Meet Philippe Thomas, CEO of Vaultinum

Vaultinum, formerly CELOG, is a leader in the protection of digital assets. Since 1976, they have provided investors and organisations with solutions to protect their intellectual property (IP), ensure business continuity, and mitigate cyber and software risks, with the help of AI. Vaultinum has enabled thousands of digital creators, businesses, and investors secure their innovations.

With secure servers based in Europe, ISO 27001 certification and a unique double expertise in IT and legal, their clients benefit from the highest levels of security and protection for all their sensitive assets. They have recently launched in the UK, having been active in Switzerland for a number of years. The CEO, Philippe, has over 20 years of experience in the financial technology industry, having started in open outcry market surveillance, and progressed his career into business development.

 

Phillippe CEO Vaultinum
Philippe Thomas, CEO of Vaultinum.

 

Tell Us About Vaultinum. How Did It Come About?

I’ve been involved in fintech for the last twenty years and developed a keen interest in tech innovations throughout that time. Tech really is changing the world right now; it’s a great space to be in. Everything is becoming much more connected, and algorithms are incredibly powerful and full of potential still.

During my time in fintech I was involved in a number of mergers and acquisitions, overseeing various due diligence efforts. I noticed that due diligence was often very detailed when it came to finance and legal, but lacking in tech. That’s when I realised that there was an increasing need for a tech-powered approach to software due diligence for investors before investing or acquiring a company, and for companies looking to show their value by identifying and improving issues ahead of an investment or acquisition. This approach must be comprehensive and digital to disrupt and improve the current way of doing things.

Currently tech due diligence is still very manual and time consuming, which is creating huge issues in terms of identifying risks linked to software vulnerabilities and data breaches. Vaultinum aims to change that, combining the power of its algorithm to read code line by line and reveal IP, security, scalability, and maintainability risks, with IT experts who interpret the findings. We are now bringing this technology and expertise to the UK following success in Switzerland and France.

Vaultinum is committed to supporting digital innovations and investments. In addition to in-depth tech due diligence, Vaultinum also offers a deposit solution which is recognised in courts worldwide, allowing developers, digital innovators, and database owners to prove the ownership and secure the intellectual property rights of their digital creation (software, database, website etc). In addition, we provide software escrow contracts between technology suppliers and their clients to ensure business continuity in the event of a supplier failure.

What Challenges Have You Faced?

Private equity firms and investors have been involved in this game for a long time, and it can be difficult to attract them to this new approach to due diligence. Many big firms are still carrying out manual due diligence efforts and are hesitant to change from ‘what’s always been done,’ not realising there is a more accurate and efficient method out there. We have to persuade them to give tech auditing the same focus as legal and financial auditing, which can be a big ask. But we can prove its benefits, and what’s more we have had a warm welcome from investors using our solution, so little by little things are certainly changing.

 

What Have You Learnt?

People in the tech sector will always say that it doesn’t matter if you’re the best, what matters is being the first. I’ve discovered that this often isn’t actually true, as it leads to corners being cut. Take the use of open-source software, for example. Developers are increasingly using open-source software within their code, as it allows for faster development and ultimately, staying ahead of the competition.

However, open-source software usage can cause big issues later down the line. It can easily become out of date, which results in inoperable code and negative impacts on business continuity and scalability. Additionally, in their haste developers can fail to notice hidden licencing restrictions, binding them to unfavourable usage terms.  In this case, those investing in companies where software is at the heart of the deal need to be ensuring that they check every line of code – this is where good, comprehensive software due diligence comes in.

 

Why Is Your Work So Important?

When you buy a car, you generally take it out for a test drive. This gives you a good feel for the car but doesn’t show the full extent of any issues it may have later down the line – to discover this you must look under the bonnet. For an investor or potential acquirer of a software firm, they must do the same. Test driving a software through a demo gives you a good feel for how it will work, but it doesn’t show maintainability, scalability, or code vulnerabilities.

When you’re investing tens of millions, you want to do it right, and financial and legal due diligence isn’t enough. More and more, and especially given that we’ve seen a skyrocketing number of cyber-attacks and litigations in recent years, to be truly safe, ensure business continuity, and manage crucial scalability, you need comprehensive tech due diligence. No human can read millions of lines of code, but a machine can, and when it is well interpreted by an expert to make it be understood by any investor, that makes it priceless.