white paper

Life Science Due Diligence

About RCA
Regulatory Compliance Associates® Inc. (RCA) provides worldwide services to the pharmaceutical, biologic, sterile compounding, biotechnology, and medical device industries for resolution of compliance and regulatory challenges.

Please complete the form to access the white paper.


Life Science Due Diligence

Risk Management During Mergers & Acquisitions

Due diligence in a sentence is often mergers or acquisitions (M&A) when a team invariably did not realize the expected value creation. Failure numbers, ranging from 60-80 percent, are surprisingly high. Clearly, many companies move forward on medical device or pharma deals without a clear picture of their risks.

Due Diligence Process

A due diligence process that’s too high-level or superficial is often to blame. For example, when a life sciences company considers a merger or acquisition, the due diligence team typically looks for 483s, Warning Letters, notified body findings, and product recalls—any signs of potential problems with the FDA. But when a deal does not deliver value, the real causes are often strategic, cultural, or technical.


Financial Due Diligence

Financial due diligence is not the same as a QA compliance audit. But in the life science industry, it’s easy to confuse the two. The executives or the private equity firm structuring the deal do not necessarily “get” the companies’ operations or understand FDA sanctions. At the same time, if a CEO or CFO is enamored with M&A as a perceived means to expand into a new business or enter a new market, the due diligence team typically lacks the business expertise to ask the right questions or the clout to raise objections.

Manufacturing Capacity

For example, company A might want to buy company B because of its superior sales force. Marketing contends that sales would double; finance believes that redundancy would allow company A to reduce payroll by 10 percent. Both functions are persuasive within their own checklists for due diligence, but no one calculates the extra manufacturing capacity needed to produce a larger portfolio and volume of products. The expected value of the deal is cancelled out by unanticipated costs in another part of the organization.

FDA Compliance

The fundamental questions asked during the due diligence process should go beyond FDA compliance and tackle the business reasons for doing the deal. That requires having the right people (not necessarily those who just happen to be available) on the due diligence team from the beginning. Technical executives might be asked about open citations, but they’re rarely consulted about the likely costs of integrating two factories, or two supply chains, or two distribution centers—or whether these integrations can be done at all.

Product Quality

But if integration costs more or takes longer than expected, customer relationships and product quality can suffer. The due diligence team has to include people who can put the business case (or cases) to the test.


Need regulatory due diligence help? Talk to our Experts →


Commercial Due Diligence

Often in a merger or acquisition, commercial due diligence doesn’t gauge the “personality” of the two companies. Metrics often trump touchy feely considerations, especially when both organizations are successful in their own ways. But just imagine the stresses—to people and processes—if the cultures of two organizations are incompatible.

Organized Culture

The possible triggers of a poor company culture are nearly limitless: management style, risk tolerance, flexibility, talent, technology, and geography, to name a few. Some in life sciences are risk-takers; others are conservative. Some are entrepreneurial; others are hierarchical. Some are obsessed with “zero incidents” quality; others have a “find a problem, fix a problem” management style. These types of cultural incompatibilities are expensive.


If the two cultures can’t be blended, the cost of a significant restructuring (including recruiting and hiring new executives) needs to be included in the M&A price tag. The deal’s stakeholders, each with different goals and agendas, need to talk to each other.


Operational Due Diligence

Post-M&A integration is often the cause of extra, unplanned due diligence reporting. For example, a seller often is stuck supporting sold-off processes or IT systems long after the deal is done. When this happens, the buyer can end up with a poorly managed function, and the seller can end up with disgruntled people and extended costs. The deal’s stakeholders, each with different goals and agendas, need to talk to each other. External stakeholders can also be drawn into the due diligence process to reduce this risk.

Regulatory Authorities

Transition services agreements (TSAs) should be drawn up carefully to protect buyers and sellers from value destruction. For the buyer, a TSA might specify that the seller’s people will be available to talk to regulatory authorities during the integration time period.

Regulatory Due Diligence

For the seller, the TSA might detail roles and responsibilities during the regulatory due diligence for the sold business or division. A key executive or consultant should be put in place for the seller to assure TSAs are followed and that the buyer takes over on schedule, ending the seller’s responsibilities.


Technology Due Diligence

Any life sciences company considering a merger or acquisition should take these five steps to ensure that the technology due diligence due diligence process helps manage business risks and prevent value destruction.


1. Put the right people on the team.

A life sciences company typically has multiple locations, some in other countries, as well as complex supply-and-distribution operations. Also, the time available to draw up an offer can be as short as two or three weeks. The technology due diligence team should be structured to be quick in getting real-world answers to fundamental questions.

Quality Assurance

This means including experts who can look at limited data and draw reasonable conclusions about many different areas: manufacturing, product portfolios, supplier relationships, IT capabilities, R&D and engineering, marketing and sales, and environmental compliance. A QA specialist can’t cover all this ground alone. Perhaps most important, the team needs a senior executive who has the power to champion the right answer for the deal, even when that answer is NO GO.


A US company wanting to acquire a high-growth product line made a play for a successful company headquartered in Australia. The rewards matched the company’s objectives: revenue from sales outside the US would jump from 15 to 40 percent. However, the risks would be just as great: registrations and patents would require global management, and the success of the venture depended on keeping the seller’s key people and infrastructure.

Manufacturing Plant

The technology due diligence team included the Chief Operating Officer, as well as senior people from manufacturing, finance, legal, QA, business development, R&D, and an independent consultant to question assumptions. In addition to working with a virtual data room, the team spent two days interviewing seven of seller’s top executives and one day touring the main production facility.

Management Information Systems

Last, but certainly not least, the team included a management information systems executive who would lead the post-merger integration critical to future revenue and earnings. Because the due diligence team had the right people, the process was able to contribute significantly to the immediate and long term acquisition success. The due diligence team should be structured to be quick in getting real-world answers to fundamental questions.


2. Ask the right questions.

In many ways, technology due diligence is a detective’s game: the analysts need to look at clues (often from only partial data), and then solve the mystery by defining the business case. Technology should help identifying the ways each facility or function would contribute to (or detract from) the realization of the business benefits, and pinpointing process risks, functions, or the enterprise. Even companies that do a lot of deals are wise to treat each one as a brand new and unique experience.


3. Find weak spots, and then define fixes.

The technology due diligence team needs to address areas of risk, such as the costs and efforts required to harmonize operations, the timetable for fixing problems, and the investment needed for postmerger integration. For example, upgrading an acquired company’s ERP system would be an expensive and resource-consuming project; its costs should be acknowledged.


4. Use facts to negotiate.

The financial decision makers want to know of any issue large enough to stop the deal. But even those problems that are not deal breakers could be used in negotiations. The technology due diligence team needs to be prepared to talk to C-suite executives, bond rating agencies, the investment bankers, and the sellers about issues, potential technology gaps and a course of action with estimated price tag.


5. Bring in the regulators early.

The post-deal organization should inform the FDA or any other regulators of plans to fix recognized problems. Regulators know that a merger or acquisition can create technology confusion and inconsistencies, and they look for that during inspections. Even if there were no problems, it would still be a good idea for the buyer to be proactive in connecting with regulators to help ensure a smooth transition.

Due diligence is a strategy for risk management and return on investment. When done right, it helps assure value creation in a merger or acquisition. Going beyond compliance during due diligence is the key to successful M&A. Even those problems that are not deal breakers could be used in negotiations.


About RCA’s Medical Device Services

The regulatory process surrounding the medical device industry involves a strict adherence to pre/post market compliance throughout a device’s life-cycle. Even a single compliance issue you have can turn into a significant effect on your business. RCA’s medical device consultants can help guide you through any stage of this strategic process, with capabilities during product development through the regulatory clearance/approval of your product.

Our team of over 500 industry experts — including former FDA officials and other leaders in the field of medical device regulation — will work with your company to create a quality assurance and regulatory compliance approach tailored to your products and regulatory needs. RCA works with both international Fortune 100 companies and small local start-ups, as well as law firms requesting remediation for warning letters, 483’s, import bans or consent decrees. 



For medical device manufacturers, technology can be a double-edged sword. The innovative technologies that elevate the quality of life for patients can also be used to potentially undermine the organization using the device. The consequences can affect the device itself if we do not implement good IoT cybersecurity and FDA cybersecurity protocols. At Regulatory Compliance Associates Inc.®, we offer a wide variety of services for medical devices security to help ensure that your product is protected from cyber-attacks.

With a well-planned design, along with full visibility of product development and the supply chain, RCA can help strengthen your device’s cybersecurity posture throughout. We partner with medical device companies for the entire life cycle, including from the development of your product to the regulatory submission to your notified body.


Regulatory Affairs

Regulatory affairs is Regulatory Compliance Associates® Inc.’s backbone, and we handle more submissions in a month than many manufacturers do in a lifetime. We have experience working with the FDA, global regulatory bodies and / or agencies, and notified bodies worldwide. Therefore, you can count on us for in-depth and up-to-date insights which increase speed-to-market.

As a trusted regulatory affairs consultant, our FDA veterans and industry experts are here to help you navigate the difficulties associated with new product submissions. They have expertise in both the approval process and post-approval support. 

  • New Product Approval
  • Post-Approval Support
  • Outsourced Staffing
  • EU MDR


Compliance Assurance

Increasingly, life science companies are feeling the pressure of greater scrutiny by regulators, and responding by developing sustainable compliance strategies. Whether it’s preparing for an audit, developing a response to an FDA finding, or remediation to an adverse event, Regulatory Compliance Associates® Inc. can help.

Our network of over 500 FDA veterans and industry professionals offers a unique blend of expertise that allows us to handle both simple and complex regulatory compliance challenges within the medical device industry.

  • Gap Assessments
  • Internal Audits
  • Employee Training
  • Notified Body Response


Quality Assurance

Regulatory Compliance Associates® Inc.’s Quality Assurance services include quality system assessments, strategy, implementations, and identification of quality metrics to ensure continuous improvement, aligning with your business needs and goals. Our consultants are quality experts with experience spanning major corporations and start-ups. We know firsthand how to achieve, maintain, and improve quality, and we excel in transferring this knowledge to your organization.

In the medical devices field, quality assurance (QA) is more than merely ensuring the quality of a finished product. You need the tools to monitor and regulate every process from the design of a new product to continued quality compliance as the device is sent to market. At RCA, we offer you the assistance you need to monitor these processes and ensure quality compliance every step of the way.

With more than 15 years of experience as a trusted medical device quality assurance consultant, our team of over 500 industry experts and FDA veterans is fully equipped to handle your unique QA needs.

  • ISO13485 
  • 21 CFR 210
  • 21 CFR 211
  • Outsourced Staffing
  • Facility Validation
  • Equipment Validation


Remediation Support

Regulatory Compliance Associates® Inc. is widely recognized within the life science industry and global regulatory agencies for its ability to help companies successfully resolve complex regulatory challenges, including remediation. With a proven track record of success, we have significant experience with the development of responses to 483 Observations, Warning Letters, Untitled Letters and Consent Decrees.

Our value goes beyond the initial response by helping companies successfully execute their action plans, develop an improved compliance culture tailored to the needs of their business, and ultimately move beyond the regulatory action to emerge as a stronger business. We negotiate difficult demands of remediation with insight and the clear advantage of our unique expertise and experience that makes partnering with RCA® Inc. a competitive differentiator in the remediation space.

  • Quality System
  • Technical File
  • Design History File
  • Data Integrity
  • cGMP 


Strategic Consulting

Whether it’s a strategy, a technical plan, or project, Regulatory Compliance Associates® Inc.’s worldwide experience can help ensure a successful mix of people and product so your project is on time, on budget, and you’re never embroiled in a costly mistake.

Our 500 industry and FDA experts are here to provide the unique insight you need before an M&A deal, through a staffing crisis and in every area of your product’s development and life cycle. As the trusted medical device manufacturing consultants of thousands of companies around the world, we have the knowledge and expertise needed to deliver exceptional results to your business — no matter your size or unique needs.

  • Manufacturing Optimization
  • Product Lifecycle Management
  • Mergers & Acquisitions (M&A)
  • Due Diligence
  • Device Vigilance
  • Product Complaints
  • Medical Information


About RCA

Regulatory Compliance Associates® (RCA) provides FDA inspection consulting services to the following industries for resolution of compliance and regulatory challenges:

We understand the complexities of running a life science business and possess areas of expertise that include every facet of R&D, operations, regulatory affairs, quality, and manufacturing. We are used to working on the front lines and thriving in the scrutiny of FDA, Health Canada, MHRA and globally-regulated companies.

As your partners, we can negotiate the potential minefield of regulatory compliance and regulatory due diligence with insight, hindsight, and the clear advantage of our unique expertise and experience.

  • Founded in 2000
  • Headquartered in Wisconsin (USA)
  • Expertise backed by over 500 industry subject matter experts
  • Acquired by Sotera Health in 2021


About Sotera Health

The name Sotera Health was inspired by Soteria, the Greek goddess of safety, and reflects the Company’s unwavering commitment to its mission, Safeguarding Global Health®.

Sotera Health Company, along with its three best-in-class businesses – Sterigenics®Nordion® and Nelson Labs®, is a leading global provider of mission-critical end-to-end sterilization solutions and lab testing and advisory services for the healthcare industry. With a combined tenure across our businesses of nearly 200 years and our industry-recognized scientific and technological expertise, we help to ensure the safety of over 190 million patients and healthcare practitioners around the world every year.

We are a trusted partner to more than 5,800 customers in over 50 countries, including 40 of the top 50 medical device companies and 8 of the top 10 pharmaceutical companies.


To begin the Regulatory Compliance Associates® scoping process today, please enter your information in the blue form below and click the submit button at the bottom of the webpage. 



Our website uses cookies to give you the best possible experience.

By continuing to use this site, you agree to the use of cookies.
Privacy Policy