Insights / AI in Diligence
AI in Diligence

Defensible AI in Financial Due Diligence: Speed Without Losing the Audit Trail

DiligenceForge Insights· 12 min· 9 Jun 2026

Artificial intelligence is genuinely reshaping the data layer of due diligence — the extraction, normalisation, search and first-draft synthesis that consume most of the hours on any deal. But the judgment layer, and the accountability that comes with it, remain stubbornly, and correctly, human. The interesting question for any lender or investor is not whether to use AI, but how to capture the speed without surrendering defensibility.

Key takeaways

  • AI in financial due diligence is not one technology but a stack of capabilities at very different maturity levels. It reliably compresses data handling; it does not perform professional judgment.
  • The most substantiated capability is document extraction over data rooms. Retrieval-augmented Q&A is the fastest-growing area and where most private equity and credit interest now sits.
  • AI flags candidates — anomalies, outliers, possible add-backs — but it does not adjudicate them. Materiality, EBITDA normalisation, and sign-off are human decisions with named liability attached.
  • Hallucination is a design property of generative models, not a bug. Even purpose-built, retrieval-grounded tools hallucinate a meaningful share of the time, and "hallucination-free" vendor claims have been independently falsified.
  • Defensible AI diligence rests on auditable provenance, controlled ingestion of verified documents, confidentiality guarantees, and human ownership of every conclusion.

A stack of capabilities, not a single technology

When practitioners talk about "AI in FDD," they are usually compressing several very different things into one phrase. Some of those capabilities are mature and well evidenced. Others are nascent or, in their strongest framings, simply marketing. The honest summary for 2025–26 is this: AI now reliably compresses the data-handling layer of diligence, but it does not perform the judgment layer, and its outputs are not self-validating — they require grounding against source documents before anyone relies on them.

The useful mental model is a first pass. AI extracts data and flags anomalies; the human verifies findings, owns the interpretation, and carries the accountability. Any claim of end-to-end, autonomous diligence should be read as a sales position, not a description of what the technology does. As Bloomberg Law has noted, AI's diligence applications need rigorous human oversight precisely because the speed they offer is real but the reliability is conditional.

What AI credibly does now

Document extraction over data rooms

The most substantiated capability is extraction. Modern systems parse scanned PDFs, financial statements, tax filings, contracts and invoices into structured data, and pull named values directly off balance sheets and income statements. A data room that once took analysts days to read into a model can be rendered machine-readable in a fraction of the time. This is the firmest ground in the whole discussion — and notably, it is plumbing, not judgment.

Normalisation and trial-balance mapping

A close second is data normalisation: mapping source trial balances and sub-ledgers to a standard chart of accounts and reconciling inconsistent formats across periods and entities. This reduces the manual mapping burden substantially. It does not eliminate it. The mapping judgments — whether a particular line is genuinely debt-like, whether two differently named accounts are the same thing — remain human. The machine proposes a structure; a person decides whether the structure is right.

Anomaly and outlier detection

AI is well suited to flagging unusual fluctuations: accounts receivable diverging from revenue, revenue diverging from cash, accounting policies deviating from sector norms, contract terms that do not appear to be reflected in the accounts. This is real analytical value. But the distinction that matters is sharp — AI flags candidates; it does not adjudicate whether a flag is a genuine red flag. An AR-to-revenue divergence might be a control weakness, a seasonal artefact, or nothing at all. The model cannot tell you which.

Retrieval-augmented Q&A

The fastest-growing area, and where most private equity and credit interest currently sits, is retrieval-augmented generation (RAG): asking natural-language questions of the data room and receiving answers with citations back to the source paragraphs. The appeal is obvious — it turns a static document repository into something interrogable. As we will see, the citation discipline that makes RAG credible is also exactly where it has been shown to fail when implemented carelessly.

First-draft report drafting

Finally, AI can produce first-draft narrative sections, summaries and contract abstracts. The right frame here is a starting point, not a deliverable. A first draft accelerates the writing; it does not replace the expert rewrite, and treating fluent output as a finished finding is how mistakes enter reports.

What still requires human judgment

The capabilities above all share a feature: they handle data. The work that actually determines a deal sits one layer up, and it stays human for reasons that are structural, not temporary.

EBITDA normalisation is the clearest example. Deciding which add-backs are genuinely non-recurring versus recurring-in-disguise is deal-context-specific and frequently adversarial — the seller wants a higher adjusted number, the buyer a defensible one. AI can surface candidate add-backs. It cannot rule on them.

Materiality is inherently relative to a thesis. What matters to this lender's downside case or this sponsor's value-creation plan is not a property of the documents; it is a property of the deal and the buyer. The same fact can be immaterial to one party and disqualifying to another.

Interpreting management intent — distinguishing aggressive-but-legal accounting from something deceptive — requires reading people and incentives, not text. This is the part of diligence that depends on reading a room, not a data room.

Professional skepticism means weighing conflicting evidence and, critically, noticing what is missing. An AI cannot detect the absence of a document it was never given. The most dangerous gaps in a data room are the ones nobody uploaded, and only a skeptical human who knows what should be there will catch them.

Accountability and sign-off are the deepest reason of all. A named professional bears liability for the conclusions in a diligence report. A model cannot hold professional responsibility, cannot be sued, and cannot stand behind a finding. This is the structural reason AI stays advisory — not a limitation that a better model will eventually remove.

A useful framing: AI is an insightful amplifier for critical analysis, but it is not a decision-maker.

The hallucination and provenance problem

If there is one issue a skeptical institutional reader should hold onto, it is this: hallucination is by design, not by accident. Generative models are probabilistic. They will, under the right conditions, produce plausible content that is simply false — fabricated figures, invented citations, confident summaries of clauses that do not exist. Fluency is not accuracy.

The evidence: even grounded tools hallucinate

The strongest public evidence comes from outside finance, from a domain with the same citation-discipline demands. The Stanford RegLab study "Hallucination-Free? Assessing the Reliability of Leading AI Legal Research Tools" (preprint May 2024; peer-reviewed in the Journal of Empirical Legal Studies, 2025) tested purpose-built, retrieval-augmented legal research tools from LexisNexis and Thomson Reuters — products marketed on the strength of grounded, citation-backed answers. The researchers found these tools hallucinated roughly 17% to 33% of the time: Lexis+ AI over 17%, and Westlaw AI-Assisted Research around 34%. This was despite vendor claims of "hallucination-free" citations, which the researchers concluded were overstated.

The lesson for a credit or PE audience is precise. Retrieval grounding materially reduces hallucination — that is why it is worth doing — but it does not eliminate it. And any vendor using the phrase "hallucination-free" is making a claim that has already been independently falsified in a comparable setting.

The cautionary incident

The risk is not theoretical, and it does not spare sophisticated users. In 2025, Deloitte Australia agreed to partially refund a government report that contained AI-generated fabricated academic references and an invented quote attributed to a federal court judge. A Big Four firm publishing hallucinated citations in a client deliverable is the canonical example of what happens without a verification gate. If it can happen there, it can happen on a deal.

Provenance, garbage-in, and silent failure

The defence against all of this is auditable provenance. If an AI assertion cannot be traced back to a primary-source paragraph, it cannot be relied upon — full stop. Good systems implement controlled ingestion of only verified documents, track provenance, and link every answer back to its source. But this is a discipline of system design, not a default property of a language model. The provenance does not appear unless someone builds it in.

Two further failure modes compound the risk. The first is garbage-in. Diligence data rooms are notoriously inconsistent — mixed formats, scanned images, versioning chaos — and extraction accuracy degrades on poor inputs, with errors then propagating silently into downstream models. The second is omission. A documented failure mode involves an AI contract summary that read fluently and completely while quietly omitting a restrictive exclusivity clause — caught only because a human went back to the original document. A summary that is 95% right and silent about the 5% that kills the deal is worse than no summary at all.

Confidentiality and liability

Two more constraints shape how AI can responsibly be used in diligence. Data rooms contain the most sensitive information in a transaction, so routing them through third-party LLM APIs raises real questions about data residency, whether inputs are used for training, and leakage. This is driving institutional demand for no-training guarantees and isolated environments. And on liability: outputs must be explainable enough to survive scrutiny, because responsibility for an AI-missed red flag rests with the human advisory firm. No regulator, and no counterparty, accepts "the model missed it" as a defence.

What "defensible AI diligence" means in practice

Put the pieces together and a coherent operating philosophy emerges. AI's reliable zone — extraction, normalisation, trial-balance mapping, divergence detection, RAG Q&A — is precisely the data-handling work that feeds the human red-flag tests. But the adjudication of every flag sits in the human judgment layer: Is this add-back genuinely recurring? Is this related-party transaction arm's-length? Is this customer concentration survivable or fatal? Those are not extraction questions.

The defensible position, stated plainly, is that AI accelerates discovery and drafting with auditable provenance, while humans own materiality, normalisation and accountability. It deliberately avoids two claims — "autonomous diligence" and "hallucination-free" — because both have been independently falsified.

From this, a buyer of AI-assisted diligence can derive a short list of non-negotiables to demand of any provider:

  • Provenance on every figure. Each number must trace back to a source document. No traceability, no reliance.
  • Controlled ingestion. Only verified documents enter the system, so the model cannot answer from material it should never have seen.
  • Human sign-off. A named professional owns the conclusions and carries the liability.
  • Confidentiality and no-training guarantees. Deal data is never used to train third-party models and is held in an isolated environment.
  • Candidates, not verdicts. The system surfaces candidates; humans adjudicate.

A brief note on jurisdiction

The technology itself is jurisdiction-agnostic, but the regulatory envelope is not. UK and EU GDPR impose stricter constraints on processing data-room personal data through AI, and on cross-border transfer, than the more fragmented US framework. UK and EU teams are, accordingly, more cautious about ingesting data-room PII into cloud-hosted models. What does not change across either jurisdiction is who signs and who is liable. In the UK, financial due diligence is delivered as an investigative findings report — not an audit opinion — under ICAEW Corporate Finance Faculty guidance, and that human-authored, human-owned character of the deliverable is exactly what AI does not, and structurally cannot, displace. For a fuller view of where the market is heading on this, see Open Ledger's overview of AI in M&A accounting.

Frequently asked questions

Can AI run financial due diligence end-to-end without a human?

No. AI reliably compresses the data-handling layer — extraction, normalisation, search and first drafting — but it does not perform the judgment layer of materiality, normalisation decisions, professional skepticism or sign-off. A named professional must own the conclusions and the liability. Treat any claim of fully autonomous diligence as marketing rather than capability.

Does retrieval-augmented generation solve the hallucination problem?

It reduces it, but it does not eliminate it. The Stanford RegLab study found that purpose-built, retrieval-augmented legal research tools still hallucinated roughly 17% to 33% of the time, despite "hallucination-free" marketing. Grounding answers in source documents is necessary and valuable, but it is a mitigation, not a guarantee. Any "hallucination-free" claim should be treated with scepticism.

Where does AI add the most value in diligence today?

In document extraction over data rooms — the most substantiated capability — and in retrieval-augmented Q&A, which is the fastest-growing area and where most private equity and credit interest currently sits. Both accelerate the discovery and data-handling work that feeds the human red-flag tests, rather than replacing the analysis itself.

Why can't AI be held responsible for a missed red flag?

Because professional responsibility is a structural requirement, not a technical one. A named professional or firm bears liability for a diligence report, and a model cannot hold that responsibility, cannot be subject to regulation, and cannot stand behind a conclusion. Liability for an AI-missed red flag rests with the human advisory firm — which is the structural reason AI stays advisory.

The DiligenceForge philosophy

DiligenceForge uses AI to accelerate discovery and drafting with auditable provenance, so every figure traces back to a verified source — while humans own materiality, normalisation and accountability, and a named professional signs off on every conclusion. The platform is confidentiality-first and built specifically for private lenders, private credit funds and institutional investors who need speed without surrendering the audit trail. If you would like to see how human-led, AI-accelerated diligence works in practice, you can request access.

More from Insights
Private Credit· Guide

Underwriting the Downside: Financial Due Diligence for Private Lenders

How financial due diligence differs for private credit and private lenders — underwriting the downside through cash conversion, DSCR, covenants, and collateral.

Quality of Earnings· Guide

Quality of Earnings: What It Really Tells Lenders and Investors

A practitioner's guide to quality of earnings: how a QofE normalizes EBITDA, why add-backs are contested, and how lenders and PE buyers read the same report inversely.

Forecasting

Reading the Hockey Stick: How to Diligence a Management Forecast

How lenders and investors diligence a management forecast: testing the drivers behind a three-statement financial model, not just the bottom line.