top of page

Strategic technology due diligence.

Technology has become embedded in almost every company, in every industry, in every corner of the world. It is no longer a separate line item that simply needs to be checked for hygiene – it is now integral to creating, enabling and delivering value.

Our due diligence assesses the full technology ecosystem in the investment thesis: benchmarked performance, risks and growth challenges, commercial implications, and value creation opportunities.


We have developed a structured process for assessing how a target company’s infrastructure, AI, data, cybersecurity, people and organisation will respond to the changes you plan for tomorrow, as part of your post-investment value creation. This can be used to benchmark across your portfolio.


We conduct due diligence to validate the assumptions in the investment thesis that are dependent upon products, infrastructure, AI & ML, data, people, regulatory compliance and operational processes:

  1. What is the commercial quality of the technology ecosystem to be invested in?

  2. Can the company implement third-party technology and adapt its own technology, processes and people to respond to the value creation levers of the investment thesis?

  3. Who owns the intellectual Property?

  4. What are the regulatory risks?

What we deliver

We deliver data, insights and recommendations:

  • Current state and comparison with best practice.

  • Ability to respond to post-investment value changes.

  • Risks and implications for the investment thesis.

  • 100-day Plan recommendations to reduce risk and maximise returns.


We use a blend of proprietary and third-party tools and frameworks to product standardised assessments that can be benchmarked across your portfolio. Our due diligence assesses:

  • The Senior Management Team – engagement, capability and KPIS.

  • Organisation & processes – skillsets, capacity and risk mitigation.

  • Data management – regulatory compliance, infrastructure and data exploitation.

  • Cybersecurity – products, infrastructure and attack susceptibility.

  • Product Management – strategy & analysis, processes & tools, and organisation.

  • Engineering (software & hardware) – capacity, quality and organisation.​

  • Proprietary products (software & hardware) – quality, product strategy and technical debt.

  • AI & ML modelling – quality of development, strategy and deployment & scalability.

  • Business Continuity & Disaster Recovery – targets & KPIs, communications and processes.

  • Hosting & product infrastructure – architecture quality, scalability and operations.

  • Third-party product integration – quality of deployment and service automation. 

  • Regulatory compliance – data and industry-specific.

Approach & deliverables
Why strategic matters

Why strategic matters

Consider a growth investment in an established UK on-line B2B industrial supplies marketplace, which operates a proprietary SaaS platform that uses a blend of proprietary and Microsoft AI models to increase average customer spend by simplifying the purchaser’s search experience. The company has a high-performing, lean tech team. Key elements of the investment thesis are an increase in UK sales and geographic expansion into the EU. 


Below is a small subset of the technology considerations we would assess in our strategic due diligence:

Technology considerations

Traditional technical due diligence would only give half the picture on increasing UK sales and would have very little to say on the inherent tech-related risks of expanding into the EU.  It would fail to identify any organisational factors impacting the company’s ability to expand its proprietary technology and you might assume that wouldn’t be a problem because to date they have been high performing. It would entirely miss the revenue risk caused by the difficulties of training AI models on new geographic data (the tech works, but the time to train and the access to volume of data is inherently problematic). And it would also miss the regulatory risk of managing data domiciled to different countries – the commercial DD would assume the tech can handle it, and the traditional technology DD would assume the commercial DD had it covered.


A note on AI & ML

In many cases it is a buzzword.


We dive deep to identify the reality, not the hype, using use our extensive experience of brining commercial algorithms to market


We determine if the company's algorithms truly utilise AI or ML to predict and analyse as claimed, and if they an deliver a sustainable competitive advantage that can be monetised. 

Scope of analysis

  • Legal liability - third-party dependencies and authority to deploy.

  • Performance – efficacy, accuracy and predictive ability.

  • Quality – appropriateness of deployed modelling techniques, ratio of patentable IP to open-source code, improvements required to meet commercial objectives.

  • Relevance – necessity, competitive advantage delivered, ability to provide a return on future investment.

  • Commercial deployment –  data requirements to reach and maintain commercial deployment at scale (volume, sources, ability to acquire, dependencies and cost), time to train models, associated financial, operational and technical risks of delays. 

  • Competitor substitutes – alternative customer solutions that would negate the commercial value of the AI & ML algorithms.

  • Data science strategy – alignment with commercial objectives.

Data management

Data management

How well a company acquires, stores, processes and interprets its data is critical to shareholder value. This includes how the company manages data privacy and data security.

Geographic residency and segregation of data at rest, in transit and in processing is often key to regulatory compliance and the ability to expand into new geographies.

Scope of analysis

  • Data acquisition, storage & processing – quality of processes. 

  • Regulatory and GDPR compliance – at rest, in transit and whilst processing, and the legality of the processing and usage itself.

  • Data infrastructure architecture – tenancy, ability to match country of residency with markets etc.

  • Data exploitation – efficiency and breadth of data mining and operational usage of intelligence .

  • Governance, policies and processes – with a particular attention to regulatory and reputational risk in growth or cost-reduction.

bottom of page