GWI Australia

The Importance of Data Due Diligence

Written by :

Tags:

The process of due diligence involves a comprehensive appraisal of a business by a potential investor to inform a final investment decision.  It includes an assessment of the assets and liabilities, structure, operations, systems and key customer and business relationships to enable an evaluation of value and commercial potential.   

Despite the rigorous due diligence undertaken prior to the final Investment, I am continually astounded that the value and health of data is rarely considered as part of the due diligence process.  

It is common for consultants to be engaged to remedy data issues resulting from merger and/or acquisition activity.   

Data, like any other asset, holds substantial value and provides direct insight into the health of a business.  It can inform the effort and investment required to successfully merge businesses and the level of exposure to risk factors which could sway a buyer’s decision.  

Assessing the value and health of data in a due diligence process can reveal: 

  • The health of the customer base 
    Duplicate or incomplete customer entries can significantly reduce the validity of customer records and inhibit the ability to develop a reliable understanding of customer behaviours, potential opportunities and projections.  
  • The investment required to merge or migrate data between businesses 
    Existing information systems, licensing and usability are often considered, but extracting, mapping and quantifying the quality of data within the systems is not. The data management practices in place can help to determine if data is reliable, accurate or comprehensive. More importantly, they can help to identify the potential cost of data remediation, transformation, migration or re-collection. 
  • The level of risk exposure 
    An understanding of how personally identifiable information (PII) is protected is critical. If PII has been inadvertently disclosed in the past, or requests under the Consumer Data Right could not be met, you must understand how these problems have been remediated. Data breaches and/or a lack of adequate protection for PII can expose businesses to legislative breaches, large fines and most importantly, can erode customer trust.  However, the risks associated with data extend beyond PII.  Risks may relate to the data required for compliance (safety, regulatory, industry standards, licences etc.), protecting intellectual property or underpinning products and services.   
  • Data ownership 
    Some businesses rely heavily on 3rd party data to run their operations.  How will existing arrangements (licensing, contracts, memorandums of understanding, sharing agreements etc.), be impacted by the merger or acquisition.  It is necessary to consider how ownership can impact data valuations.  
  • Analytics capabilities  
    The ability to aggregate and analyse data to meet business requirements (i.e., regulatory reporting, board reporting, clinical reporting) in a timely manner can validate the robustness of data handling practices and the quality of data under management. It also provides insight into the data culture of the organisation, literacy levels, governance practices and fitness of the data architectures in place.  
  • Integrity of the data  
    The integrity of data is a lead indicator of value. It encompasses recoverability and traceability over time (lineage) and leads to increased stability and performance while increasing the potential for data to be re-used. Therefore, understanding how the reliability, accuracy, validity and security of data has been maintained at scale across the data lifecycle is important.  
  • Value of data 
    Most organisations keep data off the balance sheet, yet there is a growing momentum to value it for its unique economic qualities such as ability to establish a competitive edge, re-use potential, simultaneous use, or monetisation opportunities. Understanding how data contributes to revenue (or detracts from revenue) should be considered in an investment decision.  

If the goal of the due diligence process is to validate the accuracy of any information presented and ensure that the decision taken regarding a merger or acquisition is an informed one, then I advocate for all those in the process to consider the data as part of the due diligence process.   

Data due diligence will identify red flags but it is also a pathway to identifying untapped potential and endless opportunity. It is an excellent example of making a truly data driven investment.  

To get in touch with Michelle, click here.

Related blogs

Don't let your organisation fall behind on digital literacy