SOFOMs
SOFOM purchase, sale, due diligence, financing and remediation
“No operations” is a hypothesis that must be proven. These microblogs turn review, LOI, SPA, closing, change of control and remediation into verifiable tools.
Common method of the dossier
In a transaction, evidence is organized around a cutoff date and the economic allocation of risk. Each finding must be converted into a closing condition, adjustment, representation, indemnity or post-closing action with an owner and proof of compliance. The buyer does not treat a green portal as a substitute for the file, nor a seller’s statement as a proven fact. Remediation is prioritized by operational and regulatory impact, including continuity of accesses, data, contracts and governance during the transition.
Diligence framework, risk allocation and closing
A SOFOM acquisition needs to reconstruct the reality of the target company. “Pre-operational” is a hypothesis that is tested against accounts, invoices, contracts, data, portfolio, portals, reports, suppliers and personnel. Each documentary absence is distinguished from a proven breach and from a diligence limitation. The seller’s explanations are recorded, but critical assertions receive independent verification or transactional protection commensurate with the uncertainty.
The findings log connects fact, source, period, population, consequence, explanation, pending proof and treatment. Integrity signals or undisclosed activity may change the decision even if their amount is small; administrative deficiencies may allow remediation. The committee does not add up flags mechanically. It assesses severity, possibility of correction, dependency and residual risk. Each discarded decision is documented so that the subsequent clauses reflect the accepted risk and do not dilute it during negotiation.
The LOI defines process and assumptions; diligence produces conclusions; conditions turn certain findings into verifiable outcomes. “Regularize compliance” is replaced by document, registry, proof, authority and satisfaction criterion. Other matters may be addressed with price, holdback, indemnity or a post-closing plan, without forgetting that a contractual remedy does not by itself cure the company’s regulatory situation. The checklist links request, response, sample, finding, clause and final evidence.
Representations and certificates rest on investigation. Periods, authorities, reports, contracts, litigation and operation are represented with a defined scope. Knowledge qualifiers identify persons and the inquiry process. Disclosure schedules preserve versions and cross-references. At closing, the certificate updates facts through those responsible for corporate, finance, compliance and operations; a “no changes” phrase without support adds no certainty. The examined evidence is filed alongside the conclusion.
The timeline is built from legal and operational dependencies. It includes approvals, instruments, banks, contracts, data, accesses, communications and a day-one plan. A dry run follows signing, payment, delivery, revocations, appointments and a compliance decision. Matters that require resolution before releasing funds are separated from subsequent tasks. If a condition fails, there is a deferral route with preservation of documents and updating of searches.
After closing, the remediation plan starts from cause and population. Each action has an owner, resources, evidence, effectiveness criterion and independent re-testing. Delivered passwords are tested; contracts are reviewed for transferability; upcoming reports receive an owner. The final file preserves the snapshot used to decide and adds changes without replacing it. Thus integration can explain why the deal closed, which risks were accepted and when their reduction will be verified.
Integration preserves the separation between access for diligence and effective control. Before closing, the buyer may review information and agree covenants without operating accounts, directing reports or replacing the target’s bodies. Afterward, appointments and revocations follow resolutions and conditions. This boundary is documented so that the seller’s cooperation does not turn into premature operation.
The committee receives an uncertainty matrix in addition to the list of findings. For each unconfirmed item it shows reason, impact, verification alternative and protection adopted. If the uncertainty disappears before closing, the decision is updated; if it remains, the file explains why it was acceptable or why it halted the purchase.
Due diligence of a pre-operational SOFOM
Classify findings by remedy: closing condition, prior remediation, indemnity, adjustment, holdback or acceptance. Assess the ability to operate, not just the existence of documents.
How to put it into practice
corporate; regulation; AML; CONDUSEF; SIC; product; tax; labor; banks; technology; data; litigation. For each item: evidence, finding, risk, remedy and owner.
Pre-operational status must be demonstrated, not declared. Diligence reviews whether there was origination, accounts with movements, contracts, invoicing, employees, data, portals, reports or tests with real information. A recent incorporation deed and the absence of visible portfolio are not enough. Banks, accounting, institutional emails, accesses and suppliers may reveal prior activity or commitments.
The buyer reconstructs from incorporation to the cutoff date and classifies each fact as preparation, testing, operation or contingency. It verifies the audit opinion, SIPRES, AML governance, SIC agreement, registries, tax and intellectual property, as well as liabilities with advisers or affiliates. An access test confirms that credentials and repositories will be deliverable and functional. The seller’s representations are tested against independent evidence; contradictions become a finding with impact and remedy. The report separates blockers from post-closing actions and assigns condition, holdback, indemnity or plan according to risk. Thus price and structure respond to operational reality, not to the corporate label chosen for the transaction.
Legal basis
CONDUSEF, SOFOM dashboard, including arts. 59/61 on the SIC agreement in the registry provisions.
Regulatory red flags in M&A
Prioritize what prevents control or operation, exposes the user or may generate false information. Distinguish a documentary defect from an operational breach.
Observed pattern. A matrix of contradictions is more useful than a checklist: it shows which two sources do not match and which one should prevail.
How to put it into practice
item; source A/B; cutoff; explanation; legal grounds; impact; condition; indemnity; cost; owner; closing proof. Escalate accesses, SIC, audit opinion and AML before final price.
Signals that change the purchase structure. Relevant red flags include an expired or inconsistent audit opinion, undisclosed prior activity, absence of a SIC agreement, misaligned registries, late reports, an uncertain controlling beneficiary, affiliated accounts, personal users and audits without closure. Each signal is validated and connected with population, period and consequence; an incomplete file does not always prove a breach, but it does limit certainty.
The team keeps a log with fact, source, seller’s explanation, additional proof, risk and treatment. A finding correctable before closing becomes a condition with objective evidence; a historical one may require quantification, disclosure and indemnity; one affecting social license or integrity may halt the transaction. Economic materiality does not replace regulatory analysis. Accesses, portfolio samples, reports and reconciliations are tested to avoid relying solely on policies. The investment committee receives scenarios and residual risk, not a list of missing documents. Discarded decisions are documented so that the SPA reflects exactly the accepted risks and does not promise that a broad representation cures the company’s situation.
Closing criterion. Avoid adding up flags as if they were interchangeable points. A single integrity signal may be decisive, while several administrative deficiencies may be remediated. The committee documents severity, possibility of correction and dependency with other findings before defining the transactional treatment.
Legal basis
Legal closing timeline
Use a deliverables escrow and a conditions certificate. Credentials are transferred through a secure protocol, not by email. Capture regulatory status before/after.
Observed pattern. A common effective time prevents resignations, powers and payments from being left in contradictory order.
How to put it into practice
conditions; signatures; funds; titles; books; bodies; powers; accesses; banks; notices; contracts; data; continuity; final package. Each item carries owner, original/copy, time and condition.
Timeline built from legal dependencies. Closing is not set solely by economic negotiation. The route incorporates corporate approvals, due diligence, instruments, regulatory conditions, contracts, banks, data, accesses and operational transition. Each milestone has a prerequisite, owner, evidence and deadline; matters that can only occur at closing are distinguished from those that must be proven beforehand.
Work backward from a tentative date and run a 48-hour dry run: signatures, payment, delivery of books, revocation and appointment of users, bank instructions and control of communications. The exercise reveals impossible certificates, pending powers or suppliers that do not accept assignment. Conditions are classified as satisfied, waivable or non-waivable according to their nature, and any waiver shows risk and authority. The closing set preserves final versions and vouchers, while the day-one plan assigns continuity of reports, alerts and attention. A date is confirmed when critical dependencies have evidence, not when the commercial calendar has already been announced.
Closing criterion. The timeline includes a deferral route: who gives notice, how documents are maintained and which approvals lapse. This allows stopping before a failed condition without improvising. It also identifies the last moment to update searches and certificates before releasing funds.
A dependency without an owner or voucher remains outside the approved critical path and halts the release.
Legal basis
LOI, diligence and conditions
Define access to information and cooperation, without permitting the use of personal data outside the intended purpose. Exclusivity must have milestones and an exit.
Observed pattern. An LOI with a regulatory “red list” avoids investing weeks in an SPA when basic compliance assets are missing.
How to put it into practice
structure; price; adjustment; information; exclusivity; approvals; conditions; employees; transition; non-solicitation; data protection; termination. Mark binding/non-binding per clause.
From the LOI to measurable conditions. The LOI delimits scope, exclusivity, access and value assumptions without replacing the analysis. Diligence turns questions into findings; conditions turn critical findings into verifiable outcomes. A phrase such as “regularize compliance” is insufficient if it does not identify registry, document, proof, authority and satisfaction criterion.
For each matter, the buyer decides whether it needs correction before closing, price adjustment, holdback, indemnity or subsequent action. Best efforts are avoided when the risk demands an outcome. The seller retains the ability to operate during the review, but sensitive changes require consent and disclosure. The checklist links information request, response, sample, finding, clause and closing evidence. If the item cannot be verified, the limitation and its effect on the decision are stated. A delivery test confirms that the promised files, accesses and contracts exist and are transferable. Consistency between LOI, report and definitive documents prevents an identified signal from disappearing as it passes from advisers to the negotiation team.
Closing criterion. Additional requests are managed by risk so as not to lose signals between versions of the data room. Each response receives a date and reviewer. If the seller changes a document, the platform preserves the previous one and the analysis explains whether the modification resolves or deepens the finding.
Legal basis
LGOAAC in force and CONDUSEF.
SPA representations
Define survival, caps, thresholds, fraud and procedure. The SPA allocates risk between the parties; it does not prevent authority action or fix the system.
Observed pattern. Disclosure schedules work better if built from findings with reference to the repository, not at the end as a memory exercise.
How to put it into practice
representation; qualifier; evidence; exception; risk; remedy; survival; cap; owner. Reconcile with the closing certificate and the remediation plan.
Precise and verifiable representation. The SPA’s representations must describe periods, authorities, registries, reports, contracts, litigation and operation with a defined scope. “Compliance with all law” may serve as general coverage, but it does not replace specific representations about known material matters. Knowledge qualifiers are tied to persons and the inquiry process; the schedules disclose exceptions with sufficient detail.
The buyer takes each sensitive representation and flags documents that would allow proving it at closing. If the seller asserts it did not operate, accounts, invoices, portfolio, portals and data are cross-checked. If it represents timely reports, files and reference numbers are sampled. Inconsistencies are corrected in the disclosure and a contractual consequence is assigned, not hidden in a data room response. The closing certificate updates facts and avoids mechanically repeating the signing. The negotiation file links finding, text, exception, remedy and indemnity. In this way, representations distribute risk over investigated facts and do not become a substitute for diligence or regulatory remediation.
Closing criterion. Review that survival periods and liability caps correspond to the type of risk and the possibility of discovering it. The economic clause does not alter the company’s obligation to remediate. The integration plan preserves regulatory actions even when there is an indemnity against the sellers.
Disclosure schedules are reviewed by cross-references to detect contradictions with other representations in the contract.
Legal basis
Sellers’ certificate
Compare each statement with closing and disclosures. If a new fact has appeared, it is disclosed and a waiver, adjustment, condition or termination is decided.
Observed pattern. A bring-down checklist signed first by responsible areas reduces seller statements based solely on the signatory’s knowledge.
How to put it into practice
reps; covenants; conditions; litigation; regulation; tax; accesses; SIC; no operations; documents; exceptions; signature. File with the final package.
Certification at the right moment. The certificate confirms that certain representations remain true at closing, subject to the agreed standards, and that specific conditions were met. It must identify the SPA, date, signatories with authority, clauses and updated schedules. A broad statement without recent investigation adds paper, not certainty.
Prepare a bring-down checklist assigned to areas: corporate reviews capital and powers; compliance verifies reports and requirements; finance confirms debt and movements; operations reports contracts, clients and incidents. Changes since signing are documented and it is assessed whether they require disclosure, consent or deferral. The signatory receives support and does not certify merely from a “no news” email. The buyer selects critical items and verifies evidence, especially accesses, audit opinion, SIC and remediations. The closing package preserves responses, documents, deliberation and the signed version. If an exception arises, the certificate describes it precisely and the corresponding contractual mechanism is triggered. Thus the document reflects a contemporaneous verification and not a ritual repetition of the original representations.
Closing criterion. The certificate incorporates schedules only when they are identified and closed; generic references to the data room create uncertainty about the version. The signatories confirm that they consulted the designated owners. If a response is pending, it is stated and its effect is decided before signing.
The buyer files the evidence it examined, not merely the conclusion signed by the sellers.
Legal basis
Buy vs. incorporate from scratch
How to put it into practice
Model three scenarios: clean purchase, purchase with remediation and incorporation. For buy vs. incorporate from scratch, the test is limited to your own data, decision and support. Include a bank account and supplier contingency. For buy vs. incorporate from scratch, the test is limited to your own data, decision and support.
Observed pattern. The time advantage disappears when there is no control of accesses or a current SIC agreement, even if the company appears active.
Tool: criterion; weight; evidence; purchase; incorporation; uncertainty; decision. For buy vs. incorporate from scratch, the test is limited to your own data, decision and support. Assess corporate, AML, CONDUSEF, SIC, tax, banks, product and people. For buy vs. incorporate from scratch, the test is limited to your own data, decision and support.
Comparison by time, risk and evidence. Buying may bring structure, contracts, personnel and track record; incorporating offers a cleaner perimeter but requires processing and proving everything. The model compares total price, time to operation, historical contingencies, transferability of relationships, technological capacity and remediation cost. A “ready” company loses value if its registries, SIC, bank or system do not work with the intended product.
Build two routes with equivalent milestones: governance, audit opinion, SIPRES, AML, SIC agreement, product, account, data, technology and team. In an acquisition, add change of control, SPA, integration and liabilities; in incorporation, registrations and development from scratch. Assign probability and effect to blockers, not just optimistic dates. A day-one test for the target shows whether accesses and contracts survive the closing; a launch test for the new entity shows whether the dependencies can be closed. The committee decides with expected cost and exit options. The file preserves assumptions and sensitivity, allowing the choice to be updated when a finding changes the calendar or the exposure.
Legal basis
CONDUSEF, SOFOM status. For buy vs. incorporate from scratch, the test is limited to your own data, decision and support.
For buy vs. incorporate from scratch, the test is limited to your own data, decision and support.
Change of control, powers and prior operation
Adopt interim covenants on clients, contracts, expenses, employees, reports and changes. Capture a regulatory snapshot at signing and closing.
Observed pattern. Transition risks arise on intermediate days: a report falls due between a resignation and an appointment, or the bank blocks the former user. An hour-by-hour plan reduces gaps.
How to put it into practice
event; legal grounds; consent/notice; body; access; date; owner; evidence; contingency. Include a communication protocol and do not confuse an update with an authorization.
New control without premature operation. The corporate change of control, the replacement of powers and the operational capacity may take effect at different moments. The plan sets signing, closing, effective date of appointments, revocations, notices and enabling of accounts or portals. Before that sequence, the buyer should not improperly direct the operation or use the company’s accesses as its own.
The closing dry run follows a bank instruction, an alert and a contract. At each moment it identifies who can decide, sign and execute. The seller’s powers are revoked in coordination with the buyer’s appointments to avoid a vacuum, but historical evidence is preserved. Any pre-closing activity of the target is kept within the permitted course and consents for extraordinary changes are documented. The file contains conditional resolutions, instruments, access lists, notifications, delivery and the first operation under new control. If a portal is slow to update, an authorized contingency is adopted and the interval is recorded. Integration ends when corporate authority and technological capacity coincide.
Closing criterion. Control external messages so as not to announce new control before the legal date nor keep using revoked representatives afterward. The bank, clients, suppliers and authorities may require different sequences. The plan assigns version, issuer and evidence for each material communication.
Legal basis
What to review before closing
How to put it into practice
Use a readiness report with evidence and buyer sign-off. Test access, do not just receive a username. Verify originals and consistency.
Observed pattern. Pre-closing detects annexes signed but not effective, such as a SIC agreement without enablement or a power without the necessary registration.
Tool: condition; evidence; verifier; date; exception; remedy; dependency; status. Do not allow reds to be closed by a verbal promise.
Final verification before releasing funds. The closing checklist focuses on facts that could change the decision: capital and encumbrances, powers, audit opinion, registries, SIC agreement, banks, reports, audits, litigation, taxes, data, suppliers and system access. Each line requires current evidence, not a general reference to the data room. Findings are linked to a condition, disclosure or accepted risk.
In the preceding hours, searches are updated, certificates are reviewed, the fund transfer is tested and it is confirmed that no requirements or incidents have arisen. An independent team cross-checks names, accounts, versions and signatures of the closing set. Digital deliverables are validated by opening and permissions; receiving a password on a sheet does not demonstrate control. Post-closing pending items have an owner, budget and date, and do not include matters that legally had to be resolved beforehand. The closing memorandum records satisfied conditions, approved waivers and exceptions. That snapshot allows explaining why the deal closed with the available information and serves as the basis for the integration plan.
Closing criterion. Hold a closing call by exceptions, not a full reading of the checklist. Each owner confirms changes since their last review and presents the critical evidence. The secretary records time, version and decision. If a document arrives during the session, time is given to examine it; commercial urgency does not turn receipt into validation.
After closing, the final index is sealed and any correction is added as a subsequent document, without replacing the snapshot used to release funds.
Legal basis
AML remediation plan
Classify quick fix, redesign and external dependency. The body receives progress and decides on delays. Do not backdate evidence.
Observed pattern. The “proof of non-recurrence” column avoids plans that close by uploading a policy without verifying implementation.
How to put it into practice
ID; finding; rule; cause; impact; action; owner; resources; date; evidence; re-test; residual; approval. Review at 30/60/90 days and maintain traceability with audit.
Remediation that proves risk reduction. An AML plan starts from finding and root cause: design, data, system, execution or governance. The action must correct the cause and the historical population, not just produce a new document. Each measure defines owner, resource, date, expected evidence, dependency and effectiveness criterion; priority considers exposure and obligation, not ease.
For a manual misaligned with the system, for example, it is identified which operations were processed under the difference, the relevant rule is corrected and regression cases are executed. If there were incomplete files, the population is segmented and information is obtained or restricted according to the decision. The board receives progress, obstacles and residual risk, while audit or a different reviewer checks a subsequent sample. Extensions explain the cause and temporary control; they do not change the dashboard color without evidence. The file preserves finding, analysis, approval, implementation, result and closure. An action is considered concluded only when it works in operation for a sufficient period and does not reproduce the original defect.
Closing criterion. When several actions depend on the same data or supplier, the plan shows that critical path and an alternative. The body can then reallocate resources or adjust the operation before missing dates. Partial closures are permitted only if the evidence demonstrates which part of the population was corrected.
Closure includes the date on which the residual risk will be reassessed with subsequent data.
Legal basis
Next step
SVA.LAW can execute diligence, structure the closing and turn findings into verifiable remediation.
General information; it does not replace due diligence of a specific transaction.