Business Due Diligence Checklist for Australian Startups and SMEs

Whether you’re buying a business, bringing on an investor, entering a major partnership, or even just trying to get “investor-ready”, doing proper due diligence can be the difference between a confident next step and an expensive surprise.

In simple terms, due diligence is the process of checking the facts before you commit. For Australian startups and small businesses, that usually means reviewing the business’ legal setup, key contracts, intellectual property, people arrangements, and compliance obligations - then deciding what you’re comfortable with and what needs to be fixed (or negotiated) before moving forward.

This guide is designed to be a practical business due diligence checklist you can use as a starting point. We’ll walk through the key areas you should look at, the common red flags to watch for, and what to do if something doesn’t stack up.

What Is Business Due Diligence (And When Do You Need It)?

Business due diligence is a structured review of a business to confirm what’s really going on “under the hood”. It’s often done before:

• Buying a business (asset sale or share sale)
• Taking investment (especially from sophisticated investors or VCs)
• Entering a joint venture or major partnership
• Signing a long-term supply/customer contract that could make or break your cashflow
• Merging or restructuring (for example, adding a holding company)
• Raising debt finance (where the lender wants visibility and security)

If you’re a founder, due diligence is also a helpful internal exercise. Many startups only discover gaps (like missing IP assignments or contractor issues) at the worst time - right when they’re negotiating funding or a sale.

The goal isn’t perfection. The goal is clarity: what you’re taking on, what risks exist, and what you can do to reduce them through documents, warranties, or deal structure.

Note that due diligence usually involves multiple streams (legal, financial/accounting, tax, and sometimes technical or operational reviews). This article focuses on common legal and commercial checks, and you may need specialist advice for areas like tax, financial verification, insurance suitability, or regulated-industry compliance.

Business Due Diligence Checklist: Company, Structure And Ownership

Start here because if the legal “container” of the business is unclear, everything else becomes harder (and riskier).

1) Confirm The Business Structure And Registrations

• Is the business operating as a sole trader, partnership, trust, or company?
• If it’s a company, do the details match ASIC records (name, ACN, registered office, directors)?
• Is the business name properly registered and current?
• Does the entity have the right ABN and GST registration (if applicable)?

It’s common for small businesses to “evolve” over time - for example, a sole trader becomes a company - but the paperwork doesn’t always catch up. That can create ownership disputes and tax or contract issues later.

2) Check The Constitution And Decision-Making Rules

If it’s a company, you’ll want to confirm what rules apply to managing it, issuing shares, and appointing/removing directors. This is usually done through a Company Constitution (or replaceable rules).

• Is there a constitution in place, and is it signed/adopted correctly?
• Are there restrictions on issuing or transferring shares?
• Are there requirements for director/shareholder approvals for major decisions?

3) Review The Cap Table: Shares, Options And Convertibles

• Who owns the shares right now, and do you have supporting documents?
• Are there any unissued shares, options, or employee incentives promised verbally?
• Are there convertible notes, SAFEs, or other instruments that convert later?
• Are share classes documented properly (including different rights)?

For startups, unclear ownership is one of the fastest ways to delay a deal. If you’re working with co-founders or investors, a tailored Shareholders Agreement can also help clarify governance, transfer rules, and what happens if someone exits.

4) Confirm Authority To Sign

It sounds basic, but it matters: who can legally bind the business?

• Are contracts signed by the right entity (not a different entity or a person personally)?
• Were documents signed in a compliant way (for example, company execution requirements)?
• Is there a clear approval process for major commitments?

If you’re seeing inconsistent signatures, missing signatories, or “we’ll sign later” arrangements, that’s often a red flag that the business hasn’t been run with strong controls.

Business Due Diligence Checklist: Contracts And Commercial Relationships

Contracts are where a lot of business risk lives. They tell you what the business must do, what it can do, and what happens when something goes wrong.

5) Customer Contracts And Terms

• Are there written customer agreements or terms and conditions?
• Do they reflect how the business actually delivers the product or service?
• Do they address payment terms, scope, limitations, and dispute handling?
• Are there any “most favoured customer” clauses, exclusivity, or unusual warranties?

If the business is selling online, check whether website terms and eCommerce terms are in place and up to date. If the business is service-based, you’ll usually want a proper customer contract (even if many customers sign the same template).

6) Supplier, Manufacturing And Contractor Agreements

• Does the business rely on one supplier or manufacturer (single point of failure)?
• Are lead times, quality standards, and pricing clearly defined?
• Are there termination rights and consequences if something goes wrong?
• Are contractors engaged under appropriate agreements, and do they assign IP?

From a legal perspective, the big issues are often: unclear deliverables, unclear ownership of work product, and payment disputes. Getting this right early can prevent costly “who owns what?” conflicts later.

7) Leases, Licences And Property Arrangements

• Is there a commercial lease, sublease, or licence to occupy?
• Are there rent reviews, make-good obligations, outgoings, or personal guarantees?
• Is the business allowed to use the premises for its actual activities (zoning/permits)?

A lease can be one of the biggest liabilities in a small business acquisition, so it’s worth taking the time to confirm the costs and restrictions actually match what you were told.

8) Loans, Security Interests And Guarantees

• Are there outstanding loans (director loans, bank loans, convertible notes)?
• Has anyone provided a personal guarantee?
• Are there security interests registered over the business’ assets?

In Australia, many lenders (and some suppliers) register security interests on the Personal Property Securities Register (PPSR). If you’re buying assets, it’s common to do a PPSR search to check whether those assets are encumbered. Where relevant, it can help to understand PPSR concepts so you know what a registration could mean for ownership and risk.

Keep in mind that reviewing loan terms, financial performance, and tax liabilities usually requires an accountant or tax adviser, in addition to legal review of the underlying documents.

Business Due Diligence Checklist: IP, Branding And Data

For many startups, the “real” value is intangible - your brand, your software, your customer list, your domain name, your designs, and your know-how.

9) Identify Key Intellectual Property (IP)

• What IP exists (software code, designs, brand, content, processes)?
• Who created it (employees, contractors, founders, agencies)?
• Does the business have written assignments/licences proving it owns or can use it?

A common startup issue is that a founder or contractor built key assets early on, but the IP was never formally assigned to the company. That can become a major issue during a capital raise or acquisition.

10) Trade Marks, Business Names And Domains

• Is the brand name protected as a trade mark (or is it only a business name)?
• Who owns the domain name and key social media handles?
• Are there any disputes, claims, or risks of infringement?

Even if you’re not ready to register everything immediately, you should at least confirm the brand isn’t exposing you to a dispute and that ownership is clearly documented.

11) Privacy And Customer Data

If the business collects personal information (for example, names, emails, addresses, payment details, or behavioural data), you should check how that data is collected, stored, and disclosed.

• Is there a clear privacy policy and collection notice?
• Does the business have consent for email marketing?
• Are there security measures for storing personal data?
• Has the business experienced a data breach (or near miss)?

If you run an online business, a compliant Privacy Policy is often a practical baseline, and it’s also important for building trust with customers and counterparties. For cybersecurity and technical controls, you may also want input from an IT/security specialist.

Business Due Diligence Checklist: Compliance, People And Risk

Compliance isn’t just about avoiding fines. It’s about reducing operational risk and making sure the business can keep operating the way it says it does.

12) Australian Consumer Law (ACL) Risks

If the business sells goods or services to customers, the Australian Consumer Law (ACL) will be relevant. As part of due diligence, check:

• Refund, return and warranty processes (do they comply with consumer guarantees?)
• Advertising and representations (are they accurate and not misleading?)
• Standard terms (do they create unfair contract term risks?)

Small businesses often accidentally make big claims in marketing (for example, around outcomes, timeframes, or “no refunds”). These can create legal risk and customer disputes if not handled properly.

13) Employment And Contractor Compliance

People risk is real, especially in small teams where key individuals hold critical knowledge.

• Are staff properly classified (employee vs contractor)?
• Are there written employment contracts in place?
• Are there workplace policies (especially around conduct, confidentiality, use of systems)?
• Have there been disputes, warnings, or claims (unfair dismissal, underpayment, bullying)?

Even if the team is small, having a clear Employment Contract can reduce misunderstandings around duties, pay, IP ownership, confidentiality and termination.

14) Licences, Permits And Industry Regulation

Depending on the industry, the business may need specific licences or approvals. Due diligence questions include:

• What licences/permits are required to operate (and are they current)?
• Are there conditions attached (hours, signage, safety requirements, location restrictions)?
• Are there any compliance notices, warnings, or regulatory investigations?

For regulated industries (like health, childcare, finance, food, construction, or NDIS-related services), this step can be substantial. It’s often worth getting targeted advice from a lawyer with relevant regulatory experience (and, where needed, a specialist consultant), because non-compliance can threaten the business’ ability to operate at all.

15) Insurance And Practical Risk Controls

Insurance isn’t a “legal document” in the same way a contract is, but it’s still a core risk management item.

• What insurance policies are in place (public liability, professional indemnity, workers compensation, cyber)?
• Are key risks excluded?
• Are policies in the correct entity name?

Insurance won’t fix poor contracts or non-compliance, but it can materially reduce the financial impact of a major incident. For advice on what cover is appropriate, you’ll usually want to speak with a licensed insurance broker or adviser.

How To Use This Checklist In A Real Deal (And What To Do With Red Flags)

A checklist is only useful if it leads to action. In a typical small business acquisition or startup investment, due diligence findings usually end up in one (or more) of these buckets:

1) “Fix Before Signing” Items

These are the issues that are serious enough that you should resolve them before you commit. Examples include:

• Unclear ownership of key IP
• Major contracts missing or not enforceable
• Company ownership records not matching reality
• Critical regulatory approvals not in place

2) “Fix After Signing” Items

These are issues you can live with temporarily, but you want a clear plan and timeline to address them after completion (and sometimes a retention amount or special condition to ensure it happens).

3) “Price/Terms Adjustment” Items

If the business has a risk or liability, that may justify:

• a lower purchase price
• a holdback/escrow amount
• additional warranties and indemnities
• more robust termination rights

4) “Walk Away” Items

Sometimes due diligence reveals something that makes the deal fundamentally too risky. That might be because:

• key numbers don’t match the story
• there’s a serious undisclosed dispute
• the business can’t operate lawfully without major changes
• ownership of the core asset is unclear

If you’re buying a business, it’s also worth remembering that the due diligence process should align with the transaction documents. For example, the scope of what you reviewed should match the warranties you’re being offered in a sale agreement, and the completion steps should ensure key assets (like IP and domain names) are actually transferred on settlement.

In many cases, a structured legal review as part of a legal due diligence process can help you prioritise what matters most, rather than getting buried in paperwork.

Key Takeaways

• A strong business due diligence checklist helps you confirm what you’re really buying, investing in, or partnering with - before you commit.
• Start with structure and ownership: the entity, registrations, cap table, and authority to sign need to be clear.
• Contracts are where many hidden risks sit, so review customer, supplier, lease and finance documents carefully (including potential PPSR issues).
• For startups, IP ownership and data handling can be major value drivers - and major deal-breakers if not properly documented.
• Compliance and people risk matters early: employment arrangements, consumer law obligations, licences and insurance should all be checked (with specialist advice where needed).
• Due diligence findings should translate into action - fix items pre-signing, negotiate protections, or walk away if the risk is too high.

If you’d like help with the legal side of a due diligence review, or preparing your business for a sale, investment or growth, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.