Due diligence

Due diligence will form part of any corporate sale. Buyers want to know what they’re buying. Key issues which will be raised in due diligence for a software business will be:

  • Technical – does the software work?
  • Ownership – does the target actually own the software?
  • Infringement – does the software infringe any third party rights?
  • Contracts – on what terms does the target license out the software?


Technical due diligence will often be more focused on practical investigation, such as reviewing the target’s reputation in the marketplace, and potentially involving a technical consultant to analyse the relevant source code.

  • Many targets will resist access to source code or development documentation, or require assurances that only a third party consultant will be used. At the very least, a robust non-disclosure agreement should be in place to ensure that if the deal does not proceed, information gained through due diligence is not misused.
  • Legal questions around technical due diligence will usually focus on disputes with customers and any error or bug reports. The target may well have to provide details of significant issues it has encountered in the past few years.


Ownership due diligence is intended to ensure that the target actually holds the relevant intellectual property rights (IP) in the software.

  • If any software has been bought (whether on its own or as part of a business) this will involve reviewing the transfer documents.
  • For software developed in-house, this will require a review of the target’s employment contracts and consultant contracts.
  • While IP created by employees in the course of their employment will generally be owned by their employer, IP created by external consultants doesn’t automatically vest in their customer, and so appropriate contractual assignments are required.

We have created a useful infographic which details an IP audit process which can be followed as part of ownership due diligence.


Infringement due diligence is aimed at ensuring the target’s software doesn’t infringe a third party’s IP rights. Due diligence on this topic is generally aimed at any existing disputes, as well as any use of open source software. A target’s software services will often use or incorporate open source software, and due diligence will often focus on whether that open source software is licensed in a way which might affect the rest of the software. For more information, see our note on copyright in software.


Contracts due diligence looks at the terms on which the target licences out its software or services. In particular what do the contracts say about:

  • Change of control – will the proposed transaction allow customers to terminate long-term contracts?
  • Liability – does the target limit or cap its exposure under the contracts?
  • Indemnities – does the target give wide indemnities to its customers? While IP indemnities are relatively common, broad indemnities for other issues may cause more concern
  • SLAs and Service Credits – what is the target committed to? Do any service levels depend on a third party?
  • Data protection – do the contracts include appropriate clauses, and do they leave the target exposed if there is a data protection issue?
  • Fees – does the target have the ability to amend or increase its fees, or is it tied in to lengthy contracts at a fixed price?



The level of due diligence undertaken, and the priorities which are focused on, will depend on the buyer’s appetite for risk and the profile of the target. If the target has only a few customers, but with high value contracts, the focus will be much more on contractual due diligence.

For further information please contact Elliot Fry on +44(0)1732 224 034 or at elliot.fry@crippspg.co.uk.