Identification and evaluation of technology risks in M&A transactions
Assessing technology in mergers and acquisitions (M&A) can be challenging, especially when acquiring digital software assets. The source code of the software is typically a trade secret that has been developed over several years and contains the expertise of the employees of the company to be acquired. During a time-limited software due diligence review, it is necessary to answer comprehensive questions, including license compliance, programming, architecture, cybersecurity, and agility. Siemens, one of Europe's largest industrial manufacturing companies, wanted to bring to a new level its software due diligence process for M&A by identifying potential risks at an early stage.
Before acquiring new software technologies, Siemens needs to determine if the software assets are defect-free and can be seamlessly integrated into the company’s digital ecosystem. This requires the use of digital software scanners and expertise to perform an in-depth technology risk assessment. The obtained data is further condensed in a business intelligence solution, transforming it into the basis for decision making.
Providing code analysis services tailored to the organization's particular requirements
Working closely with the Siemens Technology Intellectual Property (T IP) team, BearingPoint has tailored and extended its code analysis process and delivery framework to seamlessly integrate with the Siemens process.
With a forensic open-source risk-analysis approach, BearingPoint identifies various artifacts from open-source projects and commercial third parties, including small code snippets, resulting in a comprehensive view of the license compliance and security status. The security vulnerability information is augmented with knowledge retrieved from the Siemens Cybersecurity department, which BearingPoint has integrated via API into its toolchain. The BearingPoint project team also introduced further code analysis services for code quality and application security in the cloud.
All analysis results are provided to Siemens in a standardized data format, suitable for efficient processing and import in the Business Intelligence Solution Digital Due Diligence (DDD), developed by Siemens T IP. BearingPoint provides these tailored services as part of a long-standing partnership.
Our collaboration with the BearingPoint team is in the premier league. We have built the highest level of trust and security, which is essential when dealing with one of a company's most valuable assets, its software technology. Working with BearingPoint allows us to conduct our software due diligence risk assessment completely digitally.
Thomas Bauer, Senior Key Expert M&A Software Due Diligence, Siemens
Mitigating risks effectively through Digital Due Diligence
The Siemens T IP team is able to provide a fact-based risk assessment of a company’s software, including open-source license compliance, security vulnerabilities, and software quality. By leveraging the pre-assessed and customized analysis results they are now able to manage M&A transactions more diligently.
The seamless integration of BearingPoint’s scan results into the DDD, which contains millions of data points from nearly one hundred M&A projects, provides Siemens with a solid operational base. Through the Siemens DDD Business Intelligence solution, the company gains, 24/7 accessible, detailed reporting in Microsoft Power BI for key risk data for code quality, security, and open-source compliance.
Moreover, more detailed information is available to technical experts enabling them to perform in-depth risk assessments and develop mitigation strategies. With clearly defined KPIs and comparisons across projects, the Siemens T IP team is enabled to make recommendations for acquiring digital software assets. With BearingPoint by their side, Siemens will continuously explore new opportunities to include additional code related KPIs and expand the DDD scope and functionalities.
Together, we’ve effectively mitigated risks from the acquisition of software technologies and elevated Siemens’s ability to make fact-based decisions. This success epitomizes our commitment to tailored solutions and unwavering support for our client’s transformative goals.
Matthias Loebich, Partner, BearingPoint
Siemens
Siemens is the largest industrial manufacturing company in Europe and holds the position of global market leader in industrial automation and industrial software. The company focuses on intelligent infrastructure for buildings and decentralized energy systems, on automation and digitalization in the process and manufacturing industries, and on smart mobility solutions for rail and road transport.