RoyaltyOne v Century Mine: A real life case study in protecting privilege during due diligence

A legal due diligence process will always involve potential buyers gaining access to confidential information of the vendor and the target group companies.^[1] In some cases, this information may be privileged as well. The existence of privileged information will be particularly common in circumstances where the target has faced regulatory investigations or enforcement actions from bodies such as ASIC, AUSTRAC or APRA. In these situations, buyers will require a thorough understanding of the scope of regulatory action and associated risks, which will be fundamental to their due diligence investigations. If precautionary steps are not taken, privilege may be lost (i.e. inadvertently waived). This could allow other parties to obtain the privileged information in the future through compulsory court processes such as discovery and subpoenas provided the privileged information is relevant to the issues in dispute in the court proceeding. This risk of waiver is particularly acute in an auction sale process, where multiple bidders are granted access to the vendor's confidential information, as opposed to a bilateral negotiation involving a single buyer. So how do you prevent a waiver of privilege during the due diligence process?

The first step is to bear in mind the common law test for whether privilege has been waived: has the client acted inconsistently with maintaining the confidentiality that exists for communications between lawyer and client? If yes, privileged has been waived. Whether there has been inconsistency is "informed by considerations of fairness" "where necessary" but "not some overriding principle of fairness operating at large" (Mann v Carnell [1999] HCA 66; 201 CLR 1).

The second step is to implement appropriate measures that will prevent this inconsistency from arising. These measures may include:

• applying redactions to certain documents;

• limiting access to certain sensitive documents to a short list potential buyers; and

• implementing a confidentiality regime for all potential buyers.

It is important that the confidentiality regime is documented correctly so that it prevents any waiver of privilege. The recent case of RoyaltyOne Pty Ltd v Century Mine Rehabilitation Project Pty Ltd [2025] VSC 152 illustrated this point well. In that case, the Court found the wording of the third party confidentiality regime was not restrictive enough to prevent a waiver of privilege.

What was RoyaltyOne about?

RoyaltyOne v Century Mine concerned a due diligence for the proposed refinancing of debt owed by New Century Resources Limited. A due diligence report was prepared by New Century and its solicitors to provide to potential lenders. The report included a statement that it "is confidential and may not, without the prior written consent … be disclosed (whether in whole or in part) under any circumstances to any person". The purpose of the report was "to identify, on an exceptions basis, the key legal issues which may materially impact on the Lender's assessment and structuring of the Proposed Refinancing ..."

New Century provided three parties with the due diligence report. Before doing so, the parties signed one or more of a confidentiality agreement, a confidentiality undertaking and a reliance letter.

New Century also undertook a capital raising. New Century provided the two underwriters with the due diligence report after they first entered into confidentiality deeds and an underwriting agreement.

New Century and parties associated with it then became involved in a dispute with RoyaltyOne Pty Ltd concerning royalties. RoyaltyOne sought access to the due diligence report. It accepted that the report was privileged but alleged that New Century had waived privilege over it by disclosing it during the due diligence process in the circumstances outlined above.

So was privileged waived?

Justice Waller concluded that the wording in the reliance letter and underwriting agreement resulted in a waiver of privilege while the wording in the confidentiality agreement and confidentiality undertaking did not. Let's look at each in turn.

The reliance letter: waiver of privilege

The reliance letter contained the following terms (among others):

"You may make copies of the Report available to each of your affiliates, related bodies corporate, directors, officers, employees and professional advisers (including financial, accounting, industry and legal advisers), provided that, in each case, you take reasonable steps to ensure that they understand and agree that:

(i) the Report is confidential and may not be disclosed to any other person without our prior written consent (which may be withheld in our absolute discretion);

(ii) the Report is provided to them under the terms of this letter; and

(iii) such persons may not rely on the Report; that is, reliance on the Report is limited to you …

In addition, you may disclose the Report … to seek or establish any cause of action or defence in any legal proceeding or investigation… "

Justice Waller concluded that the terms of the reliance letter were "inconsistent with the maintenance of client legal privilege over the Report" and hence there was a waiver of privilege. This was for reasons including:

• The reliance letter expressly allowed disclosure "to seek or establish any cause of action or defence in any legal proceeding" and hence "[i]t explicitly contemplated …[the recipient] using the information in adversarial proceedings against the privilege holder or its lawyers, thereby creating a fundamental tension with maintaining privilege, which normally protects legal advice from potential adversaries". This "undermined the essential purpose of the privilege by deliberately placing the privileged legal advice in the hands of a potential adversary with explicit permission to rely on that advice".

• The "reliance letter permitted… [the recipient] to share the report with affiliates, directors, employees and advisors with minimal restrictions, significantly expanding the circle of confidentiality". The recipient "was only required to take 'reasonable steps' to ensure recipients understood their confidentiality obligations, but there was no requirement for written confidentiality agreements from secondary recipients and no limit on the number of people within these broad categories who could access the Report".

The underwriting agreement: waiver of privilege

Justice Waller concluded that the underwriting agreement waived privileged over the due diligence report for the following reasons:

• The underwriting agreement contained a "privileged preservation regime" but the due diligence report was carved out of that regime.

• The underwriting agreement "explicitly provided" the underwriters with "full and free access" to the due diligence report. Justice Waller considered that this degree of access "goes beyond mere confidential disclosure" and "suggests complete access without reservation, constraints or conditions".

• The underwriting agreement "expressly authorised the underwriters to 'use and rely on information provided' (including the Report) in performing their obligations, which included marketing the offer to third parties and potentially appointing sub-underwriters". "This arrangement allowed the underwriters to make commercial decisions based on the legal advice contained in the Report and potentially share aspects of this information when marketing the offer or appointing sub-underwriters".

The confidentiality agreement: no waiver of privilege

Justice Waller concluded that the terms of the confidentiality agreement were sufficient to maintain privilege. These terms included:

• the recipient must keep the due diligence report "confidential and ensure that it does not disclose or permit the disclosure … to any person";

• the recipient must "take steps that are reasonably necessary, prudent or desirable in order to safeguard the confidentiality of" the due diligence report "including to establish and maintain effective security measures to safeguard all Confidential Information from unauthorised access, use, copying, disclosure, damage or destruction";

• the recipient must only use the due diligence report for the "Approved Purpose"; and

• the recipient may disclose the due diligence report to its representatives "to the extent they need to know" of the report and provided they procure the representatives comply with the confidentiality agreement.

The confidentiality deed: no waiver of privilege

Justice Waller concluded that the terms of the confidentiality deed were sufficient to maintain privilege. These terms included:

• the recipient acknowledges the due diligence report "is secret and confidential … and must be held in strict confidence";

• the recipient "must take all necessary and suitable measures and actions to effectively protect" the due diligence report "at any time … against unauthorised access";

• the recipient must only use the due diligence report for the "Authorised Purpose"; and

• the recipient may only disclose the due diligence report to affiliates and representatives "that have a specific need to have access" and who are "obliged and bound to treat" the report "in substantially the same manner" as the recipient is under the confidentiality deed.

Key takeaways

A confidentiality regime alone may not be sufficient to prevent the waiver of privilege during a due diligence process. The specific terms of the confidentiality regime are equally important.

As illustrated in RoyaltyOne v Century Mine, an effective confidentiality regime should:

• limit the use of the privileged information strictly to the purpose of conducting due diligence;

• restrict disclosure of the information to a small number of individuals who genuinely need access for the purpose of conducting due diligence;

• require each recipient to enter into a written confidentiality agreement before receiving the information;

• ensure that any secondary recipients (such as representatives of the primary recipient) either enter into a confidentiality agreement or provide a confidentiality undertaking as a deed poll in favour of the primary recipient, in each case on substantially similar terms as the confidentiality agreement entered into by the recipient; and

• ensure there are no express terms within the regime which conflict with maintaining privilege.

In an M&A context, particularly in competitive or auction processes involving multiple bidders, the risk of inadvertent waiver increases due to broader disclosure. Even with confidentiality protections in place, courts may still find that privilege has been waived if the disclosure is inconsistent with preserving that privilege.

The test for waiver of privilege is not always clear-cut. While the only way to guarantee perseveration of privilege is to limit disclosure to the client and its advisors, this is not commercially feasible in a transactional context where potential buyers require full access to confidential information to conduct due diligence.

Accordingly, vendors should carefully and critically assess the risk of privilege being waived and whether the privileged material is sufficiently important to the buyer's due diligence exercise to justify that risk. Where disclosure is necessary, appropriate safeguards as outlined above, should be implemented as part of the confidentiality regime to help mitigate the risk of waiver. In some cases, particularly in auction contexts, it may be preferrable to hold off disclosure of privileged information until the preferred bidder has been selected. At this stage, disclosure can be made as part of black box due diligence where there is adequate justification for common interest privilege on the basis of a pending transaction. Common interest privilege is not a separate form of legal professional privilege but instead is relevant to waiver, in that its establishment will assist in safeguarding any inadvertent waiver of privilege. For common interest privilege to apply, the relevant communication must be subject to legal professional privilege, the interest said to be common must be identified and the exchange of the information or advice, subject to legal professional privilege must relate to that interest. Ultimately, careful handling of privileged material is essential to preserving legal protections and ensuring a smooth transaction process for all parties involved.