Back to Blog

M&A Due Diligence Trends for 2020

    

M&A due diligence is the process of uncovering the financial, legal, and operational risks that both parties may incur as a result of the transaction. Due diligence during an M&A transaction ensures that the buyer and seller can make a fully informed decision and can agree on a fair price for the deal.

While the basic purpose of M&A due diligence has remained the same over the years, the methods and technology behind due diligence are constantly evolving as new best practices emerge. In this article, we’ll discuss the future of M&A due diligence in 2020 and the latest trends you should be aware of.

1. Machine Learning and AI

Modern enterprises generate millions of files and documents, far more than any single person can hope to efficiently analyze. Yet some of these documents may contain crucial information that buyers should be aware of before completing the M&A due diligence process—information that may be missed due to human oversight and lack of time.

To correct this problem, machine learning and AI are becoming essential tools for performing M&A document discovery and analysis.

By “learning” which documents are likely to be most relevant, AI-enabled software can present human reviewers with the most salient information, saving a great deal of time and money. In addition to information discovery, AI tools can also perform information synthesis during M&A due diligence, combining and summarizing data to help provide context to human researchers.

A few use cases of machine learning and AI in due diligence are:

  •  Identity resolution to determine that multiple documents pertain to the same person or entity

  • Clustering to identify documents with the same topic or subject

  • Ranking the importance or relevance of documents

2. Cybersecurity Due Diligence

M&A due diligence has traditionally focused on risks such as illegal activities and hidden financial weaknesses. Yet poor IT security practices can have just as much economic, legal, and reputational damage in the event of a devastating data breach. According to a 2019 IBM study, the average cost of a data breach has now risen to $3.9 million, or $8.2 million for companies in the U.S. 

The role of cybersecurity in due diligence is to minimize the risk that the new merged entity will face a similar IT disaster. M&A buyers are increasingly analyzing potential sellers for the possibility of cyber vulnerabilities such as insider threats and ransomware.

62 percent of companies believe that cyber risk is their greatest concern following an acquisition. It’s no surprise that IT research and advisory firm Gartner estimates that 60 percent of organizations will see cybersecurity as a critical part of their M&A due diligence by 2022.

3. Technology Due Diligence

Because IT security issues affect companies of all sizes and industries, analyzing a seller's cybersecurity posture is becoming increasingly important. However, technology due diligence (also known as technical due diligence) is also a due diligence trend for 2020, due to the growing number of tech and software M&A deals. In Q3 2019, the volume of global M&A deals in the software sector rose to its highest in two years, at 384 deals.

Technology due diligence means performing in-depth analysis of a seller's proprietary technology, ensuring that it operates as intended and is free of any technical defaults. This involves actions such as:

  • Looking at a software's source code (if relevant)

  • Understanding who was involved in the creation of a particular technology

  • Understanding the underlying processes and workflows for creating this technology

  • Going over intellectual property and software licensing agreements

  • Determining the technology's future roadmap

4. Virtual Data Rooms

Much of the information shared during due diligence is highly sensitive and confidential. While there are many solutions for sharing information—e.g. email, snail mail, and physical exchange—these options suffer from security risks or may be infeasible, depending on the two parties’ physical location.

A virtual data room (VDR) is an online software application for securely storing and sharing confidential information. Companies use virtual data rooms during M&A transactions to exchange important private documents such as financial records and intellectual property. Access to a VDR is strictly limited, and each user’s actions are logged and recorded.

In addition to M&A due diligence, VDRs are also useful for other collaborations between multiple businesses, such as IPOs, fundraising rounds, and strategic partnerships.

Securedocs-due-diligence-checklist