What 75+ M&A Transactions Taught Me About Technology Debt

Over the past twenty years I have walked into more than 75 companies in the first 48 hours after a deal closes. Every time, the playbook looks different on paper—but the problems are eerily the same.

The Pattern Nobody Talks About

Every acquisition target says the same thing in the data room: "Our technology is in great shape." Then you open the hood. Shadow IT sprawl, undocumented integrations, expired SSL certificates on revenue-critical APIs, and a single developer who is the only person who understands the billing engine.

Technology debt is not a line item on the balance sheet, but it should be. Across 75+ transactions, I have seen tech debt consume between 8% and 22% of EBITDA in the first twelve months post-close. That is real money that was never modeled in the deal thesis.

The Five Warning Signs

1. Single Points of Failure

If one engineer leaving would bring down a core system, that is not a staffing risk—it is a business continuity risk. I use Azure DevOps to map dependency chains and identify bus-factor vulnerabilities within the first week.

2. License Sprawl

The average mid-market company I audit has 3.2x more SaaS licenses than active users. Microsoft 365 admin center gives you license utilization in minutes. Most companies have never looked.

3. Identity Chaos

Before Microsoft Entra ID (formerly Azure AD), identity was often the worst mess. Multiple directories, shared credentials, no MFA on admin accounts. This is the first thing I remediate—every time.

4. No Infrastructure as Code

If I cannot rebuild the environment from a repo, the environment is the documentation. Azure Migrate helps me inventory everything, but the real work is getting it codified.

5. Integration Spaghetti

Point-to-point integrations between systems that "just work" until they do not. I have seen entire revenue streams halt because someone changed a field name in a CRM.

The Microsoft Stack for Day-One Diligence

My go-to toolkit for the first 30 days:

• Azure Migrate — full infrastructure discovery and assessment
• Microsoft Entra ID — identity consolidation and zero-trust baseline
• Azure DevOps — map existing CI/CD (or lack thereof) and establish pipelines
• Microsoft 365 Admin — license audit, compliance posture, data governance

Why This Matters for PE

Operating partners who treat technology as "the IT guy's problem" are leaving money on the table. The firms that win are the ones who put a fractional CTO on the ground in week one, not month six.

Technology due diligence is not about finding problems—it is about sizing the investment needed to unlock the value creation plan. And after 75+ deals, I can tell you: the investment is always worth it.