The impact of the size and organisation of a company on the execution and the focus of a software due diligence

Written by Egon Wuchner | Dec 16, 2024 3:45:07 PM

Discover tailored software due diligence strategies for small startups and established enterprises. For startups, we assess scalability, R&D roadmaps, and technical risks, ensuring compatibility with investor expectations.

Large companies benefit from in-depth evaluations of technical debt, architecture sustainability, and development processes. Using advanced tools like DETANGLE®, our experts streamline analysis and provide actionable insights.

Navigate M&A challenges with our comprehensive approach, even in sensitive scenarios where code access is restricted. Empower your investment decisions with clear, data-driven insights into software scalability, risks, and opportunities.

Small/Start-up software companies

These companies/start-ups are often still run by their founders who have developed innovative software with a small team and in most cases have grown rapidly. An investor is often actively sought to enable further growth.

The approach to due diligence must be sensible as the team is often 'idealistically' managed with limited guidelines. Too little capacity is often allocated to administrative activities. The predominantly technical employees identify strongly with the company and take pride in their work. There are reservations about how this would change with an investor on board. Sympathy and the right technical understanding can play an important role in a seller's decision to accept an investor. We have seen time and again that acceptance on a technical level is the key to a successful M&A transaction.

A challenge to an automated code base analysis is often the inconsistent use of development tools such as code repositories and issue trackers. Experienced consultants need to prepare the data from these information sources before analysis tools can be used. When most developers work from home and across borders, the processes for consolidating and documenting work results, and the documentation itself, also need to be reviewed.

For small or young companies, the focus of the software due diligence is on assessing the scalability of technology, development processes and employees (including possible risks due to dependencies on individual developers). The R&D roadmap should reflect the current realities in the development area. The report focuses not only on the substance but also on the technical potential of the existing solution and development. Depending on the investor's requirements, these are additionally evaluated through scenario-based interviews and compared with the qualitative, tool-based results. We have regularly found that our findings and suggestions for improvement are well received by the seller.

Established/Large software companies

Large or established software M&A targets often have robust processes using standardised, state-of-the-art development tools. The software suite is usually large and has been maintained and enhanced over many years. In order to assess this technological complexity and whether the software will support the strategic and financial objectives, the investor needs a consultant who can unravel the complexity and present the potential risks and opportunities in a clear and comprehensible way. This requires a deep understanding of the code, architecture and development processes.

These large M&A targets are usually marketed in a tightly scheduled bidding process. This creates time pressure and requires a clear focus in the software due diligence on the following risks

  • Extent and trend of technical debt as a risk of increased maintenance costs or shortened life cycle
  • Sustainability of the software architecture, as a risk of not being able to follow technical or market trends with normal development efforts
  • Quality of development processes as a risk to innovation capability and time-to-market 
  • The distribution of knowledge across projects as a risk to deadlines, quality and staff turnover
  • Dependence on individual employees as a risk that the departure of a few employees could lead to a fundamental loss of expertise
  • Quality and interfaces with external development partners as a risk that the actual expertise is not within  the target
  • IP risks due to the use of open source software

In theory, the effort required for software due diligence increases disproportionately with the size of the organisation/application, as larger applications tend to have more complex architectures, more lines of code and extensive dependencies. To limit the effort for large applications, due diligence consultants focus on the core application(s) and key technology risks. The investor seeks to mitigate any residual risks by structuring an appropriate contract. 

The use of analysis software such as DETANGLE® and the focus on core applications has proven to be an efficient way of analyzing software in due diligence. A single code scan provides data and information that can answer most of the questions above. To gain a more detailed understanding, experienced consultants also conduct interviews with key stakeholders in the software development process. Any help desk activities and processes and their level of automation are also analysed and assessed.

Special case

The use of analysis software is not authorized by the seller:

If the buyer is a direct competitor and/or the technology is extremely innovative, the seller may refuse direct access to the code. Please refer to Part 2 of our blogs ‘Basics of IP protection for the seller when analyzing software assets’.

Links

[0] Photo by Monstera Production

[1] Overview of the whole blog series