Project Halcyon: Kestrel Capital Partners acquiring Halcyon Group Holdings, a fictional £250m+ UK connected-building-technology group. The data room is 1,617 real-format PDFs across sixteen sections. This walkthrough replays the pipeline's actual saved output — nothing here calls a model.
Due diligence runs in stages, each handing off to the next. Two of them stop for the partner. The rest run unattended.
| # | Stage | Produces |
|---|---|---|
| 0 | Handle the documents | A readable, shape-detected data room — PDF, Word or Excel in, markdown out |
| 1 | Plan | A weighted DD plan with risk hypotheses. Stops for partner sign-off. |
| 2 | Classify | What each document is, and which workstream it belongs to |
| 3 | Workstream reviews (in parallel) | A findings file per workstream, each finding with a verbatim quote |
| 4 | Risk + cross-links | The risk register and the compound risks no single workstream would catch |
| 5 | Seller questions | The tiered, deduplicated RFI |
| 6 | Report | A partner-quality draft red flag report with a clear recommendation |
The platform reads the deal brief and commits to risk hypotheses before reading a single document. Then it stops and waits for the partner.
| Workstream | Weight | Why |
|---|---|---|
| IP / IT | Heavy | The thesis is the Pulse platform — the IP is what Kestrel is paying for |
| Commercial | Heavy | Customer base is pillar two; change-of-control exposure expected |
| Employment | Standard | Engineering team is pillar three; retention and IP assignment risk |
| Corporate | Standard | Group structure spans five overseas subsidiaries |
| Tax, real estate, pensions… | Out of scope | Left to separate teams — the platform reviews what the partner puts in scope |
| 1 | Gaps in the IP ownership chain for the Pulse platform |
| 2 | IP protected more weakly than represented |
| 3 | Open-source contamination — classic for IoT firmware |
| 4 | Customer concentration with change-of-control rights |
| 5 | Friction in the German and French subsidiaries |
Every document gets a type and a workstream. On Halcyon, that's sixteen hundred PDFs.
The consultancy agreements behind the IP gaps — Helix and Quayside — route to both employment and IP/IT. "Is this person really a contractor?" is an employment question; "does their code actually belong to Halcyon?" is an IP question. That dual routing is how the platform later joins the two views into the single most important finding on the deal.
Each reviewer applies its own playbook to every document on its queue, end to end. The slowest reviewer sets the clock, not the sum of them.
Two outside developers — Helix and Quayside — wrote code that is in the live Pulse platform, and neither signed an IP assignment.
"The Consultant shall provide the Services with reasonable skill and care." helix-consultancy-agreement.pdf · cl. 4 — and that is all it says. No assignment clause exists.
Brookfield, the largest account, gave only a conditional change-of-control consent — and is sitting on an unwaived product-liability claim.
"Either party may terminate this Agreement on written notice where control of the other party changes." brookfield-msa.pdf · cl. 18.2 — roughly £43m of revenue, a quarter of the year, sits in contracts with triggers a Kestrel acquisition activates.
The risk agent reads all forty-nine findings together and works through twenty-seven named compound patterns — places where two ordinary findings become serious when read side by side.
The pattern: weak consultant IP × open-source contamination. Helix and Quayside never assigned their code — and the firmware ships a GPL-2.0 component. Each alone makes you ask whether Halcyon owns its product; together they go to whether Kestrel can own and lawfully ship the thing it's paying £250m for. Escalated to Critical by the playbook rule, unprompted.
Change-of-control × concentration × leverage: the top customer's consent is conditional, and the unwaived product-liability claim is usable as leverage over it.
Not triggered The missing-AI-assessment pattern — a planted Critical on practice deals — did not fire: Halcyon's AI feature has a completed, approved data-protection assessment, and the platform recorded exactly that. It reports what it ruled out, not just what it concluded. A tool that only confirms its own template can't do that.
Every question raised across the four workstreams, deduplicated and prioritised by severity.
| 1 | Produce the executed Helix IP-assignment deed, or confirm none exists. |
| 2 | Produce the executed Quayside IP-assignment deed, or confirm none exists. |
| 3 | Confirm whether Brookfield's change-of-control consent conditions can be satisfied before signing, and the status of the product-liability claim. |
Partner-quality voice, one of four standard recommendations, and a drafting-ready protections schedule.
Proceed, with specific protections. No finding kills the thesis, and every Critical and High is capable of being addressed in the transaction documents — but two Criticals strike the top two pillars, so signing without protection is not acceptable. reports/red-flag-report-v1.md · executive summary
| Condition precedent | Answers |
|---|---|
| Executed IP-assignment deeds + open-source remediation | The codebase Critical |
| Unconditional Brookfield consent, claim ring-fenced | The customer Critical |
| Board resolution limiting option acceleration | Team retention |
| Early engagement with the pension trustees | The DB scheme exposure |
Urgent "The Northbridge warrant lapses on 30 June — the deal team must act on this immediately." A hard external deadline spotted in the corporate documents and pulled to the front of the report — nineteen days out on the day it was drafted. The kind of thing that gets missed in a spreadsheet and blows up a completion.