When technologists dig into a company’s software, infrastructure, security posture and everything else related, they are in an excellent position to recognize where value can be created internally during the hold period. These value realizations can be through projects to smooth operations, deliver better KPIs, or automate what used to be manual operations.
The best technology diligence processes, therefore, capture not only the reporting contained in a standard diligence report card, but they also deliver constructive commentary on how the target company can use technology to enhance its operations, its EBITDA and return on investment for its owners.
Every competent PE shop knows how to execute a rollup strategy that capitalizes on enterprise value multiple differences between smaller and larger targets, and how to clean up bad contracts, and squeeze down costs.
In a time when deal multiples are still running near historic highs, the private equity players who embrace technology as part of their core value creation philosophy will have a decided edge on those who don’t. Enabling that tactic starts with diligence.
This piece focuses on why potential acquirers should look for insight from technology diligence that goes beyond the standard tech checklist. But those regular items matter. Investors should expect these pieces out of any technology diligence, at a minimum:
- An examination of the target’s use of packaged software, how all of it is deployed and how well each major package fits its prescribed use.
- A vetting of all custom software, its inner architecture, and its ability to scale with the business. Scrutiny around the UI/UX of the software should also be expected.
- In cases where proprietary software exists, diligence around the development methods used at the company, its code writing processes, and documentation and testing standards.
- An evaluation of the team, the capabilities of its major cogs and the ability of the team to continue to support growth in the business.
- Looming costs related to technology that will be mandatory during any hold period that haven’t already been budgeted for by the target.
- A thorough cybersecurity audit that adjusts for the industry the target is in. This account should scrutinize not only a company’s technical infrastructure and how it defends it, but it should also measure how well a company trains its employees to spot and repel phishing and other attacks designed to gain access to software and systems through what is often the most vulnerable portal: humans.
Best Technology Diligence Teams
Knowing that these standard items are what should be expected of any technology diligence, investors who want to get the most yield out of a simple tech diligence should look for experienced teams with some level of operating experience. This helps teams distill what really matters from what is less important when calling out issues at a target.
For example, a more junior team may get hung up on pedantic issues around framework versions—upgrading from an outdated .NET or Rails applications—rather than spotting the larger issues regarding how the target may be missing simple opportunities to inject automation into its processes while also driving up technical debt.
Many technology advisors use resources with no experience outside of consulting to provide diligence services. Those who understand the view from the operator’s chair, however, will be better suited to offer advice beyond technology faux pas and checklist style reporting. Next-level diligence requires those with experience beyond the consulting world.
The best technology diligence teams include:
- A leader on the project who possesses technical knowledge as well as experience as an operator with a solid grounding in business and accounting. This person should be able to clearly articulate the key issues at a target to the client, and have a knack for spotting high-level talent, as retaining those people should be a priority for the potential investor.
- A security expert who has many of reps digging into the fidelity of company’s systems, as well as experience with incident response and post-hack mitigations. As with any security audit, there is checklist-style work to be done, but a security person with experience in actual mitigation will understand the nuance of a company’s actual place in the market and how the demands of its industry change expectations around data storage and encryption.
- For engagements that include custom software and non-standard packages, there should be an additional, highly technical resource who can quickly distill advanced technologies and not be snowed in by complex architectures and CTOs at the target who may not offer up all of the details during a first pass conversation.
- Companies with complicated supply chains and labyrinthine quote to cash processes may demand scrutiny from a technical resource on the diligence team who also has deep experience in accounting, procurement and ledger software. Issues that may not be uncovered in a quality of earnings diligence could surface during a technical diligence that closely traces how a company uses technology to track everything related to its books, orders, inventory, and capital flows.
Better Diligence, Better Hold Period, Better Returns
Investors who want more out of their diligence than the standard reporting should look for teams that include the talents and experience listed above and should ask that concerns within the critical path of the investment thesis be mentioned explicitly in the scope of work.
In addition to areas called out ahead of time, investors should look for a next level diligence report to deliver insight around the below and other areas that can drive value during the hold period:
- Paths to automation within the company that can improve margins, enable faster scaling and improve team morale—removing tedium usually has good effects on how people view their jobs.
- Ways to unlock further value by using data the target is already capturing—or data it’s not capturing that can be harnessed fairly easily.
- In tandem with the previous item, a shrewd diligence team will spotlight ways a company’s current BI footprint falls short and the best ways to expand it. This exercise should focus on incremental improvements and reporting that can drive more and better data-based decision making.
- Best paths forward for inorganic growth from a technology point of view. Given that the most in-depth diligences often take place on targets that investors think can be platforms for future smaller acquisitions, roll-ups and tuck-ins, having a nuanced point of view here can be critical. For instance, if a company has built out a monolithic application with dated interfaces and many non-intuitive exercises required by users, its software may not be in a good position to support a great deal of inorganic growth. The diligence provider should provide commentary on the changes necessary to internal technology and software to ready the target to be a platform that can more nimbly incorporate additions. These measures may include building out a set of APIs for data sharing and posting with systems belonging to add-ons, and updating UIs and documentation around proprietary software so that those new to the software can get up to speed more quickly.
Among the levers available to investors and operators, technology has proven to be the most consistent in driving better outcomes. Treating technology as a check-the-box exercise won’t necessarily harm a company, but it will enable competitors who embrace it to make up ground and gain an advantage.
Investors can employ two main technology strategies as active operators of a portfolio company:
- Empower the portfolio company to increase its margins organically via technology
- Prepare the company to be a more nimble platform for future M&A, enabling faster tuck-ins and roll-ups
Both of these must begin with understanding all the technology and people in place and the vectors available for improvement—and that’s a mission that diligence, when executed at its highest level, should accomplish.
