what the target is worth.
It doesn't assess what you will inherit.
What the data room doesn't show.
A well-conducted AI due diligence maps the target's AI assets, evaluates known dependencies, identifies EU AI Act obligations and estimates real model value. Necessary, but not sufficient.
What it doesn't see: dependencies that reveal themselves through real usage, not inventory. Conflicts between the acquirer's and target's AI architectures : which don't exist before integration. The regulatory implications of combining both AI portfolios. And the real AI tool behaviours of the target's teams, which often differ substantially from official inventories.
What our observations consistently reveal.
The target uses proprietary AI models with specific usage terms. Some contracts include pricing or condition changes upon change of control. What you evaluated before closing is no longer what you have after.
The target uses AI systems you don't use. Some may be classified as high-risk under the EU AI Act in domains where you have no compliance processes. By inheriting these systems, you inherit their obligations on timelines not aligned with your own compliance calendar.
The target's data fed third-party AI models. That data is not recoverable in its processed form. You inherit the terms of an agreement you didn't negotiate.
The target's teams use AI tools no one inventoried. These usages create operational dependencies that surface during integration. Removing these tools creates operational disruption. Leaving them extends your exposure surface without explicit decision.
The first 90 days structure the next 5 years.
AI integration decisions made in the first 90 days post-closing have a structuring effect over 5 to 10 years. Systems deeply integrated in this period create dependencies that become progressively irreversible.
Post-acquisition AI governance is not a phase 3 activity. It is a first-90-day priority, at the same level as financial synergies and HR decisions.