Amsterdam, March 20, 2024 – Assessing technology in mergers and acquisitions (M&A) can be challenging, especially when acquiring digital software assets. The source code of the software is typically a trade secret that has been developed over several years and contains the expertise of the employees of the company to be acquired. During a time-limited software due diligence review, it is necessary to answer comprehensive questions, including license compliance, programming, architecture, cybersecurity, and agility. Siemens, one of Europe's largest industrial manufacturing companies, wanted to bring to a new level its software due diligence process for M&A by identifying potential risks at an early stage.
Before acquiring new software technologies, Siemens needs to determine if the software assets are defect-free and can be seamlessly integrated into the company’s digital ecosystem. This requires the use of digital software scanners and expertise to perform an in-depth technology risk assessment. The obtained data is further condensed in a business intelligence solution, transforming it into the basis for decision making.
Working closely with the Siemens Technology Intellectual Property (T IP) team, BearingPoint has tailored and extended its code analysis process and delivery framework to seamlessly integrate with the Siemens process.
With a forensic open-source risk-analysis approach, BearingPoint identifies various artifacts from open-source projects and commercial third parties, including small code snippets, resulting in a comprehensive view of the license compliance and security status. The security vulnerability information is augmented with knowledge retrieved from the Siemens Cybersecurity department, which BearingPoint has integrated via API into its toolchain. The BearingPoint project team also introduced further code analysis services for code quality and application security in the cloud.
All analysis results are provided to Siemens in a standardized data format, suitable for efficient processing and import in the Business Intelligence Solution Digital Due Diligence (DDD), developed by Siemens T IP. BearingPoint provides these tailored services as part of a long-standing partnership.
Together, we’ve effectively mitigated risks from the acquisition of software technologies and elevated Siemens’s ability to make fact-based decisions. This success epitomizes our commitment to tailored solutions and unwavering support for our client’s transformative goals.
Matthias Loebich, Partner at BearingPoint
The Siemens T IP team is able to provide a fact-based risk assessment of a company’s software, including open-source license compliance, security vulnerabilities, and software quality. By leveraging the pre-assessed and customized analysis results they are now able to manage M&A transactions more diligently.
The seamless integration of BearingPoint’s scan results into the DDD, which contains millions of data points from nearly one hundred M&A projects, provides Siemens with a solid operational base. Through the Siemens DDD Business Intelligence solution, the company gains, 24/7 accessible, detailed reporting in Microsoft Power BI for key risk data for code quality, security, and open-source compliance.
Moreover, more detailed information is available to technical experts enabling them to perform in-depth risk assessments and develop mitigation strategies. With clearly defined KPIs and comparisons across projects, the Siemens T IP team is enabled to make recommendations for acquiring digital software assets. With BearingPoint by their side, Siemens will continuously explore new opportunities to include additional code related KPIs and expand the DDD scope and functionalities.
Our collaboration with the BearingPoint team is in the premier league. We have built the highest level of trust and security, which is essential when dealing with one of a company's most valuable assets, its software technology. Working with BearingPoint allows us to conduct our software due diligence risk assessment completely digitally.
Thomas Bauer, Senior Key Expert M&A Software Due Diligence at Siemens
Siemens AG (Berlin and Munich) is a leading technology company focused on industry, infrastructure, transport, and healthcare. From more resource-efficient factories, resilient supply chains, and smarter buildings and grids, to cleaner and more comfortable transportation as well as advanced healthcare, the company creates technology with purpose adding real value for customers. By combining the real and the digital worlds, Siemens empowers its customers to transform their industries and markets, helping them to transform the everyday for billions of people. Siemens also owns a majority stake in the publicly listed company Siemens Healthineers, a globally leading medical technology provider shaping the future of healthcare. In fiscal 2023, which ended on September 30, 2023, the Siemens Group generated revenue of €77.8 billion and net income of €8.5 billion. As of September 30, 2023, the company employed around 320,000 people worldwide.
BearingPoint is an independent management and technology consultancy with European roots and a global reach. The company operates in three business units: Consulting, Products, and Capital. Consulting covers the advisory business with a clear focus on selected business areas. Products provides IP-driven digital assets and managed services for business-critical processes. Capital delivers M&A and transaction services.
BearingPoint’s clients include many of the world’s leading companies and organizations. The firm has a global consulting network with more than 10,000 people and supports clients in over 70 countries, engaging with them to achieve measurable and sustainable success.
For more information, please visit:
Alexander Bock
Global Senior Manager Communications
Telephone: +49 89 540338029