Diligence for $1–$20M Deal Sizes
What to Scale Down—and What Never to Skip
Mid-market and micro-market transactions cannot usually support Wall Street-sized diligence budgets. In a $1 million to $20 million deal, the goal is not to diligence every theoretical issue to exhaustion. The goal is to identify the issues that could change the purchase price, affect financing, delay closing, create post-closing liability, or cause the buyer to inherit a problem it did not bargain for.
That requires a different approach. The diligence process should be practical, focused, and risk-based. Instead of asking for every document that might exist, the buyer and its advisors should concentrate on the areas most likely to affect value and operational continuity.
The best diligence plans in smaller deals answer three basic questions:
What are we actually buying?
What liabilities are we inheriting or indirectly assuming?
What must be fixed before closing, priced into the deal, or protected by indemnity, escrow, holdback, or a closing condition?
The Non-Negotiables
Some diligence items should not be skipped, even in a smaller transaction. These are the areas where relatively modest review can uncover major problems.
Ownership and Cap Table Cleanup
Before getting too far into a transaction, confirm who owns the company and who has the right to approve the deal. This includes reviewing equity records, operating agreements, shareholder agreements, option plans, warrants, phantom equity, profit interests, convertible notes, and board or member approvals.
In smaller businesses, ownership records are often informal or outdated. That can create closing problems if someone later claims an ownership interest, consent right, profit participation, or payout right. A buyer should confirm that the seller can deliver clean title to the equity or assets being sold.
Important questions include:
Who owns the company?
Are there any side agreements regarding ownership or economics?
Are there options, warrants, phantom equity, profit interests, or promised ownership grants?
Are the required approvals clear?
Are there minority owners, spouses, lenders, or other parties whose consent may be needed?
If the deal involves an asset purchase, confirm that the selling entity actually owns the assets it is selling.
Taxes
Tax diligence does not need to be extravagant, but it does need to be done. Sales and use tax, payroll tax, income tax filings, and state nexus issues can create significant exposure. This is especially important for businesses that sell across state lines, use independent contractors, have remote employees, sell taxable goods or services, or operate in multiple jurisdictions.
At a minimum, review:
Federal and state tax returns.
Sales and use tax filings.
Payroll tax filings and payments.
Any tax notices, audits, payment plans, or disputes.
Whether the company has employees, customers, inventory, or operations in multiple states.
Whether the business has collected and remitted sales tax where required.
Large unremitted sales tax exposure is one of the most serious red flags in a smaller deal. It can be difficult to quantify, expensive to clean up, and problematic for lenders.
Liens, Debt, and Litigation
A buyer should confirm whether the business or its assets are subject to liens, judgments, tax liens, pending lawsuits, threatened claims, or unresolved disputes. This typically includes UCC searches, judgment searches, tax lien searches, litigation searches, and review of loan documents.
Key questions include:
Are there secured creditors?
Will liens be released at closing?
Are there unpaid vendors or disputed invoices?
Are there pending lawsuits or demand letters?
Are there tax liens or judgment liens?
Are there personal guarantees or cross-collateralized obligations?
Are any assets subject to leases, financing statements, or equipment loans?
In an equity deal, these issues are critical because the buyer will be stepping into the company with all of its existing obligations. In an asset deal, these issues matter because the buyer needs to know whether it is receiving the assets free and clear of liens and encumbrances.
Key Contracts
Most smaller businesses depend heavily on a limited number of customers, vendors, landlords, licensors, referral sources, or suppliers. Diligence should focus on the contracts that actually drive revenue or are necessary for operations.
Review the contracts that matter most, including:
Top customer contracts.
Top vendor and supplier agreements.
Leases.
Equipment leases.
Software and licensing agreements.
Referral, broker, dealer, or reseller agreements.
Financing agreements.
Franchise or distribution agreements.
Government contracts.
The most important provisions are often assignment, consent, change-of-control, termination, exclusivity, most-favored-nation, pricing, renewal, non-solicitation, noncompete, confidentiality, and indemnity provisions.
A contract that cannot be assigned, or that can be terminated upon a change of control, may be central to whether the deal can close. If a key revenue source can walk away immediately after closing, that risk should be addressed before signing or built directly into the purchase price, escrow, earnout, or closing conditions.
Revenue Quality and Customer Concentration
In smaller deals, customer concentration can be more important than formal financial diligence. A company may look profitable on paper, but if 40% of revenue comes from one customer with a terminable-at-will contract, the buyer is not buying the same level of certainty as a diversified business with long-term recurring revenue.
The diligence should identify:
Top customers by revenue.
Gross margin by customer or product line.
Recurring versus one-time revenue.
Customer churn.
Backlog.
Pipeline quality.
Contract terms.
Whether customers are tied to the owner personally.
Whether the business depends on informal relationships that may not survive closing.
This is also where the buyer should test the seller’s story. If the seller describes revenue as “recurring,” the contracts and payment history should support that characterization.
Employment and Workforce Issues
Employment diligence is often overlooked in smaller deals, but it should not be. Misclassified employees, unpaid overtime, undocumented commissions, weak restrictive covenants, and contractor problems can create meaningful liability.
Review:
Employee census.
Offer letters and employment agreements.
Commission and bonus plans.
Independent contractor arrangements.
Exempt versus non-exempt classifications.
Payroll practices.
Handbooks and written policies.
Noncompete, nonsolicitation, confidentiality, and invention assignment agreements.
Immigration/I-9 practices where relevant.
Pending or threatened employment claims.
Restrictive covenant issues deserve special attention. Noncompete law has changed significantly in recent years and continues to evolve. Even where seller noncompetes may be treated differently from employee noncompetes, buyers should not assume that older agreements are enforceable. Nonsolicitation, confidentiality, trade secret, and invention assignment provisions may be more important and more enforceable than a broad noncompete.
Data, Privacy, Cybersecurity, and IP
Nearly every business now has data, software, digital accounts, customer lists, marketing content, or other intangible assets. Even traditional businesses may rely on websites, customer databases, CRM systems, cloud storage, online advertising accounts, payment platforms, and third-party software.
Diligence should confirm who owns or controls:
Software code.
Website content.
Logos, trademarks, and trade names.
Domain names.
Social media accounts.
Customer lists.
CRM data.
Marketing materials.
Product designs.
Internal processes and documentation.
AI-generated content, if used.
Employee and contractor-created materials.
For technology-enabled businesses, the buyer should confirm that employees and contractors assigned their IP rights to the company. Contractor-created code, branding, photography, website content, product designs, and marketing materials can create problems if there is no written assignment.
Privacy and cybersecurity review should be practical but real. A buyer should understand what personal information the company collects, where it is stored, who has access to it, whether privacy notices are accurate, whether there have been security incidents, and whether any customer or vendor contracts impose cybersecurity obligations.
At minimum, ask:
Has the company experienced a security incident?
Does the company have cyber insurance?
Where is customer data stored?
Who has administrative access to key systems?
Are passwords and accounts controlled by the company or by individuals?
Are privacy policies accurate?
Are there written information security practices?
Are there vendor contracts involving sensitive data?
A security incident with poor remediation is a serious red flag. So is a business where the owner personally controls all digital accounts and no one knows how to transition them.
Regulatory and Licensing Issues
Some smaller businesses are deceptively regulated. A buyer should confirm that the company has the licenses, permits, registrations, and approvals needed to operate.
This may include:
Professional licenses.
Local business licenses.
Health, food, or safety permits.
Environmental permits.
Sales tax permits.
Industry-specific registrations.
Franchise registrations.
Government contract requirements.
Zoning or conditional use approvals.
Transportation, manufacturing, construction, or healthcare-related approvals.
The key question is whether the buyer can continue operating the business immediately after closing. If a license is personal to the seller or cannot be transferred, the closing timeline and structure may need to change.
Real Estate, Leases, and Facilities
If the business operates from a leased location, the lease may be one of the most important documents in the deal. Buyers should review assignment rights, landlord consent requirements, renewal options, rent escalations, maintenance obligations, personal guarantees, exclusive-use provisions, and default history.
For owned real estate, diligence should include title, survey, environmental, zoning, access, easements, leases, and financing issues.
Even in a small asset deal, the buyer should confirm:
Can the lease be assigned?
Is landlord consent required?
Is there a personal guarantee?
Are there renewal options?
Are there defaults or unpaid amounts?
Is the current use permitted?
Are there environmental concerns?
Does the business need that exact location to preserve value?
Insurance
Insurance can reveal risk. Review policies, claims history, coverage limits, exclusions, cyber coverage, employment practices coverage, product liability coverage, and whether tail coverage is needed.
If the seller has had significant claims or coverage denials, that may signal operational, product, employment, or safety issues that require additional diligence.
Scale Down Carefully
The answer in a smaller deal is not to skip diligence. It is to scale diligence intelligently.
A buyer can often replace an expensive, full-blown quality of earnings review with targeted financial corroboration. That may include reviewing bank statements, bank reconciliations, accounts receivable aging, accounts payable aging, customer-level revenue, margin by product or customer, sales tax filings, payroll records, and monthly financial statements.
Instead of reviewing every customer and vendor contract, start with the top relationships by revenue, margin, operational importance, or risk. If those raise issues, expand the sample.
Instead of maintaining multiple disconnected diligence lists, use one live issues list that assigns:
The issue.
The risk level.
The responsible party.
The proposed fix.
Whether it affects purchase price.
Whether it requires a closing condition.
Whether it should be covered by a representation, indemnity, escrow, holdback, or special covenant.
A focused issues list is often more useful than a large data room that no one is managing.
Red Flags Worth Walking Over
Not every issue should kill a deal. Many problems can be fixed through price adjustments, indemnities, escrows, holdbacks, transition services, seller covenants, or pre-closing cleanup. But some issues should cause a buyer to pause.
Examples include:
Large unremitted sales tax exposure.
Unpaid payroll taxes.
Key revenue based on terminable-at-will contracts with no customer stickiness.
Critical contracts that cannot be assigned.
Major customer concentration with no long-term agreement.
Seller inability to prove ownership of assets being sold.
Missing IP assignments for critical software, branding, content, or technology.
Security incidents with poor investigation or remediation.
Material litigation that is not disclosed early.
Financial statements that do not reconcile to bank records.
Undisclosed debt or liens.
Licenses that cannot be transferred or replaced.
A seller who cannot explain the numbers.
A seller who resists basic diligence.
In smaller deals, the seller’s credibility matters. Disorganization is common. Evasion is different.
Seller-Side Readiness
If you are selling a business, diligence should begin before the buyer asks for documents. The best way to preserve value is to fix the problems buyers are likely to find.
Before going to market, sellers should consider:
Cleaning up ownership records.
Confirming required approvals.
Finalizing employee and contractor IP assignments.
Reviewing customer and vendor contract assignment provisions.
Resolving intercompany balances.
Documenting owner compensation and add-backs.
Preparing clean financial statements.
Reconciling bank accounts.
Reviewing sales tax compliance.
Organizing leases and amendments.
Confirming license and permit status.
Preparing a working capital methodology.
Documenting key processes.
Identifying customer concentration issues.
Reviewing employee classification and contractor status.
Moving key digital accounts into company control.
A seller-side diligence project does not need to be expensive. But it should make the business easier to buy. Buyers pay more for businesses that are organized, transferable, and understandable.
The Practical Bottom Line
In a $1 million to $20 million deal, diligence should be proportionate to the size of the transaction, but it should not be casual. The purpose is to spend time and money where it matters most: on issues that affect value, closing certainty, operational continuity, or post-closing liability.
Spend where it changes the price or the probability of closing. Everything else is secondary.
We help buyers and sellers build right-sized diligence plans for lower-middle-market and closely held business transactions. Whether you are preparing to sell, evaluating a target, or trying to keep a deal moving, a focused diligence process can protect value without overwhelming the transaction.
