Revenue recovery needs one thing: a read-only export of historical referral, pipeline, or partner activity — who referred or partnered, when, how often, and the resulting volume — with enough history to establish each relationship's baseline. It comes from the CRM or revenue-cycle system as a one-time extract. There's no live system access, no production integration, and no change to the company's systems. That keeps the security surface small — bounded historical data, governed by the usual confidentiality, DPA, and where relevant BAA or GDPR terms — and removes the integration debate that stalls most portfolio AI.
- One read-only extract — historical referral/partner activity, nothing more.
- No system access or integration — nothing to install, no API into production.
- Small security surface — bounded data, minimisation, standard agreements.
- It removes the usual blocker — the engagement starts as soon as the extract exists.
The integration blocker
Most portfolio AI initiatives don't die from a bad idea; they die in the data-and-security review. The moment a tool needs production access, a new integration, or a live data feed, it acquires an IT backlog, a security assessment, and a vendor-risk process — and a six-week pilot becomes a six-month negotiation. Operating partners know this, which is why "how big is the lift on our side?" is one of the first questions a portfolio-company CEO asks. If the honest answer involves IT resourcing and a system integration, momentum is already gone. The design goal for any portfolio-wide initiative has to be: minimise what the company must hand over and touch nothing in production.
What's actually needed
Revenue recovery is built to that goal. What it needs is a single, read-only historical extract describing the company's referral or partner activity over time. Concretely, that means records of who the referral sources or partners are, when each interaction or referral happened, the volume each produced, and enough history — typically a couple of years or more — to establish each relationship's normal cadence. In most companies this is a straightforward export from the CRM, referral-management, or revenue-cycle system. It is one file, produced once, by someone who already has access to that system. That is the entire ask.
Get a benchmark estimate before any extract changes hands.
The free Revenue Recovery tool runs on five inputs you already know — no data export, no email required.
Open the free tool →What's not needed
It is worth being explicit about everything the engagement does not require, because the absence is the selling point. No live or API access to the CRM or any production system. No software installed inside the company's environment. No integration project, no IT sprint, no engineering time from the portfolio company. No access to systems beyond the one historical export, and no ongoing connection — the diagnostic works on the static extract. For the standing always-on phase, monitoring is arranged deliberately and still without production integration. The point is that an operating partner can authorise this without convening the company's IT and security functions for a months-long evaluation.
The security answer
Because the data is bounded and static, the security conversation is correspondingly small — but it is still answered properly, not waved away. Three things cover it. First, minimisation: the extract is limited to the fields needed to score relationships, and identifiers can be reduced or pseudonymised where the analysis doesn't need them. Second, the standard agreements: confidentiality, a data-processing agreement, and where the data is sensitive, the relevant BAA (for protected health information) or GDPR terms — Innovation Park is EU-established, which simplifies the European side. Third, the structural point that there is no live attack surface: a one-time historical export governed by contract is a far smaller risk than a vendor with standing access to production systems. That is usually enough for a security team to clear it quickly, which is the whole objective. On qualifying $30M+ engagements the recovery work then carries our 3× fee recovery guarantee: we recover at least three times our fee, or we keep working at no additional fee until we do.
FAQ.
What data does revenue recovery need from a portfolio company?
A read-only export of historical referral, pipeline, or partner activity — who referred or partnered, when, how often, and the resulting volume — with enough history to establish each relationship's baseline. It typically comes from the CRM or revenue-cycle system as a one-time extract. No live access, no integration, no change to the company's systems.
Does revenue recovery require system access or integration?
No. The diagnostic runs on a static historical extract, not a live connection. Nothing to install, no API into production, no IT project to schedule. That deliberately removes the access concerns that stall most portfolio AI, and means the engagement can begin as soon as the extract is produced.
How are data security and compliance handled?
Through minimisation and standard agreements. The extract is limited to the fields needed, identifiers can be reduced or pseudonymised, and the work is governed by confidentiality, data-processing, and where relevant BAA or GDPR terms. With no live access and bounded historical data, the security surface is far smaller than a typical software integration.
How to start.
Here is the fastest path to a real answer. No leap. A stair.
Run the free tool
Five inputs you already know. No data export, no email. A benchmark range before anything changes hands.
Which portco first
The triage rubric — data readiness is one of the four factors.
Book a 30-min qualification call
Tyler personally. We walk through the exact extract and the security terms. No pitch.