Understanding the key aspects of software due diligence audits will help you know what to look for in a trusted M&A partner.
At some level, the pitch for any software-related service is the same: We have the expertise to provide high-quality solutions to your challenging problems. Sometimes that expertise is “powered by” proprietary technology. That’s well-aligned to what prospective clients look for in most software service scenarios.
Expertise and quality of analysis (and the technology to power it) are key aspects of services that support software due diligence as well. Additionally though, the nature of mergers and acquisitions (M&A) add to the list of important features to look for. The Black Duck® Audit team has been in the middle of dozens of M&A transactions for more than a decade, and it’s become clear that in addition to the technical basics due diligence teams require, two other factors are critically important.
These comments all come from NPS survey responses. (You’ve probably seen these simple surveys—they mainly ask how likely you would be to recommend a product or service to a friend or colleague. The scoring scale ranges from –100 to 100. Top companies like Costco, Apple, and Ritz-Carlton tout scores in the 60s and 70s. We receive (and value) constructive criticism, but with the Black Duck Audit score hovering around 80, it’s no surprise that the comments we get are overwhelmingly positive.)
Anyone who’s been part of an M&A transaction knows that it’s usually a pretty wild ride. All service providers in that space (including lawyers, accountants, bankers, etc.) know that it’s not a 9-5 job and that deals often have a mind of their own—and they can proceed at a breathtaking pace. These transactions are also characterized by the millions of details involved. This all bears directly on the choice of software due diligence audit provider: In addition to doing great work, they need to turn on a dime and rapidly build trust with all involved.
Due diligence timelines are short, typically a few weeks, and clients are not always bringing in service providers at the front end. So it’s critical that teams are ready to mobilize as soon as the phone rings. Further, transaction close dates are often set in stone, so missing dates is not an option. Scale and flexibility are therefore essential.
Uncertainty abounds in M&A transactions, and the due diligence process is about building trust. With so many moving parts, it’s essential that acquirers trust that due diligence teams will do their job and deliver. Clients need to feel that “we’ve got this.” Huge and invasive demands are placed on sellers in these pressure cooker situations, and they need to be comfortable with the people and organizations to which they are disclosing highly sensitive information.
Experts are required to assess all aspects of a target’s software and development environment. One of the key elements of trust, beyond confidentiality and delivery consistency, is that the people providing the information are world class.
The bottom line of software due diligence audits is providing useful, insightful results in the form of reports. Behind the scenes are world-class tools and experts who are available to explain, interpret, and advise on results.
M&A software due diligence demands technical excellence, but it’s clear from customer comments that there is a premium placed on speed and trust as well in this unique scenario.
Phil is the general manager of Synopsys’s Black Duck Audit business auditing the composition, security and quality of software for companies on both sides of M&A transactions. He focuses on software due diligence best practices and the M&A market. He also works closely with the company’s law firm partners and the open source community and is a frequent speaker on open source management and M&A. Phil chairs the Linux Foundation's Software Package Data Exchange (SPDX) working group which created an ISO standard for Software Bills of Materials (SBOMs). With decades of software industry experience, Phil held senior management positions at Hammer/Empirix and High Performance Systems, a startup in computer simulation modeling. He began his career in marketing and sales with Teradyne's electronic design and test automation (EDA) software group. He’s also written a book on fly fishing. Phil has an AB and an MS in engineering from Dartmouth College.