When acquiring or investing in a software technology company – do you know what you are investing in?

Compared to tangible assets like buildings, machinery and land, software and related IP may present certain specific problems to the investor: it can be more difficult to value, conflicting interests may not be as apparent, and the asset may not even exist (for example, if a registered right is found to be invalid, it will be regarded as never having existed in the first place). There are also issues relating to the scale of any redundant source code and the extent to which open source code is present - all of which can impact directly on value and the sale/investment process including deal documentation and warranties.

The importance of being aware of and addressing these issues is critical, and to this end comprehensive financial and legal due diligence on software source code is paramount when investing in the tech space.

Source code due diligence

The purpose of source code due diligence is an accurate valuation of the code and an understanding of the IP rights associated with it. One particular issue beyond the typical analysis of proprietary IP rights in target software is whether open source software (OSS) is present.

OSS is source code that is generally freely available to use, distribute, modify and combine with other proprietary code but can frequently require any such combination to be made available to third parties on the same terms as the original licence - which can require the release of the source code to the community to enable others to freely adapt.

This can have direct impact on the value of the investment and the ability to exploit proprietary code in a controlled way and should be something properly understood in addition to a range of other software related issues such as:

  • Maintainability: is the source code easy to upkeep; is there significant redundant code that can add to the cost of any maintenance; will there be an appropriate transfer of know-how to the new owner/operator?
  • Reliability: is the source code robust and has it been systematically stress-tested?
  • Efficiency: is the source code logical, fast and usable, and does it interface effectively with industry standard models?
  • Security: does the source code contain a high level of security; how does this impact on performance?
  • Size and scalability: can the source code be ramped-up to meet future needs, or will it face capacity issues beyond a certain size or range?
  • Portability: is the source code easily transferable between parties and networks?
  • Licensing: is the source code licensed correctly or do licensing arrangements impact on the company’s proprietary IP and the right to exploit that IP? An end-user licence agreement which prohibits de-compilation, reverse engineering, analysis, modification, or circumventing of copy protection, for example, can offer both inadequate protection and over-restriction in different circumstances. Would it be more appropriate to consider other types of source code protection, including code encryption, obfuscation or morphing?

Underscoring these issues is the bottom line that appropriate due diligence on source code quality and the IP/licensing arrangements that underpin such code can assist with establishing a more accurate valuation and the types of assurances that parties may require as a part of the sale/investment process including with the deal documentation.