LEXOLOGY Getting the Deal Through: Technology M&A 2021

Structuring and legal considerations

Key laws and regulations

What are the key laws and regulations implicated in technology M&A transactions that may not be relevant to other types of M&A transactions? Are there particular government approvals required, and how are those addressed in the definitive documentation?
The new Austrian foreign direct investment screening act (Investitionskontrollgesetz (ICA), BGBl. I Nr. 87/2020) was adopted by the Austrian parliament on 15 July 2020. The ICA is expected to considerably extend the scope of the previous Austrian Foreign Trade Act (BGBl. I Nr. 26/2011). The ICA largely transposes the requirements of the European Union’s Foreign Direct Investment Screening Regulation, therefore a mandatory filing requirement is triggered if:

• a foreign investor (ie a non-EU, non-EEA or non-Swiss individual or entity), intends to directly or indirectly invest in an Austrian undertaking to acquire shares reaching or exceeding 10 per cent, 25 per cent and 50 per cent of the voting rights in order to acquire control of all or essential assets of the undertaking;
• the undertaking is active in a sector listed in an annex of the ICA; and
• the undertaking has its seat or its central administration in Austria (local nexus).

Investments in undertakings with less than 10 employees and annual turnovers or balance sheets totalling less than €2 million (the start-up exception) do not require such approval.

The ICA generally covers critical and sensitive infrastructure in Austria. The triggering threshold for an approval requirement remains at 10 per cent of voting rights for investments in critical infrastructure, including:

• defence equipment and technology;
• critical digital infrastructure (particularly 5G);
• systems that enable the data sovereignty of Austria; and
• until 31 December 2022 (due to the covid-19 pandemic): research and development in the fields of pharmaceuticals, vaccines, medical devices and personal protective equipment.

For investments in sensitive infrastructure, the triggering threshold for an approval requirement remains at 25 per cent or 50 per cent of voting rights, depending on sensitivity of the infrastructure. Such sensitive sectors include:

• information technology;
• telecommunications;
• robotics;
• cybersecurity; and
• access to, or the ability to control, sensitive information, including personal data.

A relevant agreement needs to be reported immediately after the signing of a contract or an announcement of the intention of a public offer. While the notification obligation rests primarily with the foreign investor and its management (ie, the acquirer), the ICA foresees a subsidiary reporting obligation for the target company. In addition, the relevant authority can assume jurisdiction ex officio if it becomes aware that there has been no notification of a transaction that is subject to approval.

Further, the Austrian Cartel Act, BGBl. I Nr. 61/2005, foresees a special value-based test for whether a transaction requires merger clearance. The test requires, among other things, that the consideration of the transaction exceeds €200 million, and that the target must have significant domestic activities. This special test was introduced after global technology transactions failed to meet traditional ordinary revenue-based tests, and were therefore not subject to local merger clearance, although the mergers had an impact on the Austrian market.

Government rights

Are there government march-in or step-in rights with respect to certain categories of technologies?
Austrian patent law provides for the granting of a compulsory licence if such a licence is required in the public interest. The holder of the affected patent in any case receives an adequate compensation in return for such compulsory license.

In more detail, pursuant to the sections 36 para 5 of the Austrian Patent Act (Patentgesetz; BGBl. I Nr. 259/1970), everyone (including the Austrian government) is entitled to a non-exclusive licence to a patented invention if the granting of the licence is required in the public interest. If a license is refused, despite the applicant’s efforts to obtain one on reasonable commercial terms, the applicant can make a request to the Austrian Patent Office to be granted a compulsory licence to the extent necessary and determine reasonable compensation (section 37 of the Austrian Patent Act).

In the case of a national emergency or ‘other circumstances of extreme urgency’, such a compulsory licence may also be preliminarily granted in summary proceedings (section 37, paragraph 3, Austrian Patent Act). In such cases, the applicant is not required to have made prior efforts to obtain a licence on reasonable commercial terms.

The Austrian Cartel Law may also provide for the mandatory granting of licences under certain circumstances (eg, in the case of market dominance).

Legal assets

How is legal title to each type of technology and intellectual property asset conveyed in your jurisdiction? What types of formalities are required to effect transfer?
Title in IP not concerning patents, supplementary protection certificates (SPCs), designs or utility models is generally transferred via contractual agreements. Titles pass upon the effective date of the contract or on another date agreed to in the contract.

As regards to copyright, full ownership cannot be transferred from authors, as the Austrian Copyright Act (Urheberrechtsgesetz; BGBl. I Nr 111/1936) considers copyright as a personal right. However, exclusive perpetual licences on all exploitation rights (except for certain negligible moral rights) may be granted by authors. Those licences can be granted via contractual agreements.

Austrian law does not provide for any formalities for the transfer of title in IP not concerning patents, SPCs, designs or utility models. A written contract is obviously advisable.

For (Austrian and European) patent, Austrian utility models, designs and SPCs, title passes with entry of the transferee into the Austrian Patent register.

Contracts on transfer (assignment) of title in IP rights may trigger Austrian stamp duties if (among other conditions) the transfer is made for a consideration (eg, a purchase price or a licence fee), the transfer is recorded in a written instrument and there is a sufficient Austrian nexus. The stamp duty for such transfers (assignments) amounts to 0.8 per cent of the respective consideration.
 

Due diligence

Typical areas

What are the typical areas of due diligence undertaken in your jurisdiction with respect to technology and intellectual property assets in technology M&A transactions? How is due diligence different for mergers or share acquisitions as compared to carveouts or asset purchases?
Typical due diligence areas include:

• ownership of IP rights, including whether there have been sufficient transfers or grants by employees, freelancers or contractors;
• registered status of IP rights;
• licensing-in and -out (review of material license agreements);
• reviewing:
  • other contracts concerning IP rights;
  • encumbrances over IP rights;
  • disputes around IP rights (eg, infringement of third-party rights or third-party rights infringing IP rights); and
  • employee-related IP disputes;
• insufficient IP protection;
• risk-prone products and activities in relation to third-party IP;
• protection of know-how and business secrets;
• compliance with data protection regulation;
• data breaches (including pending breaches and historical breaches); and
• material communication with authorities and third parties.

While in a merger or share acquisition, change of control rights are more relevant, a carveout requires a more detailed review of contractual or legal provisions affecting the ability to transfer assets, rights, claims and contracts.

Customary searches

What types of public searches are customarily performed when conducting technology M&A due diligence? What other types of publicly available information can be collected or reviewed in the conduct of technology M&A due diligence?
Typical public searches include:

• search engine research;
• review of publicly available financial statements;
• research in the following public registers:
  • trademark registers;
  • patent and utility model registers;
  • SPC registers;
  • design registers; and
  • WhoIs registers of disclosed registrars of domain names;
•  traditional registers, such as:
  • the commercial register (Firmenbuch);
  • the land register (Grundbuch); and
  • the edict register (Ediktsdatei).

Registrable intellectual property

What types of intellectual property are registrable, what types of intellectual property are not, and what due diligence is typically undertaken with respect to each?
Trademarks, designs, patents, SPCs and utility models are registrable in Austria. To a very limited degree, designs may enjoy protection as unregistered community designs without registration, and trademarks may also enjoy protection as unregistered tradenames under certain circumstances. Copyrighted works are normally not registered and are protected from the moment of their creation independent of any registration. Non-registered IP also includes know-how and trade secrets, but unlike the other types of IP, know-how and trade secrets do not enjoy absolute protection.

Patents, utility models, designs, trademarks and SPCs disclosed by target companies are usually assessed in the due diligence by reviewing their status on the relevant register.

Ownership of sufficient rights in copyrighted works and know-how and business secrets is typically assessed in the due diligence by reviewing underlying agreements (eg, licensing agreements, transfer agreements, employment agreements, freelancer agreements and research and development agreements, etc) between the target business and the relevant creator, originator or licensor.

Liens

Can liens or security interests be granted on intellectual property or technology assets, and if so, how do acquirers conduct due diligence on them?
For a lien (Pfandrecht) to have a right-in-rem effect, it must be perfected. Perfection of liens requires a certain publicity act (the information on an asset being subject to a lien needs to be publicly available).

Liens over registered IP rights thus can only (validly) granted by entering respective records on the lien in the relevant register (eg, the patent register or the trademark registers).

Liens over non-registered IP assets (such as copyrights and trade secrets) require other means of publicity for perfection (such as respective remarks in public financial statements). However, there is no legal certainty on the right form of publication for non-registered IP assets.

Employee IP due diligence

What due diligence is typically undertaken with respect to employee-created and contractor-created intellectual property and technology?
As a first step, we request a detailed list of the persons involved in the creation, development or modification of the relevant IP assets. We then request and review the underlying contractual arrangements with the persons on the list for IP assignment provisions and assess whether the IP assignment provisions suffice. We would also review any applicable collective bargaining agreements and shop agreements for relevant IP assignment provisions that could complement contractual IP assignment provisions. The goal is to confirm for each person involved in the creation, development and modification of the relevant IP assets the legal basis on which such person assigned his or her IP rights to the target business.

Rights in copyrighted works of which employees are (co-)authors may be granted by mean of employment agreement or collective bargaining agreement in advance. As regards rights in software and databases created by employees in performance of his or her duties, the Austrian Copyright Act assumes that the rights lie with the employer (unless otherwise agreed by the parties). The latter does not apply to non-employee contractors such as freelancers.

Regarding inventions to be filed for patent or utility models, aside from a contractual obligation to transfer any inventions made during the employment term in the respective employment agreements or in collective bargaining agreements, Austrian patent law also requires inventions to be actively claimed by employers (after receiving a notification by the employee) in order to have their rights in the inventions transferred.  

Transferring licensed intellectual property

Are there any requirements to enable the transfer or assignment of licensed intellectual property and technology? Are exclusive and non-exclusive licences treated differently?
Licences in IP are generally deemed non-transferrable without the rights holders’ consent. A licence agreement may include a pre-consent for transfers.

The foregoing does generally not apply in case of a transfer with universal legal succession, such as in case of inheritance or merger of two companies.

In the case of the transfer of an entire business by way of an asset deal, special provisions apply. For instance, the rights holder could veto against the transfer; if the license holder does not veto, the transfer is generally valid.

Exclusive and non-exclusive licences are generally not treated differently.

Software due diligence

What types of software due diligence is typically undertaken in your jurisdiction? Do targets customarily provide code scans for third-party or open source code?
As a first step, we typically request a detailed list of the developers involved in the software that is the subject of the due diligence (for each piece of code that was, or is currently, in use by the target business). We then request and review the underlying contractual arrangements with the disclosed developers for IP assignment provisions and assess whether the IP assignment provisions suffice. We would also review any applicable collective bargaining agreements and shop agreements for relevant IP assignment provisions that could complement contractual IP assignment provisions. The goal is to confirm for each developer that was or is involved in the creation, development or modification of the relevant software the legal basis on which such person assigned his or her IP rights in the software to the target business.

Additionally, we request information on open-source code that was possibly used in the software that is the subject of the due diligence. On that basis, we inform our client so that its technical team can further assess the applicable licence restrictions from a technical perspective.

Targets do not customarily provide code scans. Providers of representations and warranties insurance typically insure open-source risks only if a ‘Black Duck due diligence’ has been performed (which is nowadays the rule, rather the exception).

Another important aspect is to review the terms under which the target business is licensing software to third parties to ensure that the commercialisation and further development of the software (as envisaged by our client and the target business, respectively) is possible. The same applies to software (components) that are licensed-in by the target business.

Other due diligence

What are the additional areas of due diligence undertaken or unique legal considerations in your jurisdiction with respect to special or emerging technologies?
Typical due diligence includes:

• General Data Protection Regulation (GDPR) due diligence (with focus on compliance of data processing, data transmission, and absence of data breaches);
• confirmation of regulatory compliance (in particular, for new business models) and history of (known) regulatory breaches;
• licensing status (in relation to software licences); and
• ownership to material IP rights (in particular, for IP rights created by the target business).

In rare cases, a separate open source due diligence is conducted to confirm compliance with open source licences. If the product or technology is risk prone with respect to third-party rights, specific evaluations might be necessary from an IP perspective (eg, concerning the legal basis for text and data mining).

As most emerging technologies relating to artificial intelligence and ‘big data’ mainly rely on large volumes of data and costly developed algorithms, which are often not subject to any means of protection except as trade secrets under the Austrian trade secrets regime, we also focus on contractual confidentiality provisions.
 

Purchase agreement

Representations and warranties

In technology M&A transactions, is it customary to include representations and warranties for intellectual property, technology, cybersecurity or data privacy?
Yes. We typically see customary representations and warranties on the following.

Intellectual property
That the target company owns all registered rights, title and interest, free of all encumbrances, and pledges, security interests or any other third-party rights in and to the patents, utility models, trademarks, service marks, design rights and domains including registrations and applications for registration owned by the target company, or to which the target company has exclusive, perpetual, worldwide and unrestricted rights of use.

That licensed IP rights are sufficient for the conduct of business as currently conducted by the target company.

That in the event of jointly developed IP rights, the target company has all rights to use such IP rights as currently used to conduct business.

And that the target company complies with all licences licensed in or out, including open-source licences; there is no copyleft effect for open-source software components used in the code; there is adequate protection of the code and other business secrets; and no disputes pending or threatening.

IT (hardware and software)

• Sufficiency of software licensing status;
• compliance with software licences;
• adequate protection of source code(s);
• no copyleft effect (in the case of open-source software being used);
• adequate anti-virus protection of the target company’s network;
• ownership or sufficient rights to use hardware (IT systems);
• proper maintenance of IT systems;
• no interruptions or breakdowns of IT systems; and
• outsourcing.

Data Protection

• Compliance with the GDPR and local data protection laws, (particularly the lawful data processing and lawful transmission of data within the European Union and with third countries);
• absence of (known) data breaches; and
• no threatening and pending litigation.

Regulatory

• Compliance with public laws and orders (permits); and
• all required regulatory licences, approvals and permits to conduct business have been obtained.

Customary ancillary agreements

What types of ancillary agreements are customary in a carveout or asset sale?
We typically see classical transitional services agreements, transitional (trademark) licences agreements, reverse transitional services and licence agreements and de- or re-branding agreements.

Conditions and covenants

What kinds of intellectual property or tech-related pre- or post-closing conditions or covenants do acquirers typically require?
We would typically request for the (re-)execution of IP transfer agreements between the target business and its employees, contractors, founders and shareholders to confirm full ownership of IP rights. Depending on the transaction, we may confirm between signing and closing that the target business has the know-how to continue development of software after closing (eg, if the key persons are also sellers and leave the target business after closing).

Survival period

Are intellectual property representations and warranties typically subject to longer survival periods than other representations and warranties?
There is no established market practice for separate IP survival period. Buyers typically request a minimum period of three to five years, while sellers naturally push heavily back. Often, IP matters fall into the survival period for operational representations and warranties.

Breach of representations and warranties

Are liabilities for breach of intellectual property representations and warranties typically subject to a cap that is higher than the liability cap for breach of other representations and warranties?
There is no established market practice for separate IP caps. Buyers typically request a separate cap that is either higher than or fully separate from (and therefore on top of) the cap for operational warranties. Sellers typically push heavily back. A typical cap ranges between 10 per cent (in addition to the cap for operational representations and warranties) and 50 per cent (if such cap is counted towards the cap for operational representations and warranties) of the purchase price. Some buyer request caps closer to 100 per cent of the purchase price, or even do not accept any cap on IP matters (in particular IP infringements), but that is rarely acceptable to sellers in Austria. Often, IP matters fall into the cap for operational representations and warranties.

Are liabilities for breach of intellectual property representations subject to, or carved out from, de minimis thresholds, baskets, or deductibles or other limitations on recovery?
Liabilities for breach of IP representations are typically not subject to, or carved out from, de minimis thresholds, baskets, or deductibles or other limitations on recovery.

Indemnities

Does the definitive agreement customarily include specific indemnities related to intellectual property, data security or privacy matters?
Market practices tend to treat data protection compliance similar to taxes and environmental issues (ie, by respective indemnities). Unless there is a reason for suspecting IP infringements or if such (alleged) infringements were disclosed, buyers tend to rely on IP representations and warranties rather than requesting a separate IP indemnity.

Walk rights

As a closing condition, are intellectual property representations and warranties required to be true in all respects, in all material respects, or except as would not cause a material adverse effect?
Correctness of IP representations and warranties as a closing condition is typically heavily negotiated. We cannot confirm that such conditions are market practice given that recent M&A environment in Austria was seller-friendly. The absence of claims for material IP infringements by third parties is often a compromise that is acceptable to all parties.
 

Updates and trends

Key developments of the past year

What were the key cases, decisions, judgments and policy and legislative developments of the past year?
One of the key legislative developments is the new Austrian foreign direct investment screening act (Investitionskontrollgesetz (ICA)) which was adopted by the Austrian parliament on 15 July 2020. The ICA is expected to considerably extend the scope of the old regime of the Austrian Foreign Trade Act, BGBl. I Nr. 26/2011. The ICA largely transposes the requirements under the European Union’s Foreign Direct Investment Screening Regulation, therefore a mandatory filing requirement is triggered if:

• a foreign investor (ie a non-EU, non-EEA or non-Swiss individual or entity), intends to directly or indirectly invest in an Austrian undertaking to acquire shares reaching or exceeding 10 per cent, 25 per cent and 50 per cent of the voting rights in order to acquire control of all or essential assets of the undertaking;
• the undertaking is active in a sector listed in an annex of the ICA; and
• the undertaking has its seat or its central administration in Austria (local nexus).

Investments in undertakings with less than 10 employees and annual turnovers or balance sheets totalling less than €2 million (the start-up exception) do not require such approval.

The ICA generally covers critical and sensitive infrastructure in Austria. The triggering threshold for an approval requirement remains at 10 per cent of voting rights for investments in critical infrastructure, such as:

• defence equipment and technology;
• critical energy infrastructure;
• critical digital infrastructure (particularly 5G);
• water;
• systems that enable the data sovereignty of Austria; and
• until 31 December 2022 (due to the covid-19 pandemic): research and development in the fields of pharmaceuticals, vaccines, medical devices and personal protective equipment.

For investments in sensitive infrastructure the triggering threshold for an approval requirement remains at 25 per cent or 50 per cent of voting rights depending on sensitivity of the infrastructure). Such sensitive sectors include:

• energy;
• information technology;
• transport;
• health;
• food;
• telecommunications;
• robotics;
• cybersecurity;
• supply of critical resources;
• access to, or the ability to control, sensitive information, including personal data; and
• the freedom and pluralism of the media.

A relevant agreement needs to be reported immediately after the signing of a contract or an announcement of the intention of a public offer. While the notification obligation rests primarily with the foreign investor and its management (ie, the acquirer), the ICA foresees a subsidiary reporting obligation for the target company. In addition, the relevant authority can assume jurisdiction ex officio if it becomes aware that there has been no notification of a transaction that is subject to approval.

Coronavirus

What emergency legislation, relief programmes and other initiatives specific to your practice area has your state implemented to address the pandemic? Have any existing government programs, laws or regulations been amended to address these concerns? What best practices are advisable for clients?
The economic impact caused by the covid-19 pandemic has moved the Austrian federal government to put together an aid package of €38 billion and implement several measures to maintain solvency and bridge liquidity bottlenecks for the domestic economy. These measures include:

• a covid-19 investment bonus of 7 or 14 per cent for investments in connection with digitisation, greening, health and life sciences;
• a special coronavirus short work scheme;
• providing guarantees via the covid-19 Finanzierungsagentur des Bundes GmbH special purpose vehicle (COFAG) to small and medium-sized enterprises, as well as larger companies, so they can maintain solvency;
• fixed cost grants from COFAG;
• direct loans from COFAG;
• a hardship fund for new self-employed persons, freelancers and micro-entrepreneurs;
• a deferral of payment of taxes or payment in instalments, and a reduction of deferral interest to zero if required; and
• a covid-19 start-ups aid fund (equity that is repayable in the event of success).

Furthermore, Coronavirus has boosted legislative process of the new Austrian FDI screening act (Investitionskontrollgesetz (ICA), BGBl. I Nr. 87/2020) to have the means to prevent foreign investors from taking advantage of the pandemic by investing in certain highly sensitive sectors. The ICA was adopted by the Austrian parliament on 15 July 2020 and largely transposes the requirements under the EU foreign direct investment screening regulation. Subject to the ICA, a (mandatory) filing requirement is triggered if:

• a foreign investor (ie, non-EU, non-EEA, non-Swiss individual or entity), intends to invest (directly or indirectly) in an Austrian undertaking to acquire:
  • shares reaching or exceeding 10 per cent, 25 per cent and 50 per cent of the voting rights;
  • control; and
  • essential or all assets of an undertaking;
• the undertaking is active in a sector listed in an Annex of the ICA; and
• the undertaking has its seat or its central administration in Austria (local nexus).

No approval is required for an investment in an undertaking with fewer than 10 employees and an annual turnover or balance sheet total of less than €2 million (the start-up exception).

The 10 per cent share threshold (voting rights) applies to investments in certain highly sensitive sectors. Part I of the ICA’s annex provides an exhaustive list of these sectors, which include:

• defence equipment and technology;
• critical energy infrastructure;
• critical digital infrastructure (in particular 5G infrastructure);
• water;
• systems that enable data sovereignty of Austria; and
• until 31 December 2022 (due to the covid-19 pandemic): research and development in the fields of pharmaceuticals, vaccines, medical devices and personal protective equipment.

For investments in other sensitive sectors relevant for public order or security the triggering threshold remains at 25 per cent and 50 per cent (voting rights). Part 2 of the annex contains a non-exhaustive list of these sectors.

A relevant agreement needs to be reported immediately after signing of the contract or announcement of the intention of a public offer. While the notification obligation rests primarily with the foreign investor and its management (ie, the acquirer), the ICA foresees a subsidiary reporting obligation for the target company. In addition, the relevant Authority can assume jurisdiction ex officio, if it becomes aware of a transaction subject to approval that has not been notified.

Finally, the Austrian government passed a bill that allows for notarial deeds and other notarial acts to be executed by fully electronic methods. This is a novelty and increases flexibility in deal-making enormously since, for example, the parties to a share purchase agreement (which is to be executed in the form of a notarial deed if it relates to a share in an Austrian liability company) do not need to be present in person in front of the notary, but can watch the notarial act during a videoconference. This measure will expire by the end of 2020, unless it is extended.

The information above is accurate as at 31 July 2020.