Due diligence

Typical areas

What are the typical areas of due diligence undertaken in your jurisdiction with respect to technology and intellectual property assets in technology M&A transactions? How is due diligence different for mergers or share acquisitions as compared to carveouts or asset purchases?

Due diligence of a company with technology or IP assets usually involves the review of registrations for registrable IP rights, chain of title for copyrightable works (including software), review of IP assignment provisions in employment or similar contracts (if the company generates IP assets in-house or orders the development to third parties), review of contracts for acquisition or licence of IP rights. In addition to the IP section, due diligence would also focus on relevant regulatory requirements and analysis of compliance therewith. Such regulatory requirements depend on the type of technology, but the critical provisions for which compliance should be checked are usually those under the personal data regulations and the requirements and limitations set forth under the Information Law.

It is also customary to review the history of claims, if any, over the relevant intellectual property or technology and, if the assets are licensed to third parties in the normal operations of the target, the actual licences would be reviewed. 

In addition, due diligence may also include the review of a company’s books to confirm if relevant IP and technology objects are adequately reflected as intangible assets. In some cases, such analysis reveals assets not otherwise disclosed by the target. However, such review would rarely help with the determination of the technology and IP assets value, as the valuation market for such assets is not quite mature. If relevant assets are generated within the company and/or have never been transferred or licensed, their value in books can be completely arbitrary. The issue of evaluation of technology and IP assets can be crucial in both share acquisition deals and asset purchases, when the share/asset price is tied to the book value. 

Due diligence for potential carve-outs or asset purchases does not involve in-depth review of the seller’s corporate structure and potential corporate risks, as well as lending history and debts, but would rarely be notably different as regards the IP assets or technology.  

Customary searches

What types of public searches are customarily performed when conducting technology M&A due diligence? What other types of publicly available information can be collected or reviewed in the conduct of technology M&A due diligence?

The official state register of registrable IP rights (trademarks, patentable inventions, designs and utility models) is available online on the website of the federal authority for intellectual property (Rospatent) at www1.fips.ru/registers-web. The register allows to confirm information on ownership and any transfers, licences and encumbrances related to the asset. The same resource contains the register of voluntarily registered software programs and databases.

Ownership of domain names can be checked online in the Whois service database. For Russian domain names, information on the website administrator (if corporate) is often available, as well as the reference to the relevant local registrar.

Information on litigations, including the background of ongoing cases and, among others, bankruptcy cases, can be found in the open register for disputes subject to consideration by the ‘arbitrazh’ courts (ie, disputes involving commercial entities and business interests) at kad.arbitr.ru.

In any due diligence for potential merger or share acquisition, the main source of corporate information is the Unified State Register of Legal Entities of Russia. An excerpt can be generated online at egrul.nalog.ru and will show if the company is in the process of reorganisation or liquidation. For limited liability companies, the register also contains information on participants and their participation interests.

Registrable intellectual property

What types of intellectual property are registrable, what types of intellectual property are not, and what due diligence is typically undertaken with respect to each?

Under Russian civil legislation, the rights to the following intellectual property are subject to mandatory state registration: trademarks, appellations of origin, inventions, utility models and industrial designs, and selection inventions. Software, databases and circuits may be registered at the right holder’s discretion. Further disposal or encumbrance of rights to registered intellectual property is also subject to state registration.

Copyright and related rights are protected by Russian laws irrespective of registration. While software (protected as literary work) can be registered voluntarily, there are no state registers or depositories for other copyrightable works.

Starting from 27 July 2020 the Civil Code will be amended to include another type of registrable intellectual property: geographical designation for marks identifying goods produced in specific regions.

Domain names are not regarded as intellectual property; they are protected as means of use of registered trademarks and company/trade names. Rights to domain names are registered with the relevant national registrars acting under the general rules of the Russian ccTLD coordination centre. Information on registration can be checked in the Whois database available online. 

Registrable rights are relatively easy to check in the course of a due diligence exercise, since most of the information is available in online state databases. Moreover, with respect to mandatory registrable types of intellectual property, parties are entitled to rely on the information in such registers, which is why no further review is usually undertaken. Compared to registrable objects, rights to copyrightable works require more substantial revision of underlying documents. Rights to such works are normally confirmed through establishing a proper chain of title, which may include licence or transfer agreements with previous owners, or employment or commissioning contracts with relevant authors. A review should confirm that relevant contracts are compliant with mandatory requirements of the legislation, that all conditions precedent to the transfer of rights were met by the purchaser, and that there are no terms allowing authors or previous rights holders to reverse the transfer of rights.

Importantly, the protection of certain types of intellectual property, even registrable, can be terminated in specific circumstances. Thus, trademark protection can be terminated if the owner fails to use the trademark for three consecutive years; patent protection can be terminated if the patent fee is not paid within the set term. The risks of loss of protection are also analysed in due diligence. 


Can liens or security interests be granted on intellectual property or technology assets, and if so, how do acquirers conduct due diligence on them?

Liens and security interests with respect to IP assets are allowed by Russian law, as long as the assets in question are transferrable – thus, moral rights, for example, cannot be encumbered. Encumbrances on registrable IP rights are also subject to mandatory registration with the state, which makes checking and confirming rather straightforward a task. For intellectual property not subject to registration, liens can be certified with a notary and entered into the register of notary notifications on liens, thus making this information presumed as available to third parties.

The law also requires that each pledgor keep a pledge book as a company’s internal document.

Employee IP due diligence

What due diligence is typically undertaken with respect to employee-created and contractor-created intellectual property and technology?

In respect of employee-created works, the vesting of the rights in such intellectual property with the employer is rather straightforward. The Russian IP legislation contains specific provisions for the so-called ‘employment works’ – that is, works created by employees within their employment duties and job description. In such cases, employees retain non-proprietary moral rights, while the employer is granted exclusive proprietary rights to the works, unless the parties agree otherwise in the employment contract.

The practical application of the concept of ‘employment work’ entails some specificities. Thus, in order to qualify as such, the employment work must clearly and undoubtedly fall within the description of the employee’s duties. In accordance with the explanation provided by the Plenum of the Supreme Court of Russia in its Ruling No 10 of 23 April 2019, if the status of work is disputed, the employer has the burden of proving the scope of the employee’s duties and the relevant work matching within such duties. The use of an employer’s materials by an employee is not considered as ground for recognising his or her work as an employment work.

Another issue is related to the fact that the Civil Code expressly states that the employee is entitled to compensation where the employer uses the employment work, licenses or assigns it, or even if the employer decides to keep such work a secret. While it is common practice to specify in the employment contract that any compensation for exploitation of employee-created works is included in the salary, some scholars opine that such provision is not sufficient and does not make the employer compliant with the legal requirement.

Lastly, if within three years of creation of the relevant work the employer neither commences the exploitation of the employment work, nor licenses or assigns it, nor notifies the author of the intention to keep the work a secret, the proprietary rights automatically return to the author. 

Contractor-created works may fall into two categories: works specifically commissioned by the target and works created as a by-product of the provision of other works or services to the client. If the contractor was hired for the creation of intellectual property, the contract qualifies as authorship commission and by default vests the rights in the work with the client, unless otherwise agreed between the parties. In cases where creation of intellectual property is not within the main scope of the contract, the rights would normally be retained by the contractor. To avoid any risk of confusion, it is advisable to specify that the contractor undertakes to transfer any and all rights to works or other IP results or technologies created in the course of the provision of services to the client, irrespective of whether such results were expressly commissioned.

Transferring licensed intellectual property

Are there any requirements to enable the transfer or assignment of licensed intellectual property and technology? Are exclusive and non-exclusive licences treated differently?

Under Russian law there are two categories of IP right:

  • non-proprietary moral rights, which are non-transferrable and technically non-waivable by authors (inventors) together with some other specific rights such as right of access or right to resale royalties; and
  • proprietary rights (ie, the rights to exploit the intellectual property), defined in their entirety in respect of a particular intellectual property as the ‘exclusive right’. The proprietary right can be assigned or licensed (in the latter case, as a whole or in parts). Unless the agreement expressly states that the entire ‘exclusive right’ is assigned, such agreement is presumed a licence.

The term used in Russian law for all proprietary rights – namely, ‘exclusive rights’ – is somewhat confusing and may erroneously be understood as referring to an exclusive licence. The law further distinguishes between exclusive and non-exclusive licences. Under a non-exclusive licence, the licensor retains the right to grant other licences, while an exclusive licence means that the licensor is not entitled to grant licences to other persons, or (unless the parties agree otherwise) to use the intellectual property itself. If there are no provisions on exclusivity, the licence is presumed non-exclusive.

Under a licence agreement, the proprietary right stays with the original rights holder, while certain rights and powers are granted to the licensee with respect to specific means of use, territory or term of use. The rights to use the intellectual property not expressly specified in the licence agreement are retained by the licensor. As the licensee does not own the proprietary right, the ownership of a licensed IP right cannot be assigned by the licensee.  However, the licensee’s rights may be transferrable if the licence agreement allows assignment or novation. Sublicences may also be granted by the licensee, if expressly allowed by the terms of the licence. 

The owner of the proprietary right is not restricted by law from assigning its right irrespective of whether it has been licensed to a third party. In case of such assignment, the licence remains valid.

There are specific requirements for licence agreements under Russian legislation, which are usually the subject of review during due diligence. To be valid, a licence agreement has to be concluded in writing. If a licence agreement contains no provisions on the territory and the term of use, the territory is presumed the territory of the Russian Federation and the term is presumed five years. Most importantly, a licence agreement must contain provisions on the licence fee. Free licensing is not allowed between commercial organisations worldwide for the entire term of use and on exclusive terms. If a non-free licence agreement contains no provisions on the amount of fee or means to determine it, the agreement is considered non-existing.

Software due diligence

What types of software due diligence is typically undertaken in your jurisdiction? Do targets customarily provide code scans for third-party or open source code?

Since software is copyright-protected as literary work, due diligence typically includes the review of underlying chain of title documents, such as employment or service contracts (if software was created in-house or commissioned), or licence or acquisition agreements (if software was purchased or licensed from other parties). If the relevant software appears in one of the state registers, the information can be confirmed in the online database of the relevant registrar.

Legal due diligence does not typically include a review of the code itself, which can be done as part of a separate technical due diligence. There is no uniform approach to requesting code scans and, while buyers agree that full-scope due diligence and code analysis are preferable, whether a buyer will in reality insist on the review of the code as part of due diligence largely depends on the buyer’s business (technology-related or investment) and the level of the buyer’s technological savviness.

Other due diligence

What are the additional areas of due diligence undertaken or unique legal considerations in your jurisdiction with respect to special or emerging technologies?

With respect to most new technologies, due diligence in Russia usually focuses on regulatory compliance and risks that may affect the exploitation of the relevant assets. Regulatory areas to look into may include personal data regulation, consumer protection, regulation applicable to online payment systems, electronic signatures and distribution of certain types of information.

Privacy issues emerge in nearly all new technology projects. Russian legislation uses a broad definition of ‘personal data’, understanding it as any information related to a directly or indirectly identified or identifiable individual. The authority responsible for supervising compliance with personal data protection requirements (the Federal Service for Supervision in the Sphere of Communications, Information Technologies and Mass Media) also tends to treat any type of data pertaining to an individual as personal data. The authority’s approach to some of the interpretations of the legal provisions is not fixed in any official way and is often inconsistent, which makes it difficult to rely on. Different approaches to the legislation on big data have been discussed over the past few years. Various authorities are planning bills of law in this regard, with major industry players also involved. Until changes are implemented, the competent Russian authorities are examining each case separately, but there have been situations when cookie files, IP addresses and online logs have been considered capable of identifying individuals and, thus, personal data. Consequently, any business plans involving the collection or transfer of data pertaining to Russian citizens should be analysed from the perspective of compliance with the Russian personal data regulation, including the requirements on data localisation.  

Another specific consideration is the list of restrictions and requirements set by the Information Law, with respect to information distribution. The law contains specific requirements applicable to hosts of online platforms allowing exchange of messages, including instant messaging services, to operators of search engines, news aggregator websites and video-on-demand services. Among such requirements are registration with state registers, mandatory identification of users, storage and provision on demand to state authorities of correspondence and meta data of users, and the provision of codes for deciphering transmitted data.

The absence of specific laws or legal provisions regulating technologies in such popular areas as artificial intelligence, internet of things or autonomous driving does not mean the absence of regulation altogether. There may be certain requirements set at the authorities’ level that are a challenge to track. For example, starting from January 2020 operators of LPWAN frequencies (normally used for the internet of things) will be obliged to use base stations manufactured in Russia. The requirement was adopted by a decision of the State Radio Frequencies Commission in the end of December 2018.

Many new technological projects are developed within the state national programmes, such as the Digital Economy Programme. The companies involved in these projects are acting under the approval and coordination of the state and within temporary requirements. One of such projects is the testing of autonomous cars in the territory of Moscow and the Republic of Tatarstan, rules for which were set in Governmental Order 1415 of 26 November 2018.

Law stated date

Correct on

Give the date on which the information above is accurate.

5 December 2019.