correctly.

4. Financial and tax position

This section covers financial statements, existing liabilities, statutory dues, and any tax exposures. Depending on the deal, it may also flag contingent liabilities or risks that could impact cashflows post-transaction.

5. Key commercial contracts

This section reviews the contracts that the business depends on, including key customer agreements, vendor arrangements, channel partnerships, leases, and any large obligations that could impact continuity.

6. Intellectual property ownership

This section checks whether the company’s key IP is actually owned by the company and properly documented. This becomes especially important when value is tied to product, software, or brand.

7. Employment matters

Covers key employee documentation, founder/key-person dependency, and contractual gaps that could create continuity risk.

8. Litigation and disputes

Identifies existing disputes, notices, litigation exposure, and contingent liabilities.

9. Sector-specific regulatory checks

For regulated businesses, diligence includes licenses, approval requirements, and compliance history that could impact deal execution.

FAQs

1. What is included in a due diligence report under the Companies Act, 2013?

In India, the Companies Act, 2013 doesn’t prescribe a fixed due diligence report format.

However, most due diligence reports include a Companies Act compliance section that checks the company’s corporate records and governance approvals, statutory registers, and whether key corporate actions are properly documented. It also verifies whether ROC filings align with the company’s equity history and major actions, including annual filings and event-based filings related to allotments, and capital changes

2. What is a due diligence report format for a private limited company (fundraising)?

For fundraising in an Indian private limited company, the due diligence report typically follows the same standard structure used in most deals (cover page, executive summary, scope and limitations, risk table, detailed findings, and annexures). What changes is the emphasis: the review usually goes deeper on ownership and equity, including cap table accuracy, past allotments and instruments, ESOP approvals and documentation, and whether the company’s records and ROC filings support the equity history without gaps that could delay closing.