Due Diligence in Merger and Acquisitions : A Critical Legal Analysis

Abstract

Due diligence constitutes a decisive stage in the process of mergers and acquisitions, as it largely determines whether a proposed transaction will ultimately succeed or fail. In contemporary corporate practice, particularly within emerging economies such as India, due diligence has evolved far beyond a mere financial verification exercise. It is no longer viewed as a simple assessment of balance sheets and financial statements; rather, it has developed into a comprehensive, multidimensional process encompassing legal, regulatory, operational, tax, and corporate governance assessments. This article critically examines the role of due diligence during mergers and acquisitions from a legal perspective. It analyses the existing legal and regulatory framework governing due diligence in India, while also evaluating the judicial approaches adopted by Indian courts in disputes arising from mergers and acquisitions. Further, the article explores the practical challenges faced by acquiring companies while conducting due diligence, particularly in complex and time-sensitive transactions. The study also highlights how inadequate, superficial, or rushed due diligence can expose acquirers to hidden liabilities, regulatory sanctions, and post-merger disputes, thereby undermining the commercial objectives of the transaction. Such failures not only affect transactional certainty but also raise significant legal and compliance risks in the post-acquisition phase. The article evaluates recent developments in due diligence practices and suggests reforms aimed at strengthening and modernising the due diligence framework.

Introduction

“The failure to conduct adequate due diligence is often the root cause of disastrous deals.”¹

Mergers and acquisitions (M&A) have become a necessary corporate tool for expansion, restructuring, and maximising value in an increasingly competitive business environment. In the Indian context, the growing number of domestic and cross-border M&A deals has heightened the need for efficient risk management tools. Of these, due diligence plays a crucial role because it allows the buyer to make informed decisions and evaluate the legal and regulatory risks involved in a deal. In today’s corporate world, due diligence is no longer a simple financial check. In the emerging economy of India, due diligence has become a full-fledged exercise that includes legal, regulatory, tax, operational, and corporate governance checks. This is because of the increasing regulatory oversight and the judicial focus on transparency and informed decision-making in corporate deals. The legal relevance of due diligence has been clearly acknowledged by judicial bodies.

In the case of Nirma Industries and Anr v. Securities and Exchange Board of India (Civil Appeal No. 6082 of 2008),² the Supreme Court of India highlighted that due diligence under Regulation 27(d) of the SEBI (Substantial Acquisition of Shares and Takeovers) Regulations, 1997 is a substantive requirement and not a procedural requirement. The Court held that the acquirer cannot avoid liability on the grounds of ignorance regarding material legal risks that were known or should have been discovered through reasonable inquiry.

A comparative analysis can be offered by the U.S. case of Smith v. Van Gorkom (488 A.2d 858, Del. 1985),³ in which the Delaware Supreme Court held directors liable for breaching their fiduciary obligations by approving a merger without sufficient investigation or expert advice. These cases collectively highlight the relevance of due diligence in corporate governance and transactional integrity.

This article critically evaluates the relevance of due diligence in M&A transactions from a legal standpoint, reviewing the Indian legal framework, judicial approaches, and challenges, and proposes a plan to improve due diligence practices in accordance with the prevailing market realities.

Legal Analysis

In the Indian context, due diligence is a vital step in the acquisition process, as it helps in identifying and evaluating the legal, financial, and operational risks associated with the target entity or company. The primary objective of due diligence is to enable the acquiring party to make an informed decision by thoroughly assessing the potential liabilities and risks involved in the transaction. The due diligence process in India is primarily governed by the statutory framework, including the Companies Act, 2013, Securities and Exchange Board of India (SEBI) regulations, and other relevant laws and regulatory guidelines. These legal frameworks ensure transparency, accountability, and compliance throughout the acquisition process.

Due diligence involves a comprehensive understanding and examination of the legal aspects of the target company, which helps in ensuring smooth execution of the transaction and in reducing post-deal liabilities. In acquisitions, due diligence in the Indian framework includes a detailed investigation into the legal, financial, and operational standing of the target company. This investigation aims to verify the representations and warranties made during negotiations, ensure compliance with applicable laws, and assess potential risks that may affect the value or feasibility of the transaction.

The due diligence process scrutinises various legal domains, including:

• An examination of the corporate structure and ownership of the target company
• Verification of statutory compliance under the Companies Act, 2013
• Protection and ownership of intellectual property rights
• Compliance with employment and labour laws
• Review of contractual obligations
• Assessment of ongoing or potential litigation risks
• Evaluation of tax liabilities

Particular emphasis is placed on compliance with the Securities and Exchange Board of India (SEBI) (Substantial Acquisition of Shares and Takeovers) Regulations, 2011,⁴ and the Competition Act, 2002, as amended. These regulatory frameworks play a crucial role in governing acquisitions and ensuring market transparency and fair competition.

The legal framework governing due diligence in India includes Sections 230 to 234 of the Companies Act, 2013,⁵ which facilitate schemes of arrangement, compromises, and mergers. Specifically, Section 232 empowers the National Company Law Tribunal (NCLT) to sanction and supervise merger and amalgamation schemes. SEBI regulations oversee disclosure requirements and compliance obligations for listed companies, while the Competition Act, 2002 mandates prior notification to the Competition Commission of India (CCI) for combinations exceeding prescribed thresholds.

Failure to conduct comprehensive due diligence exposes acquirers to significant legal risks, including undisclosed litigation, penalties arising from statutory non-compliance, regulatory fines, and post-acquisition liabilities. Such liabilities may also extend to emerging areas, such as data protection breaches under the Digital Personal Data Protection Act, 2023 (DPDP Act). Inadequate review of digital compliance, corporate authorisations, and intellectual property rights may result in deal failure or prolonged legal disputes.

Therefore, a meticulous and structured due diligence investigation is essential. Effective due diligence is carried out through a systematic process that utilises Virtual Data Rooms (VDRs), cross-functional teams, and technology-driven tools, which enhance confidentiality, accuracy, and efficiency. Recent trends in Indian acquisitions reflect a heightened focus on data privacy compliance under the DPDP Act, 2023, and adherence to evolving digital shareholding norms. Additionally, recent amendments aimed at streamlining merger procedures have reinforced the importance of rigorous due diligence to ensure compliance with revised timelines and regulatory requirements.

Legal Framework

In discussing the due diligence process in an acquisition, the first significant legal provision is Section 5 of the Foreign Exchange Management Act (FEMA), 1999. This section pertains to the regulation of foreign exchange transactions and vests powers in the Reserve Bank of India (RBI) to regulate foreign exchange transactions. The Foreign Direct Investment (FDI) policy is administered through amendments and changes to FEMA regulations. Non-compliance with these regulations invites penalties, which may go up to three times the value of the amount involved in the transaction, along with confiscation of securities.

The subsequent significant legal provisions are Sections 230 and 232 of the Companies Act, 2013. These sections regulate mergers and amalgamations, including those involving foreign companies. According to these provisions, Indian companies are allowed to merge with foreign companies incorporated in countries listed in Annexure B, subject to prior approval from the RBI and fulfilment of specified conditions. This also includes valuation, which is to be carried out by specified professional valuers.

Compliance with competition law is an essential component of due diligence under Section 6 of the Competition Act, 2002, which prohibits combinations that result in, or are likely to cause, an appreciable adverse effect on competition in India. All transactions above certain thresholds are mandatorily required to be notified to the Competition Commission of India (CCI). Failure to notify the CCI may lead to severe penalties and, in some instances, reversal of the transaction. This position has been reinforced by the Competition Commission of India (Combinations) Regulations, 2024, which have introduced the Deal Value Threshold of INR 20 billion for transactions involving substantial business activities in India, regardless of the traditional asset or turnover thresholds.

Under taxation laws, Sections 40(i), 40A(7), and 47 of the Income Tax Act, 1961 offer tax neutrality and exemptions for certain types of reorganisations, such as mergers and demergers. However, these provisions are to be read together with the General Anti-Avoidance Rules (GAAR) under Section 96 of the Income Tax Act,⁶ which override tax treaty benefits and deny exemptions if the primary object of the arrangement is to secure a tax benefit.

The application of GAAR has been upheld by the Supreme Court in the Tiger Global-Flipkart case,⁷ thus emphasising the need for tax due diligence. The recent past has also witnessed a vast expansion in the realm of due diligence with the introduction of the Digital Personal Data Protection Act, 2023 (DPDP Act) and the corresponding rules. This Act provides a comprehensive regime for data protection, which applies to data fiduciaries, consent processes, breach notifications, and international transfers of data. This is mandatory in merger and acquisition deals involving data-processing entities, and non-compliance may lead to post-acquisition liabilities.

Acquisitions of listed companies are also regulated by SEBI under Sections 25 and 26 of the SEBI Act, 1992,⁸ which empower SEBI to regulate mergers and acquisitions of listed entities and issuers of securities. Some mergers involving listed companies are also subject to prior approval by SEBI to protect investors and ensure market transparency.

Therefore, the legal due diligence process in acquisition transactions involves a thorough examination of foreign exchange regulations, corporate restructuring laws, competition laws, taxation laws, data protection laws, and securities laws to ensure that the acquisition transaction is compliant and free from any regulatory penalties that may affect the viability of the transaction.

Recent Developments

In September 2024, India introduced the Deal Value Threshold (DVT) mechanism as an additional criterion for regulating mergers and acquisitions from a competition law perspective. According to this mechanism, any transaction that exceeds the deal value of at least INR 20 billion will be required to be notified to the Competition Commission of India (CCI), if the target entity has substantial business activities in India, regardless of whether the conventional asset or turnover thresholds are satisfied.

This move has greatly increased the jurisdiction of the CCI, especially with respect to high-value cross-border transactions that were previously not subject to CCI review due to low assets or turnover in India. Additionally, the introduction of the DVT mechanism also waived the de minimis exemption for transactions that exceed the deal value threshold, ensuring that these transactions are subject to closer regulatory scrutiny.

The need for a more stringent review of complex and high-value transactions was further validated by the Supreme Court’s ruling in the Tiger Global-Flipkart case (2025).⁷ The Court asserted that tax authorities have the right to override tax treaty benefits in cases that lack commercial substance. The Court further clarified that a Tax Residency Certificate (TRC) is not conclusive and does not automatically qualify for treaty benefits.

The Court’s ruling also invalidated the grandfathering treatment of investments made before 1 April 2017 under the India-Mauritius Double Taxation Avoidance Agreement⁹ and further solidified the application of the substance-over-form principle to all investment structures. As a result of these new developments, acquirers are now compelled to account for the risks of treaty uncertainty when pricing transactions and to demand more robust post-closing indemnities to mitigate potential tax risks.

Conclusion

Due diligence is a key component of mergers and acquisitions, and it is the bedrock of informed decision-making, risk management, and transactional certainty. As illustrated in this study, the due diligence process within India’s M&A regime has matured from a limited financial verification exercise into a holistic, multidisciplinary undertaking that encompasses legal, regulatory, operational, tax, and governance reviews. The increasing complexity of corporate deals, combined with heightened regulatory oversight under the Companies Act, 2013, SEBI regulations, the Competition Act, 2002, FEMA, and the Digital Personal Data Protection Act, 2023, has substantially increased the relevance and scope of due diligence.

Judicial dictums, particularly in Nirma Industries v. SEBI,¹⁰ emphasised that due diligence is a substantive legal requirement rather than a procedural technicality, imposing a heightened obligation on the acquiring party to reasonably identify and assess material risks. The analysis further demonstrates that inadequate or superficial due diligence can expose acquirers to significant post-acquisition liabilities — including hidden litigation, regulatory breaches, data protection infringements, and contractual disputes. Such lapses further undermine the commercial viability of the transaction itself. In this regard, due diligence is not only a risk management tool but also an essential mechanism for ensuring compliance and transactional success.

However, despite its recognised significance, the due diligence process in India continues to grapple with challenges such as time constraints, information asymmetry, fragmented disclosures, and dynamic regulatory requirements. To address these issues, several enhancements can be recommended:

1. Standardised guidelines: Regulatory bodies may consider formulating standardised due diligence guidelines or sector-specific checklists to improve consistency and minimise ambiguities in regulatory compliance.
2. Technology-enabled solutions: Greater reliance on Virtual Data Rooms, artificial intelligence-powered document analysis, and automated regulatory compliance monitoring can greatly enhance efficiency, accuracy, and confidentiality.
3. Expanded scope: Increased focus on data protection, environmental, social, and governance (ESG) compliance, and cyber risk analysis must be factored into due diligence exercises to keep pace with evolving legal and commercial realities.
4. Capacity building: Specialised training for legal and compliance professionals and greater coordination between legal, financial, and technical advisors can further enhance the overall quality of due diligence.
5. Contractual safeguards: Sound representations and warranties, indemnities, and insurance solutions must be synchronised with due diligence findings to ensure effective risk management.

Taken together, these reforms would help modernise India’s due diligence framework and equip M&A practitioners to navigate the increasingly complex regulatory and commercial landscape with greater confidence and legal certainty.

Reference(S):

¹ Robert F Bruner, Deals from Hell: M&A Lessons that Rise Above the Ashes (John Wiley & Sons 2005) 45.

² Nirma Industries Ltd v Securities and Exchange Board of India (2008) Civil Appeal No 6082 of 2008 (SC).

³ Smith v Van Gorkom 488 A 2d 858 (Del 1985).

⁴ Securities and Exchange Board of India (Substantial Acquisition of Shares and Takeovers) Regulations 2011.

⁵ Companies Act 2013 (India) ss 230–232.

⁶ Income Tax Act 1961, ss 90(2), 90(4) and 96 (General Anti-Avoidance Rule).

⁷ Tiger Global Management LLC v Union of India (SC) [citation pending — year of decision: 2025; official reporter citation to be inserted upon availability].

⁸ Securities and Exchange Board of India Act 1992, ss 25–26.

⁹ Government of India and Government of Mauritius, Convention for the Avoidance of Double Taxation and the Prevention of Fiscal Evasion with respect to Taxes on Income and Capital Gains (India–Mauritius DTAA), Protocol amended in 2016.

¹⁰ Nirma Industries Ltd v Securities and Exchange Board of India (2008) Civil Appeal No 6082 of 2008 (SC) (n 2).