Due Diligence Checklist: Andrew Wilkinson & Tiny’s Playbook for Buying a Business
Due Diligence Checklist: Andrew Wilkinson & Tiny’s Playbook for Buying a Business
Due Diligence Checklist: Andrew Wilkinson & Tiny’s Playbook for Buying a Business is the straight, founder-friendly guide I use to move from first call to clean close without drama.
I’ll show you exactly what I check, why it matters, and how to prep your data room so you can get to an LOI and close in ~30 days.
I’ll write it in plain English, first person, and give you copy-paste checklists you can use today.
What “Due Diligence” Means In My Process
I define due diligence as a focused verification sprint, not a fishing expedition.
My goal is speed, certainty, and signal, not paperwork for paperwork’s sake.
I front-load the “vital 20%” so decisions happen fast and surprises die early.
For keeping communication brutally clear, see our blog post: I Don’t Respond to Long Emails.
Pre-LOI vs Post-LOI: Who Does What, When
Pre-LOI, I ask for a tight teaser and a minimal data room.
Post-LOI, we run a structured sprint across finance, legal, tax, IP, tech, HR, and commercial.
I assign owners on both sides and set a daily cadence so nothing stalls.
The Vital 20% Data Room I Ask For First
I want four folders before anything else.
Financials: TTM P&L tied to bank, last 3 years, accrual bridge, add-backs.
Customers: Top-20 by monthly revenue 36 months, churn, cohorts, NRR/GRR.
Contracts: Customer, vendor, employment, IP assignments, leases.
Org & Ops: Org chart, SOPs for cash cycle, pricing history, KPI pack.
For ruthless focus on what matters, see: Delete 95% of Your Email.
Financial Tie-Outs: Cash, Accrual, And Add-Backs
I reconcile revenue to bank, then show the cash→accrual bridge.
I label add-backs with receipts and explain them in one sentence each.
I check AR aging, deferred revenue, refunds, and bad debt policy.
Clean beats clever every single time.
Revenue Quality & Recognition (QoE Without The Novel)
I verify recognition policy, especially for prepaid, usage, and multi-element deals.
I test a handful of invoices end-to-end against bank.
If terms changed mid-year, I note churn or expansion around the change.
I want to see how price increases moved retention, not just top-line growth.
Unit Economics, Cohorts, And Payback
Show me CAC, contribution margin, and payback by product or channel.
Give me 12-, 24-, and 36-month cohort curves with commentary.
If a cohort dips, I want the story and the fix in two bullets.
Churn, Retention, And Expansion That I Trust
I calculate GRR and NRR from raw tables, not slides.
I scan for seasonal churn and invoice timing tricks.
I ask for a simple retention narrative I could repeat to a smart outsider.
Customer Concentration, References, And Calls
If any customer is >25% of revenue, I want contract terms and renewal history.
I do a small number of customer calls with a short script.
I look for stickiness, switching costs, and pricing headroom.
Pricing Power, Gross Margin, And Mix Shift
I test gross margin trend against SKU, segment, and discount policy.
I want the last three price changes and their impact on churn and LTV.
If you can raise price and keep NRR ≥100%, we’re in business.
Working Capital Peg: The Quiet Price Lever
I build a 12-month average and define what’s in and out.
We agree to a dollar-for-dollar true-up at close.
This single paragraph saves founders six figures at funding.
Legal & IP: Make It Boring
I want clean cap tables, no lurking SAFEs with surprises, and IP assignments for every builder.
I check commercial terms for MFN, audit rights, and change-of-control clauses.
I keep reps, warranties, and survival periods standard so we can move.
Tax & Compliance: No Skeletons
I scan sales tax, VAT/GST, nexus, and payroll filings.
If you’re global, I want GDPR/CCPA posture and data-processing agreements.
I check that you filed and paid in jurisdictions where you did business.
HR, Payroll, And Incentives
I ask for an org chart with roles, comp bands, and incentives.
I look at contractor mix, local labor law exposure, and accrued leave.
I check founder time in the business and the plan to make you replaceable.
People remember how you sell them, not just how you sell the company.
Tech Stack, Security, And Backups
I want a one-pager on architecture, dependencies, SSO, and access hygiene.
I skim incident history, RTO/RPO, backups, and vendor redundancy.
If one engineer is a single point of failure, we’ll plan to fix it.
Vendor & Platform Risk
I list tier-1 vendors, contract terms, and exit plans.
I flag single-platform acquisition risk (SEO, App Store, one ad channel).
Where platform risk is high, I model downside and adjust structure, not just price.
Product, Roadmap, And “What’s Next”
I want to know what you will stop building as much as what you will build.
I check whether roadmap commitments are priced, resourced, and actually defend the moat.
Focus compounds returns, distractions compound risk.
For a story about taste in capital allocation, see: A $3,600 Keyboard and a $66 Million Dollar Investment.
SOPs, Cadence, And Managerial Depth
I look for written SOPs, weekly KPI cadence, and managers who own outcomes.
If everything runs through the founder, we target a short, paid transition with clear deliverables.
Predictability is the asset we are buying.
Risk Register, Mitigations, And The “Kill Switch”
I ask you to list the five biggest risks and your mitigation plan for each.
I list mine.
If a red flag hits a kill switch (fraud, undisclosed liabilities, fake revenue), we walk immediately.
This keeps trust high and the process clean.
Integration & Day-1 Readiness
I draft a one-page Day-1 plan with access, comms, and who does what.
I keep integration light, protect momentum, and don’t break the machine we just bought.
Simplicity wins here.
For narrative craft on communicating change, read: Never Tell, Always Storytell.
The Red Flags That Slow Or Kill Deals
Hidden liabilities, messy cash recognition, undisclosed churn, and IP gaps kill deals.
Over-reliance on one platform or one whale slows structure and pushes us toward earnouts.
Fixing basics pre-LOI converts earnout dollars into cash dollars.
Copy-Paste Due Diligence Checklist (Short-Form)
Financial
TTM P&L and last 3 fiscal years tied to bank.
Cash→accrual bridge and labeled add-backs.
AR/AP aging, deferred revenue, refunds, and policy docs.
Customers & Commercial
Top-20 by monthly revenue (36 months).
Churn, cohorts, GRR/NRR, pricing history.
Pipeline summary and non-standard terms.
Legal & IP
Cap table, SAFEs/notes, board minutes.
Customer/vendor contracts, leases, litigation.
Employee and contractor IP assignments.
Tax & Compliance
Filed returns by jurisdiction, sales tax nexus.
GDPR/CCPA posture and DPAs if applicable.
HR
Org chart, roles, comp, incentives.
Contractor list and locations.
Accrued leave and compliance exposures.
Tech & Security
Architecture and key vendors.
Access hygiene, SSO, backups, incident log.
RTO/RPO and vendor redundancy.
Ops & Governance
SOPs for order-to-cash and support.
Weekly KPI pack and owner per metric.
Day-1 plan and transition scope.
Internal Links You’ll Probably Want While Prepping
For inbox discipline during diligence, see our blog post: Delete 95% of Your Email.
For concise communication norms, see: I Don’t Respond to Long Emails.
For storytelling your “why us” memo, see: Never Tell, Always Storytell.
For how I think about tools and taste, see: A $3,600 Keyboard and a $66 Million Dollar Investment.
For ongoing updates, check the Newsletter and the Podcast.
FAQs
What do you actually need before LOI.
A one-pager, an 8-slide deck, and the Vital 20% data room.
Do I need audited financials.
No, but I do need reconciled statements tied to bank and clear add-backs.
What’s the fastest realistic diligence timeline.
Two to three weeks post-LOI when your data room is tight.
How many customer calls do you do.
As few as needed to verify stickiness and concentration risk.
What metric matters most in SaaS diligence.
Retention quality and pricing power, proven by cohorts and margin.
How do you treat platform risk.
We price it and sometimes structure around it with escrow or smaller earnouts.
What kills a deal late.
Undisclosed liabilities, fake revenue, or IP that isn’t actually owned.
How big is a typical escrow.
Often 5–15% for 12 months with a cap and a small basket.
What if my numbers are good but messy.
Do a quick clean-up sprint now to convert complexity into cash at close.
How should I communicate diligence load to my team.
Use a single owner per domain, a shared tracker, and a weekly summary in one email thread.
Conclusion
Due Diligence Checklist: Andrew Wilkinson & Tiny’s Playbook for Buying a Business is about speed, certainty, and simplicity.
Prep the Vital 20%, keep definitions tight, and kill surprises before they grow teeth.
If you do that, you’ll trade complexity for cash and close with your sanity intact.
Get Your Copy of Never Enough at https://www.neverenough.com/
.png)
.png)