| BLOG — PRIVATE EQUITY · LOSS PREVENTION · 11 min read |
|---|
| The LP Risks That Do Not Show Up Until You Try to Sell: Exit Readiness and the Operational Risk Data Room |
| What buyers scrutinize in operational diligence that sellers are never prepared for — and how to build the documentation before it is asked for |
By Mitchell Hamm | Founder & Principal Advisor, Ironside Risk Advisors | Dallas, TX
The most expensive time to discover an operational risk problem is during a sale process.
Not because the problem itself is worse at exit. The problem was there during the hold period too. It is expensive at exit because it surfaces in a context where it has maximum leverage over you. A buyer’s operational diligence team that finds an undocumented shrink problem, an unresolved internal investigation, or a cargo security gap they cannot quantify has three tools: request a price reduction, request a holdback, or walk. You have one response: explain why it is not as bad as it looks. You are negotiating from the worst possible position.
I have watched this conversation happen. A fund that held a retail business for five years, built real operational improvements, and drove genuine EBITDA growth — only to face a 1.5-turn multiple compression in the final weeks of a sale process because the buyer’s LP diligence team found a shrink variance they could not reconcile and an investigation file that was incomplete. The gap between the fund’s perception of the business and the buyer’s documentation of the risk cost them more than two years of EBITDA improvement at exit.
The frustrating part is that the underlying business was sound. The problem was not the operations. It was the documentation.
This post is about what that buyer diligence team is looking for, why most portfolio companies are not prepared for it, and how to build the documentation during the hold period rather than scrambling for it in the data room.
What Operational LP Diligence at Exit Actually Looks For
A buyer conducting operational diligence on a retail or distribution acquisition is not running a financial audit. They are running the same assessment Ironside runs on the buy side — evaluating LP infrastructure, measuring shrink credibility, and identifying the operational risk exposures that will survive the transaction and land on their balance sheet.
Here is what that process produces questions about, and why each category creates problems for sellers who have not prepared.
Shrink Rate Trajectory and Documentation
The buyer will request the trailing three-year shrink history, broken down by location, by category, and by period. They will want to understand the measurement methodology behind each data point — how often inventory was counted, who conducted the counts, what the root cause investigation process was for variances.
A portfolio company that can produce clean, documented shrink history — monthly cycle count records by location, variance investigation summaries, year-over-year trend explanation — presents a business in control of its inventory. A portfolio company that produces a single-line shrink percentage per year, derived from an annual physical count, raises a different question: is this number real, or is it the best number the business could produce given a measurement methodology that is not designed to find loss?
The buyer does not know which one you are. The documentation tells them.
Investigation History
Most buyers in operational diligence will request a summary of Loss Prevention investigations conducted during the hold period — specifically, any investigation involving a manager or above, any investigation resulting in a termination for cause, any investigation that was referred to law enforcement, and any investigation that resulted in civil or criminal legal action.
This is where portfolio companies that ran an LP program without a case management system face a reckoning. If there is no case management system, there is no investigation history. If there is no investigation history, the buyer is left to conclude one of two things: either the business had no internal theft, which is statistically implausible for a multi-location retail operator, or the business had internal theft that was not caught, investigated, or documented. Neither answer is good. The second one gets a hold-back.
Litigation and Claims Exposure
I will address this in more detail in a later section, but operational LP creates legal exposure in three categories: wrongful termination from LP-driven employment actions, workers’ compensation fraud investigations, and customer incident liability from physical security failures (slip and fall, assault on premises, failure to maintain security). A buyer will look for open litigation in all three categories. Undisclosed open claims discovered during diligence are a material issue regardless of their individual dollar value because they suggest a pattern of incomplete disclosure.
SOP Documentation and Training Records
A buyer’s operational team will want to see the Loss Prevention standard operating procedures — the written policies that govern how the business handles inventory management, receiving procedures, cash handling, and security. They will want to see evidence that these procedures were current, distributed to the relevant staff, and enforced.
This is a documentation gap in most portfolio companies, including ones that actually ran their operations reasonably well. The procedures existed in practice. They were not written down in a form that a buyer can review, validate, and carry forward into the new ownership structure.
The Legal and Regulatory Exposure That Surprises Sellers
Beyond the operational documentation gaps, there are three categories of legal and regulatory exposure that routinely surface in exit diligence and that LP leadership should have been tracking and documenting throughout the hold period.
Wrongful Termination Claims From LP-Driven Employment Actions
Every termination for theft, fraud, or policy violation creates a potential wrongful termination claim. The claim does not require the termination to have been wrong — it requires only that the former employee believes it was and has access to an employment attorney who will evaluate the file. In states with strong employee protections and active plaintiff-side employment bars, a significant percentage of LP-driven terminations will generate a demand letter within six months.
The LP investigation file is the defense. A complete file — documented signal, evidence development, interview summary, finding, and HR action — is a defensible file. An incomplete file is an invitation to settle.
At exit, a buyer will review any open or recently settled employment litigation. If there are multiple wrongful termination claims arising from LP investigations, the pattern will raise a question: were these LP actions well-founded and documented, or was the LP program generating terminations that could not be supported? Either way, open or recently settled claims appear in the disclosure schedules and create a diligence conversation that should not be happening in the last four weeks of a sale process.
The fix is not to conduct fewer LP investigations. It is to conduct every investigation with documentation standards that make the file defensible before the termination decision is made. That is an LP program design question, not a legal question, and it should be addressed at the beginning of the hold period — not when the M&A attorney is building the disclosure schedule.
Workers’ Compensation Fraud and Third-Party Liability
Two categories of physical security failure create significant legal exposure at exit that most portfolio companies track inadequately.
Workers’ compensation fraud — employees filing claims for injuries that did not occur, or that occurred in a different context than reported — is a recoverable loss category that most LP programs do not pursue systematically. The fraud is real and material at scale. A business with 2,000 employees and no WC fraud investigation program is almost certainly absorbing fraudulent claims. The financial impact is embedded in insurance costs rather than appearing as a discrete loss, which means it does not get investigated with the same urgency as inventory shrink. But at exit, the buyers who understand operational risk will look at the insurance cost structure and ask why WC costs are elevated relative to industry benchmarks.
Third-party liability from physical security failures — a customer assaulted in a parking lot with inadequate lighting, a slip and fall in a location with no documented floor safety inspection program — is a claims category that can produce significant individual claim values, particularly in jurisdictions with plaintiff-friendly tort environments. A portfolio company with no documented security assessment program, no incident report log, or no evidence of regular physical security inspections is one serious incident away from a significant liability claim. At exit, a pattern of unresolved premises liability claims is a risk category that sophisticated buyers price.
Building the Documentation During the Hold Period
The portfolio companies that exit cleanly on LP documentation are not the ones that had zero LP problems during the hold period. They are the ones that documented the problems they found, investigated them properly, and built a paper trail that demonstrates a program in control of its exposures.
Here is what that documentation looks like, built over the hold period rather than assembled in a data room rush.
Quarterly LP Reporting to the Board
Every quarter, the LP function should produce a one-page summary for the board: shrink rate by location or region, case activity summary (number of investigations opened, closed, substantiated), loss recovery amounts, and key operational metrics (cycle count completion rate, receiving discrepancy rate). This creates a documented record that the PE firm was monitoring LP performance throughout the hold period — which is a material positive signal for a buyer evaluating management oversight quality.
The reporting format does not need to be elaborate. It needs to be consistent and dated. A buyer reviewing four years of quarterly LP reports is looking at evidence of ongoing oversight. That is worth more in a data room than a polished deck assembled in the last 90 days before sale.
Case Management System Records
Every investigation should be in a case management system — not a spreadsheet, not a shared drive folder, a dedicated case management system with case numbers, status tracking, and outcome documentation. The system is the audit trail. When a buyer asks for investigation history, the case management export is the answer. When a buyer asks whether a specific terminated employee had a documented case file supporting the termination, the case management record is the answer.
Annual LP Program Assessment
Commission an independent LP program assessment annually — or at minimum at the beginning of the hold period and in the 12 months prior to planned exit. An independent assessment identifies gaps before a buyer does, creates a documented record that the gaps were identified and addressed, and produces a report that can be included in the data room as evidence of proactive LP program management.
An Ironside exit readiness assessment is designed specifically for this purpose: document the current LP infrastructure, identify material gaps, quantify the shrink exposure, and produce a data room-ready summary that positions the program favorably in buyer diligence.
SOP Library
Maintain a current, signed-off SOP library for all LP-relevant processes: receiving procedure, cash handling, physical inventory count methodology, investigation procedure, and physical security inspection. Review and re-sign these documents annually. A buyer who asks for LP SOPs and receives a current, dated, signed set of procedures is looking at a managed program. A buyer who asks and receives nothing is pricing in the risk that no managed program exists.
The Pre-Sale Timeline
Exit readiness on LP documentation should begin at minimum 12 to 18 months before a planned sale process. Here is the sequence.
At 18 months out: Commission an independent LP program assessment. Identify all material gaps. Begin remediation on any finding that will appear materially negative in diligence.
At 12 months out: Confirm all investigation files are complete and archived in the case management system. Review open litigation and understand the status of each matter. Update all SOPs and confirm training records are documented. Pull the trailing three-year shrink history and confirm the documentation supports each data point.
At 6 months out: Produce the data room LP documentation package: shrink history with methodology documentation, investigation summary, SOP library, quarterly LP board reports, litigation disclosure list, and physical security assessment results.
At close of sale process: The buyer’s LP diligence questions should have answers before they are asked.
| BOTTOM LINE | Buyers who understand operational risk are evaluating LP documentation as a proxy for management quality. A portfolio company that can produce clean, consistent LP records — shrink methodology, investigation history, SOP documentation, and board-level reporting — exits at a different multiple than one that cannot. Build the documentation during the hold period. The data room is too late to start. |
|---|
About Ironside Risk Advisors
Ironside Risk Advisors provides fractional loss prevention and cargo security advisory to private equity firms with retail and supply chain portfolio companies. Founded by Mitchell Hamm — 10+ years across a PE-backed multi-site retail operator and corporate security — the firm specializes in pre-acquisition risk assessment, post-close LP buildout, fractional LP director engagements, and exit readiness assessments.
mitch@ironsideriskadvisors.com · (502) 608-7389 · ironsideriskadvisors.com · Dallas, TX