| Key Takeaways |
| ESG due diligence has shifted from a voluntary best practice to a legal obligation under the EU’s Corporate Sustainability Due Diligence Directive (CSDDD), which requires in-scope companies to identify, prevent, mitigate, and remediate adverse human rights and environmental impacts across their value chains. Compliance applies from July 26, 2029 for companies with >5,000 employees and >€1.5 billion turnover. |
| PwC’s Global Private Equity Responsible Investment Survey found that 70% of PE firms rank value creation among the top three drivers for ESG activities. PRI estimates that portfolio companies effectively integrating sustainability during the holding period can increase their valuation multiple at exit by 6–7%. |
| The ESG due diligence market for supply chains is projected to grow from $1.85 billion in 2024 to $5.33 billion by 2033 at a 14.2% CAGR, with Europe growing fastest at 15.8% CAGR driven by CSDDD implementation. |
| This checklist covers 30+ due diligence items across three pillars (Environmental, Social, Governance), organized by deal lifecycle phase: pre-deal screening, deep-dive assessment, and post-acquisition integration. Each item maps to specific regulatory frameworks and risk categories. |
| KPMG’s Global ESG Due Diligence Study identifies three primary challenges for dealmakers: selecting a meaningful but manageable scope, securing reliable data from the target, and quantifying findings into financial language that affects deal terms. |
| Effective ESG due diligence integrates with existing financial, legal, and operational due diligence rather than running as a parallel workstream. Findings should translate directly into purchase price adjustments, warranty and indemnity provisions, and post-acquisition value creation plans. |
More than half of private equity firms now examine ESG factors across all their deals and all their due diligence reviews, according to PwC’s latest Responsible Investment Survey. That statistic marks a structural shift. Five years ago, ESG due diligence was an optional add-on for impact-focused funds.
Today, mainstream acquirers treat it as foundational to risk management and value creation across every transaction.
The regulatory environment is accelerating this trend. The EU’s CSDDD, adopted in May 2024 and further refined by the Omnibus I Directive in December 2025, creates a legal obligation for large companies to conduct human rights and environmental due diligence across their value chains.
CSRD reporting requirements mean that acquirers inheriting EU entities are inheriting disclosure obligations. California’s climate laws impose GHG reporting requirements on large companies doing business in the state.
Even where no specific mandate applies, institutional investors, lenders, and insurance underwriters increasingly require evidence of ESG risk assessment as a condition for capital deployment.
This guide provides a comprehensive ESG due diligence checklist designed for M&A professionals, corporate development teams, and private equity investors. Every item maps to established enterprise risk management frameworks, regulatory requirements, and practical deal execution.
The checklist is organized across the three ESG pillars, structured by deal lifecycle phase, and connected to the financial language that drives pricing, warranties, and post-acquisition planning.
Why ESG Due Diligence Matters in M&A
ESG due diligence serves three functions in a transaction. Risk identification surfaces liabilities that traditional financial and legal due diligence may miss: undisclosed environmental remediation obligations, supply chain labor violations, data privacy gaps, or governance deficiencies that could trigger regulatory action post-close.
Value creation identifies opportunities to improve the target’s ESG performance and capture financial benefits: energy cost savings, waste reduction, employee retention improvements, and access to sustainability-linked financing.
Compliance assurance confirms that the target meets, or can be brought into compliance with, the regulatory obligations the acquirer will inherit.
The financial stakes are significant. PRI estimates that effective sustainability integration during the holding period can increase exit valuation multiples by 6–7%.
Conversely, undiscovered ESG liabilities can destroy deal value through remediation costs, regulatory fines, reputational damage, and failed integration. KPMG’s Global ESG Due Diligence Study found that dealmakers struggle most with three challenges: scoping the assessment to focus on financially material ESG factors, obtaining reliable data from the target, and translating ESG findings into financial terms that affect deal structure and pricing.
This checklist addresses all three by connecting every due diligence item to a specific risk assessment output.
ESG Due Diligence Across the Deal Lifecycle
| Deal Phase | ESG Due Diligence Focus | Key Outputs |
| Pre-deal screening | High-level ESG risk scan of the target; sector-specific red flags; regulatory exposure assessment | ESG risk scorecard; deal/no-deal recommendation; scope definition for deep-dive phase |
| Deep-dive assessment | Detailed investigation across E, S, G pillars; quantification of liabilities and opportunities; stakeholder interviews | ESG findings report; purchase price adjustment recommendations; warranty/indemnity provisions |
| Negotiation and structuring | ESG-related deal terms; representations and warranties; escrow or holdback provisions for identified risks | ESG schedule in SPA; remediation cost estimates; post-close compliance milestones |
| Post-acquisition integration | 100-day ESG action plan; compliance gap remediation; value creation initiative launch | ESG integration roadmap; KPI baseline; reporting alignment (CSRD, ISSB, SB 253) |
Regulatory Drivers for ESG Due Diligence
The regulatory landscape has shifted from voluntary disclosure to mandatory due diligence. Understanding which regulations affect your transaction determines the depth and scope of your ESG assessment.
The EU’s CSDDD, as amended by Omnibus I, requires in-scope companies (>5,000 employees and >€1.5 billion turnover) to conduct ongoing human rights and environmental due diligence across their own operations, subsidiaries, and business partners.
The directive applies from July 26, 2029, with member state transposition by July 26, 2028. Non-EU companies meeting the turnover thresholds in the EU are also in scope.
CSRD reporting obligations flow to the acquirer when EU entities are acquired. A U.S. buyer acquiring an EU subsidiary that meets CSRD thresholds inherits the obligation to prepare ESRS-compliant sustainability reports.
The double materiality assessment must be completed for the acquired entity. California’s SB 253 and SB 261 create GHG emissions and climate risk reporting obligations for companies doing business in the state with revenues exceeding $500 million to $1 billion. Targets with California nexus bring these obligations into the combined entity.
| Regulation | ESG DD Implication for M&A | Acquirer Action |
| EU CSDDD (from July 2029) | Target’s value chain due diligence obligations transfer to acquirer; ongoing monitoring required | Assess target’s CSDDD readiness; estimate compliance cost; include in post-close integration plan |
| EU CSRD/ESRS | Acquired EU entity inherits reporting obligations; double materiality assessment required | Evaluate target’s CSRD compliance status; assess data readiness; budget for gap remediation |
| EU SFDR | PE fund-level disclosure requirements for sustainability risk integration | Ensure target’s ESG data supports fund-level SFDR reporting obligations |
| California SB 253/261 | GHG emissions and climate risk reporting for companies with CA nexus | Verify target’s GHG inventory; assess SB 253 scope; evaluate SB 261 climate risk disclosure readiness |
| SEC Climate Rule (stayed) | Material Scope 1/2 disclosure if reinstated; currently in litigation | Monitor status; maintain readiness for potential future compliance |
| ISSB IFRS S1/S2 | Voluntary globally but mandatory in 21+ jurisdictions; investor expectation growing | Assess target’s ISSB alignment; evaluate disclosure gaps; plan integration with acquirer’s reporting |
The ESG Due Diligence Checklist
The following checklist covers 30+ items organized by ESG pillar. Each item specifies what to assess, why it matters, the risk category it maps to, and the regulatory connection.
Use this as a systematic framework to ensure comprehensive coverage. Adjust depth based on the target’s sector, geography, and deal materiality.
Environmental Pillar
| # | Due Diligence Item | Risk Category | Regulatory Connection |
| E1 | GHG emissions inventory (Scope 1, 2, 3): completeness, methodology, data quality, trends | Transition risk; carbon cost exposure | CSRD ESRS E1; SB 253; ISSB S2; GHG Protocol |
| E2 | Carbon reduction targets and transition plan: science-based targets, SBTi validation, progress tracking | Strategic risk; stranded asset exposure | CSDDD (climate transition); ISSB S2 Strategy pillar |
| E3 | Environmental permits and compliance history: violations, fines, consent orders, pending enforcement | Legal/compliance risk; remediation liability | EPA/state environmental agencies; EU environmental directives |
| E4 | Contaminated land and remediation obligations: known contamination, CERCLA/Superfund exposure, environmental insurance | Financial liability; hidden cost | CERCLA; state brownfield programs; Phase I/II ESA |
| E5 | Energy consumption and efficiency: energy mix, renewable percentage, energy intensity trends | Operational cost; transition readiness | ESRS E1; ISSB S2 Metrics; ENERGY STAR benchmarks |
| E6 | Water usage and stress: consumption volumes, wastewater discharge, operations in water-stressed regions | Physical risk; operational continuity | ESRS E3; SASB sector guidance; WRI Aqueduct data |
| E7 | Biodiversity impact: operations near protected areas, deforestation risk, TNFD alignment | Regulatory risk; social license | ESRS E4; TNFD framework; EUDR (deforestation) |
| E8 | Waste management and circular economy: hazardous waste volumes, recycling rates, disposal compliance | Compliance risk; cost optimization | ESRS E5; RCRA; state waste regulations |
| E9 | Climate physical risk exposure: asset-level flood, wildfire, heat stress, sea-level rise vulnerability | Asset impairment; insurance cost | NGFS scenarios; ISSB S2 physical risk disclosure |
| E10 | Supply chain environmental footprint: Scope 3 categories, supplier emissions data quality | Value chain risk; CSDDD compliance | CSDDD environmental due diligence; PCAF for financed emissions |
Social Pillar
| # | Due Diligence Item | Risk Category | Regulatory Connection |
| S1 | Workforce composition and diversity: headcount, demographics, gender pay gap, D&I initiatives | Talent risk; discrimination liability | ESRS S1; Title VII; state pay equity laws |
| S2 | Health and safety performance: incident rates (TRIR, DART), fatalities, near-misses, safety culture maturity | Operational risk; OSHA liability | OSHA recordkeeping; ESRS S1 H&S metrics |
| S3 | Labor practices in supply chain: forced labor screening, child labor risk, fair wage verification | Reputational risk; CSDDD liability | CSDDD human rights due diligence; UFLPA; UK Modern Slavery Act |
| S4 | Employee engagement and retention: turnover rates, engagement scores, union relationships, collective bargaining | Integration risk; productivity | ESRS S1 working conditions; NLRA |
| S5 | Data privacy and cybersecurity: GDPR/CCPA compliance, breach history, data protection controls, cyber insurance | Regulatory penalty; operational disruption | GDPR; CCPA/CPRA; SEC cybersecurity rules; NIST CSF |
| S6 | Product safety and quality: recalls, product liability claims, quality management systems (ISO 9001) | Litigation risk; brand damage | CPSC; FDA; EU product safety directives |
| S7 | Community impact and social license: community engagement history, indigenous rights, FPIC processes | Permitting risk; social license | CSDDD stakeholder engagement; IFC Performance Standards |
| S8 | Human rights policy and implementation: policy existence, training, grievance mechanisms, remedy processes | CSDDD core compliance; reputational risk | CSDDD; UNGPs; OECD Guidelines for Multinational Enterprises |
Governance Pillar
| # | Due Diligence Item | Risk Category | Regulatory Connection |
| G1 | Board composition and independence: skills matrix, independence ratio, diversity, ESG competency | Governance risk; investor scrutiny | ESRS G1; proxy advisory guidelines; listing rules |
| G2 | Anti-corruption and bribery: FCPA/UK Bribery Act compliance, training, third-party risk management | Legal liability; criminal exposure | FCPA; UK Bribery Act; ESRS G1 business conduct |
| G3 | ESG governance structure: board/committee oversight, management accountability, ESG-linked remuneration | Accountability gap; regulatory readiness | ISSB S1 Governance pillar; CSRD ESRS 2 GOV disclosures |
| G4 | Regulatory compliance track record: enforcement actions, consent orders, material litigation, whistleblower reports | Legal risk; hidden liability | SEC enforcement; state AG actions; qui tam litigation |
| G5 | Tax strategy and transparency: aggressive tax positions, transfer pricing risk, country-by-country reporting | Financial risk; reputational exposure | OECD BEPS; EU public CBCR; GRI 207 Tax |
| G6 | Lobbying and political engagement: political contributions, lobbying expenditures, trade association memberships | Reputational risk; ESG rater scrutiny | ESRS G1; SEC political spending disclosure proposals |
| G7 | Related party transactions and conflicts of interest: management conflicts, related party dealings, self-dealing controls | Fraud risk; minority shareholder protection | SEC Regulation S-K; state corporate law |
| G8 | Information security governance: CISO reporting line, board cyber oversight, incident response capability | Operational risk; regulatory penalty | NIST CSF 2.0; SEC cybersecurity governance rules |
| G9 | Ethics and compliance program: code of conduct, training completion, hotline usage, investigation outcomes | Culture risk; tone at the top | DOJ Evaluation of Corporate Compliance Programs; ESRS G1 |
| G10 | ESG data quality and reporting controls: data collection processes, internal controls over ESG data, assurance readiness | Reporting risk; integration cost | CSRD assurance requirements; ISSB connectivity to financial statements |
Translating ESG Findings into Deal Terms
The most common failure point in ESG due diligence is producing a report that does not translate into financial language.
KPMG identified this as one of the three primary challenges: dealmakers struggle to quantify findings and assess the financial impact on the deal. Every material ESG finding must connect to one of four deal levers: purchase price adjustment (environmental remediation costs, regulatory compliance gaps), warranty and indemnity provisions (representations about ESG compliance status, environmental liabilities, labor practices), escrow or holdback mechanisms (funds reserved for resolution of identified ESG risks), and post-acquisition value creation (energy savings, operational efficiency, market positioning from ESG improvements).
Build your findings into a format consistent with other due diligence workstreams. Map each finding to a risk register entry with owner, estimated financial impact, likelihood, remediation timeline, and recommended deal term.
This ensures ESG due diligence outputs are presented alongside financial, legal, and operational findings in the investment committee or board package.
| Finding Category | Financial Impact Type | Typical Range | Deal Mechanism | Example |
| Environmental remediation | Liability; capital expenditure | $500K–$50M+ depending on contamination | Purchase price reduction or escrow | Undisclosed soil contamination at manufacturing site |
| GHG emissions compliance gap | Recurring operating cost | $100K–$5M/year (carbon cost) | Price adjustment; post-close capex plan | SB 253 reporting infrastructure build-out |
| Supply chain labor violations | Regulatory penalty; reputational damage | $1M–$100M+ (CSDDD penalties; UFLPA seizures) | Indemnity; enhanced rep and warranty | Forced labor risk in Tier 2 supplier base |
| Data privacy non-compliance | Regulatory fine; litigation exposure | 4% global revenue (GDPR maximum) | Specific indemnity; remediation timeline | Inadequate GDPR consent mechanisms |
| Board governance deficiency | Investor activism risk; rating downgrade | Indirect; affects cost of capital | Post-close governance restructuring covenant | No independent directors; no ESG committee |
| Energy efficiency opportunity | Cost savings; valuation uplift | 5–15% energy cost reduction | Value creation plan; management incentive | LED retrofit and HVAC optimization across facilities |
Integrating ESG Due Diligence with Enterprise Risk Management
ESG due diligence should not operate as a standalone workstream disconnected from the acquirer’s ERM framework. The most effective approach integrates ESG findings into the same risk governance, scoring methodology, and reporting structures used for financial, operational, and strategic risks.
The Three Lines Model applies: the deal team (first line) owns ESG data collection during due diligence, the risk function (second line) validates methodology and aggregates ESG risk alongside other due diligence findings, and internal audit (third line) provides independent assurance on the integrity of the ESG assessment.
| ERM Component | ESG DD Application | Practical Action |
| Risk identification | ESG screening expands the risk universe to capture environmental, social, and governance risks not covered by traditional DD | Add ESG risk categories to the deal risk register; use sector-specific SASB topics as screening prompts |
| Risk assessment | ESG findings scored using likelihood x impact framework consistent with financial and legal DD | Apply the same scoring scale; present ESG, financial, and legal risks on a single risk assessment matrix |
| Risk appetite | ESG risk tolerance determines deal/no-deal boundaries and acceptable post-close remediation timelines | Define ESG-specific kill criteria (e.g., known forced labor, material unremediated contamination) |
| Risk treatment | ESG findings translate to deal terms: price adjustments, indemnities, covenants, escrows | Map every material ESG finding to a specific deal mechanism with estimated financial impact |
| Risk monitoring | Post-close ESG KPIs tracked alongside financial integration milestones | Design ESG KRIs for the first 12 months: emissions reduction trajectory, safety incident rate, compliance milestones |
| Risk reporting | ESG integration progress reported to investment committee or board alongside financial performance | Include ESG performance in quarterly portfolio review; track against 100-day plan milestones |
Implementation Roadmap
| Phase | Actions | Deliverables | Success Metrics |
| Days 1–30: Screen and Scope | Run preliminary ESG risk scan on target (sector, geography, public controversies). Determine applicable regulations (CSDDD, CSRD, SB 253/261). Define scope of deep-dive ESG DD. Appoint ESG DD workstream lead. Issue ESG data request to target. | ESG screening scorecard. Regulatory applicability memo. ESG DD scope document. Data request list issued. | Screening completed within 2 weeks. Regulatory obligations mapped. DD scope approved by deal lead. Data request covers all 3 ESG pillars. |
| Days 31–60: Investigate and Quantify | Execute the 30-item checklist across E, S, G pillars. Conduct management interviews on ESG practices. Review environmental permits, compliance records, HR data, governance documents. Quantify material findings in financial terms. Draft ESG findings report. | ESG findings report with financial quantification. Risk register entries for material ESG items. Draft deal term recommendations (price, warranties, escrows). Gap analysis for post-close compliance. | All checklist items assessed. Minimum 3 management interviews completed. Financial impact estimated for all material findings. Report reviewed by deal lead and legal counsel. |
| Days 61–90: Structure and Integrate | Incorporate ESG findings into deal negotiation. Draft ESG-specific representations, warranties, and indemnities. Design post-acquisition 100-day ESG plan. Align reporting with acquirer’s ERM framework and disclosure obligations. | ESG schedule in SPA/purchase agreement. 100-day ESG integration plan with KPIs. ESG risk monitoring framework. Disclosure alignment plan (CSRD, ISSB, SB 253 as applicable). | ESG deal terms agreed by both parties. 100-day plan assigned to integration lead with milestones. KPI baseline established. Disclosure obligations mapped to data collection plan. |
Pitfalls and How to Avoid Them
| Pitfall | Root Cause | Remedy |
| Treating ESG DD as a check-the-box exercise | No connection between ESG findings and deal terms; sustainability team operates in isolation | Integrate ESG DD into the deal team; every material finding must map to a price, warranty, or post-close action item. |
| Starting ESG DD too late in the process | ESG added after LOI or even after signing; insufficient time for meaningful investigation | Include ESG screening in the pre-deal phase; scope deep-dive ESG DD at the same time as financial and legal DD. |
| Using generic ESG checklists without sector focus | One-size-fits-all approach misses industry-specific material risks | Customize the checklist using SASB industry-specific metrics; focus depth on the 3–5 ESG topics most material to the target’s sector. |
| Failing to quantify findings in financial terms | ESG team lacks deal experience; outputs are qualitative rather than decision-useful | Pair ESG specialists with financial analysts; express every material finding as a dollar impact on price, cost, or value creation. |
| Ignoring the value chain | Focus only on the target’s direct operations; miss supply chain and customer risks | CSDDD requires value chain due diligence. Assess at minimum Tier 1 suppliers for environmental and human rights risks using sector benchmarks. |
| No post-close ESG integration plan | DD findings filed away after closing; ESG risks go unmanaged during integration | Design the 100-day ESG plan during DD; assign owners, milestones, and KPIs before closing. Track alongside financial integration metrics. |
| Overlooking inherited disclosure obligations | Acquirer unaware that target’s CSRD, ISSB, or SB 253 obligations transfer on close | Map disclosure obligations during DD; budget for compliance infrastructure; include disclosure readiness in post-close plan. |
Looking Ahead: Trends for 2026–2028
The CSDDD will become the defining regulatory driver for ESG due diligence in M&A. As EU member states transpose the directive by July 2028 and compliance starts from July 2029, acquirers will need to assess whether targets have the policies, processes, and data infrastructure to meet ongoing due diligence obligations.
The Omnibus I amendments narrowed scope and focused primarily on Tier 1 suppliers, with deeper investigation triggered by “plausible information” of adverse impacts. This graduated approach makes ESG DD more targeted and manageable.
Nature and biodiversity are entering the DD scope. Over 500 organizations managing $17.7 trillion in assets have committed to TNFD-aligned reporting.
Leading PE firms are integrating nature-related screening into due diligence processes. Expect biodiversity risk assessment to become a standard DD component within two to three years, particularly for targets in agriculture, extractives, real estate, and infrastructure.
The ESG vendor due diligence (VDD) market is growing rapidly. Sellers are proactively commissioning ESG VDD reports to demonstrate the financial materiality of their sustainability performance, capture exit premiums, and streamline buyer due diligence.
Anthesis Group reports that VDD enables sellers to realize a premium for strong ESG performance at exit by directly linking sustainable practices to enhanced financial returns. This signals that ESG due diligence is becoming a two-sided market: buyers assess risk, sellers demonstrate value.
Data and technology are reducing the friction. AI-powered platforms are cutting ESG data cleanup time dramatically, enabling continuous portfolio monitoring rather than point-in-time assessments.
The supply chain ESG DD market is projected to reach $5.33 billion by 2033. Companies that invest in scalable ESG data infrastructure now will have a structural advantage in deal velocity and diligence quality. Build this capability into your broader ERM technology strategy and connect it to your risk quantification for board reporting framework.
Ready to implement ESG due diligence in your deal process? Visit riskpublishing.com/services for ESG DD templates, checklist frameworks, and expert consulting. Need support structuring ESG findings into deal terms? Contact our team to discuss your next transaction.
References
1. PwC: Private Equity and Responsible Investment Survey — Global PE survey showing 70% rank value creation as top ESG driver; >50% assess ESG across all deals
2. EY: How ESG Due Diligence Is Influencing Private Equity Deal-Making — Analysis of CSDDD impact on PE investment lifecycle
3. KPMG: Global ESG Due Diligence Study 2024 — Global study on ESG DD challenges: scoping, data access, and financial quantification
4. European Commission: Corporate Sustainability Due Diligence Directive (CSDDD) — Official CSDDD page with Omnibus I amendments
5. Linklaters: ESG Quick Guide to CSDDD as Amended by Omnibus I — Detailed legal analysis of CSDDD scope, timelines, and due diligence requirements
6. Anthesis Group: Private Equity ESG Trends 2025 — PE ESG trends including vendor due diligence and nature-related screening
7. Orbis Advisory: ESG Due Diligence Driving Value Creation in Private Markets — PRI data on 6–7% exit multiple uplift from sustainability integration
8. EY Denmark: How ESG Due Diligence Lowers Risk and Boosts Value for PE — ESG as core component of PE investment, ownership, and exit strategies
9. Chancery Lane Project: ESG Due Diligence Questionnaire for M&A and Capital Markets — Open-source DDQ template covering governance, environmental, and social factors
10. Sopact: ESG Due Diligence Checklist, Framework and AI-Powered Tools — 24-point checklist and market sizing ($1.85B to $5.33B by 2033)
11. KPMG: ESG Due Diligence in M&A — Clarity on Mergers and Acquisitions — Practical framework for integrating ESG DD into deal processes
12. Gibson Dunn: Omnibus I Simplification of EU Sustainability Rules Enacted — CSDDD Omnibus I amendments including scope and transition planning changes
13. Harvard Law Forum: 2025 Sustainability Reporting Global Trends — ISSB and SASB adoption trends affecting M&A disclosure expectations
14. Neotas: ESG Due Diligence Checklist for M&A Transactions — Practitioner checklist covering ESG strategy, compliance, and risk assessment 15. S&P Global: Where Does the World Stand on ISSB Adoption? (January 2026) — Global ISSB adoption tracker affecting cr
Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s(MSc) degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.