Answer ... (a) Commercial/corporate
In the case of corporate-related matters, the due diligence will entail a detailed review of the organisational documents, corporate records and resolutions of the target and its respective subsidiaries (if any).
Other than matters relating to the capacity of the shareholders and of the target, as well as title and non-encumbrance of shares, other issues typically addressed include the following:
- the aggravated liability regime for the parent company;
- the shareholders’ investment/capitalisation obligations (shareholder loans, supplementary and/or ancillary contributions);
- possible shareholders’ and voting agreements;
- stock-related pre-emptive rights, rights of first refusal, redemption rights and other third-party rights or limitations affecting the shares (title, free disposal and voting or economic rights related thereto);
- annual accounts compliance requirements;
- the ultimate beneficial owner registry file; and
- the identification of directors and other corporate members of the target and respective subsidiaries (if any), and their remuneration.
A review of related-party transactions is also part of the investigation, including agreements or arrangements between the target or any of its subsidiaries (if any) and any current or former shareholders, officers, directors, employees, or shareholders of any type.
(b) Financial
With regard to financial-related aspects, the legal due diligence concerns an analysis of the respective contracted financing, including:
- the amounts involved;
- the maturity dates;
- the reimbursement conditions;
- guarantees and security interests;
- change of control clauses;
- negative pledge clauses (limitations to transfer or encumbrance of assets);
- cross-default provisions; and
- early termination events.
The scope of the due diligence also covers:
- the formalities to be complied with before and after closing of the transaction, considering the financial agreements of the target; and
- a detailed analysis of the terms and conditions of intragroup and related-party loans.
(c) Litigation
A detailed review of relevant lawsuits – including special revitalisation proceedings, insolvency proceedings, out-of-court company recovery scheme (RERE) proceedings, civil claims and injunctions – is recommended.
As general rule, in Portugal, lawsuits are public and made available by the court (exceptions include injunctions and specific stages of criminal proceedings). Through this information on pending and recently closed cases, it is possible to assess the target’s contingencies and liabilities, settlements, court fees and so on. It is also relevant to confirm whether any special revitalisation proceedings, insolvency proceedings or RERE proceedings are pending against the target. Should this be the case, it might indicate that the target is experiencing economic difficulties, lacking sufficient assets and/or potentially unable to meet its financial obligations.
(d) Tax
Due diligence in this regard encompasses a full analysis of the target’s tax situation, which is carried out by analysing its:
- corporate income tax returns;
- accounts;
- value added tax periodic returns;
- withholding taxes; and
- where applicable, social security payments, real estate taxes, real estate transfer taxes and stamp tax payment notes concerning the applicable tax limitation period (eight years for real estate transfer taxes, five years for social security contributions and four years for other taxes).
The aim is to determine whether there are any tax contingencies which may lead to additional tax assessments, compensatory interest and tax penalties imposed by the Portuguese Tax Authority.
(e) Employment
Notwithstanding the existence of specific sectoral characteristics that may have a significant impact on the due diligence exercise in this regard, a buyer should pay particular attention to the following matters, among others:
- special employment contracts (eg, temporary work, fixed-term employment contracts, their grounds and duration);
- service providers;
- the status of members of corporate bodies (notably, if they also have an employment contract with the company);
- remuneration and benefits (taking into account the duties, positions and seniority of employees, as there may be special remuneration items);
- limits and organisation of working time;
- collective employment regulation instruments (including the special regimes provided for therein); and
- vocational training and amount of hours provided.
In relation to social security matters, the buyer should verify:
- the monthly payment of the respective employer and employee deductions;
- how the various remuneration components and benefits granted to employees are considered under the applicable legislation; and
- whether the effective tax rates are applicable.
(f) Intellectual property and IT
In order to assess whether there are any contingencies which may lead to loss of rights or title to use intellectual property, or give rise to criminal or civil liability of the target, a detailed review of its owned, licensed or used intellectual property (ie, patents, trademarks, designs, trade secrets, copyright and related rights, software and database rights) should be undertaken, including:
- verification and analysis of ownership or title for its use;
- analysis of agreements with the target’s employees, affiliates and/or third parties referring to or with an impact on the ownership and/or use of the target’s intellectual property; and
- analysis of pending lawsuits relating to IP rights.
(g) Data protection
A detailed review of the target’s data protection procedures and policies should be undertaken – for example:
- privacy and cookies policies;
- data retention policies;
- information security policies;
- device and email usage policies;
- procedures for data subjects exercising their rights;
- procedures for managing data breaches and similar incidents;
- data protection impact assessments; and
- records of data processing activities.
This detailed review should further encompass:
- analysis of the relevant General Data Protection Regulation-related compliance materials;
- verification and analysis of agreements with the target’s employees, affiliates, subcontractors and/or third parties (eg, employment agreements, data processing agreements, intra-group data sharing agreements and binding corporate rules);
- analysis of the cookies management platform and cookies banner installed on the target’s website; and
- assessment of the consent check boxes for direct marketing purposes.
Finally, it must be determined whether there are any contingencies, such as data breaches or similar incidents, that may lead to fines, reputational damage or private enforcement litigation affecting the target.
(h) Cybersecurity
Cybersecurity due diligence depends on the target’s business area. On the one hand, the general cybersecurity legal framework applies only to certain sectors. On the other hand, targets that are active in certain business areas must comply with other specific regulations (eg, targets in the telecommunications sector must comply with additional requirements imposed by the telecommunications regulator).
For targets that fall within the scope of the aforementioned general cybersecurity legal framework, due diligence comprises a detailed review of:
- the target’s cybersecurity and information security procedures;
- documented security incidents; and
- notifications of security incidents to the National Cybersecurity Centre.
Where the target is subject to specific regulatory requirements relating to cybersecurity, the due diligence will also entail confirmation of compliance with the applicable regulatory framework on a case-by-case basis.
(i) Real estate
The due diligence will comprise an analysis of the situation of the properties owned or used by the target, including:
- verification and analysis of ownership or title for the use of the properties;
- analysis of liens, encumbrances, agreements referring to (or with an impact on) the properties (and respective compliance) and other restrictions on ownership or use;
- completeness and harmonisation of the property documentation (with different levels of analysis for owned or used properties);
- validation that the properties are duly licensed for the intended purposes;
- verification of the application of any restrictions arising from legal regimes (eg, for lease agreements); and
- for real estate companies, analysis of compliance with anti-money laundering duties – that is, communication of transactions to the Institute for the Real Estate and Construction Public Markets.