BELGIUM Trends and Developments Contributed by: Steven De Schrijver and Carl Dotremont, Allegiance Law
A comprehensive technology and AI diligence play- book for both buyers and sellers should cover archi- tecture and security, including cloud topology, iden- tity and access controls, encryption, secure software development lifecycles, penetration and red team results, incident logs and lessons learned. It should address data assets through inventories, lineage, quality metrics, lawful bases, consents, data retention and localisation practices, sharing agreements and readiness for the Data Act. It should scrutinise AI and machine learning governance by reviewing the model registry, evaluation protocols, bias and robustness testing, drift monitoring, rollback and kill switches, and third-party model and vendor risk. It should assess the IP position across copyright and database rights, the patent pipeline, trade secret controls, the open-source bill of materials, third-party claims and indemnities. It should map regulatory status under the GDPR, NIS2 and the AI Act, including certifications, data protection impact assessments, conformity assessments, super- visory interactions and remediation plans. It should test commercial traction through evidence of AI use case return on investment, attach rates, churn impact, pricing strategy and customer references, as well as dependency on a single model or vendor. Finally, it should review the roadmap and investment plan, including capital and operating expenditure for com- pliance and scaling, talent gaps, and the feasibility of on-premises or sovereign deployments for sensitive sectors. Drafting trends and risk allocation in Belgian share purchase agreements increasingly incorporate AI-spe- cific representations and warranties that cover com- pliance with applicable AI, privacy and cybersecurity law, accuracy of system classification, completeness of technical documentation, data set provenance and lawful use, absence of undisclosed third-party rights, open-source compliance and the disclosure of incidents. Covenants and interim operating restric- tions often include a standstill on releasing high risk AI features pre-closing without buyer consent, lim- its on migrating to new foundation model vendors, and requirements to maintain security baselines and logging. Conditions precedent and deliverables may require regulatory clearances under foreign direct investment rules, the Foreign Subsidies Regulation and merger control, and, where material, delivery of AI
Act conformity documentation or third-party certifica- tions alongside remediation plans for identified gaps. Indemnities and caps are increasingly tailored, with targeted protections for legacy data or IP infringement and security incidents tied to AI systems, longer sur- vival periods for privacy, cyber and AI breaches, and sub-limits where remediation is feasible. Warranty and indemnity insurance policies are also evolving, with more exclusions around data provenance, cyber- hygiene and AI compliance unless buyers perform enhanced diligence and negotiate specific endorse- ments. The Belgian Tech M&A Landscape and the Road Ahead Post-closing integration should be structured to secure the value creation thesis by: • establishing an AI governance council covering policy, risk, compliance and investment prioritisa- tion; • consolidating data platforms and harmonising access controls with a zero-trust mindset and privi- leged access management; • rationalising model and vendor sprawl, possibly through a standardised inference gateway and model registry; and • launching a sequenced use case roadmap with measurable financial KPIs while sunsetting low ROI experiments. Parties should also prepare for upcoming regulatory milestones under the AI Act, the Data Act and NIS2 with a funded, time-bound plan. The Belgian tech M&A landscape in 2024–25 has been characterised by stabilising rates and pent-up private equity capital supporting a pick-up in process- es, with renewed appetite for corporate carve-outs and growth deals. Process discipline has improved as buyers demand clearer routes to AI monetisation and defensible data moats. Software remains the primary magnet for capital, with strong interest in AI infrastruc- ture, data tooling, cybersecurity and vertical SaaS, while hardware tied to AI – such as edge compute, sensors and specialised devices – has seen selec- tive momentum. International investors remain highly active alongside a robust domestic venture capital
36 CHAMBERS.COM
Powered by FlippingBook