Due diligence for tech M&A in Turkey

Due diligence

What are the typical areas of due diligence undertaken in your jurisdiction with respect to technology and intellectual property assets in technology M&A transactions? How is due diligence different for mergers or share acquisitions as compared to carveouts or asset purchases?

When due diligence is carried out for M&A transactions and share purchases, the main focus is on the business model of the target and regulatory compliance of such, rather than the ownership of the IP rights, chain of titles and registrability thereof. This is because, for M&A transactions and share purchases, the acquirer may also require certain representations and warranties to offset ownership-related risks and secure its investment; whereas, when an asset purchase or carveout is concerned, the whole purpose of the transaction is to benefit from the relevant IP rights or business. Therefore, an indemnity may not be adequate to offset investment risks.

What types of public searches are customarily performed when conducting technology M&A due diligence? What other types of publicly available information can be collected or reviewed in the conduct of technology M&A due diligence?

Trademarks, patents, utility models and domain names are registerable IP rights under Turkish law. Therefore, a due diligence as to the ownership of target’s trademarks, patents, utility models and domain names can be conducted via public searches. Moreover, the shareholders of an incorporated business are publicly available via the trade registry gazette and, regardless of whether there are IP rights registered under the name of the target’s shareholders, they may also be checked. Unfortunately, other IP rights, such as copyrights, are not registered; therefore, ownership is not publicly available and the acquirer has to trust the documents provided by the target to confirm the chain of titles. In such a case, the due diligence process may focus on the demonstrability of the ownership.

What types of intellectual property are registrable, what types of intellectual property are not, and what due diligence is typically undertaken with respect to each?

Trademarks, designs, patents, utility models and domain names (with ‘.tr’ extension) are registerable IP rights under Turkish law, whereas copyrights are not. When registered IP rights are concerned, the registrability and demonstrability of the ownership is not part of the due diligence process, as the registered owners are deemed the truthful owners; however, when the target holds a non-registrable IP right, registrability and demonstrability of the ownership are the main focus of a due diligence process. For due diligence processes concerning the registered IP rights, the main difference in each is the relevant protection periods for trademarks, designs and utility models.

Can liens or security interests be granted on intellectual property or technology assets, and if so, how do acquirers conduct due diligence on them?

IP rights can be subject to liens, which are granted by means of a written agreement, and no further action has to be taken to effect a lien. For registered IP rights, liens may also be registered for the purposes of perfection. This act of registering can be concluded by submitting of simple petition accompanied with the necessary documentation to the relevant registrar.

For non-registered intellectual property, such as copyrights, perfection is also an option under the Law on Liens on Intangible Assets in Business Transactions. For the purposes of perfection, the lien agreement must be notarised and submitted to the Intangible Liens Registry. However, a non-registered lien agreement concerning a copyright is still enforceable under Turkish law, provided that the agreement is in writing.

To ensure there are no binding lien agreements concerning the IP rights, while drafting the asset transfer agreement, the acquirer usually requires a representation from the target that the copyright is free of any encumbrances and further undertakings to transfer the copyright to any third parties. Accordingly, during the due diligence process, the liens may also be checked from the registry for the registered IP rights, whereas, for non-registrable IP rights, the acquirer again must trust the documents that are presented by the target.

It is also common practice to require the target to put the IP rights, especially the source codes when software purchases are concerned, on escrow for the period between signing and closing of the deal. Whereas the IP rights essentially do not have a physical form and can be transferred via a written assignment, a contractual duty to hold the IP rights on trust would practically only give rights to compensation if the owner of the IP rights (the target) breaches such obligation, but would not grant any rights to claim the title before the third person who has acquired the said IP rights in goodwill unless the lien is registered (as applicable).

What due diligence is typically undertaken with respect to employee-created and contractor-created intellectual property and technology?

The ownership of the copyright belongs to the creator upon creation (either the employee or the contractor in this case) and can only be transferred via a written assignment agreement. However, the employer shall automatically have the power to use the financial rights related to the copyright. Therefore, for employee creations, the due diligence process is limited to assess whether the copyrighted work was created within the course of employment and in close relation to employee’s duties (based on the experience he or she gained at the workplace and work carried out at the office). When contractor-created intellectual property is concerned, extra documentation for written assignment shall be sought.

For patentable employee inventions, the Law on Industrial Property and the Regulation on Employee Inventions provide a specific procedure where the employee owns the invention created during the course of employment; however, he or she needs to notify the employer regarding the invention in writing without undue delay. If the employer requests full rights to the invention within four months following the notification, the title to the invention is transferred to the employer as soon as such request is received by the employee. Therefore, the scope of the due diligence shall be to determine if the explained procedure is followed and the title to the invention is dully transferred. The provisions of this regulation are mandatory and may not be altered to the detriment of the employee in the employment contract. This is why the employment contract is reviewed.

Unless otherwise provided under the employee’s employment contract, for employee-created registrable designs, the title to the design that the employee has created during the course of employment, as part of his or her duties and in close relation with the know-how he or she acquired at the workplace, belongs to the employer. This is also why the employee’s employment contract is reviewed. The question of whether the design was created during the course of his or her employment is assessed as part of the due diligence process.

For contractor-created IP rights, the contracts of work shall be reviewed. An explicit assignment of the IP rights to the target shall be sought. It must be stressed that, under Turkish law, while an undertaking to assign a not yet created copyright is permissible, a future assignment is invalid. In other words, such agreements are not directly enforceable to claim rights to the future works; however, they grant the transferee a compensation claim on the grounds of breach of contract. This is why an assignment after the creation of the work has to be sought during the due diligence process.

In any case, for the registered IP rights, if the target is registered as the owner of the IP rights, the due diligence process is then lighter and may be limited to a possible dispute of ownership between the employee and the employer, or the target and the contractor. For example, regarding both patentable creations and designs, the employer is obliged to make a payment if the employee so requests. Documentation as to such payment may be sought from the target if the relevant IP right is of critical importance for the acquirer.

Are there any requirements to enable the transfer or assignment of licensed intellectual property and technology? Are exclusive and non-exclusive licences treated differently?

Regardless of any licence agreements associated with the IP rights concerned the conditions specified under question 3 shall be fulfilled. As a licence agreement only gives the licensee a contractual right, when the underlying IP rights is transferred, the licensee may not have any claims against the acquirer unless the licence agreement was registered at the relevant registry for the IP rights concerned (as applicable). However, even then there are not any further actions to be taken to affect the transfer.

What types of software due diligence is typically undertaken in your jurisdiction? Do targets customarily provide code scans for third-party or open source code?

The due diligence process is closely associated with the nature of the proposed transaction. For asset transfers, code scans are customarily provided and technical assistance may be needed during the legal due diligence process once access is granted to code scans to decide the fitness for purpose of the asset, such as the degree of improvement needed for further development and associated costs. When share purchases are concerned, code scans or access to source codes are not generally required, as the copyright shall stay within the target company anyway. However, there may be deal-specific cases where the valuation of the target heavily depends on its software products or services. In this case, access to source code or provision of code scans may still be required as part of the due diligence process.

Further, the scope of the deal is also a concern because requiring access to such delicate material as conducting a due diligence may lead to more transaction costs, as additional non-disclosure agreements may be sought by the target, or additional technical support may be sought by the acquirer to correctly assess the value of software and its fitness for the acquirer.

For third-party codes related to the software in question, the licences between the target and the code owner are generally requested from the target so that the terms of the licence and possible disputes may be evaluated as part of the due diligence process. If the non-disclosure allows the target to grant access to the third-party code, then provision of such may be requested from the target. Regarding open source codes, a list that is encrypted in a target’s software is almost always requested from the target. The terms of use for open source codes are then also evaluated to detect possible infringements, with specific focus on whether the target uses them for commercial purposes or the open source platform allows the users to commercialise the open source code provided thereunder.

What are the additional areas of due diligence undertaken or unique legal considerations in your jurisdiction with respect to special or emerging technologies?

As with other legislations, big data and, therefore, data protection rules, are hot topics in Turkey. That is why, as part of the business model assessment and compliance thereof, they should be considered if the target collects or processes any data (usually customer data) and, accordingly, it should be determined whether the consent of the data subjects is duly obtained or the data is processed in compliance with the legislation. For businesses that deal with artificial intelligence and the internet of things, data processing is of a great importance; when the target’s business model includes such technologies, compliance with data protection rules is specifically assessed.

While there are no specific regulations for emerging technologies such as autonomous driving, an overall compliance assessment with the fundamental laws and regulations is still conducted during the due diligence process. For other industries such as banking and finance, where regulatory measures are already in place, the business model of the target is specially studied to decide if the target’s products or services are subject to any licensing requirements as per the applicable law. Regarding fintech companies that already have licence to provide services, the scope of the due diligence process often evolves into examining possible infringement of the licence by the target and determination of regulatory requirements to be fulfilled to effect the proposed transaction. For example, subject to thresholds, share transfers of fintech companies shall be notified to or approved by the Banking Regulatory and Supervisory Authority.