Technical due diligence · Security · M&A

Know exactly what you're buying.

Full Disclosure is an independent Finnish consultancy providing technical due diligence, security audits, architecture reviews, and AI advisory for venture capital firms and M&A transactions.

Services

01

Technical Due Diligence

Pre-investment and pre-acquisition assessments of software companies. Architecture, code quality, engineering practices, scalability, technical debt, and the gap between the pitch deck and the repository — reported in plain language your investment committee can act on.

02

Security Audit

Security posture reviews for portfolio companies and acquisition targets. Threat modeling, vulnerability assessment, secure development practices, and incident readiness — findings ranked by real-world risk, not by scanner output volume.

03

Architecture Review

Independent review of system architecture and technology strategy: scalability, resilience, protocol and infrastructure decisions, build-versus-buy calls, and whether the roadmap survives contact with reality.

04

AI Advisory & Training

Pragmatic guidance on adopting AI in engineering organizations — where it genuinely pays off, where it is theater, and hands-on training that gets teams productive with modern tooling without the hype.

Approach

Independent

No reseller agreements, no upsell pipeline, no stake in the outcome. The assessment is the product.

Evidence-based

Conclusions are drawn from the code, the infrastructure, and the team — not from slideware. Every claim in the report traces back to something verifiable.

Full disclosure

The name is the method. You get everything found — the good, the bad, and the awkward — stated plainly, with severity and cost to fix.

About

Full Disclosure is the independent consulting practice of Nuutti Kotivuori — three decades of building, breaking, and steering software: cryptographic protocols and VPNs, PCI DSS Level 1 cloud payment platforms, and group-level technology strategy in the European payments industry.

He has sat on both sides of the deal table: the companies he co-founded and scaled — Poplatek and Poplapay — were acquired by Nexi Group. He knows which drawers due diligence should open, because he has been the one being diligenced.

Engagements are handled personally, end to end. No junior staff, no outsourcing, no hundred-page boilerplate reports — just an experienced engineer reading the code, probing the systems, and telling you what they actually mean for the deal.

Based in Finland, working anywhere. The bluntness is cultural; the findings are yours in full — hence the name.

Contact

Evaluating a target, hardening a portfolio company, or stuck on a hard technical problem?

Get in touch and describe the situation. You'll get a straight answer on whether and how Full Disclosure can help.

naked@iki.fi

— Naked