本文目前仅提供英文版本。
AI Startup Due Diligence Checklist for Investors: The Technical, Legal, and Governance Questions to Ask Before You Wire
AI startups are raising at unprecedented valuations on capability claims that often don't survive technical due diligence. The checklist for VCs, PE acquirers, and corporate development teams investing in or acquiring AI startups in 2026 — covering model claims verification, training data provenance, IP exposure, regulatory readiness, and the specific governance maturity expected at each stage.
Key Takeaways
AI startups are commonly valued on capability claims that don't survive structured technical due diligence — benchmark validation is non-negotiable.
Training data provenance is the single largest contingent liability — Bartz v Anthropic and Thomson Reuters v Ross have made this a board-level concern.
IP exposure splits three ways: training data IP, output IP, and the IP the startup actually owns vs licenses from third parties.
Regulatory readiness varies by jurisdiction — EU AI Act, Colorado AI Act, Privacy Act ADM, and sector-specific obligations create different liability profiles.
Stage-appropriate governance maturity: seed/Series A should have data policies; Series B should have an AI policy; Series C+ should be working toward ISO 42001.
The DD process should produce a written governance assessment, not just a green/red flag — material gaps become post-close remediation conditions.
"仅供参考。本文不构成法律、监管、财务或专业建议。如需具体指导,请咨询合格专家。"
AI startup investment in 2026 is moving at a pace that compresses due diligence into windows that legacy DD processes were never designed for. OpenAI surpassed $25 billion ARR, Anthropic approached $19 billion, and the pre-IPO secondary market for AI infrastructure companies has created competitive dynamics where decisions are made in weeks rather than months. The risk: AI startups are commonly valued on capability claims that don't survive structured technical due diligence, on training data assumptions that may not survive copyright litigation, and on regulatory readiness assertions that fail when actually tested against EU AI Act, Australian Privacy Act, or sector-specific obligations. This checklist is designed for the VCs, PE acquirers, corporate development teams, and family offices investing in or acquiring AI startups now.
1. Capability claims and benchmark validation
AI startups commonly cite benchmark performance, customer outcomes, and capability claims that warrant independent verification. The questions to ask: which benchmarks were used, who ran them, and against which baselines? Public benchmarks (MMLU, HumanEval, GSM8K, SWE-bench) have known contamination problems — models can perform well on benchmarks they were trained against. Customer outcome claims should be verifiable — request references with specific quantitative outcomes and confirm with at least three reference customers. Independent capability assessment can be commissioned from third parties (the major AI evaluation labs include METR, Apollo Research, and the AI Safety Institutes in the US, UK, and Australia). For frontier AI capabilities, the US Center for AI Standards and Innovation (CAISI) now has pre-deployment evaluation agreements with major labs — startups in similar categories should be moving toward equivalent third-party evaluation.
2. Training data provenance and contingent liability
Training data provenance is the single largest contingent liability in AI startup investment. The questions: where did the training data come from, what was the legal basis for using it, and what indemnities exist? US copyright law on AI training is still evolving — Bartz v Anthropic (Northern District California) ruled in mid-2025 that training on legally-acquired books constituted transformative fair use, while Thomson Reuters v Ross (Delaware) held that using a competitor's content to train a competing AI tool was not fair use. The US Supreme Court denied certiorari in Thaler v Perlmutter (2 March 2026), confirming that purely AI-generated works are not copyrightable. The EU AI Act Article 53 requires GPAI providers to publish a summary of training data sources. Australia explored a copyright TDM exemption for AI training in 2025-2026 and rejected it in April 2026, instead exploring paid licensing. Practical DD steps: request a training data inventory, evidence of licensing or fair use legal opinions, indemnity coverage, and exposure quantification under reasonable downside copyright outcomes. For source coverage: see the US Copyright Office AI rulings and EU AI Act text.
3. IP exposure: three categories
AI startup IP splits three ways. First, training data IP — what was used, what was licensed, what was scraped, what indemnification exists. Second, output IP — what the startup's customers own when they generate content using the platform, and what residual rights the startup retains. Third, the actual IP the startup owns — model weights, fine-tuning datasets, RAG corpora, custom evaluation frameworks, prompt libraries, and proprietary tooling. Ask: what is patentable, what is trade secret, what is open source with what licenses, and what depends on third-party models or APIs that could be revoked. For startups built on top of OpenAI, Anthropic, or Google APIs, the underlying provider relationship is itself a critical asset — and a single point of failure.
4. Regulatory readiness by jurisdiction
Regulatory exposure varies sharply by jurisdiction. EU AI Act: if the startup operates in the EU or its AI affects EU residents, classification matters. Most B2B AI is GPAI-adjacent (Article 53 obligations from 2 August 2025) or high-risk (Annex III delayed to 2 December 2027 under the Digital Omnibus). US: federal preemption strategy is active (Trump December 2025 EO, Colorado AI Act effectively frozen by federal litigation and SB 189), but EEOC, FTC, CFPB, HHS, and SEC enforcement under existing law continues. Australia: Privacy Act ADM transparency from 10 December 2026; APRA, ASIC, and OAIC supervisory expectations from April-May 2026 apply to startups with regulated customers. UK: principles-based regulation with sector regulators (FCA, ICO) actively guiding. Singapore, India, Japan, South Korea each have their own frameworks. The DD test: can the startup map their product to applicable obligations in each material jurisdiction, and demonstrate compliance posture or remediation plan?
5. Stage-appropriate governance maturity
What's reasonable to expect varies by stage. Seed and Series A startups should have documented data handling policies, basic security controls (SOC 2 Type I, or in process), and an articulated position on training data sources and customer data use. Series B startups should have an AI policy, an AI use case inventory, formal vendor management for their own AI dependencies, and bias testing for any consequential decisions their AI makes. Series C and later should be working toward ISO/IEC 42001 certification or NIST AI RMF implementation, with documented risk assessments, human oversight procedures, and incident response plans. Failure to meet stage-appropriate governance is not necessarily a deal-breaker — it's a remediation cost and a signal of how seriously the founding team takes the operational dimension of AI.
6. The DD output: governance assessment, not just flags
The most useful DD output is a written governance assessment — not just a green/yellow/red flag summary. The assessment should identify material gaps, quantify the cost and time to remediate, and translate that into deal terms (closing conditions, post-close covenants, indemnity caps, escrow). This is what separates AI DD from generic technical DD: the work product is operational, not just descriptive.
Useful third-party resources
- NIST AI Risk Management Framework — the foundational US framework against which to assess governance maturity
- ISO/IEC 42001 — AI Management System standard
- OECD AI Observatory — international policy reference and jurisdiction-by-jurisdiction tracking
- METR (Model Evaluation & Threat Research) — independent capability evaluation
- Apollo Research — AI alignment evaluations