Chief Information Officers Can Play a Role in Driving Private Equity Returns

Strong IT strategy can improve the returns of portfolio companies, says E78 Partners John Buccola. 

Investment firms have increasingly relied on technology services for security, making the role of the chief information officer or chief technology officer increasingly important. For investment firms, a strong information technology strategy can also help boost investment returns, according to John Buccola, chief technology officer of E78 Partners, which provides services to private equity backed firms in the middle market.

As IT security threats increase, and as generative AI becomes much more important, limited partners are asking private equity firms about the role of their chief information officers and “what that person can do to really impact the business,” Buccola says.  

Growth, Productivity and Optimization 

According to Buccola, who has been a chief information officer at multiple PE-backed companies, private equity firms see higher returns when a chief information officer is fully empowered to drive IT strategy in a portfolio company. But first, a PE-backed company should have its data in order. “If there is an immaturity in data, it’s very difficult to overlay advanced technologies on top of that, it’s garbage in garbage out,” Buccola says.  

Want the latest institutional investment industry
news and insights? Sign up for CIO newsletters.

One way good IT strategy and AI can improve growth is by accelerating due diligence. Buccola notes that as an outsourced provider of CFO and fund administration services to the alternative investment industry, E78 has accelerated the due diligence process for PE-backed companies by using AI to review contracts and an organization’s strategy to make a decision more quickly than usual. 

“I think prior to some of these technologies being available, that process would just take an inordinate amount of time and then you figure some things potentially are at risk with an asset” Buccola says, noting that traditionally, some risks are not found until a thorough due diligence process, risks that could be found much earlier if using AI.  

An example Buccola pointed to was if Company A wanted to acquire Company B, but it was not until later in the due diligence process that it was discovered that Company B’s commercial contracts were all expired. “How much time was spent getting to that stage before they were actually able to see oh gee, this is actually a problematic asset?” Buccola says, noting that AI tools can discover these types of risks earlier.  

“’It’s really incumbent on any company, but especially private-equity-backed firms to really understand their digital strategy, to understand their posture to really do their homework and diligence before pulling the trigger on an acquisition,” Buccola says.  

According to research from Bain & Company, many private equity firms are incorporating AI into their due diligence process, and they are also assessing AI risk in nearly every diligence process. Bain expects that this will be as routine in the diligence process as legal and commercial diligence.  

In another example, one of Buccola’s clients that runs retail stores was looking to expand regionally, in these cases AI tools could be used to quickly examine where the competitive forces are more pronounced, and where there is maybe some elasticity in demand.  

Lastly, strong IT strategy and AI can boost productivity for PE-backed organizations, according to Buccola. “Every organization should be thinking through and harnessing those technologies because they’re very, very, very simple to integrate into an information technology strategy.”  

IT Needs and Threats to Private Equity Firms  

“Keeping an organization secure is top of mind, it’s table stakes for CTOs,” Buccola says. However, in the age of AI, security risks are becoming more and more sophisticated. “I think a lot of investors have become very aware of the opportunity that generative AI and machine learning presents to an organization and potentially the threats that that presents to an organization.” 

Security risks are also becoming very personalized and targeted to specific people within organizations. A DocuSign phishing email might target a salesperson with a subject line related to a commissioning agreement, or an email to an operations manager related to client onboarding. These types of phishing emails are becoming more tailored to a role a person has, according to Buccola. 

“It’s incumbent on the organization to keep pace with that and to put in an appropriate response and remediation to any of those potential exposures.” 

Related Stories: 

Strong Data Governance Can Lead to Higher Long-Term Returns 

How and Why Higher-Quality Data Can Improve Investment Returns 

Our Data, Ourselves 

Tags: , , , ,