Hacker News new | past | comments | ask | show | jobs | submit login
YC's Series A Diligence Checklist (blog.ycombinator.com)
329 points by akharris on Feb 22, 2018 | hide | past | favorite | 60 comments



> The more sophisticated hires will realize this and you may then have to increase their compensation (in equity, cash or both) to make up the difference to avoid a morale issue.

What about the less sophisticated hires? Employees are trusting founders not to screw them over. I'd expect this piece to advise either: a) educating less-sophisticated employees, or b) increasing compensation for all employees that didn't get their equity grants before the term sheet.


You're absolutely right. Thanks for flagging it.

This is something that founders should pro-actively surface and address ahead of a financing whenever and wherever relevant.

This is something we're working on advising founders to do. We want to do what we can to make sure that employees - no matter how experienced or sophisticated - get treated fairly throughout the life of the company.

My bad for the wording which seems to suggest otherwise.

Edit: We updated the wording as well.


> My bad for the wording which seems to suggest otherwise.

> Edit: We updated the wording as well.

But the updated wording just says "some hires may realize this and you may then have to increase their compensation...". I don't think the problem being flagged was "you're implying that founders should screw over unsophisticated hires, when you should be implying that founders should screw over every hire they can, sophisticated or not".


The part right above it is interesting too...

> If you have any pending or promised equity grants you haven’t already taken care of before you start your Series A process, do that ASAP.

Huh? Seriously? If someone promises me equity I expect that finalized within weeks. How many companies just have promised equity sitting around without the paperwork being done?

Edit:

Some super good points about board approval. Most of the company's I've worked at have the rules of the options pool voted on by the board but the grants can be given out without board approval (as long as they were the standard new hire grant and nothing unusual). But I can see how if something like that isn't in place it could take a while.


It happens. Option grants require board approval or are sometimes waiting on new 409a valuations. It would be nice to turn them all around quickly but it’s not always feasible. The advice quoted is good advice.


Tons. This happens all the time. Equity grants take months. I was promised x%, at hire. By the time I got my equity grant, I was already diluted.


I'd like to add the word "can" in there. "Equity grants [can] take months." They shouldn't though. They can take as little time as it takes the president or CEO to hit the "print" button and get out a pen if the rules are laid out clearly and voted on ahead of time by the board.


All three startups I have been involved with have had board-level approval for individual equity grants. I have never seen any real push-back on them, but I have also never heard of the board relinquishing control over something so vital.

The employment contract guarantees the equity subject to board approval. I'm not quite sure why people are making such a big deal out of this.


What you describe is certainly common. I have a different experience and I like what I have seen better.

> The board agrees all new employees get X options with a 1 year cliff and 4 year vesting without additional approval so long as total options granted does not exceed Y.

The board only needs needs to be involved if X or Y need to be changed.

Having the board bother themselves with every little hire is just ridiculous. They have better things to do. Plus if the options are defined on paper the company can't be accused of favoring certain classes of employees differently.


The best option at that point is to quit and make public the breach of contract. Don't do business with unethical people or organizations it's simply not worth your time.


I would be very careful about making the breach of contract public. Companies tend to have better paid lawyers and bigger pockets than individuals. Unless you are in a position where you can't be touched (for instance: because you are broke or in a different jurisdiction) this is a risky strategy.


First sueing an ex-employee is a massive reputation hit.

An employee who fails to receive full compensation can receive free legal help from a range of organizations with very deep pockets. In many situations companies have a significant advantage, but in this case they really don't.

Sure, people and companies may be completely irrational, but competent legal advice will tell them to leave this one alone.


At a recent job, my option grant wasn't official until approved at the next quarterly board meeting. There was about 2 months delay (but it also didn't impact me as it wasn't between any "material events").


How many companies just have promised equity sitting around without the paperwork being done?

This is just pure dishonesty. I know folks who have said things like this and I A.L.W.A.Y.S. say "Sure for now send me a text message or email until we can get to documents." Sure enough I have never gotten a text or email or anything in writing.

People/companies who are serious will take an action and tell you exactly when (in the next few days) this will be handled and how.


> If someone promises me equity I expect that finalized within weeks. How many companies just have promised equity sitting around without the paperwork being done?

This is so common that it's not even funny.


The answer is : tons. Most startups I've worked for do option grant approvals quarterly or thereabouts. But I think it would be unethical to approve grants at a different price or size than promised in an offer. Sure you may have been diluted by then, but you wouldn't have had any say in it any way and the idea is that subsequent dilutions are good for you as they reflect a growing value. That's the IDEA anyhow.


"Employees are trusting founders not to screw them over."

So on the one hand, every relationship of this kind (and of most kinds) requires trust.

On the other hand, you as an employee really shouldn't just be flat-out trusting your employers about things where you are technically at odds with them. Even if they have no intention of screwing you over, it's not always about them - they may be replaced by new management as the company grows, for one. Or they simply might not know something, for another - what if they're unaware of a certain tax implication around an equity grant, for example? Founders are oftentimes doing this for the first time, and just like most employees, don't necessarily know everything.

You should really make sure you are aware of all issues and implications of the contracts you get into, as much as is feasible.


The main point was to make sure employees equity promises are taken care of ASAP so their upside is as good as it can be. The point about some hires being upset if the price goes up in the interim was just meant to illustrate what can happen if the grants aren’t completed beforehand (descriptive, not prescriptive). I gave Aaron the language for that paragraph so I apologize if I offended anyone. It wasn’t intended to imply that founders should selectively pick and choose who gets made whole or not based on “sophistication.” I agree with all the points you make about educating and treating people fairly.


This happened at my first startup job. After I started, a new round of funding was announced. After that, my grant was finally approved at a board meeting. At double the strike price.

When I raised it, I was told that's the way it works. "Grants are not finalized until the board meeting." End of story. I was a junior employee at the time and had no leverage because I had already been in the seat for weeks.

Not sharing for sympathy, just to highlight the reality: this can happen, and unless you get both the number of options and strike in writing -- or a commitment to make them equivalent -- there's a decent chance you will be screwed out of what you're promised.


Yeah, that sounds so bad. It sounds like: try to screw them over, but be aware that some employees will realize that and, just for them, you will have to adjust compensation.


Did they just update the wording? It just says "some hires" now.


That's still just as bad, wow! This could be phrased much less offensively as something along the lines of "Your employees will notice and you may have to offer them compensation for their lost upside." This assumes you have hired intelligent employees and cautions against the actual issue (not having your outstanding-options ducks in a row before closing the Series A) rather than the consequence (employees find out and you have to pay them more). The current phrasing still assumes only some of your employees will notice, and couching the issue as one of "morale" pointlessly obfuscates the fact that these employees would be losing upside they (presumably) agreed to work for you with the understanding they would get.


We did.


* Any agreements, understanding, instruments, contracts or proposed transactions to which the Company is a party or by which it is bound which involve obligations of, or payments to, the Company in excess of $25,000.

* Any licenses or agreements of any kind with respect to the Company’s or others’ patent, copyright, trade secret or other proprietary rights, proprietary information or technology, including employee confidentiality and proprietary information agreements.

* Any standard forms of agreements used by the Company.

* Any confidentiality and nondisclosure agreements.

* Any consulting contracts.

Consultants: this is one reason why it's often easier to get in the habit of working off your client's paper than trying to get them to accept your own. A lot of startups might not care, and will accept your MSA. But for some of them, accepting a new MSA creates a huge amount of hassle down the road.


> If the Company has any foreign employees, separately list (by country) all benefits provided to foreign employees.

How does this work for startups employing their foreign employers as independent contractors? Also, it might be helpful to mandate startups provide documentation how they're adhering to local labor regulations in countries outside of US jurisdiction (especially if you're a US company hiring in Europe; their local labor regulations differ substantially from US labor law).

Also, under Material Agreements, I don't see anything called out for compliance with GDPR for startups expecting to or currently serving users in the EU. Does YC perform diligence in this regard considering the 4% of annual revenue penalty for those in violation of the GDPR?

Very helpful resource, really appreciate YC sharing it.


For foreign contractors the biggest questions are almost always going to be (1) are they developing any IP/tech, (2) if so, have they all signed contracts that ensure the company owns the IP they are producing and (3) how enforceable/valid are those contracts in the country they’re in. You can knock off a lot of that inquiry by making sure you have answered these questions yourself before hiring foreign contractors (or employees for that matter) and using a country specific contractor agreement where appropriate. Then it’s mostly a matter of sharing those materials and confirming that everyone signed them when you’re in the diligence phase.

You’re right that labor laws are different depending on the country. For example - things like mandatory severance or mandatory “notice” periods before letting someone go. Equity grants can also be impacted (some countries effectively make it impossible or very difficult to enforce vesting). These things are usually surfaced in the process of disclosing against the representations you’re required to make in the fundraising docs. They’re less about diligence materials you share.

Re: GDPR - excellent point. It’s something people look at depending on what the company is doing. The checklist asks for the company’s TOS and privacy policy which is one of the starting points. Usually what happens if it’s an issue is that there will be a call or email exchanges with questions. It’s a more case by case inquiry.


Thanks for taking the time to reply. I hope my questions did not come off as condescending; if so, it was not intended.


I try to tell companies this all of the time - keep your books/contracts in order and diligence is a breeze. If you're expecting a Series A, and you aren't a household name, the diligence process will slow your business down, so plan ahead at a pace that doesn't disrupt your business.


Great move to make this transparent to founders, even at an early stage. I'd argue it even makes sense for founders to file their entire paperwork in a folder structure that reflects this set up from the get go.

What looks like an unnecessary distraction in the early days will save you time and headache later down the line.

You have to file your documents either way, so why not make sure they are already in a format that's ready for due diligence - once an investor or acquirer comes knocking, you basically have most of your data room ready.


Even if a founder does not have all these documents put together, having a simple checklist like this to know what they're missing is pretty valuable.


Is there any kind of diligence for seed investments? I know there is the obvious YC application process, with an interview or two. After that, are there background checks? References? Anything like that? I know there isn't much to do diligence on with companies that are often just an idea.


Just one experience, but the CEO of a startup I used to work for faked his college degree and had previously been sued by the FTC. (We found out only after he blew up the company.) None of the investors we talked to noticed anything.


The kind of diligence we're talking about here wouldn't catch that. We're talking about the nuts-and-bolts business documentation required for an investor to take a stake in your company, not founder background checks.


A proper due diligence will definitely include founder background checks, as well as background checks for other key personnel or executives. For a seed round or small investment (<$2M or so) such things are usually not done.


Clients routinely background checked us at Matasano; I know because every time it happened, I had to sign a release to allow it to happen (as did any other team member who was checked).

When a public company acquired us, in a process very similar to this one that also involved a 6-figure legal review bill, I did not sign a background check release, or even a credit check.

I would be surprised to learn that A round investors routinely do stricter checking than a public company doing a full acquisition.


> When a public company acquired us, in a process very similar to this one that also involved a 6-figure legal review bill, I did not sign a background check release, or even a credit check.

> I would be surprised to learn that A round investors routinely do stricter checking than a public company doing a full acquisition.

That's easily explained: when doing an acquisition the company is the focus, not the executives. When doing an investment the team that you are effectively partnering with is a very important part of the deal.

Post acquisition a player with a troublesome past that was not disclosed could be easily discarded especially since this would be considered a lack of disclosure, but in an investment scenario where that player (and/or their buddies) holds the majority of the stock that is not so easy.


Is this something new? I haven't managed or been a direct party to a funding round, but I've been a founder during one A round and key staff at another and never signed background checks for those. What kind of investor was this that required background checks?

A public company that acquires a company managed by a felon might have to restate financials or write down part of an acquisition's value, which leaves me wondering about the supposed disparity.


I've been in this for a decade, so no, it's not new, but it could very well be a European thing. Even so, I find it hard to believe US investors would cut 7 figure or higher checks without wanting to know who they're getting in bed with.

> What kind of investor was this that required background checks?

A fairly large portion of them, with an accent on financial services and health care related affairs as well as two sided marketplaces because of the potential for fraud and money laundering.

> A public company that acquires a company managed by a felon might have to restate financials or write down part of an acquisition's value, which leaves me wondering about the supposed disparity.

Well, whether or not they are a felon isn't as important as whether or not they are currently up to something that is not proper. And that's the first thing a DD tries to find out and a background check could help to flag potentially problematic cases.

If I came across a financial services company run by someone who has already had a fraud charge stick that would definitely result in a mention to the investors and could very well result in a deal not going through.


The last A round I did a few years ago, funded by a top tier investor, had no background check. It involved basic, fairly routine, due diligence and several conversations.

I'd be surprised to hear of a background check on an A round in the US, unless it involved a particularly unusual investment size or where something very specific threw up a bad red flag. And usually if you can command a massive A round, you're already a known quantity.


Not really - full details on my take here: https://medium.com/startup-grind/technology-due-diligence-or...


If it's a formal equity seed round, there is very likely to be diligence. The requests are often not that different than the Series A list in original post. But, generally speaking, a seed stage company has significantly less documentation to provide. So, most of the categories of diligence items end up being inapplicable.

In a note/SAFE round, it is much less likely that there will be diligence.


There are little to no diligence checks for seed investments. There are plenty of people who have straight up lied about their history to get seed funding.


Great list!

I'm missing a chattel (I hope that's the right term in English) or asset list and in the IP section a list of licenses obtained as well as statements of non-retention by former employees and executives.

Furthermore a statement of compliance with the various applicable laws (retention, privacy and so on) would be very useful, as well as the disclosure of the results of any audits the company has undergone.


I have to second the local privacy aspect, and compliance with any applicable local laws around information handling. The word privacy doesn't show up once on that checklist. It should probably be a separate item under Material Agreements. As an issue, this is only going to get a lot more important. Particularly for US start-ups pushing into European markets. Investors are going to start universally requiring to see it broken out for each market that's important to the company.


This list may seem daunting to a lot of people, but as a "noob" startup founder, most of these become self-explanatory as you go along.

Just make sure you keep a record of everything you do officially and get help in legal/accounting in any questionable aspects of your work.

Don't wing anything. Don't be lazy, be super detail-oriented in everything and you'll be okay.


I've never participated in the DD for a series A but have been a party to the DD for an acquisition, and it looks daunting because it is daunting. During an acquisition, not only are you collecting this information (which, if you didn't spend a constant, tedious amount of energy over the life of your company to keep up with, is itself a monumental pain in the ass, for each each step might incur several weeks of lag), but legal then bills you to review each of them. It can cost hundreds of thousands of dollars.


> It can cost hundreds of thousands of dollars.

If you're lucky and the deal goes through you get to pay that out of the investment, if you're unlucky and the deal does not go through due to major surprises during the DD then you may end up not being able to raise at all and you'll still bear the costs, if the surprises are due to the company failing to properly disclose stuff early on that they could have reasonably been expected to know about then there is a fair chance they will end up being saddled with the costs of the counterparty.


Also, all software libraries used and the licenses those libraries use.


This is slightly off topic, but is there anywhere to see a full swath of YC's incubators and their level of (current) success?


you mean this? http://yclist.com/


Amazing! Thank you.


This is a really long list. How much of this is needed due to US securities law and how much to say "hey, you are really doing this on your own volition, all of our cards are on the desk?"

So much for a private sale of shares. In Pakistan, a proper listing agent can put your company on the stock exchange in under 2 month with most of this time just waiting for permits to arrive through snail mail.


There is a saying in certain engineering fields that all regulations are written in blood; an accident was once caused due to the lack of a particular line item and now that line item is on the list.

This is a relatively short list for due diligence. While far less dramatic than an engineering fault which could actually kill someone, there have absolutely been extremely expensive incidents in the US which occasioned each item on this list. A portion of them are due to peculiarities of doing business in the United States, which is organized to accomplish many forms of dispute resolution via a professionalized process backstopped by formal legal process, in a fashion which may not be similar to e.g. Pakistan, Japan, most European countries, etc. US companies do frequently generate more legal work than comparable situated companies in other jurisdictions. (There are varieties of work they generate less of, but I'll leave that out of the scope of this comment.)

The legal profession, like all service professions, sometimes recommends work which is not directly in the customer's interests, but in the main it is in the business of decreasing transactional risk. There are material risks involved in investing in a company with undisclosed baggage. Additionally, insisting on a certain level of professionalism helps to shake out other problems, because firms which cannot self-organize to e.g. provide a list of all employees and the paperwork related to them are almost certainly catastrophically managed under the hood. You might not even be creative enough to successfully predict how they're going to blow up, because the theoretical space of mistakes one can make is infinite, but you know that anyone who can't produce a signed copy of an employment agreement on demand is highly unlikely to have a level of risk which is roughly representative of your experience from the distribution of companies which are at least minimally competent.


I disagree with almost none of this. I would just note two quick things:

1) Due diligence requests are made by the investor, not offered by the company. So, it's not about the company's desire for full disclosure or the company's interest in complying with SEC regs. (SEC regs require certain types of disclosures in connection with certain types of placements of securities. The typical VC funding round doesn't require such disclosures.)

2) Yes, lawyers are in the business of decreasing transactional risk. But, relatedly though slightly different, the reason VC lawyer due diligence requests are so long is that lawyers are risk averse. There is no downside to the lawyers to add something to the DD list, but there is certainly a potential cost if they leave something off. And the junior lawyers who deal with these things aren't being paid for creativity or independent judgment...(Not a knock on them. It's just not what junior lawyers are tasked with.)


Hi Patrick.

You write interesting things, but I think that your language is too passive / indirect and full of big words. It'll be easier to understand if it was more simple and direct. Just my two cents.


I’ve thought similar, but 1) Patrick is a smart guy and undoubtedly self reflective enough to understand his writing style, and 2) HN upvotes affirm what he’s doing.

Now, my theory is the Japanese culture values this style of communication as much as it doesn’t value directness. The reason is there are many avenues to save face when not directly confronted.

You can see this in the way people spoke to each other when disrespect would lead to a dual. And this is still the predominant speech style in US legislature.


This list is absolutely tiny, think of it as a starting point rather than an exhaustive list of what a typical data room looks like for a mid-sized merger, acquisition or investment.

Pakistan is not exactly known as a hotbed for serious start-up activity, clearly the list is US centric.


Yup - tiny.

Just checked the DD we did on a recent acquisition: 503 rows just in the "checklist", most of which resulted in further documents, statements, references to other systems, explanation, reports, exports from HR systems you name it.

Took a few weeks to compile, even though we had all the information readily accessible. The initial check list was pretty fast to do, but it spawned subsequent requests, discussions, etc which required more documentation to be found and provided etc.


>think of it as a starting point rather than an exhaustive list of what a typical data room looks like for a mid-sized merger, acquisition or investment.

And that is stunning by itself. This is a reason to think one more time about US business culture. Especially for people repeatedly poking developing countries for dysfunctional bureaucracy.

>Pakistan is not exactly known as a hotbed for serious start-up activity, clearly the list is US centric.

Hmm. You should put this view to doubt. As a former British colony, Pakistan used to have a lot of stock exchanges even in relatively small cities. Most companies being listed there were small and medium businesses while "reel-old-money" big business groups were kept private.

A typical listing just few years ago could've been from an entrepreneur who opened a concrete factory, or a trucker cooperative opening an industrial commodities company all popping no more than 10 to 20m USD a year.

In US, the size of stock market just few years ago was tiny in comparison to the titanic debt market. The ratio of stock to debt market size does look much favourably to me in the "not-a-hotbed-for-serious-startups" Pakistan than in the US


> This is a reason to think one more time about US business culture.

I am not in the US but in Europe and it is much the same here.

> A typical listing just few years ago could've been from an entrepreneur who opened a concrete factory, or a trucker cooperative opening an industrial commodities company all popping no more than 10 to 20m USD a year.

Those are not the kind of companies this is aimed at, a series A as referenced in the article is typically seen as the first serious investment post validation of a concept.

The stock market has very little to do with any of this, most of these companies are - and will remain - privately held, it's a rare exception that one of them will make it to IPO.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: