Before you embark on investing in a potential portfolio client or undertaking an acquisition or asset purchase, you’ll need to take all the necessary steps to make sure that the deal makes sense. This is called “investment due diligence,” and this means more than a simple review of quarterly earnings and profit margins; true, in-depth due diligence can protect your reputation and finances in the event of an unpleasant surprise down the road.
A fundamental flaw in the company’s marketing strategy or business model can be determined by a close review of corporate records. But make sure you include these other elements in your investigation as well.
Review the company’s history, its reputation, and its corporate structure. This should include a separate review of each entity or division within the organization and a look at the capitalization table. Look for any legal issues from previous investment rounds. Did the company comply with securities rules in issuing securities? What type of investment financing happened in the past? Are there outstanding warrants or other exotic securities that may disrupt the cap table at a later date?.
Founders, Employees and IP
A comprehensive review of the company’s list of founders and employees is essential. Have there been founders who have departed? When and how did they depart? Is there an agreement in place documenting the departure? This is important to examine to avoid claims by aggrieved founders who later claim ownership of the company or its intellectual property.
The same is true for employees who have departed. Have all employees and service providers executed confidentiality agreements, and have they assigned over and committed their intellectual property contributions to the company? Were departing employees asked to turn over company property? At a time where many companies are deriving value from their data and intellectual property, ensuring that a target company has guarded its intellectual property is a good sign and gives confidence in management and data security.
Relatedly, diligence should examine issues related to regulatory compliance. If the company, its agents, its supplier or its associates take responsibility for managing sensitive customer information, you’ll need to see certifications proving the company’s ability to withstand potential hacks and breaches and report them immediately if and when they happen. These audits are typically conducted by third party data security experts.