Open Source Due Diligence
The use of open-source code is widely used by software development companies to accelerate development and to reduce costs. The use of open-source code creates challenges if the code breaches the licensing rules.
Escrow London performs an audit of software source code to detect and identify the existence of open-source code. Escrow London created a detailed report identifying the open-source code and their corresponding licenses.
There are many common open-source licenses including:
When acquiring a technology company, as the buyer, you need to identify if there could be any underlying licensing issues with the technology. The most common issues arise from the use of open-source code within the development cycle. The only way to mitigate these potential risks is to understand exactly what code and licenses have been used to build the technology. During an M&A due diligence process, the seller will generally be hesitant to hand over their source code to a potential buyer.
Escrow London is a trusted 3rd party that specializes in source code verification and audits. We can quickly analyze software and technology builds to support an M&A due diligence process.
The audit report provides a complete overview of what source code has been used, a list of open-source licenses linked to this code and a review by an IP lawyer (specialist in open source technology) of the constraints and potential IP issues with utilized open-source code.
When are open-source code audits used?
Investment – The opportunity to invest in a software or SaaS company may be tempting. Before investing you need to ensure that the IP of the company is owned by that company and does not contain open-source code which may negatively affect the value of the company.
Acquisition – During the acquisition of a software company or the intellectual property (IP) from a software company, it is essential to identify if any of these products contain open-source code not owned by the company. For example, if open-source code with a GPL license exists within the code base, this will most likely be problematic.
Outsourced Developer – In the event that you subcontract development to a third party software developer, you may request assurances or warranties that the code does not contain open-source code. In order to determine if the developer is keeping to their end of the agreement, it is essential to conduct an open-source code audit to verify compliance.