All Services
M&A & Commercial Services

Identity Due Diligence for Mergers & Acquisitions

Identity risk is consistently underweighted in M&A due diligence — until post-close, when inherited privilege, directory complexity, and compliance gaps become your problem. We assess it before you sign.

Delivered within deal timelines    Read-only — no disruption to target environment    Integration-risk cost range included

Discuss Your Deal View Sample Report

What Identity Risk Looks Like in M&A

These are the identity issues that surface after deals close — and that due diligence teams consistently miss.

Privilege Inheritance Risk

Former employees, contractors, and service accounts with standing privileged access in the acquired entity — inherited directly into your environment at close.

Trust Relationship Complexity

Undocumented trust relationships between directories, domains, and cloud tenants — creating unintended access pathways the moment environments are connected.

Regulatory-Control Gaps

Target organisation's identity controls do not meet your regulatory obligations — creating compliance exposure from day one that must be remediated post-close.

Directory Consolidation Complexity

Multiple Active Directory forests, Azure tenants, and identity systems that are far more complex to consolidate than the technical team estimates — often 3–5x over budget.

Non-Human Identity Sprawl

Service accounts, API keys, and application identities with no clear owner — often with standing privileged access to critical systems and no rotation in years.

Integration Cost Underestimation

Identity integration costs are routinely underestimated in deal planning — often because the complexity of the target environment is not properly assessed until post-close.

M&A Identity Services

Core Service

M&A Identity Due Diligence

Pre-transaction identity risk assessment covering all aspects of identity security in the target environment. Produces a structured risk report with an estimated integration-risk cost range — giving your deal team a clear picture before you sign.

Delivered remotely using read-only access to the target environment. No disruption. No agents. Completed within deal timelines.

Deliverables

  • Privilege inheritance risk report
  • Trust relationship map and exposure analysis
  • Directory consolidation complexity assessment
  • Regulatory-control gap analysis (vs. your obligations)
  • Non-human identity inventory and risk scoring
  • Integration-risk cost range estimate
  • 90-day remediation roadmap for post-close
  • Executive summary for deal team and legal advisors
Discuss Your Deal

Licence Waste & Access Rationalisation

Commercial and security review of licence assignment and access entitlements — particularly relevant post-acquisition when two identity estates are merged and over-provisioning multiplies.

This engagement pays for itself. Clients consistently identify licence savings that exceed the cost of the engagement — typically within the first quarter.

Deliverables

  • Role-to-licence mapping across all identity systems
  • Over-provisioned access findings with business impact
  • Licence savings estimate (in £)
  • Staged decommission or right-sizing plan
  • Security risk reduction from access rationalisation
Discuss Requirements

When to Engage

Pre-LOI (Ideal)

Identity assessment as part of initial due diligence before a letter of intent is signed. Findings inform deal structure, representations and warranties, and price negotiations.

Between LOI and Close

Most common timing. Findings inform integration planning, post-close remediation budgeting, and any conditions precedent around security controls.

Post-Close Integration

Identity assessment of the combined estate to baseline the integration state and prioritise remediation. Also covers Licence Waste & Access Rationalisation across the merged entity.

Deal in Progress?

We work within deal timelines. Tell us what you need and when — we'll scope an engagement that fits your process and delivers findings your deal team can act on.

Discuss Your Deal All Services