Due Diligence – How Outsourcing Can Learn from Private Equity

July 19, 2007

Outsourcing is rarely out of the news and private equity is becoming more and more the subject of public and media scrutiny. Both promote the idea that efficiency can be enhanced by fundamental change. Outsourcing in the context of the provision of services by an external supplier in place of an in-house department (or another external supplier). Private equity by means of new ownership and management of a business. I have recently moved from private practice into industry. In private practice as IT lawyers we often provide support to our corporate colleagues on private equity transactions. This usually involves participation in the due diligence process (including the agreement of related warranties) which is critical since a purchaser will base its investment decision on the information it receives from the target and the promises given regarding the existing business and the assets used to perform that business. Outsourcing too depends on due diligence since a new supplier cannot take over what it does not know or understand.  It also depends on information being provided by the customer which cannot, economically, be verified by the new supplier, but must be confirmed by the customer. Yet, by comparison with private equity, an outsourcing due diligence and the supporting warranty discussions are rarely effective as a means of intelligent disclosure. I propose that outsourcing transactions, especially in the public sector, can learn from the private equity world.


What is Due Diligence?


That fount of all current wisdom Wikipedia describes due diligence as:


a term used for a number of concepts involving either the performance of an investigation of a business or person, or the performance of an act with a certain standard of care. It can be a legal obligation, but the term will more commonly apply to voluntary investigations.’


In the legal world it means a process for the review of information or documentation in order to assess the state of a service or a business.


Another definition from the legal document site Clickdocs summarizes this well by describing due diligence as:


‘The process by which a purchaser of or an investor in a company or business investigates the records of the target to support its value and find out whether there are “skeletons in the cupboard”. Professional reports from accountants and solicitors may be included. The due diligence process is covered by confidentiality undertakings and supported by warranties.’


Due Diligence in Outsourcing Contracts


Outsourcing replaces an internal activity provided by employees with a service from an external provider. It obliges the supplier to understand fully the activity it is taking on so as to provide a price and service level commitments and, in transformational outsourcing, to improve the service. It will typically involve taking over a number of employees, assets such as IT systems, subcontracts and software licences. If the outsourcing is a second generation handover from one supplier to another, similar issues apply with the additional problem that the outgoing supplier will not be a willing participant in any disclosure exercise.


This all requires (or should) a due diligence exercise (involving the disclosure of all relevant material) to take place, enabling the would-be new supplier to understand the task it is undertaking and to acquire the information it needs to bid for and take on the outsourcing service. This should work in conjunction with a framework of proposed warranties that help to frame the due diligence exercise and enable an early and detailed discussion of the actual position and the allocation of associated risk.


The Public Sector


An approach to due diligence can be found in the Office of Government Commerce’s commendably comprehensive guidelines and standard contract for public sector IT service contracts available at www.partnershipsuk.org.uk. They publish guidance on the commercial principles of due diligence and comment that:


‘It is important to give the Contractor sufficient opportunity to carry out due diligence prior to the award of the Agreement. This benefits both parties in identifying any issues and incorporating any issues into the draft of the Agreement, as appropriate, before signing the Agreement. It also obviates the need for the Authority to give any warranties or assurances with respect to any information supplied and/or the Operating Environment.’


The standard clause is then drafted ‘on the basis that due diligence has been completed and therefore the risk of providing the Services has transferred to the Contractor, as the party best able to manage this risk.’ However the guidance also acknowledges that ‘Exceptionally, if it is not possible for due diligence to be carried out prior to the award of contract then consider post-award verification.’


The IT supplier’s association Intellect has expressed the view to the government that ‘suppliers are frequently given inadequate support by Authorities to allow completion of effective due diligence prior to contract signature.  Given the Government’s unwillingness to provide warranties this often leads to suppliers having to take on risks that they are not able to manage.’


The OGC acknowledges this issue and in its latest changes to the guidance in version 2.1 has provided for a price varying mechanism:


‘The Authority should, as far as possible, seek to support the Bidders’ reasonable requests for data and site access in support of due diligence and ensure that there is sufficient time for the necessary checks to be carried out. However, in the event that it becomes clear that either:


a) the Authority is unable to provide reasonable access to reasonably requested sites/information; or


b) it is unreasonable to expect the Bidders to take the risk that the provided due diligence information which is critical to solution design and/or delivery costs is inaccurate (e.g. because the information may have been produced by a third party) then the Authority should consider the use of a price-variation mechanism.


The use of such a price-varying mechanism should only be considered in exceptional circumstances and following a full review of the risks of adopting it in the context of any particular project.’




This approach can help suppliers to manage the risk but the issue here is that it must be preferable as the OGC recommends for proper due diligence to be carried out. If there has been no or inadequate due diligence then the supplier will be ill-informed and not able to meet the expectations of the customer. Particularly where the public purse is involved, surely it would be preferable to organise a comprehensive due diligence exercise in the first place.


The problem with outsourcing due diligence is that it just does not in my experience take place in a professional and organised manner. For various reasons, customers (especially in the public sector) do not seem to provide due diligence information in a timely and complete fashion which is sufficiently helpful to the supplier. As a result, the supplier often has to estimate what it is supposed to do based on the more limited information it has. This often contributes, at best, to what is known as the ‘contract dip’ (poor performance during the first six months after contract signature whilst the supplier works out what is really going on) and, at worst, results in contract default.


I propose that it is in the interests of both parties to encourage proper and effective due diligence and, alongside the due diligence exercise, to agree a set of appropriate warranties relating to matters that it is practically impossible (for reasons of time or cost, for example) to deal with in due diligence itself. This should utilise some process such that in a competitive procurement all bidders can have equal and secure access to the necessary information in some manner that is manageable by the customer.


This simply does not happen. If due diligence does occur, it tends to be on a drip feed basis so that information arrives from time to time and often late on in the bid process. I used to think that this was down to the recalcitrance of customers or the intransigence of suppliers in bothering to look. However I have come to realise that maybe the problem is that there is no role model for either party to follow. There is no process which the customer can readily adopt for the gathering and disclosure of information in an organised manner or for the preparation and agreement of an appropriate warranty regime. This is where the private equity paradigm comes into play.


Private Equity


Private equity is defined on Wikipedia as:


a broad term that commonly refers to any type of equity investment in an asset in which the equity is not freely tradable on a public stock market stock market. More accurately, private equity refers to the manner in which the funds have been raised, namely on the private markets, as opposed to the public markets. Private equity firms were commonly misunderstood to invest in assets which were not in the public market. However this is not necessarily the case – larger private equity firms such as KKR and Blackstone invest in companies listed on public exchanges and take them private.’


Private equity is not without its critics. In June 2007 the then Prime Minister Tony Blair and a Treasury Select Committee questioned the tax breaks of private equity chiefs. Unions see them as potential asset or employee strippers. However proponents claim that they make existing businesses more efficient.


Whatever the merits or otherwise of private equity, it involves the purchasers in taking on risk as they acquire a business they want to improve so they can later sell it on at a profit. This means it is essential during the period when the investors are considering the acquisition of the business that they are given sufficient access to information to assess the opportunity. Private equity investments are usually funded to a degree and banks will also want to know what sort of business they are letting themselves in for.


Private equity transactions are also, like public sector outsourcing procurements, carried out by means of competitive bids, often through some form of auction process. All bidders will thus want access to the necessary information to assess the business and price their bid. The vendor will want this to be achieved by a fair and equal process and to provide a secure means of accessing what will often be sensitive and confidential business information relating to the target.


The Due Diligence Role Model


It is here that private equity scores over outsourcing. The industry has evolved a model for due diligence that applied properly is far superior to the usual practice in outsourcing.


This model involves foresight and planning on the part of the vendor and the use of electronic data rooms as a means to store and access documents. This typically involves the following steps.




The vendor gathers together a team which will work on the transaction, including internal and external financial, accounting and legal advisers.




This team then works out what information will be necessary for a private equity investor to consider and assess the business and its operations.




The information is then located and collated. If necessary it will be created so, for example, if there is no structure chart showing the management of the organisation this can be prepared.





The information to be disclosed is then organised into meaningful categories such as management structure, financial information, customer contracts and so on.




A means of providing access to the information is then determined. This could be a physical data room where all the relevant documents are kept. However this represents a cumbersome way of providing access and is subject to obvious physical constraints. The best solution is a virtual data room where the material is stored electronically in the selected categories. This can contain vast amounts of information and permit multiple access at the same time. It can also be secured by appropriate password protection. Many organisations offer such an interactive virtual data room service – just Google ‘virtual data room providers’.




The due disclosure system is then explained to bidders in the information memorandum published to interested parties.




The data room is updated as necessary throughout the bid process as more documents are discovered or are requested by bidders. It can also be used as a repository of bidders’ questions and the responses.


There can still be problems. Some virtual data rooms will not permit copies of documents to be made, which is understandable but makes reviewing very large volumes of material online unwieldy. However on balance more information can be made available on a fair and equal basis to bidders than using a hard copy data room


Application to Outsourcing


I suggest that outsourcing due diligence could benefit from utilising this sort of model and approach. Gone would be the dark days when information had to be asked for over and over again by bidders groping around to understand what they are being asked to deliver. Customers would not be pestered for the same information by all the bidders.


There are disadvantages.


  • Work needs to be done to gather and order materials – however this must be time well spent if it enhances the success of the outsourcing. External assistance can be brought in to ensure the process works.


  • There is a cost associated with such an exercise. However this must be disproportionate to the costs of selecting the wrong supplier or of the outsourcing failing due to a lack of understanding on the part of the supplier.


Existing incumbent suppliers can also be asked (required if their contract contains the necessary provisions) to participate and provide information. They may be reluctant if they do not think they can re-win the work. However what goes around comes around and, if a professional approach to due diligence is taken by all public sector customers, there are general advantages – for example, this enhances the bid opportunities and understanding of suppliers generally.


Outsourcing Due Diligence Categories


Not enough material to justify the private equity approach? Absolute rubbish. Here are some of the information categories for an ICT outsourcing that all bidders would need once they are shortlisted for a project. I admit that this is biased towards the legal/contract information required which means this list would no doubt be expanded by a technical or project manager.


  • List of current contractors, sub-contractors and suppliers


  • Copy of contracts with incumbent contractors


  • List of software licensors


  • Copy of all software licences


  • List of open source software


  • List of hardware


  • Description of current operating environment


  • Description of current IT systems


  • Description of current communications systems


  • Details of current service level structure


  • Organisation structure charts


  • List of all staff involved in the supply of the services whether working at incumbent contractors or the customer


  • Basic employment information on all staff


  • Description of pension benefits provided to staff


  • List of premises to which services will be supplied


  • Copies of customer policies the supplier must comply with (eg security policy)


  • List of any authority supplied items that will be used in the contract.


The Warranties Role Model


The other lesson outsourcing can learn from private equity is around the process for the warranting of the accuracy of the information provided. It is crucial for a buyer of a business to be able to rely on the information it receives and upon which it bases its bid. Thus the share purchase agreement will contain warranties as to the accuracy of the information disclosed. The same is true in an outsourcing contract and, from a supplier’s perspective, asking for such warranties qualifies as a reasonable request to make of the customer. There is however a general reluctance to give such warranties in an outsourcing, probably based on a legitimate concern within the customer about the quality of the information provided. However under my proposed disclosure scheme the customer is given every opportunity to validate the information it discloses in the planning phase of the due diligence exercise. If the customer is unsure about information coming, say, from incumbent suppliers then it could qualify the warranty by stating it is to ‘the best of the customer’s knowledge and belief’. Even if it is still not confident about the information disclosed, the customer could rely on another private equity mechanism, the disclosure letter, where the due diligence information can be qualified in whatever way is appropriate.


The private equity role model in fact works quite well again for outsourcing using the following steps.




One party, typically the customer, prepares a set of warranties as a part of the service contract taking into account the extent of the information to be disclosed under the due diligence exercise. Claims under the warranties may be required to be made within an agreed period and liability limited to a reasonable amount to provide protection for the customer.




The bidder prepares a response based on the developing due diligence process and the information that reveals about the outsourcing.




The customer prepares a due diligence letter which is agreed with the bidder in conjunction with the finalization of the warranties and the conclusion of the due diligence process.


None of this is especially novel, but it may be that the introduction of these methods borrowed from private equity will enable customers (and suppliers) to be more comfortable about using warranties, in  conjunction with proper and effective due diligence, in an outsourcing context.




In some ways access to the types of information summarised above could be said to be only the beginning of due diligence. There is no substitute for face-to-face meetings to understand and resolve questions. However having access to the base information informs and adds value to such discussions. Adopting a general approach of including limited, relevant warranties and an associated disclosure letter will also help both parties to consider the issues earlier in the procurement and agree how the associated risks will be allocated and managed.  Adopting the private equity model for due diligence and the associated warranties provides a mechanism which customers can readily utilise to provide the required information to suppliers and ensure that the issues that arise are identified and resolved earlier in the procurement process. This will speed up the procurement process itself and, in the long run, benefit both parties and support successful delivery of outsourcing services.



Clive Davies is Senior Counsel at Fujitsu Services.