Today is the anniversary of one of the greatest finds in ancient archeology. 73 years ago, the Lascaux cave paintings discovered by four teenagers who stumbled upon the ancient artwork after following their dog down a narrow entrance into a cavern. This stunning find, consisting mostly of animal representations which ranged in age from 15,000 to 17,000 years-old, are considered to be among the finest examples of art from the Upper Paleolithic period. The pictures depict, in excellent detail, numerous types of animals, including horses, red deer, stags, bovines, felines, and what appear to be mythical creatures. Archaeologists believe that the cave was used over a long period of time as a center for hunting and religious rites.
Fortunately you do not have to look for something so rare when it comes to the steps you need to take when considering your mergers and acquisitions (M&A) obligations under the Foreign Corrupt Practices Act (FCPA). M&A now rates its own step in the FCPA Guidance’s Ten Hallmarks of an Effective Compliance Program. In No. 10, monikered “Mergers and Acquisitions: Pre-Acquisition Due Diligence and Post-Acquisition Integration”, the Guidance states, “In the context of the FCPA, mergers and acquisitions present both risks and opportunities. A company that does not perform adequate FCPA due diligence prior to a merger or acquisition may face both legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue—with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability.” In other words, good FCPA compliance is also good business.
Auspiciously for all of us Carol Switzer, President of the Open Compliance and Ethics Group (OCEG), has provided a compendium of steps that the compliance practitioner should take, in a Compliance Week article, entitled “How to Boost Your Merger and Acquisition IQ”, together with another in the OCEG Anti-Corruption Illustrated Series, entitled “M&A Corruption Due Diligence”, Switzer breaks the M&A compliance process into three general areas, with the specific steps she recommends under each.
I. Advance Risk Assessment
Make Strategic Decisions. Why would you select this opportunity as opposed to others? Here Switzer writes that your company’s risk tolerance should come into play. Are there some markets where the risk of corruption is simply too high. Witness GlaxoSmithKline PLC (GSK) which has implied it may leave the Chinese market after the recent corruption allegations against it. But, more than simply a market analysis, you should consider whether you wish to grow organically or strategically. If through strategic acquisitions, what criteria should you use for your targets?
Identify Top Level Corruption Threats. Here the list is the usual suspects of concepts. Is the operation that you are considering in a high risk country? Does it have multiple government touch points? Is the sales model third party representatives or internal resources? Are a large amount of goods or services moved across borders? How about sales to foreign governments or state owned enterprises? Thinking about GSK in China, is there a history of payments to or entertainment of government officials? Have you looked at the owners, directors and key employees of the target to see if there is any evidence of corruption?
Make Tactical Decisions. Here a company needs to analyze the findings for each target location to answer such questions as to whether it is better to build or buy, what markets a company targets or avoids and other upstream determinations can help to lower the likelihood of selecting acquisition targets with high corruption risks. Switzer writes that “By sniffing out top-level corruption threats in the risk assessment phase, the company can identify and resolve corruption issues earlier and at a lower cost than it would incur when scrambling to react to these same issues later in the transaction process.” I would add that your assessment needs to be documented as well.
II. Pre-Transaction Activities
Dig Deeper. At this point, Switzer states that it is time to begin to dig deeper into the proposed target. After you have established your M&A team members, you should being to assess the target’s compliance awareness and program, the nature of any dealings it has ongoing with foreign governments and determine if compliance related policies and procedures are in place. The next step is to inspect. To accomplish this, hard copies of documents should be obtained and reviewed. In addition to the overall policies and procedures, you should review the accounting records and contracts with third parties, including any due diligence performed. You need to determine and review if there any specific policies and procedures related to the following areas: gifts, entertainment, travel and hospitality.
Next you will need to interview key personnel, including the executive team, high production employees and compliance professionals. You should also perform independent background checks and due diligence on this group. This same exercise should occur with key third party relationships of the target.
From here you should move to transaction testing. Your testing should include sales and business expenditures, payments to third party consultants, related third party transactions, travel and entertainment expenditures, charitable donations and political contributions.
All of this information then needs to be analyzed to determine if you wish to move forward. Switzer advises some of the key considerations should be potential successor liability, unsustainable business models due to corruption and the potential costs of any remediation going forward. Once again you need to document any decisions you make to go forward if red flags have appeared.
III. Post-Closing Activities
Analyze. Under this step, Switzer advises that you should begin to determine risks for ongoing business, prioritize ongoing compliance needs of the now acquired company, evaluate in detail the anti-corruption training that the target had provided to its employee basis to determine sufficiency and evaluate in detail all accounting process and policies and procedures if you did not have the opportunity to do so pre-acquisition.
Remediate Outstanding Issues. Now you need to fix any identified shortcomings in the newly acquired entity. This could include the tone at the top, the Code of Conduct, any third party procedures and training.
Integrate. You should use this step to instill a culture of compliance in the newly acquired entity if such was not present, though both training and the implementation of enterprise wide policies. To the extent possible you should establish uniform accounting and technology.
Communicate. In this final step, Switzer suggests that you need to communicate directly with the newly acquired entity so as to enlist their help in managing the change that will go forward. This would include all stakeholders, employees, third party representatives and even customers. Finally, be sure to inform your management, Board of Directors and regulators, such as the Department of Justice (DOJ), as appropriate.
Switzer notes that the earlier you can deploy these steps the better off your company will be at the end of the day. Near the end of her article Switzer quotes from an Ernst & Young white paper, entitled “Increased Oversight of M&A: An Expanding Role for Audit Committees”, that “Failed M&A can destroy a company’s market value, destabilize its financial position and credit ratings, impair its strategic position, weaken the organization and damage the company’s reputation”. She then ends with these words of wisdom, “By treating their deal-drivers as organizational protectors and vice versa, acquiring companies can ace their due diligence and improve their odds of avoiding a failed deal.” To which I can only add – indeed.