There Are No (Absolute) Red Flags in Venture Capital

Let’s accept, for the purposes of this essay, that founders and venture capitalists are engaged in a simple trade. Founders sell business risk for the cash they need to take bigger risks; venture capitalists buy that risk hoping it will one day transmute into reward. Each side does this because they believe that, ultimately, the size of the risk is directly correlated to the scale of the potential reward.

But there’s acceptable risk and there’s unacceptable risk. No sane person is going to invest in a scheme to turn lead into gold, but early-stage startups—and even some mid- and late-stage startups—rarely present such a clear-cut profile. Investors are often under pressure to evaluate seemingly great ideas and teams without all of the information they’d ideally have to decide whether to put their money on the line.

I’ve written in the past about how investors consider the reward side of this process, so let’s focus on the risk side. Some risks are obvious—the market may be too small or the costs too high—not to mention that pesky fact that the future is always ultimately unknowable. But some risks are more idiosyncratic. We call these red flags.

There’s been a lot of talk about red flags recently, mostly in the context of FTX and the diligence that its investors may or may not have done before committing their partners’ funds. I happen to believe that investors did a heck of a lot more diligence than they’re being given credit for having done, but I also think that conversation misses the point. Red flags, when you find them, are rarely deal-killers. They’re just pieces of information, indications of risk. The bigger the reward potential, the more red flags an investor should be willing to accept—or even expect. 

Let’s take a look at a specific type of red flag I’ve seen and the nuances it presents: During the diligence process, an investor discovers that the numbers in a pitch don’t match the numbers on a revenue or income statement. This is, without a doubt, cause for concern. There are two major explanations here—either the founder made a mistake or the founder is lying.

If the founder doesn’t seem to understand the numbers, the investor will probably decline the deal—not because of any specter of dishonesty, but rather because the founder is demonstrably incompetent. If the founder gets evasive when confronted, the investor would probably conclude that they’re lying and walk away. But if the founder recognizes the discrepancy as a mistake and quickly corrects it, provided the error is fairly trivial, the investor may lose some confidence but not give up on the deal. 

There are other classes of red flags. Sometimes the corporate structure is odd (this was true of Facebook, which in its earliest days granted founder Mark Zuckerberg enough super voting shares to ensure his will would go virtually unchallenged), or the company was originally a non-profit (see: OpenAI). Founders get flagged for not thinking deeply enough about a problem and for thinking too deeply about a problem without taking action. Some investors believe that being a first-time founder is a red flag in and of itself, while others see it as a strong positive. 

Remember: Red flags are very rarely outright fraud, and when they are, it’s often obvious only in hindsight. Different investors have different levels of risk tolerance and generally only agree with each other when someone else makes a catastrophically bad and public mistake. Especially in a later stage company, there are so many places for a malicious actor to hide their dirty dealings that it would be incapacitating for any investor to do all the diligence required to definitively eliminate fraud. Such a thing simply isn’t possible. Look at Enron! Look at Madoff!

And finally, on the other side of any red flag is one critical, inescapable question: If the product is selling and the company is making money, how big a problem could it be? What if what looks like a red flag turns out to be a meaningless distraction and the deal you walked away from nets someone else a billion-dollar return? I’m willing to bet that there are investors who passed on Google’s Series A in 1999 because it had almost no revenue—a clear red flag for a company raising $25 million—and are still kicking themselves for it. 

All of which is to say that so-called red flags matter, but not in any kind of mechanistic way. And if you flip that around, there’s an important lesson here for founders.

Every business has flaws that could be considered red flags by someone. (If there are absolutely no red flags, that could be the biggest red flag of all! But I digress…) One of the most useful things a founder can do when preparing to raise capital, therefore, is to take as objective a view as possible of their business and know where those red flags are. For instance, delivery businesses generally have low margins relative to software businesses. Some investors won’t touch delivery for that reason, but most are happy to dig deep provided that margins are improving at a high enough rate that they can turn a hefty profit before the company implodes. 

One of my favorite misunderstood red flags has to do with the default rate of a lending business. Many founders work hard to demonstrate that their default rate is, effectively, zero. This feels smart, like perfect risk-management. But it is also almost always the wrong answer. Lending requires at least some risk, so if the default rate is zero, it means the founder hasn’t stress tested their model on a broad enough range of users. What investors actually want to see is a reasonable default rate within the context of factors like the cost of capital, the ease of scale, the return profile, etc. As long as the default rate makes sense within the overall story of the business—and that the story ends in huge returns—no red flag.

The best thing a founder can do is to draw attention to their red flags proactively and in detail. See this unusual management structure we have? That’s on purpose. See this gap in our revenue over here? We screwed up, here’s how and here’s what we learned from it.

In the end, what matters is context—the way whatever red flags there may be fit into the larger narrative of the business. No red flags mean no risk at all, and that wouldn’t be particularly interesting.


I originally published this in by The Information on Jan 18, 2023: