Unicornly performed an evaluation of an eCommerce company operating within the consumer staples industry. The goal was to estimate the time, cost and risks related to integrating their systems with the acquisitor’s infrastructure.
An assessment for a global venture capital firm. This VC is a part of a larger company, and its main goal is to develop and invest in new products and businesses that address emerging customer needs within the consumer staples industry.
This VC was interested in acquiring and adding to their portfolio a company that was a competitor to the VC’s owner. Since Unicornly had been working with this venture capital firm on various projects for the last 8 years, it was a natural decision for the company to choose us as a partner for the tech due diligence project that would precede the potential acquisition.
The IT situation of the assessed company was that although it had a rather limited IT budget and a fairly small team, they had built a complex IT infrastructure containing a lot of custom-built solutions, such as their logistics system and other tools. From the perspective of a venture capital firm, it was crucial to understand the current state of these core systems and to estimate the potential time, cost and scale of their planned integration with its own infrastructure. Another important concern was related to GDPR and the cyber security of these systems, which were also assessed.
The tech due diligence took Unicornly 3 weeks and was performed remotely. The team consisted of a senior consultant and a tech lead. The process started with a kick-off meeting with stakeholders to discover and understand their main concerns and to grasp the business context of the diligence.
As a second step, Unicornly performed Q&A sessions with the company’s CEO and CTO. Afterwards, we went through the custom-built software and related hosting infrastructure. On top of a general health-check, we also assessed the competency of key technical team members. We put particular stress on GDPR compliance and the cybersecurity of the assessed elements and processes. Eventually, the team identified and verified all the third-party components.
The main finding of the tech due diligence was that the assessed company didn’t use any source code versioning system for the custom-built IT solution, which posed a significant risk. Another red flag was related to the fact that the analyzed system was overly complex, with 500+ database tables and lots of different modules, all of which was very complicated and hard to understand.
Another alert was raised by the fact that no CI/CD practices had been implemented and software updates were performed manually, which is a serious security risk. Moreover, the assessment detected many other cyber security issues, including outdated software modules with known vulnerabilities, which further increased the overall level of vulnerability of the system.
As a result of the tech due diligence, Unicornly presented to the stakeholders a detailed report that described the current state of the assessed IT systems. The report listed associated risks and included a set of recommendations for mitigating them.
Our suggestions were very precise and included specific steps that should be undertaken, including implementing Git, upgrading PHP and Prestashop to the latest versions, and migrating the whole system to AWS public cloud. We also provided a detailed roadmap and cost-time analysis for integrating the system with the VC’s infrastructure.
After the tech due diligence, Unicornly supported this venture capital firm in the delivery of some of the recommended actions. We implemented a source code versioning system and introduced automated CI/CD processes. We also resolved the most urgent security issues and left the rest of the action steps to the company’s team.
The tangible value of the tech due diligence report allowed this company not only to propose accurate and relevant financial terms for the transaction, but also to successfully finalize the M&A process after the company had implemented Unicornly’s recommendations and prepared its IT systems for integration.
Contact us for a meeting or a quick call to explore how we could help with your investment cases.