When a company acquires another company, the due diligence process evaluates nearly every category of risk that could affect the value of the deal. Financial statements are audited. Contracts are reviewed. Intellectual property is catalogued. Cybersecurity posture is assessed. Environmental liabilities are surveyed. Employment practices are examined for compliance with FLSA, EEOC, and ADA requirements in the workplace context.
One category of risk is almost never on the checklist: the accessibility state of the target's digital products.
Companies acquiring digital products are acquiring their accessibility exposure. Every existing complaint, every inaccurate VPAT, every unresolved barrier transfers with the deal.
In a market where over 4,000 digital accessibility lawsuits were filed in 2024, where 46% of cases in early 2025 targeted repeat defendants, and where the DOJ has codified WCAG 2.1 AA as a technical standard for government digital services, the absence of accessibility from standard M&A due diligence is not just an oversight. It is a gap that carries material financial exposure for the acquiring entity.
What Transfers with the Deal
The legal principle of successor liability holds that a company resulting from a merger or acquisition may inherit the legal obligations of the entity it acquired. In a merger, successor liability typically attaches automatically: the surviving entity assumes the debts and obligations of the non-surviving company.
In an asset acquisition, the general rule offers more protection, but courts recognize several exceptions, including transactions that amount to a de facto merger, continuations of the seller's business, and express or implied agreements to assume liability. In practice, these exceptions mean that acquiring a company's digital products rarely provides a clean separation from their accessibility exposure.
When you acquire a company's digital products, you are acquiring their accessibility state.
When you acquire a company's digital products, you are acquiring their accessibility state.
That includes any existing ADA complaints, any pending demand letters, any settlement agreements with ongoing monitoring requirements, and any gap between what the company's published VPAT claims and what the product actually does.
If the acquired company has been sued for accessibility and settled with a commitment to remediate, that commitment now belongs to the acquirer. If the company published an Accessibility Conformance Report that overstates compliance, that document is now the acquirer's representation. If the product has fundamental accessibility barriers that will generate future complaints, those complaints will be filed against the entity that now owns and operates the product.
Why Standard Due Diligence Misses It
Technology due diligence in M&A typically covers a well-established set of categories: software architecture, code quality, technical debt, cybersecurity posture, data privacy compliance (GDPR, CCPA, HIPAA), scalability, vendor contracts, and IT infrastructure.
These are mature practice areas with established frameworks, specialized firms, and predictable deliverables. Accessibility is rarely on the list.
Research from Deloitte indicates that technology integration issues account for approximately 30% of failed mergers, and the standard response has been to expand technical due diligence into areas like AI governance, cloud infrastructure, and API dependencies. Accessibility has not received the same attention, despite the fact that digital accessibility litigation has grown to over 4,000 federal and state cases per year and the regulatory environment has become significantly more specific with the DOJ's 2024 Title II rule.
The reason is structural.
Accessibility evaluation requires specialized expertise that most M&A advisory teams and technology due diligence firms do not have in-house. It is not a standard line item in the technical assessment frameworks that drive most deals. And because it has historically been treated as a design preference rather than a compliance obligation, it has not been elevated to the same risk category as cybersecurity or data privacy.
That framing is outdated. With over 8,800 ADA Title III lawsuits filed in 2024, civil penalties reaching $115,231 for a first violation, and a federal compliance deadline approaching for government-facing digital services, accessibility carries measurable financial exposure that due diligence should quantify.
Due diligence that audits cybersecurity, data privacy, and technical debt but ignores accessibility is leaving a measurable risk category unpriced.
The Specific Risks an Acquiring Entity Inherits
What Transfers with the Deal
- Existing complaints and demand letters
- Inaccurate VPATs and conformance claims
- Remediation debt
- Governance gaps
- Government contract exposure
Existing litigation and demand letters
If the target has received demand letters or is currently defending an accessibility lawsuit, those matters transfer with the acquisition. In a merger, this transfer is automatic. In an asset acquisition, it depends on deal structure, but if the acquirer continues operating the same digital properties under the same brand, plaintiff attorneys will treat it as a continuation of the same business.
Inaccurate VPATs and conformance documentation
If the target published Accessibility Conformance Reports that overstate the product's accessibility, the acquirer inherits those representations. A conformance report produced from scanner output alone systematically overstates what has been tested and what the product actually supports. If a procurement team relied on that VPAT to award a government contract, the new owner inherits both the contract and the misrepresentation.
Remediation debt
Just as technology due diligence quantifies technical debt, accessibility due diligence should quantify remediation debt: the cost of bringing the acquired digital properties into conformance with WCAG 2.1 AA or the applicable standard. This cost can be substantial. Emergency remediation after litigation typically runs three to four times the cost of proactive remediation, and the complexity scales with the size and age of the codebase.
Governance gaps
If the target has no accessibility governance, no testing integrated into its development process, and no clear ownership of accessibility as an ongoing obligation, the acquirer is not just inheriting a current-state problem. It is inheriting a system that will produce new accessibility barriers with every release. The data on repeat lawsuits makes the consequence clear: 40% of digital accessibility lawsuits in 2024 targeted companies that had already been sued once.
Without governance, remediation is a temporary fix applied to a continuously changing system.
Government contract exposure
For acquisitions involving government contractors or organizations serving public entities, the stakes are higher. Section 508 of the Rehabilitation Act requires federal agencies to purchase accessible ICT. The DOJ's Title II rule requires state and local government digital services to conform to WCAG 2.1 AA by April 2026 (for entities serving populations of 50,000 or more). If the acquired company serves government clients, its accessibility state is not just a litigation risk. It is a contract compliance risk that can affect the acquirer's entire public sector portfolio.
What the Market Is Starting to Recognize
The inclusion of accessibility in M&A due diligence is not theoretical. Firms specializing in technology risk assessment have begun incorporating accessibility evaluation into their standard process. Equal Entry, an accessibility consultancy, has partnered with technology due diligence firm Tech DNA on more than 75 M&A accessibility evaluations across a range of platforms and technology stacks.
Their work has demonstrated that M&A events are an effective forcing function for accessibility: the transaction creates a natural inflection point where the acquiring entity can assess, quantify, and plan for remediation before integrating the acquired product into its own portfolio.
The demand is being driven by the same forces shaping the broader accessibility market. Litigation volume continues to grow. Regulatory specificity is increasing. Procurement teams are becoming more sophisticated in evaluating accessibility claims. And the organizations most likely to be acquired, technology companies with digital products serving large user bases, are precisely the ones most likely to have unquantified accessibility exposure.
The Deal Closes. The Exposure Remains.
The acquiring entity signs the purchase agreement, completes the integration, and begins operating the acquired digital products under its own brand. Six months later, a demand letter arrives citing specific WCAG failures on the platform it just acquired. The plaintiff is a repeat filer whose firm has institutional memory of the target's prior accessibility complaints. The VPAT published on the product's website claims conformance with criteria the product does not meet. The acquirer's legal team opens the due diligence file and finds no accessibility assessment was ever conducted.
This scenario is not speculative. It is the predictable outcome of a due diligence process that evaluates every category of technology risk except one.
The question is not whether accessibility belongs in M&A due diligence. It is how long the market can continue to treat it as optional while the litigation, regulatory, and procurement environment makes clear that it is not.
The question is not whether accessibility belongs in M&A due diligence. It is how long the market can continue to treat it as optional while the litigation, regulatory, and procurement environment makes clear that it is not.