Global menu

Our global pages


M&A - risks and opportunities from an IT perspective

M&A - risks and opportunities from an IT perspective
  • United Kingdom
  • Technology, Media and Telecoms


Whatever the sector, technology is critical to business. When considering organisational change, through acquisition, merger or disposal, the effect on IT provision is something that should be front of mind, plainly from an operational point of view, but as importantly from the risks and opportunities that can arise from a legal perspective. We set out some of the current issues below.

Software licensing disputes

Software is all pervasive within organisations. Software licensors are keen to protect their intellectual property (and revenue streams) and customers are inadvertently getting into positions of potential non-compliance through many different ways. The claims advanced by licensors, where they consider a breach of licence terms to have occurred, can be in the order of millions of pounds.

Claims of non-compliance typically arise when there is a change to IT provision, such as the adoption of novel technologies, systems or applications, a move to the cloud, or improved access including by third parties. An absence of regular internal software audits means that claims tend to come when a licensor conducts its own audit and can be many years after the relevant change occurred, leading to an unexpected and significant claim, and an organisation on the back-foot. The organisation’s ability to respond is impaired because relevant people may have moved on, contemporaneous documents are difficult to find and systems have since changed.

A further key event that can trigger claims for non-compliance can be organisational change, through acquisition, merger or disposal. Depending on the change and how it is structured, issues can arise through unauthorised use of the software by entities not covered by the scope of the licence, unauthorised sub-licensing, or breaching particular change of control, assignment or acquisition-type restrictions. Conversely, a merged organisation could find itself over-licensed, thereby paying for redundant licences. On a disposal or a sale of part of a business, consideration should be given to use of licences by the group (or part of the group) which has been disposed of, particularly during any transitional period.

Due diligence is clearly important. As part of any organisational change, a section of the process should include a review of rights and obligations under existing software licences (including all variations) and any prior audits. In addition, due diligence should be undertaken in respect of the licensing and audit position of the proposed target or merger partner, in the same way, to ascertain whether it has any pending legal claims or liabilities, for which the buyer or merging organisation could become liable, post-merger. From an operational perspective, an acquirer should check the entities being acquired validly hold or are able to legally use the licences they need (as well as having people with the requisite expertise) to operate their business on day 1 following the transaction. Central functions (such as payroll) are a common example, especially when a target is bought out of a group that may have run these functions from elsewhere. As stated above, any transitional arrangements, even if commercially agreed in principle, still need to be legally permitted under the applicable licences.

In order to avoid disputes or under-licensing following an acquisition, merger or disposal, organisations should consider the following:

  • whether there are any prohibitions on sub-licensing or assignment in the licences held by any of the organisations involved
  • the scope of ‘enterprise’ or ‘group’ use provisions or territorial restrictions
  • whether the consent of the licensor is required, if licences need sub-licensing or assigning
  • the scope of the licences held, in terms of the nature and extent of the licences, and the rights and obligations. This can include notification to the licensor in certain circumstances

Conversely, if organisations are able to identify any excess licences, the initial reaction may be to surrender those licences as part of any renewal with the licensor. However, if the licences bought were perpetual, they hold value and therefore the opportunity to re-sell any such licences (or obtain proper value for them on any surrender) should not be overlooked.

In order to combat the risk of under-licensing following an acquisition, merger or disposal, our practical tips for future compliance are as follows:

  • create a central record of all licences, variations and addendums so that the organisation knows what its rights and obligations are in respect of its licensing
  • record all external advice and recommendations, and retain all prior internal and external audits undertaken
  • prepare a schematic diagram of the organisation’s IT system which maps all use cases
  • be clear about the role of resellers or outsource providers in relation to responsibilities for licence compliance
  • conduct regular internal audits, particularly if any new technology has been implemented, to ensure continuous compliance. If an internal audit has not been done recently, then do one now. Such an audit needs to combine a technical, factual and legal assessment. Such reviews should be led and co-ordinated by in-house and/or external legal support so that legal professional privilege can be sought

IT systems and managed services provision

Due diligence should extend to any IT outsourced/managed services providers. Importantly, organisational change could trigger change of control or assignment provisions or the need for full or partial termination. Charges and transition need to be carefully considered against existing contractual arrangements too. Wrongful termination or breach of particular terms could lead to a claim for damages. Careful planning and assessment, whether pre and/or post-merger, acquisition or disposal, is vitally important.

Read our next article >> Court steps in after business locked out of its own #ITsystems