You studied the financials. You reviewed the legal opinions. You walked through the factory floor. But did anyone open the codebase? Did anyone check if the ERP will survive past Q2? Did anyone ask what happens when the two engineers who built the entire system decide to leave? If not, your bid is built on guesswork.
The Bidding Problem Nobody Talks About
Here’s a scenario that plays out more often than anyone in the IBC ecosystem would like to admit.
A resolution applicant submits a bid for a corporate debtor under CIRP. The information memorandum is reviewed. The virtual data room is combed through. Financial advisors run projections. Legal teams assess liabilities. The bid is submitted. The CoC votes. The NCLT approves.
Then the applicant walks in and within the first ninety days, discovers something the data room never revealed: the company’s entire operational backbone is held together with duct tape and prayer. The ERP system is a decade-old installation nobody knows how to maintain. The customer-facing application crashes under moderate traffic. There’s no documentation. No automated testing. No disaster recovery plan. The two senior developers who understood how the system actually worked? They resigned three weeks after the acquisition.
The resolution applicant now faces a choice: spend crores rewriting systems that were never budgeted for, or operate on a crumbling foundation and hope it holds. Neither option was in the turnaround plan.
This is not a hypothetical. This is what happens when technical due diligence is treated as optional in NCLT proceedings.
The Scale of What’s at Stake
Let’s put some numbers on the table. India’s IBC framework has admitted over 8,700 corporate debtors for CIRP since its inception. As of March 2025, approximately 1,194 corporate debtors have been rescued through approved resolution plans. Creditors have realised roughly ₹3.89 lakh crore, though recovery sits at just 32.8% of admitted claims.
The average CIRP resolution now takes 713 days, more than double the statutory 330-day limit. For cases that closed in FY 2025, that average stretched to 853 days. Nearly 30,600 cases sit pending before the NCLT, a backlog that could take almost a decade to clear at the current pace.
Now consider what extended timelines do to the very assets resolution applicants are bidding on. The Economic Survey 2025–26 itself flagged that prolonged proceedings lead to asset depreciation, employee attrition, customer loss and supplier relationship breakdown. Technology assets degrade even faster. Software goes unpatched. Infrastructure grows outdated. Institutional knowledge walks out the door.
In this environment, the resolution applicant who bids without understanding the technology layer is essentially writing a cheque based on a photograph of a building, without knowing if the foundation is cracked.
Also Read: Why Most Stressed Asset Acquisitions Fail Silently — The Hidden Tech Debt Nobody Evaluates
Why the Information Memorandum Isn’t Enough?
Under CIRP regulations, the Resolution Professional prepares an Information Memorandum containing the corporate debtor’s assets, liabilities, financial statements, creditor details and material litigation. Prospective Resolution Applicants also get access to a Virtual Data Room for due diligence.
This sounds comprehensive. It isn’t, at least not for technology.
The Information Memorandum is built around financial and legal disclosure. It will tell you the value of physical assets. It will list contingent liabilities. It might mention software licences. What it almost never includes:
- Architecture assessment: Is the tech stack monolithic? Can it scale? Is it built on deprecated frameworks?
- Code quality analysis: What’s the test coverage? How much technical debt exists? Are there critical vulnerabilities in the codebase?
- Infrastructure health: Is the company running on-premise servers past their end-of-life? Is there disaster recovery? What’s the actual cloud spend versus what’s been reported?
- Knowledge concentration mapping: How many people actually understand how the system works? What happens if they leave?
- Security posture: When was the last penetration test? Are there unpatched vulnerabilities? Is the company compliant with DPDPA requirements?
- IP and open-source risk: Does the company actually own its code? Are there GPL or other copyleft licence violations that create legal exposure?
The Virtual Data Room reflects what the RP chooses to upload and for distressed entities, technical documentation is often the first thing that goes missing. There’s a reason IBBI’s own discussion papers have acknowledged the significant information asymmetry resolution applicants face. When it comes to technology, that asymmetry is a chasm.
The Two Ways Applicants Get It Wrong
Without a proper technical assessment, resolution applicants fall into one of two traps. Both are expensive. Both are avoidable.
Trap 1: Overbidding, Paying for Technology That Doesn’t Exist
The information memorandum lists a “custom ERP platform” and a “proprietary customer management system.” The applicant assumes these are functional, modern assets. The bid reflects that assumption.
Post-acquisition, the reality emerges. The ERP is a heavily customised version of a product that’s two major versions behind, running on infrastructure that can’t be migrated without a full rewrite. The “proprietary” CRM is a cobbled-together collection of spreadsheets, a legacy database and a front-end that only works in one specific browser.
The applicant has overpaid. Not because the financial valuation was wrong, but because nobody assessed what the technology was actually worth or what it would cost to make it functional.
| Real-World ParallelOne industry practitioner noted that initial valuations in technology acquisitions often emphasise patents and historical financials, but further diligence can reveal that the competitive edge of those patents is eroding due to rapid technological advancements. Without assessing the lifecycle and current relevance of technology assets, valuations end up inflated, leading to overpayment. In NCLT proceedings, where time pressure is acute, this risk is amplified. |
Trap 2: Underbidding, Missing Hidden Value in the Tech Stack
The opposite problem is equally damaging, though less obvious. A resolution applicant looks at a distressed company with outdated-looking systems and assumes the technology is worthless. The bid discounts the entire tech stack.
What the applicant misses: beneath the surface, there’s a proprietary data pipeline that, with the right investment, could power AI-driven analytics. There’s a customer dataset with years of behavioural data that’s never been monetised. There’s an API architecture that, once cleaned up, could integrate with modern SaaS platforms within months.
By underbidding, the applicant either loses the deal to someone who saw the value or wins it and never realises the upside they’re sitting on. Either way, value is left on the table because no one conducted a proper tech audit to separate what’s broken from what’s salvageable.
What a Technology Due Diligence Actually Covers in NCLT Context?
A meaningful tech DD for NCLT proceedings isn’t a generic IT audit. It’s a deal-focused assessment that translates technical findings into the language that CoCs, RPs and NCLT benches understand: risk, cost and value.
At Dextra Labs, our technical due diligence approach is built around the RCOI framework, a structured method that maps every technical finding to a deal-level consequence:
| RCOI Phase | What We Assess | How It Affects Your Bid |
| R — Risks | Architecture weaknesses, security vulnerabilities, compliance gaps, single points of failure, vendor lock-in, open-source licence violations | Identifies liabilities that could inflate post-acquisition costs or create legal exposure. These findings can justify price adjustments or walk-away decisions. |
| C — Costs | Remediation budgets for technical debt, infrastructure upgrade estimates, licensing gaps, talent replacement costs, data migration expenses | Quantifies the capital needed to stabilise technology. This number goes directly into your financial model and bid calculation. |
| O — Opportunities | Cloud migration potential, automation readiness, AI-readiness of data assets, platform consolidation options, untapped IP value | Reveals value the seller may not have realised. These opportunities can improve your turnaround thesis and strengthen your CoC pitch. |
| I — Impact | Projected ROI of tech improvements, time-to-market acceleration, operational cost reduction, scalability for growth | Translates technology investments into business outcomes. This is the language that gets resolution plans approved. |
The assessment scope covers technology stack evaluation, architecture review, code quality analysis, security posture assessment, cloud service andcost review, scalability testing, data management andprivacy compliance, team expertise and skill gap analysis, IP and patent evaluation, open-source software risk analysis and process maturity review.
For NCLT-specific engagements, we also layer in survivability testing, determining whether the technology can operate reliably through the resolution and transition period without catastrophic failure.
The Five Things Every Resolution Applicant Should Demand Before Bidding
If you’re evaluating a corporate debtor under CIRP and the VDR doesn’t give you answers to these five questions, you’re bidding blind:
- What is the true remediation cost of the technology stack? Not what the IM says. Not what the RP estimates. An independent, line-by-line assessment of what it will actually cost to stabilise, secure and modernise the systems you’re inheriting. This number should live in your financial model before you submit a bid.
- Where is the knowledge concentrated? Distressed companies almost always have knowledge concentration risk. If three people built the entire system and two of them have already left, you’re acquiring an asset that nobody remaining can maintain. Map the knowledge. Price the replacement.
- What are the security and compliance liabilities? Data breach costs now exceed $4.35 million globally on average. In India, DPDPA non-compliance adds another layer of risk. If the corporate debtor has unresolved security vulnerabilities, those become your liabilities on day one.
- Can the technology actually support your turnaround thesis? If your resolution plan depends on scaling operations, entering new markets, or launching digital products, the tech stack needs to be capable of supporting that. A system designed for 500 users doesn’t magically handle 50,000 because you have a growth plan.
- What’s the integration timeline and cost? In the tech sector, 40% of integration efforts end up costing more than planned. The most common reason is underestimating complexity. If you’re planning to fold the acquired entity into your existing operations, you need to know exactly what integration will require, in money, time and talent.
Where Tech DD Fits in the CIRP Timeline?
One of the practical objections to technology due diligence in NCLT proceedings is timing. The CIRP is supposed to conclude within 180 days, extendable to 330. In reality, it stretches to 700+ days. But even within compressed timelines, tech DD can be structured to deliver actionable intelligence:
| CIRP Phase | Tech DD Activity | Output for Applicant |
| EOI Stage | Rapid desktop assessment of available technical information from IM and public sources | Go/no-go decision and preliminary risk flags before committing to full evaluation |
| VDR Access / Due Diligence | Deep technical assessment: code review, architecture evaluation, security scan, infrastructure audit, knowledge mapping | Quantified risk register, remediation cost estimate and technology valuation adjustment for bid calibration |
| Resolution Plan Drafting | Integration of tech DD findings into the resolution plan’s operational and capex projections | A plan that the CoC and NCLT can evaluate with confidence because the technology layer is actually accounted for |
| Post-Approval / Day One | Remediation workshop, CTO office setup, integration management | Immediate stabilisation of critical technology systems and a clear 90-day action plan |
The Dipstick assessment, a focused, rapid-turnaround technical review can be completed in parallel with financial and legal diligence, adding zero time to the overall process while fundamentally improving bid accuracy.
What Happens After the Bid: From DD to Turnaround?
Tech DD isn’t just a pre-bid exercise. The findings carry forward into every phase of the post-acquisition journey. At Dextra Labs, our engagement extends well beyond the assessment:
- Remediation Workshop: A structured post-investment engagement where we design the technology roadmap, prioritise fixes and establish governance frameworks for ongoing tech health.
- CTO Office Services: For distressed entities that lack senior technical leadership, which is most of them we provide fractional CTO support to drive the technology transformation from within.
- M&A Integration Management Office: Dedicated integration support that coordinates platform migration, AI agent development for process automation and technology stack consolidation across the acquiring entity and the target.
The resolution applicant who treats tech DD as a one-time checkbox will struggle. The one who treats it as the foundation of a technology-aware turnaround plan will outperform. The data bears this out: companies that conduct comprehensive technology due diligence are significantly less likely to encounter major technology-related issues during integration.
A Word for Resolution Professionals and CoC Members
This conversation isn’t only for resolution applicants. RPs and CoC members have a direct stake in the quality of tech DD.
A resolution plan that ignores technology risk is a plan with a blind spot. When that plan fails post-implementation, because systems collapse, integration stalls, or security breaches erupt, it reflects on the entire CIRP process. The IBC Amendment 2025 already moves toward mandatory monitoring committees to oversee resolution plan implementation. It’s only a matter of time before technology assessment becomes part of the standard evaluation matrix.
Forward-thinking RPs are already including technology summaries in their Information Memoranda and recommending that PRAs conduct independent tech audits as part of their diligence. This isn’t just good practice, it’s risk management for the CoC and the resolution process itself.
The Bottom Line: Price What You Can’t See, or Pay for What You Didn’t Know
Research consistently shows that 70–90% of M&A deals fail to create shareholder value. In the technology sector specifically, that failure rate climbs to 85–90%. Inadequate due diligence is cited in 31% of failures and overpaying accounts for another 42%.
In NCLT proceedings, these risks are compounded. The time pressure is real. The information asymmetry is severe. The assets are already distressed. And the technology layer, which increasingly determines whether a turnaround plan succeeds or fails, is routinely left unevaluated.
The resolution applicant who understands this has an edge. Not just in pricing the deal correctly, but in building a plan that actually survives contact with reality. Not just in winning the bid, but in making the bid worth winning.
The question is straightforward: Are you pricing the technology you’re buying or are you guessing?
FAQs:
What is technical due diligence in NCLT proceedings?
Technical due diligence in NCLT proceedings is an independent assessment of a corporate debtor’s technology assets, covering architecture health, code quality, security posture, infrastructure, IP ownership and knowledge concentration, to give resolution applicants an accurate picture of what they’re actually acquiring beyond financials and legal opinions.
Why do resolution applicants need tech DD before bidding in CIRP?
Information Memoranda and Virtual Data Rooms rarely disclose technology risks. Without tech DD, applicants risk overbidding on broken systems or underbidding on hidden value. Post-close discoveries like failing ERPs, departed engineers, or unpatched vulnerabilities can derail turnaround plans entirely, costs that were never factored into the original bid.
What does the RCOI framework cover in tech due diligence?
The RCOI framework covers four dimensions: Risks, architecture weaknesses, security gaps and IP liabilities; Costs, remediation budgets and infrastructure upgrade estimates; Opportunities, AI readiness, untapped data value and automation potential; and Impact, projected ROI from technology improvements mapped directly to turnaround business outcomes.
How does technical debt affect resolution plan pricing under IBC?
Unassessed technical debt inflates post-acquisition costs significantly. Legacy systems, deprecated frameworks, undocumented codebases and knowledge concentration all require capital to remediate. Without quantifying these costs pre-bid, resolution applicants either overbid relative to actual asset value or submit plans with insufficient capex, both outcomes undermine successful implementation.
Can tech DD be completed within CIRP timelines?
Yes. A Dipstick assessment, a focused, rapid-turnaround technical review, runs in parallel with financial and legal diligence, adding zero time to the overall process. For deeper evaluation during VDR access, a comprehensive tech audit can be structured to deliver a full risk register and remediation cost estimate within standard diligence windows.
