ESG due diligence is the process of reviewing environmental, social, and governance risks before a deal. It helps the buy side catch any issues early, when it is still possible to do something about them. According to recent investor surveys, over 70% now consider ESG factors when valuing deals, and that number keeps climbing.
The challenge is that many deal teams still don’t know what to look for or how to organize the review to mitigate risks. They end up asking a few generic questions about the company’s sustainability practices and skim some policies and regulatory requirements. But this is not enough data for responsible investment decisions.
This practical guide for running ESG due diligence is built to help companies better understand ESG obligations of the sell-side and see if the company actually cares about the claimed ethical practices. It also covers the key questions to ask the target company and how to set everything up so the whole process runs smoothly for everyone involved.
What is ESG due diligence?
ESG due diligence is a sensible way to take a hard look at how a business actually handles environmental, social, and governance challenges before making a deal final.
Put simply, the question is: Does incorporating ESG factors reduce the risk of problems that could impact the deal’s value or stability?
Here’s what each of those ESG factors covers:
Environmental factors (also known as sustainability due diligence):
- Carbon emissions & energy use.
- Waste management & pollution controls.
- Environmental permits, violations, and remediation costs.
- Climate-related risks (physical assets, supply chain disruptions).
Social factors:
- Labor practices & working conditions.
- Health & safety records.
- Diversity, equity, & inclusion metrics.
- Local community relations & social license to operate.
- Supply chain labor standards.
Governance factors:
- Board composition & independence.
- Executive compensation & incentive alignment.
- Anti-corruption policies & compliance programs.
- Data privacy & cybersecurity controls.
- Whistleblower mechanisms & incident response.
ESG due diligence in mergers and acquisitions
Most commonly, ESG diligence is used in:
- Buy-side M&A to assess operational and reputational risks before signing.
- Private equity and growth investments. The PE deal diligence process is where future exit value matters.
- Vendor and supplier assessments when ESG exposure sits outside the target company.
In all cases, the ESG goal is the same: understand what ESG issues exist and what it will take to manage them.
Canadian ESG due diligence specifics
When doing ESG diligence in Canada, companies need to balance what the regulators expect with what buyers actually care about. In the Canadian regulatory compliance landscape, there are the key things a company typically needs to cover in its ESG reporting:
- Forced labour and supply chain reporting (Bill S-211).
- Supplier risk assessment (suppliers are reviewed for ESG risks, with clear mitigation plans) .
- Written policies and employee training on forced labour and child labor prevention.
- If listed, ESG and climate-related reporting aligned with CSA and TSX expectations.
- ESG compliance with federal and provincial environmental permits and reporting requirements.
Non-compliance with reporting standards can cause financial penalties and reputational damage.
ESG due diligence questionnaire
Here’s a questionnaire that companies can use when assessing ESG performance. It’s a pretty straightforward, copy-a -paste format that most teams can work with.
Environmental impact (E)
| Question | Evidence to request |
|---|---|
| Does the company track energy use or emissions in any form? | Internal metrics, reports, or dashboards |
| Have there been environmental incidents or fines in the last 3–5 years? | Incident logs, remediation records |
| How is waste handled and monitored? | Waste management policies, contracts |
| Are environmental risks assessed for key operations or sites? | Risk assessments, audit summaries |
Social (S)
| Question | Evidence to request |
|---|---|
| What health and safety policies are in place for employees? | H&S policies, training records |
| How are workforce complaints or incidents handled? | Incident registers, HR procedures |
| Does the company assess labour risks in its supply chain? | Supplier code of conduct, audits |
| How is personal or customer data protected? | Privacy policies, data handling procedures |
Governance (G)
| Question | Evidence to request |
|---|---|
| Who is responsible for ESG oversight? | Org charts, role descriptions |
| Are there written ethics or compliance policies? | Codes of conduct, policies |
| How are major risks reported to leadership? | Board materials, reporting templates |
| Are internal controls documented and reviewed? | Internal control frameworks, audits |
ESG due diligence process: Key steps & timeline
ESG due diligence goes way smoother when everyone just keeps things simple and organized from the start. Here’s the approach that works best for deal teams:
Step 1: Scope and materiality (Week 1)
At this stage, teams usually agree on:
- Which ESG topics are material to the business and industry.
- Which geographies and operations are in scope.
- How deep the review needs to go.
Step 2: Evidence collection (Weeks 1–3)
Most companies set up a due diligence data room for this purpose. This tool gives you control over access and helps streamline all those endless Q&A rounds that inevitably come up.
In the data room, the sell-side typically organizes everything into ESG categories, which makes it way easier for buyers to navigate.
Step 3: Interviews and clarifications (Weeks 3–4)
Documents rarely tell the full story. Short interviews help explain context and close gaps.
Common interviewees include:
- Operations or facilities leads
- HR or people managers
- Compliance or legal owners
- Senior management for governance topics
This step often clarifies whether an issue is isolated or systemic.
Step 4: Analysis and risk rating (Weeks 4–6)
Here, findings are reviewed and ranked through ESG risk assessment. Risks are usually categorized by severity and likelihood.
| Risk level | What it means |
|---|---|
| High | Likely to affect valuation, deal terms, or closing |
| Medium | Manageable but requires a plan post-close |
| Low | Minor issue with limited impact |
Step 5: Findings and deal implications (Weeks 6–8)
The final step connects ESG findings to the deal itself. This may influence:
- Purchase price adjustments
- Conditions to close
- Representations and warranties
- Post-close remediation plans
Then the team pulls together all the key findings into an ESG due diligence report so the decision-makers can clearly understand the situation.
Red flags to be aware of
Not every issue is a deal-breaker. A red flag usually has three elements:
- The risk is material.
- The issue is ongoing or unmanaged.
- Fixing it will take time or money.
Clear findings help buyers understand whether a risk needs immediate action, longer-term remediation, or simple monitoring.
ESG due diligence report
An ESG due diligence report translates complex findings into actionable insights. With these insights in place, executives can make informed decisions.
The report should not be hundreds of pages long. It is a concise summary of risks found and their potential impact. The key part of the report is the recommended next steps.
Typical ESG due diligence report structure
Most reports tend to follow a fairly standard format:
| Section | What it covers |
|---|---|
| Executive summary | Key ESG risks, overall risk level, and deal relevance |
| Scope & approach | What was reviewed, time period, and limitations |
| Key findings (E / S / G) | Main issues by category, with evidence |
| Risk rating | High / medium / low classification |
| Remediation actions | What needs to be fixed, by when, and at what cost |
| Deal implications | Impact on valuation, terms, or integration |
Benefits of ESG due diligence (buyers & sellers)
For buyers, ESG diligence reduces uncertainty at a critical moment. Key benefits include:
- Fewer surprises after closing.
- Better pricing confidence.
- Stronger post-close planning.
- Improved credibility with investors.
For sellers, it is often seen as a defensive step, but it can create real competitive advantages as well. Some of them are:
- Smoother diligence process.
- More control over the narrative.
- Higher buyer trust.
- Faster deal execution.
Tooling & services that support ESG due diligence
Most ESG work is document-heavy and involves several key stakeholders. Without structure, reviews slow down and questions get lost.
To make the whole process easier and more secure, teams rely on the following tools and services:
| Tool or service | How it helps |
|---|---|
| Virtual data room | Secure sharing of ESG evidence and controlled Q&A |
| ESG screening tools | ESG management & early risk signals on suppliers or geographies |
| Targeted site reviews or audits | Deeper checks for enhanced risk management |
| Internal trackers | Managing remediation actions post-close |
How can a virtual data room help with ESG due diligence?
A virtual data room plays a central role in most ESG assessments. In ESG diligence, a due diligence data room helps teams:
- Share ESG documents securely with permission controls.
- Separate Environmental, Social, and Governance materials.
- Track who accessed which documents and when to control the process and comply with ESG regulations.
- Manage follow-up questions through controlled Q&A.
- Avoid version confusion when documents are updated.
There are approximately 100 VDRs, according to G2 listings. The choice is wide, especially for companies that haven’t used this software before and don’t know what to look for. As with many digital tools out there, the main decisive factor is cost,
When it comes to picking a data room, cost is often driven by a couple of simple yet practical considerations:
- Number of users. More internal team members, advisors, and external parties usually means higher cost.
- Amount of data. Larger document volumes and higher storage needs increase pricing.
- Length of the diligence period. Short projects cost less; longer-running deals add to the total price.
- Permission complexity. Simple access rules are cheaper. Multiple roles, restrictions, and frequent changes increase cost.
Getting a grip on these key drivers really helps teams choose the right fit without budget overload. You can find out more about the finer points of this VDR pricing models overview.
Summary
ESG due diligence works best when it stays rooted in reality. In M&A, an ESG diligence process that’s based on real evidence and focused on the things that could really affect the deal is the way to go.
A clear questionnaire, a decent structured ESG due diligence process, and a really well-organised data room all help teams make progress without losing their grip on the situation.
When done right, ESG due diligence results in some really clear decision-making. Buyers get a lot more confident in the numbers and the integration plans. And sellers reduce friction and build trust as they show that they’re on top of risks and can handle them.
With the right tools in hand, like virtual data rooms, the whole process becomes much easier and safer to control. That’s why companies use these solutions when conducting ESG due diligence.
FAQ
What is ESG due diligence?
ESG due diligence is basically a deep dive into the environmental, social, and governance risks. These can potentially impact the value of a deal, the company’s compliance, and reputation. It’s a way for the buyer to get a clear understanding of any potential issues before they sign on the dotted line.
What belongs in an ESG due diligence questionnaire?
It covers the company’s environmental practices, workforce & supply chain risks, and its governance controls. For each question, specific evidence should be requested to support the answers. The evidence can include policies, metrics, and incident records.
What are the steps in the ESG due diligence process?
The process usually kicks off with some scoping and figuring out what material. Then it moves on to document collection, some interviews, risk analysis, and a final report.
What should an ESG due diligence report include?
The report should give the buyer a clear summary of what the findings were. It is broken down by E/S/G category and includes guidance on what needs to be done to fix the problems. It should also include what the implications of the findings are for the deal.
How long does ESG due diligence usually take?
Most ESG reviews take about four to eight weeks from start to finish. But the timing can vary, depending on the scope of the review and how easily the evidence can be tracked down.