Must AI systems comply with the GDPR?
Audrey Arbusa
The AI Act entered into force in the European Union on 1 August 2024 and will be applied progressively over a two-year period, between 2025 and 2027. This new regulation aims to govern the use...
Tech Due Diligence Blog
Discover our latest articles and stay updated on the latest trends in tech due diligence, cybersecurity, intellectual property, AI, and software scalability. Vaultinum’s blog provides expert insights, industry analyses, and best practices to help investors, businesses, and tech leaders make better decisions and sustain value creation.
Featured article
Latest articles
Cybersecurity Checklist and Cyber Health Check
The importance of cybersecurity in the contemporary business environment cannot be overstated. Alarming statistics from Cybersecurity Ventures forecast that cybercrime could cost the world $10.5 trillion annually by 2025, signifying an unprecedented transfer of economic...
3 Key Trends Driving M&A in 2022
While the world has faced major challenges from the ongoing COVID-19 pandemic, these disruptions have also created many opportunities. Nowhere is this truer than in the technology industry, which has been by far the most active...
The Ultimate Guide to Intellectual Property Audits
The management and protection of intellectual property is one of the essential aspects of any business today. But knowing which elements to consider often requires expertise, experience, and insights that most businesses don’t possess in...
AI investments: disruption in the software industry
Generative AI has captivated business leaders with its promise of substantial economic benefits. According to McKinsey, generative AI could add between $2.6 trillion and $4.4 trillion annually to the global economy¹. This seismic shift is...
The GPL and its Unique GPL Classpath Exception: what does it mean?
Open-source software (OSS) has always stood as a testament to the idea that collaboration and sharing can yield powerful and reliable software. The General Public License (GPL), one of the most widely known OSS licenses,...
The Ultimate Guide To Software Escrow Services
In the age of AI, you can’t really hope to run a business without software development. Yet, the truth remains that in the real world, software vendors often fail due to financial or operational difficulties....
Responding to the Rise in M&A Activities
If 2021 was a big year for European dealmaking, 2022 looks set to be even better. Currently the UK is western Europe’s M&A hotbed, accounting for more than 32% of deals in 2021 (1) and...
Software failure: UK Post Office’s Misplaced Technology Trust
In a saga reminiscent of a modern-day David and Goliath, the UK Post Office software failure unveils a harrowing tale of the human cost of misplaced trust in technology.
What is Portfolio Monitoring? A guide for Private Equity investors
According to Fusaq.com, despite significant economic volatility, 2024 witnessed unprecedented M&A activity in the French tech sector, fuelled by heightened investor interest in software publishers. With over 45% of the 374 recorded deals, this segment...
Why Is Due Diligence Important?
Due diligence has become one of the buzzwords of the 21st century. And there is a good reason for it. After all, we live in an age of data explosion where information is easily available,...
Protection by the sui generis right of databases
Almost two years after the study carried out by the European Commission for the evaluation of Directive 96/9 /CE raising the question of its abolition because of the legal uncertainties it would create, this judgment...
The ulimate guide to Tech Due Diligence
What is Tech Due Diligence? Tech Due Diligence, also known as Technology Due Diligence is the process of evaluating a company’s technology assets and intellectual property to identify any potential risks or issues. This is...
Technology as a Service, applied to Tech Due Diligence
Tech Due Diligence has been a crucial component of mergers, acquisitions, and investments in the tech industry. However, the traditional methods, which heavily relied on consulting firms, may no longer be the most efficient or...
What is code quality and why is it important?
Understanding the quality of code within a company’s tech portfolio is an essential aspect of assessing a company’s long-term value and stability. This article delves into the multifaceted concept of code quality – or code...
Why Is It Necessary To Do A Scalability Test On Your Tech?
Scalability has emerged as a critical factor for success in today’s technological landscape, where businesses rely heavily on digital systems and platforms to drive their operations. Whether you are developing a web application, launching a...
The Top 4 Tech Risks Revealed by a Technology Due Diligence
As technology progresses, and software becomes the central tool for managing all business activities, companies are faced with increasing risks and threats to their IT infrastructure. From cyber attacks to data breaches, the consequences of...
How to avoid the risks of open source licences?
Open source licences represents a €5,5bn market in the UK alone, based on 2022 figures published by the CNLL (National Council of Free Software). Before adopting this solution, it is essential to take all the...
Tech Due Diligence, Integral to a Business Continuity Plan
In today’s highly connected and technology-driven business landscape, the significance of incorporating Tech Due Diligence into a comprehensive business continuity plan (BCP) is indispensable. Through Tech Due Diligence, you can evaluate the technological capabilities and...
A Checklist to Software IP Audits
As a tech company, your intellectual property (IP) is one of your most valuable assets and can account for up to 80% of your business’s value. It is, therefore, crucial to make sure that your...
Lose your password and lose out on millions?
You’ve probably seen the headlines: the loss of bitcoin passwords has resulted in the loss of cryptocurrency fortunes. How is this even possible and more importantly, how can it be avoided? But first, we will take a...
Should Tech Due Diligence be data driven?
In today’s digital era, data has become the lifeblood of businesses, driving innovation and fostering growth. One area where data is particularly critical is during Tech Due Diligence. The process of Tech Due Diligence evaluates...
ISO 27001 qualification: a guarantee for digital asset security
Amid the growing wave of cyber threats and increasing regulatory obligations, securing digital assets has become a strategic priority for businesses and their financial partners. In this context, the ISO 27001 standard is globally recognised...
Why software scalability is so important for investors
In the increasingly competitive investment landscape, Technology Due Diligence is proving integral for investors. One key factor they pay close attention to is “software scalability”, which can significantly influence the future growth and success of...
Why and how to audit software before an acquisition
As technology continues to play an increasingly important role in businesses of all kinds, software audits have become essential to ensure that companies are using reliable and secure software. In a software audit, a company’s...
AI Act’s Glossary: Essential Terms and Defintions
Our extensive glossary is crafted to guide you through the language of Artificial Intelligence (AI). This collection is meticulously assembled from terms featured in the EU Artificial Intelligence Act along with additional vocabulary essential for...
Understanding Cloud Costs in Technical Due Diligence
Technical due diligence often shines a spotlight on cloud infrastructure because it provides a clear lens into a company’s operational efficiency and ability to scale effectively. For investors and stakeholders, cloud spending isn’t just a...
Why A Software Bill of Materials (SBOM) Is So Important
Software has become an integral part of our daily lives, permeating everything from our smartphones and cars to critical infrastructure systems. However, as the complexity and interdependencies of software systems continue to grow, so do...
Include a source code scan to your escrow for more Security
With a staggering prediction that 99% of companies will be using one or more Software as a Service (SaaS) solutions by the end of 2023, the importance of safeguarding these digital assets is more crucial...
AI Washing: How to assess the real value of AI
With the advent of technologies like ChatGPT, artificial intelligence (AI) has become more than just a technological term; it’s a significant part of our daily lexicon. This surge in popularity, however, does not imply that...
Enhancing Tech Due Diligence with Network Footprinting
Network Footprinting plays an essential role in the technical due diligence process, providing a deepened understanding of both the technical and strategic facets of cybersecurity. This comprehensive insight is essential for companies considering investments or...
What is a Source Code Escrow? All you need to know
Let’s start by considering the following scenario: you’re a software company that’s been in business for a while now. You’ve been working on a deal for quite some time and you are about to close...
Top 3 risks to be aware of in High Tech M&A deals
According to the institute for Mergers, Acquisition and Alliances (IMAA), high technology M&A deals continue to rank second in total M&A transactions since 1985, with total deals valued at nearly 5 trillion USD. The continual rise...
IP Security: Why The Blockchain Can’t Replace A Trusted Third Party
This is our second article in our series on blockchain technology. If you haven’t yet, you can check it out here. We now know that one of the central rationales for blockchain was to create a...
What are the key requirements of a SaaS Escrow?
As more businesses turn to Software as a Service (SaaS) solutions for their operational needs, the importance of securing these applications and their data has become paramount. One way to ensure the continuity and reliability...
Most Common Tech Mistakes Detected by our Software Scan
Today more than ever technology is central to business operations, thus understanding the common mistakes in software development is crucial for any tech organization. Our experience as a technology due diligence and source code scanning...
How to negotiate a SaaS Escrow
As the software industry continues to evolve, companies are turning to Software as a Service (SaaS) solutions to manage their operations. Unlike traditional on-premise software, SaaS is a cloud-based delivery model that offers numerous benefits...
SaaS Migration: A Comprehensive Guide for Software Businesses and Investors
With an expected annual growth rate of about 18.4%, the global SaaS market is set to surge from approximately $320 billion in 2024 to around $1.23 trillion by 2032. This expansion is driven by the...
Must AI systems comply with the GDPR?
The AI Act entered into force in the European Union on 1 August 2024 and will be applied progressively over a two-year period, between 2025 and 2027. This new regulation aims to govern the use...
Due Diligence in merger and acquisitions (M&A)
Mergers and Acquisitions (M&A) have become regular parts of the modern business landscape. With major internet giants buying up unicorns and large conglomerates subsuming other companies to increase their market, M&A has become the watchword...
Technology Due Diligence in mergers and acquisitions (M&A) – Guide
In today’s rapidly evolving business landscape, mergers and acquisitions (M&A) have become integral strategies for companies seeking growth, expansion, and competitive advantage. However, the success of these transactions heavily depends on thorough due diligence, especially...
Scoping Tech Due Diligence: adapting to deal structures and context
Technology due diligence is an essential process in assessing the technological landscape of a target company before an acquisition or investment. However, Tech Due Diligence is not a one-size-fits-all process. The scope, depth, and areas...
AI Audits by Vaultinum
With interest in AI rising exponentially, two concerns have arisen in the investment world. First, how can one evaluate a company that develops AI models, in a world awash with AI washing? Second, when investing in...
Value Creation through Technology: Strategies for Private Equity Firms
Technology plays a critical role in generating value throughout the investment lifecycle by enhancing revenue growth, concentrating on cost reduction, and optimizing capital efficiency. In this article we’ll explore how value creation through technology can...
AI transforms business models, and it’s a critical matter
Artificial Intelligence (AI) is far more than a simple performance tool designed to automate human tasks. It represents a transformative force capable of deeply reshaping existing business models. In this article, Thomas Solignac, AI expert...
Companies Re-Assess their Environmental Stance as New Stringent Regulations Loom
A recent decision by the European Court of Human Rights will have broad repercussions on how companies and countries tackle climate change. Indeed, in deciding that Switzerland, a country not usually associated with poor environmental, social...
Understanding DORA regulation: what are the implications for investors?
Adopted in January 2023, the Digital Operational Resilience Act (DORA) represents a major milestone in financial regulation within the European Union. This legislation imposes specific obligations on financial institutions and their ICT service providers to...
Addressing technical debt: a priority for maximising ROI
Grown-up organisations are allocating an average of 30% of their IT budgets to repaying technical debt. This represents a substantial diversion of resources that could otherwise be invested in value-adding initiatives to enhance competitiveness. The...
The Private Equity glossary for tech investors
Private equity investors face increasing challenges when assessing technology assets in a target company. As technology advances, systems grow more complex, making it difficult to differentiate between scalable, well-structured platforms and those burdened by inefficiencies,...
Enhancing M&A success with Vendor Due Diligence Tech
“In 2023, software accounted for 80 percent of all technology M&A activity, emphasizing its dominant role in shaping industry dynamics and underlining the critical importance of integrating technological assessments into M&A strategies”. (McKinsey & Company)...
Tech Due Diligence: base for a Strategic Due Diligence
As the legal and tech industries continue to converge, it has become increasingly essential to conduct comprehensive due diligence when evaluating potential investments or partnerships. The due diligence process may include auditing the financial elements...
Escrow Agreement: best practice to ensure business continuity
A software escrow agreement implies that a software supplier entrusts a third party with the escrow of essential elements of its product, such as the source code, in order to enable a customer or partner...
Due Diligence: The Precautionary Principle in Business
Due diligence is a risk assessment tool used prior to an acquisition or investment of various forms. This duty of diligence is mainly present in the acquisition process of target companies. In the context of...
Registering a Logo: An Essential Step of Business Strategy
Why register your company’s logo? Registering your logo is not a legal obligation but it is strongly advised. You can use your logo in the course of trade without having any trademark rights on it....
Escrow Agreement: why it is beneficial to your business?
Entering into a software escrow aims at ensuring the continuity of business for the beneficiary. This is the common incentive among most beneficiaires for entering into a software escrow agreement, despite the type of beneficiary....
How does software copyright protect Intellectual Property?
For an artist, protecting their work is a matter of paramount importance. After all, any work of art, be it a literary piece, a musical, or a painting, needs protection from unlawful elements looking to...
Global Trends in Cyber Risk
Digital technologies ranging from artificial intelligence and the Internet of Things to data availability and blo ckchain continue to evolve at breakneck speed. Not to be outpaced, cyber risks are evolving even faster. According to...
Tech Due Diligence Checklist: questions to prepare for Technical Due Diligence
It is more important than ever, whether you are an investor or potential buyer, to know that the company that you are interested in is operating in accordance with best practices and has laid proper...
Software Escrow contracts: the essentials you need to know
In today’s technology-first world, more companies are striving for a global presence but need to keep up with the everchanging demands of the digital world, whilst mitigating business risk. The growing reliance on software is...
The Hidden Value of Cybersecurity
In spite of cyber threats continuing to grow, recent studies have shown that companies are starting to slow down their spend when it comes to cybersecurity. However, is this a mistake considering the extra business...
Theranos: why a Technical Due Diligence is important
It’s a cautionary tale for investors everywhere. The case of Theranos and its founder Elizabeth Holmes— who at one point was named the world’s youngest billionaire- has been examined numerous times in books, podcasts and...
Reduce Your Investment Risk: Open Source Vulnerability Scan
All across Europe, we are witnessing astonishing levels of growth within the tech sector, thanks to business decision makers increasingly making this area a priority for their investments. In fact, the UK is one of...
What are the different types of Software Escrow Agreements?
With the growing dependency on software across nearly all sectors, software escrow agreements are increasingly becoming a service that businesses are asking for when it comes to choosing their software supplier. At Vaultinum, we see...
What is IP Due Diligence?
Regardless of the sector of activity, intellectual property (IP) more and more defines an organisation and determines its future. Successful organisations are those that not only understand the value of intellectual property, but also understand...
What is Cybersecurity Due Diligence?
You’ve heard the old proverb. A chain is only as strong as its weakest link. Never has this been truer than in the context of cybersecurity. Today, with the use of third-party software and systems...
Blockchain: Challenges of Protecting IP for Digital Assets
IBM defines blockchain as “a shared, immutable ledger that facilitates the process of recording transactions and tracking assets in a business network.” Simply put, the blockchain protocol is a system that makes it possible to...
How to perform a Tech Due Diligence on a Software Company
As a Tech Investor looking to invest in a software company, or an M&A lawyer managing this investment process, performing a Tech Due Diligence is crucial to ensure that you make a sound investment decision....
All you need to know about Software IP Audits
In today’s digital landscape, intellectual property (IP) has become a crucial element of business success. Protecting your software assets is essential to maintaining a competitive edge in the market. This is where IP audits come...
How to Choose the Right Technology Due Diligence Provider?
With technology and software being at the heart of businesses’ daily activities nowadays, it is no surprise to see that Tech M&As have been on the rise over the past years. And with cyber threats...
How to Prepare for an IT Due Diligence: A Comprehensive Guide
In today’s fast-paced digital world, IT Due Diligence plays an important role in the successful acquisition or merger of businesses. It involves assessing the technological assets and capabilities of a target company to identify potential...
Understanding Open-Source Software Risks
The Security Paradox of Open Source Software One of the most prominent open source software risks is security vulnerabilities. The collaborative nature of open source projects can lead to faster development and better quality with...
Technology Due Diligence and Business strategy alignment
Technology due diligence has many benefits, but one which is less talked about is how it helps organisations better align their technology with their business objectives. It’s true, to remain competitive, businesses must ensure that...
Importance of Source Code Analysis in Technology Due Diligence
As technology becomes increasingly central to business operations across industries, Technology Due Diligence has become an essential part of the M&A process. Before investing in a tech company or acquiring its assets, potential buyers must...
Technology Due Diligence: Data Driven vs Human Approach
Technology Due Diligence, or IT Due Diligence, is a critical component of mergers and acquisitions, as it assesses the technological capabilities and risks of a company about to be acquired. This process ensures that the...
How to Carry Out a Successful Cyber Security Audit
A cyber security audit is a major strategic issue for every company. In an ultra-connected world, information systems are exposed to a multitude of external and internal threats. Identify when to perform this analysis and...
What to include in a Software Escrow agreement
A Software Escrow agreement is a critical tool in safeguarding intellectual property (IP) and ensuring the smooth continuation of business operations when licensing software or technology. This legally binding document serves as a protective measure...
Protect your source code with a source code escrow
The global software market continues to grow at an astounding rate, with estimates predicting it to reach a value of $659 billion by the end of 2023. As businesses become increasingly reliant on software applications...
Technical Due Diligence for startups and emerging companies
Technical Due Diligence is a critical process for assessing the technological capabilities and potential risks of a company before making investment decisions. It involves evaluating the company’s software, hardware, intellectual property, and overall technical competency....
Maximising Software Escrow benefits: tips and best practices
More and more organizations rely on third-party software to support their core business operations. Software Escrow is an important service that protects these organisations by ensuring they have access to the source code and documentation...
Best practices for managing software copyright
Software copyright is a legal protection provided to the creators of original software, granting them exclusive rights to control the use, distribution, and modification of their work. As software becomes increasingly central to businesses and...
Tech Due Diligence Best Practices: What to Embrace and Avoid
Conducting Tech Due Diligence is a critical step in the acquisition process, as it helps you evaluate the strengths, weaknesses, opportunities, and threats of the target company’s technology assets. By understanding the do’s and don’ts...
Tech Due Diligence at Vaultinum: how we do it
At Vaultinum, we believe in the importance of thorough Tech Due Diligence to help investors and businesses make informed decisions, maximize value, and minimize risks. Our unique approach to tech due diligence consists of a...
AI and Intellectual Property, what are the current challenges?
Artificial Intelligence (AI) has become an increasingly prevalent tool across various industries in recent years. With the growing use of AI, new challenges and questions have emerged concerning intellectual property (IP). In this article, we...
Source Code Intellectual Property: How To Protect It
The source code of a computer program is protected by the Intellectual Property Code. As for any creation, this source code can be copied by hackers or competitors. Several measures can be taken to protect...
How to maximise the value of software IP
The Uber lawsuit of 2017 serves as a stark reminder of the importance of software intellectual property rights. In a world where proprietary software often forms the cornerstone of a business, understanding the intricacies of...
AI and Software: Understanding Legal Risks and Protection
It is possible to commit an act of counterfeiting by integrating code suggested by AI when the associated licence does not allow this. There is also the question of whether software made up of code...
Cybersecurity Best Practices
As we delve deeper into the digital age, the world of coding is brimming with immense potential and possibilities. However, with these advancements comes an equally formidable challenge – cybersecurity threats. These threats, if not...
Review: What Can We Learn From the Cyberattacks in 2022?
The past year has seen a significant rise in cyberattacks. From public institutions to private businesses, no entity was safe from the reach of cybercriminals. As a technology due diligence code scanning solution provider, we’ve...
Why originality is major for Software Copyright protection
Software creation is not merely a technical endeavor but a form of artistry that demands the preservation of intellectual property (IP). Here, the concept of “originality in copyright” takes center stage. It is a legal...
Can Artificial Intelligence improve source code quality?
Artificial Intelligence (AI) is no longer a futuristic concept; it’s a present reality profoundly influencing various sectors, including software development. In the realm of code creation and modification, AI can significantly affect the source code...
Checklist for a successful ESG audit
Environmental, Social, and Governance (ESG), are the three key factors that investors and stakeholders use to measure the sustainability and ethical impact of a company. The environmental aspect examines a company’s influence on the natural...
Software protection by copyright vs patent
From complex operating systems to innovative mobile apps, software has become the foundation of countless industries and a catalyst for progress. As software continues to evolve, the question of how best to protect these creations...
GDPR: make sure your acquisition target is compliant
In today’s data-driven landscape, businesses are constantly seeking opportunities to expand their reach and bolster their competitive edge. Mergers and acquisitions have emerged as a prominent strategy for companies looking to achieve growth, diversify their...
Managing open source software integration in software development
Open source software (OSS) serves as the foundation for an overwhelming majority of applications and companies. Organisations that integrate open source software components into their systems are better positioned to foster innovation, reduce development costs,...
French LPM 2024-2030 Law: How it Impacts Software Companies
The recent French 2024-2030 military programming law (LPM) sets forth new defense-related provisions applicable to the private sector, including the obligation for software companies to notify the French National Information Systems Security Authority (ANSSI) of...
The Rising Tide of Data Breaches in 2023
In 2023, the digital world witnessed a dramatic escalation in cyber security incidents, marking a year of significant challenges in maintaining digital trust and safety. Insights from IBM’s ‘Cost of a DataBreach Report 2023’ painted...
2024 Tech Trends: AI, Cybersecurity, SaaS and Green Tech
Vaultinum presents the key technology trends for 2024, focusing on AI, cybersecurity, SaaS migration, and Green Tech. This article explores the legal and ethical challenges these evolving technologies present for businesses. The pace of technological...
Failure to Comply with GNU GPL V2 License: Key Takeaways from Orange’s Conviction
On 14th February 2024, the Paris Court of Appeal ordered Orange to pay 800,000 euros to Entr’ouvert for open source license infringement. With over 80% of software publishing companies now utilising open source, this ruling...
The essential guide to AGPL compliance for tech companies
The Affero General Public License (AGPL) is distinct among open-source licenses, particularly for its implications in the era of cloud computing and Software as a Service (SaaS). It is often discussed alongside its more well-known...
How to ensure your business and website are GDPR compliant: best practices
Compliance with the General Data Protection Regulation (GDPR) is a priority for any company handling personal data, especially in the European Union. A well-executed GDPR audit can assess your practices and identify gaps in data...
Ten questions to ask during Tech Due Diligence
Technical due diligence often involves peeling back layers of the software, infrastructure, and team practices to understand what lies beneath the surface. Asking sharp, well-informed questions is not only about getting answers—it’s about signaling to...
Understanding the NIS2 Directive: definition and scope
The NIS 2 Directive marks a significant step by the European Union towards standardising cybersecurity measures across its member states. Organisations classified as essential or important due to the critical nature of the services they...