Coredo

In recent years Vietnam has become one of the most pragmatic entry points for technology businesses: registering a company in Vietnam provides access to a strong talent pool, a competitive cost base and a growing ecosystem of high-tech parks. The team COREDO has implemented dozens of projects to launch development centers, structure IP, obtain financial licenses and build AML compliance. In this article I have compiled practical guidance that will save you months, and sometimes years.

Why choose Vietnam for software development outsourcing and R&D?

Presence models: branch, representative office, subsidiary, EOR/PEO

I start with a precise definition of the model. Branch vs subsidiary in Vietnam: a choice between the foreign company’s direct presence and a standalone legal entity.

• Registering a branch in Vietnam is suitable for companies already conducting regulated activities and planning to provide services directly. A branch simplifies control but increases the risks of a permanent establishment (PE) under international tax rules.
• Registering a representative office in Vietnam provides a platform for marketing and market research without the right to conduct commercial activities. It’s a convenient preliminary step if you are just exploring the country and building a pipeline.
• Foreign company in Vietnam: registering a subsidiary is the standard practice for IT. A subsidiary protects the head office, optimizes taxation, and simplifies local operations.
• EOR/PEO: the pros and cons of using an Employer of Record are obvious at early stages. You quickly hire developers, avoid creating a legal entity, and test demand. The downsides are limited control and provider fees. COREDO’s experience shows: transitioning from an EOR to your own legal entity after 6–12 months delivers the best economics.

Legal forms and investment certificates: IRC/ERC and IC

For IT and fintech, two forms are preferred:

• Công ty TNHH (a limited liability company in Vietnam, a Vietnamese LLC). Flexible capital structure, transparent corporate hierarchy, simple corporate reporting. Công ty TNHH (Vietnamese LLC) registration: the basic scenario for development centers.
• Công ty cổ phần (a joint-stock company in Vietnam). This is an option for scalable projects with subsequent involvement of external investors and option programs.

Foreign investors go through two stages: Investment Registration Certificate (IRC) and Enterprise Registration Certificate (ERC). IRC — the investment certificate (IC) in Vietnam — records the investment project and the approvals for types of activities. ERC creates the company as a legal entity and appoints the directors. The solution developed by COREDO arranges the schedule of steps so that IT company registration in Vietnam proceeds without gaps between the IRC and ERC.

Requirements for foreign investors and charter capital

How to open a company in Vietnam: timelines, cost, banking compliance

Step-by-step plan includes:

• Preliminary Due Diligence and assessment of risks and compliance during registration in Vietnam. We check the permissibility of business activities, the need for additional licenses and KYC/AML requirements and reporting.
• Obtaining an IRC: 15–30 working days depending on the province and industry.
• Obtaining an ERC: 3–5 working days after the IRC.
• opening a bank account for a company in Vietnam: 2–4 weeks, including banking compliance, beneficiary verification and business model review. Opening a corporate account and banking compliance will be facilitated by a detailed business plan, an office lease agreement and a draft staffing schedule.
• Registration of a tax number and e-invoice system: 1–2 weeks with connection to an electronic reporting provider.
• Hiring and payroll/EOR/PEO: start in parallel with ERC.

Taxes in Vietnam for IT companies and incentives

In tax planning I base my approach on three levels: general rates, sector incentives, and double taxation treaties (DTT).

• Corporate income tax (CIT) and incentives: the corporate tax in Vietnam has a default rate of 20%. For priority projects in high-tech and R&D preferential rates are available for IT and R&D, including a 10% rate for 15 years, tax holidays (often a model of 4 years exemption + 9 years at a reduced rate of 50%). The specific package depends on the location and project criteria.
• value-added tax (VAT) in Vietnam: standard 10%. Special regimes apply to software: certain types of software and export services may be taxed at 0% or exempted if the documentary and substantive export conditions are met.
• Registration in free economic zones and IT parks: registration in high-tech parks and the advantages include land on preferential terms, customs preferences, accelerated procedures and access to centralized infrastructure.

Transfer pricing, BEPS and DTT

При внутригрупповых потоках важно соблюсти трансферное ценообразование во Вьетнаме. Требуется локальная документация по TP, master file и country-by-country reporting при достижении порогов. BEPS recommendations and the impact of OECD guidance on Vietnam structures are felt through substance requirements, beneficial owner tests and controls against the risks of artificial fragmentation of functions.

Foreign exchange control and profit repatriation

The foreign exchange control rules of the State Bank of Vietnam distinguish between settlement (current) and investment (capital) accounts. Replenishment of the charter capital is done through the capital account; operational activities: through the settlement account. Mechanisms for repatriation of dividends and currency conversion operate after the annual audit and payment of taxes, through licensed banks and at the market exchange rate. I recommend building into the project schedule in advance quarterly interim payments to management companies under a market SLA to avoid cash shortfalls.

Personnel: work permits, TRC and labor law

For a quick launch I sometimes use company registration to hire developers in Vietnam in a lean-staff format: key roles, a director, a chief accountant (in-house or outsourced), HR and an office manager. The rest is covered by outsourced accounting, payroll and a legal retainer.

IP and contracts: code protection, NDA, SLA and escrow

Cybersecurity and personal data

Fintech and crypto: licensing and AML practice

Licensing of fintech and payment services in Vietnam is overseen by the State Bank. Payment intermediaries and e-wallet providers must demonstrate capital, IT security, risk management, and compliance with KYC/AML. Regulation of crypto assets and blockchain projects is evolving: token projects structure themselves as technology platforms, carry out legal analysis of asset functionality and accounting regimes, and particular attention is paid to the payment function of crypto assets in light of local restrictions.

Financial reporting, publications and tax discipline

Office, equipment import and customs

Disputes, arbitration and M&A

Evaluation of ROI, TCO and offshoring unit economics

Incubators, accelerators, grants and R&D structures

Personnel model: staff vs freelancers, nominees and insurance

FinOps and banking requirements

Opening a bank account is accompanied by KYC, verification of the source of funds, and analysis of the business model. Banks assess the due diligence of the provider of development services in Vietnam, check key contracts and the existence of internal policies on AML and sanctions. For foreign currency payments, it is useful to agree with the bank in advance on invoice formats and confirmation of service export in order to apply VAT and DTT benefits.

COREDO Case Studies: How We Launch and Scale

• Registration of an IT company in Vietnam for a European SaaS. The COREDO team registered IRC/ERC, chose Công ty TNHH, connected e-invoice, and built payroll. We structured transfer pricing, formalized DTT agreements and set up dividend repatriation mechanisms. Result: office payback in 14 months and a 28% reduction in TCO.
• Opening a development office using an EOR transition. We started with an EOR service in Vietnam for a pilot team of 12 engineers, then carried out company formation in Vietnam, migrated employees and integrated PEO services and payroll in Vietnam. SLA, KPI and penalty clauses in IT contracts, NDA and escrow for source code provided manageable delivery quality.
• Fintech and payment services. The solution developed at COREDO combined a licensing track with KYC/AML, monitoring and cybersecurity models, and aligned personal data handling with GDPR and local regulations. We built a cross-border data flow architecture, arranged a VIAC arbitration clause and ensured resilience to PE risks outside Vietnam.

Practical answers to frequently asked questions

• Cost of opening a company in Vietnam: legal and administrative setup: 12 000–25 000 USD depending on complexity and industry. Set aside 2–3 months’ salaries of key positions for initial liquidity.
• Timeline for company registration in Vietnam: 6–10 weeks to operational start, including accounts, e-invoice and office.
• Transfer pricing and documentation: prepare a local file and justify at the level of functions, assets and risks, synchronizing with the master file.
• BEPS and PE: differentiate product/engineering roles, take into account agency powers and physical presence abroad.
• Trademark and IP: register the brand and key IP assets, use escrow and assignment clauses.
• Process of liquidating a company in Vietnam: plan for audit, tax closure, settlements with employees, license revocation, then account closure. This takes 2–4 months in standard scenarios.
• Subcontracting contracts and SLAs: define metrics, penalties, rights to source code, non-solicitation clauses and the chain of IP transfer.

How COREDO reduces project risk

The benefit of my approach is its comprehensiveness. I combine legal engineering with operational practice, including:

• Assessment of TCO, LTV and project financial metrics so that unit economics work on a quarterly horizon.
• Due diligence of the development services provider in Vietnam and vetting of subcontractors, including sanctions risks and cyber profile.
• Data architecture for cybersecurity law compliance, localization, and GDPR mapping.
• bank onboarding with a KYC/AML package, UBO disclosure and profit repatriation models.
• Structuring holding and operating companies in ASEAN, optimizing for DTT and BIT.
• Setting up Agile and managing distributed development teams with mandatory code review and security testing so that code quality remains predictable.

Conclusion: How to move forward

I founded COREDO in 2016, and since then the COREDO team has carried out dozens of projects for company registration abroad, payment service licensing and setting up AML controls. Over that time I developed a simple rule: any integration of a crypto-fiat gateway is not about “quickly connecting an API”, but about the strategic architecture of the business, jurisdictions and processes. When an entrepreneur sees the on‑ramp/off‑ramp only as a “buy crypto for EUR/USD” button, they underestimate compliance, liquidity and the economics of conversions.

In this article I will lay out the regulatory requirements (MiCA, PSD2, AMLD5/6, Travel Rule), the architecture of a crypto-fiat gateway from the mobile app to the back office, KYC/KYT practice, integration of cards and banking rails (SEPA, SWIFT, ACH), project economics and the roadmap. I draw on concrete project experience in the EU, the Czech Republic, Slovakia, Cyprus, Estonia, the United Kingdom, Singapore and Dubai, and I will explain where real bottlenecks occur and how to work around them without losing transparency and SLA.

Why businesses need a crypto-fiat gateway

Customers expect a simple fiat on‑ramp and fiat off‑ramp: top up the balance by card or SEPA, buy an asset, lock in profits, withdraw to a bank account. Behind that simplicity is a complex chain of PSPs/EMIs, liquidity providers, blockchain analytics and AML transaction monitoring. If one link falters, you see increased declines, chargebacks and a drop in LTV.

In COREDO projects crypto‑fiat gateways often become the core of the product: thanks to a SEPA fiat gateway for cryptocurrencies, USD/EUR fiat exchange in the app and proper payment routing via PSD2 open banking API. It’s important to decide where to hold funds (custodial storage vs non‑custodial solution), how to manage liquidity between exchanges and payment providers, and how to maintain conversion without compromising AML.

MiCA, PSD2, AMLD5/6 and the Travel Rule

In the EU the approach is shaped by MiCA, PSD2 and the AML directives (AMLD5/AMLD6) together with the recommendations of the FATF. MiCA outlines the contours for VASP and stablecoins, PSD2: for payment rails and AISP/PISP integrations, AMLD: for KYC/CDD, sanctions screening and governance procedures. In practice this means: KYC for crypto-fiat gateways is mandatory, KYT (Know Your Transaction) in real time is the standard, the Travel Rule is part of the operational framework.

Licensing and corporate structure

Where to obtain permissions and how to organize the corporate structure is the first strategic choice. A mistake here means months of downtime and frozen accounts. I always start by mapping target markets, payment rails, operating currencies (EUR/USD/GBP/SGD), the custody model and the required margin.

EU: VASP registration and EMI/PI

In the EU two paths are popular: an EMI or PI license (e‑money/payment institution) for fiat rails and registration/authorization for virtual asset providers. Lithuania has become an EMI hub thanks to clear requirements and work with SEPA/SEPA Instant; Cyprus is actively advancing CASP registration and payment licenses, providing a bridge between the EU and the Middle East.

COREDO’s practice confirms: if the product targets a broad on‑ramp in EUR, a combination of an EMI in the EU + VASP registration and PSD2 integration for crypto payments provides flexibility, but requires a mature AML function. Timeframes: from 6 to 12 months for the full stack, including policy audits and beneficial owner checks.

Enhanced requirements for VASP in Estonia

Estonia has retained its status as a mature jurisdiction for VASP, but after reforms requirements have increased: capital, real presence, a qualified MLRO and detailed KYT procedures. The COREDO team implemented a project in Tallinn with on‑ramp/off‑ramp, where we aligned local AML policies with a Travel Rule router and an external sanctions screening provider. The result – seamless checks for both fiat and on‑chain routes.

Czech Republic and Slovakia: base and payments

The Czech Republic and Slovakia are convenient for corporate structure, back offices and hiring compliance teams. For “heavy” payment licenses these jurisdictions are not the first line, but they integrate well with an operational center in the EU and connection to local PSPs. Our experience at COREDO has shown that such a configuration speeds up Opening bank accounts and reduces administrative burden.

FCA: UK crypto registration

The UK requires crypto providers to register with the FCA, and for fiat — EMI/PI licenses. The regulator takes a strict approach to source-of-funds controls, governance and reporting. One COREDO client moved the custody function to a regulated custodian in the UK while keeping the non‑custodial logic of user wallets in the app: such a hybrid reduced regulatory burden and preserved UX.

PSA (MPI/SPI) and Singapore AML supervision

MAS is building a strict and predictable system under the PSA (Payment Services Act). For on‑ramp with cards and bank payments, the choice between Standard Payment Institution and Major Payment Institution affects limits and capital requirements. We helped a startup in Singapore implement a fiat‑collateralized stablecoin as an internal settlement layer for instant settlement inside the app – MAS accepted the model provided there was clear segregation of client funds and market risk.

VARA and DIFC/ADGM in Dubai

Dubai is shaping clear rules via VARA for VASP and separate regimes in DIFC/ADGM. The COREDO team set up offboarding through local PSPs and integrations with international exchanges under Travel Rule control and transaction reporting. The regulator requires real risk‑scoring systems and incident management procedures: we integrated monitoring and alerting (Prometheus, Grafana) and documented an SLA 99.9% with an escalation plan.

Architecture of a crypto-fiat gateway

I recommend viewing the architecture as a set of domains: payment rails (fiat rails), crypto operations, AML/anti-fraud, liquidity, accounting and reporting, security and data privacy. At the interface level, gateway APIs for crypto-fiat operations are critical, supporting REST/Webhook/WS, webhook retry logic, idempotency and API rate limiting and throttling.

For custody, choice matters: a custodial wallet with multisig and cold storage under key management or a non-custodial wallet where the user controls the keys. Custody affects Licensing and operational risks. I often recommend a hybrid: a hot wallet for on-ramp instant issuance, cold storage with multi-level approval, hardware wallet for offline keys and a clear settlement finality policy.

Integration of SEPA, SWIFT, ACH and cards

Step-by-step integration of SWIFT/SEPA/ACH into a crypto gateway starts with choosing a PSP/EMI and an open banking API. SEPA Instant speeds up EUR settlements, SWIFT gpi improves tracking of international transfers, ACH covers the US. For cards: acquiring with 3-D Secure, PCI DSS compliance, issuer processor and, if necessary, BIN sponsorship.

In COREDO projects we combine PSD2 AISP/PISP to reduce settlement costs and increase authorization. Reliable fiat on a crypto gateway is built on transaction routing: if a card is declined, offer SEPA or open banking; if ACH is slow, provide an instant on-ramp using PSP credit under risk limits.

Liquidity and market infrastructure

Liquidity providers for gateways, OTC desks and market makers provide access to tight spreads. Currency risk management and hedging for crypto-fiat transactions reduce margin volatility: use FX spread control, forward contracts, and for intra-system transfers, use stablecoins as internal fiat for instant liquidity.

Cross-chain bridges and atomic swaps are complex mechanisms that require smart contract audits and a risk acceptance policy. In most on-ramp cases, liquidity on major exchanges and pools, agreed settlement and counterparty limits with daily reconciliation are sufficient.

Anti-fraud and real-time AML

AML checks for onramp/offramp are built on three layers: KYC/CDD, behavioral scoring and KYT. Implementing KYT (Know Your Transaction) in real time includes rules on amount, geography, source of funds, blockchain address risk metrics and sanctions lists. monitoring tools for risk and transaction scoring for the business should provide interpretable reasons for rejection and feedback to the product.

Integration of UX into product development

Integration of fiat payments into a crypto app begins with mapping the user journey. Best practices for UX for fiat on‑ramp, early notification of KYC steps, visibility of the final fee and spread, choice of payment method and a transparent ETA for crediting. In the background — idempotency for payments and webhooks, a retry mechanism and handling of status collisions.

How to connect a crypto-fiat gateway

How to connect a crypto‑fiat gateway in a mobile app is a common question. I recommend provider SDK/JS bridges, card tokenization, strict key isolation, and biometrics on critical steps (withdrawal/changing details). The API interface for fiat and cryptocurrency exchange (REST/Webhook/WS) should support statuses, idempotent keys, webhook signatures and a time‑based nonce.

The UX flow accounts for 3‑D Secure, fallback to open banking and pre-filling of details for SEPA. For KYT the logic shows the user the reason for a delay and requests documents specifically, avoiding frustration. This approach supports the conversion rate without neglecting AML.

Project economics: ROI

The cost of integrating fiat gateways and calculating ROI rely on two axes: fixed costs (licenses, audits, development, PCI DSS/infrastructure) and variable costs (interchange fees, acquiring, network, KYC/KYT providers, blockchain fees, liquidity providers). How to assess ROI from integrating a crypto‑fiat gateway? Model the unit economics fiat‑fiat‑crypto for each payment rail taking into account cancellations, chargebacks, AML rejections and the FX spread.

Chargeback risk management and handling dispute management in fiat‑crypto exchanges require clear documentation, transparent terms, 3‑D Secure logs and instant responses to bank requests. How to organize automated matching and reconciliation? Use a sub‑ledger, pending statuses, counterparty mapping and daily reports. This eliminates “leakage” and reduces manual work.

How to operate and scale?

Plan B in case of sanctions/license revocation and scenarios of liquidity collapse include alternative PSPs/EMIs, backup exchanges, emergency limits, a playbook for counterparty failure and a client communication procedure. The COREDO team helped a client in the EU survive the sudden stoppage of one PSP: within 48 hours we switched the on-ramp to a backup provider, preserving the SLA and cash-out via SEPA.

Taxes and compliance in the EU and Asia

Taxation of crypto-fiat transactions in the EU/Asia depends on the jurisdiction, the status of the tokens, and the place where services are provided. Most often, income from fees and spreads is subject to corporate tax, while VAT requires analysis of specific operations. Taxation of cross-border transactions and profit repatriation is a separate area of tax planning that I raise at the start of a project.

Data privacy and the GDPR dictate the storage and processing of personal data, including KYC dossiers, transaction logs, and biometric templates. Data residency and localization in certain countries require segmenting infrastructure and encryption keys. Encryption and key management are part of the security architecture, with key rotation, HSMs, and access auditing.

COREDO: Case studies from practice

• EU, crypto‑application with SEPA on‑ramp. The COREDO team implemented PSD2‑integration and SEPA Instant, integrated Trulioo and Chainalysis, established KYT‑rules and automatic reconciliation. Onboarding conversion increased by 9%, time to first deposit decreased from two days to a few minutes.
• Singapore, licensing under PSA and stablecoin‑settlement. The client obtained MPI status, built a fiat on‑ramp through cards and local banking rails. Internal settlement ran through fiat‑collateralized stablecoin, which reduced operational liquidity gaps and allowed maintaining a 99.9% SLA on withdrawals.
• Dubai, VARA and Travel Rule compatibility. We connected Travel Rule providers, configured sanctions screening and behavioral anti‑fraud. Local PSPs integrated with international exchanges via the gateway API for crypto‑fiat operations; a contingency plan for counterparty failure was embedded in operational procedures.
• United Kingdom, hybrid custody‑model. The client moved from full custodial storage to a model delegating to a custodian and non‑custodial user wallets. This eased FCA requirements while preserving the convenience of fiat off‑ramp.

90–180-day launch roadmap

• Weeks 1–4: strategic design. Jurisdictions, corporate structure, selection of PSP/EMI/exchanges, custody and liquidity model, on-ramp/off-ramp strategy. AML/KYC/KYT policies, Travel Rule frameworks, DPIA for GDPR.
• Weeks 5–10: licensing and contracts. Submitting applications (VASP/EMI/PI where required), KYC providers (Jumio/Onfido/Trulioo), Chainalysis, acquiring and BIN sponsorship if necessary. Development of open banking API.
• Weeks 8–14: development and integrations. Gateway API, webhooks, idempotency, PCI DSS controls, 3‑D Secure, reconciliation ledger mapping, monitoring and alerting, CI/CD and test environments.
• Weeks 12–18: pilot and launch. Regulatory sandbox pilot, load testing, AML playbooks, back-office training, production launch, SRE on-call and post-mortems for incidents.

Frequently asked questions for executives

• How to ensure MiCA compliance and AMLD when launching an on‑ramp? Assign MLRO roles, a KYT‑engine with interpretable rules, sanctions screening, Travel Rule integration and a review/escalation process.
• How much time and budget are required for integration and obtaining licenses? For a “minimum viable” configuration in one jurisdiction allow 3–6 months and budget for development, licensing, KYC/KYT and PCI DSS. Full EMI+VASP stack – from 6 to 12 months.
• how to choose the model custody – hold funds or delegate to a provider? Compare regulator requirements, risk appetite, internal competencies and UX. A hybrid is often optimal.
• How to scale the gateway as transactions grow and maintain SLAs? Implement SRE‑processes, horizontal scaling, alerting, API rate limiting and backup providers.
• What liquidity drop scenarios and action plan if a counterparty fails? Contracts with alternative PSPs/exchanges, counterparty limits, rapid rerouting of volumes and a pre-written playbook.
• How to integrate anti-fraud and AML without reducing on‑ramp conversion? Use staged KYC, adaptive checks, behavioral scoring, false positive management and clear UX prompts.
• Is it worth using a stablecoin inside the app to speed up settlement? For internal settlements this often simplifies liquidity and reduces operational delays: provided proper accounting and legal review.
• How to build a revenue model: fees, spread, interchange and FX margin? Test pricing on different rails, account for network and processing fees, optimize margin via liquidity providers and routing.

How COREDO helps

COREDO covers the entire cycle: company registration in the EU, the United Kingdom, the Czech Republic, Slovakia, Cyprus and Estonia; licensing in the EU, Singapore and Dubai; AML/KYC/KYT setup; selection and contracts with PSPs/EMIs, liquidity providers and custodians. The COREDO team develops policies and operational playbooks, builds Travel Rule contours, assists with PCI DSS and 3‑D Secure integrations, and also supports bank account openings and BIN sponsorship.

Conclusions

COREDO has been designing such solutions since 2016 for the EU, Asian and CIS markets. When an entrepreneur receives a roadmap from us, they don’t get a set of pretty words but a proven path: what to do in which sequence, which metrics to control and how to take managed risks. If you are preparing to launch or scale a crypto‑fiat gateway, let’s discuss your target markets, licenses and economics — and assemble a solution that will withstand growth and regulatory scrutiny.

Since 2016 I have been leading COREDO and have personally supported dozens of cross-border projects — from company registrations in the EU and Asia to licensing payment and crypto services and complex M&A. Over the years the LBO transaction — a leveraged buyout (LBO) — has become one of the key topics where entrepreneurs and CFOs simultaneously see potential upside and significant risks. I often hear the same questions: how to structure debt, which covenants to include, how to protect creditors, when mezzanine makes sense, how to minimize tax and comply with AML/FDI. In this article I systematize the best practices used by the COREDO team and share concrete tools that can be implemented already at the planning stage.

LBO Structure: HoldCo, OpCo and Risks

In a client-centric LBO I always start with the target structure. The HoldCo–OpCo model remains the baseline: the holding company (HoldCo) raises financing and acquires the operating companies (OpCo), and then implements a debt push‑down where it is lawful and economically justified. This arrangement simplifies governance, eases the security package and reduces the risk of “cross-contamination” within the group. It also clarifies accounting, which is important for the subsequent exit and W&I insurance.

Finally, the allocation of risks between banks, bondholders and the sponsor. In the intercreditor agreement we fix the waterfall, pari passu/priority of claims and voting protocols so that no decision vacuum arises in stress scenarios. This is not “paper for lawyers” but a working tool that, at a critical moment, determines who and how manages enforcement.

Buyout financing: debt financing

Often clients underestimate the variety of debt instruments in the EU/UK/Singapore/Dubai. It’s not only about term loans and revolvers, but about a set of modular elements that we combine to fit the target’s specific cash‑flow profile.

• Senior secured debt. The base layer secured by shares (share pledge) and assets (asset pledge). It is cheaper but imposes strict financial covenants and requires a well‑thought security package.
• Senior unsecured debt. Used for flexibility and speed; however, it is more expensive and requires careful covenant management so as not to overburden reporting and not to block capex.
• Subordinated debt and mezzanine finance. These instruments increase leverage capacity but carry higher cost and often include PIK interest and options. I use them when the senior layer hits covenant headroom and business growth covers the risk.
• Revolvers and credit lines. They smooth working capital and seasonality. With a proper cash sweep and dividend restrictions (dividend lock‑up), a revolver reduces the risk of default on principal payments.
• Bridge financing and variable lending. Suitable for carve‑out LBOs and a fast transaction pace, when part of the financing is brought in after closing.

Security package: collateral and trustee

A good security package is not “the more collateral the better”, but “exactly as much as will allow quick and lawful enforcement”. I build a multi-level structure: a share pledge on HoldCo/OpCo, asset‑backed security on key assets and security over intellectual property (IP) if IP is a revenue driver. In cross-border deals it is important to ensure that pledges and guarantees are enforceable in each jurisdiction and comply with insolvency laws.

Additionally, I always include a negative pledge, prohibitions on new security and carve-outs for operational needs. Such provisions protect lenders from “dilution” of collateral, but do not strangle the OpCo’s working capital. The balance is achieved through well-drafted incurrence tests and agreed perimeter exclusions.

Intercreditor: priority of creditors

Intercreditor agreement regulates priority, the payment waterfall, the standstill period and the voting procedure for amendments. In multi-layered financing it resolves the conflict between senior and mezzanine creditors, and also eliminates «grey areas» where each creditor expects someone else to act first.

Templates don’t work the same in the EU, UK and Asia, so I adapt the structure of voting protocols and the thresholds for amendments. In some countries certain amendments require the unanimous consent of senior creditors, and it’s better to take that into account upfront.

Covenants: covenant management

The key to a stable LBO is realistic financial covenants and well-considered maintenance vs incurrence covenants. I recommend combining a leverage covenant and an interest coverage ratio with DSCR and the setting of headroom, taking seasonality and the capex‑profile into account. Such a basket reflects the real ability to service the debt, not just a ‘pretty’ EBITDA.

Negotiating a covenant‑lite approach is appropriate when the borrower’s profile is stable and lenders understand the business model. I push for covenant‑lite not for the sake of a ‘tick-box’, but to reduce the likelihood of technical breaches while keeping the lenders’ risk profile unchanged.

Taxes and debt push-down: efficiency

Tax‑efficient holding structures allow you to simultaneously reduce the tax burden and meet economic substance requirements. Together with tax advisers we set up transfer pricing, analyze withholding taxes and apply interest allocation rules to avoid exceeding local thin capitalization limits.

As part of tax planning for an LBO, I build in dividend restrictions (dividend lock‑up) and cash sweep mechanisms. They accelerate deleveraging and improve ROI over a 24–36 month horizon, and are also viewed positively by lenders and W&I insurers.

Due diligence: what I check and prepare

Legal due diligence for an LBO is not a rewrite of corporate history, but a search for points that turn into price, terms and the structure of security. In focus are titles to assets, IP, key contracts with change of control, licenses and permits, employment/compensation agreements and unresolved disputes. The COREDO team persistently checks beneficial ownership (UBO) and sanctions risks, since banks and insurance companies have made this standard.

Separately, I note completion accounts and post‑closing adjustments. For an LBO they are critical, as they change net debt and working capital, and therefore: leverage. I provide for a clear methodology and an independent expert in case of dispute, to avoid protracted proceedings after closing.

antitrust, FDI, AML/KYC and sanctions

Competition/antitrust clearance and foreign direct investment (FDI) screening often determine the timing of the LBO. In the EU and UK I assess thresholds in advance and submit notifications before signing if this affects CP conditions. In Asia and the Middle East we check sectoral restrictions and local ownership requirements to avoid a “surprise” after the financing has been agreed.

AML/KYC for lenders and investors is part of the mandatory track. I conduct independent AML screening, identify beneficial ownership and verify sanctions screening and compliance. These processes are integrated into the CP list and reduce the risk of a tranche being halted due to a non-obvious link to sanctioned persons.

COREDO case studies

• Secondary buyout in Central Europe with a mezzanine component. The COREDO team implemented a HoldCo–OpCo structure with senior secured and mezzanine finance, providing share pledge and IP pledge on the key software. The intercreditor agreement fixed a standstill and waterfall, and covenant‑lite was applied only to incurrence tests, retaining maintenance covenants for leverage and DSCR. As a result the sponsor gained flexibility for growth, and the banks: managed risk.
• Carve‑out LBO of a technology subsidiary in the UK/EU. Our experience at COREDO showed that bridge financing and escrow arrangements allow closing the deal before completion of IT migration and licensing agreements. W&I insurance mitigated the risk of historical tax liabilities, and the dividend lock‑up and cash sweep accelerated de‑leveraging without harming R&D.
• Cross‑border LBO involving Singapore and Dubai. We structured upstream guarantees taking into account restrictions in local law and agreed negative pledge carve‑outs for trade finance. Debt push‑down was implemented in stages after FDI clearance so as not to breach CP conditions and not expose creditors to regulatory risk.

MAC, default and remedial playbook

Risks in an LBO are predictable if you name them and set out the remedies. I build material adverse change (MAC) clauses that realistically reflect the business profile rather than copying generic templates. This reduces the likelihood of disputes and gives the parties a transparent “traffic light.”

Contingency planning covers refinancing, currency risks and supply risks. I use sensitivity analysis and stress tests to check the debt capacity analysis and to ensure that even with a 20% decline in EBITDA the company maintains a DSCR above the agreed threshold.

Debt restructuring after a buyout

Not every restructuring is a failure. Sometimes it is a planned optimization stage after growth, where a pre-pack and a consensual reorganization give the business a second wind. The COREDO team conducts intercreditor negotiations, coordinates DIP financing and interim financing, and reallocates covenants in favor of flexibility without losing creditor control.

I review insolvency laws and priority of claims at early stages. This allows, if necessary, quickly agreeing on enforcement and avoiding loss of asset value due to procedural uncertainty and disputes among creditors.

Management motivation and control

Agreements between shareholders and MIP (management incentive plan), top-5 documents by impact on results. I insist on clear KPI, vesting and clawback so that management has “skin in the game” and shares long-term goals. This reduces the risk of aggressive dividends and incentivizes investments in growth.

Governance changes post‑LBO often include strengthening the roles of audit and risk committees, a schedule of covenant updates and quarterly stress sessions. This regime increases predictability, and lenders appreciate the discipline and respond by improving terms on refinancing.

What to include in a sponsor’s guarantees

Which legal guarantees to require from the sponsor in a buyout is a common question. I set out capital commitments, support in case of a covenant breach, restrictions on additional encumbrances and penalties for unauthorized transactions. These provisions hedge creditors against “dilution” of interests and discipline investment decisions.

In the disclosure schedules I recommend transparently describing all side letters, intercompany loans and obligations to management. Honesty at this stage saves months of disputes and tens of basis points in the cost of financing.

Due diligence and integration checklist

The documentation checklist for the legal team I keep as a “battle map”. It includes draft versions of the purchase agreement, loan agreement, intercreditor agreement, security package, corporate approvals, AML/KYC packages, sanctions certificates, antitrust notifications, FDI files, W&I policy and schedules, escrow instructions and the closing set.

What documents a lawyer prepares at each stage of the LBO is a frequent request from the CFO. I detail it on the project timeline, assign owners and prioritize by criticality so management spends time on decisions, not on correspondence.

Antitrust and FDI control in LBO

In cases where FDI may impose conditions, I ask banks to build flexibility into the CP list and price formulas. This eases tension and leaves room for constructive dialogue with regulators.

Safeguarding the value of cyber and IP assets

How to create a pledge over intangible assets (IP) in an international group: a separate area. I inventory the rights, check registration in key countries, coordinate licensing flows between the OpCo and the IP‑holding and ensure security over IP taking into account local registries. This is important for technology companies where IP is the main collateral asset.

Escrow arrangements and retention mechanisms are useful when some risks are disclosed only post-closing. We use them together with W&I to avoid keeping large contingent liabilities on the buyer’s balance sheet and to avoid provoking a covenant breach.

Questions executives ask when preparing an LBO

• How to assess debt capacity and leverage for an LBO? I conduct a debt capacity analysis based on stress‑testing of cash flow, DSCR and industry shock scenarios. This creates a reliable framework for negotiating price and debt terms.
• Which covenants should be included in a loan agreement to protect creditors? I choose a combination of maintenance and incurrence covenants, tie baskets to metrics, and limit investment activity through tests so as not to strangle growth. Such a set balances interests and reduces the likelihood of default.
• How does the debt structure affect ROI in an LBO? The larger the share of cheap senior secured debt and the more disciplined the cash sweep, the higher the equity IRR, all else equal. Nevertheless, an excess of debt reduces headroom and increases the risk of covenant breaches.
• What legal measures reduce the risk of credit default after an LBO? Clear MACs and default remedies, a clear cure mechanism, a structured intercreditor agreement and an enforceable security package provide time and tools for a managed response.

How the COREDO team builds the process

We start with a strategic session with the owner and the CFO. I clarify goals for ROI and timing, the regulatory map (licenses, FDI, AML/KYC), the presence of carve‑out factors and management’s readiness for MIP. Then I create the roadmap: due diligence, documentation, financing, regulatory matters, closing and a 100‑day plan.

After closing, the COREDO team supports covenant management, prepares reports for creditors, implements tax planning and helps management integrate debt restructuring into the company’s growth and scaling plan. This format reduces «transactional noise» and speeds up progress toward the target deleveraging.

mezzanine instead of senior debt

Mezzanine makes sense when:

• Operational growth and margins cover the higher cost of capital, and senior limits have already been reached. These are common cases in technology and niche services, where the growth rate exceeds banks’ risk appetite.
• Flexibility of covenants is critical for an M&A roll-up strategy. Mezzanine often provides leeway in incurrence tests and permits more aggressive capex without the risk of technical default.

The COREDO team weighs these factors through financial LBO modelling and sensitivity analysis. This approach makes the choice of mezzanine not a dogma, but a deliberate investment in speed and scale.

Enforcement of Cross-border Security by a Lawyer

How does a lawyer ensure enforcement of cross‑border security? The secret is in three steps: the right choice of governing law and jurisdiction, perfecting the security in the required registries, and a contractual enforcement architecture that takes local procedures into account. We use a security trustee and agency agreements, coordinate debtor notices and check priority in local collateral registers.

The role of escrow and retention mechanisms also increases in cross‑border cases. They insure payment of the price during registration and help bridge regulatory gaps without changing leverage.

Exit strategies and reallocation

Exit strategies in LBO: trade sale, IPO and secondary buyout. Each option dictates its own emphasis in governance, reporting and covenants. I prepare the company for refinancing or sale, aligning the capital structure and removing “legacy” restrictions that can reduce the multiple.

Our experience confirms: a proper 100‑day plan after an LBO accelerates reaching the target ROI and increases the likelihood of a favorable exit. This is not a theoretical statement, but the result of dozens of projects in the EU, UK, Singapore and Dubai.

Recommendations for the CFO and owner

• Carry out a debt capacity analysis before engaging with banks. Create stress scenarios for revenue and costs to demonstrate the resilience of DSCR and interest coverage. This will speed up the move to discussing pricing and covenants and increase counterparties’ confidence.
• Set up covenant management as an operational process. Define responsible parties, monitoring frequency and escalation thresholds. This will reduce the likelihood of technical breaches and make communication with lenders predictable and constructive.
• Integrate AML/KYC and sanctions screening into the CP track. Prepare standardized packages for lenders and investors to avoid tranche delays and reputational risks.
• Early dialogue on antitrust/FDI. Determine thresholds, timelines and the risks of conditional measures. Build this into the SPA and LOAN as a managed variable, rather than as a risk to closing and penalties for non‑performance.

Conclusions

LBO is a powerful tool for accelerating growth and increasing equity value, provided it is built on a solid legal and financial architecture. At its core is a rational HoldCo–OpCo structure, an appropriate mix of senior/subordinated/mezzanine debt, an executable security package with a clear priority of creditors, and a transparent system of covenants. Equally important are tax efficiency without loss of substance, properly calibrated due diligence, and regulatory discipline in antitrust/FDI and AML/KYC.