With the IPO market continuing to surge, it’s vital that companies preparing for their IPOs rigorously examine their risk management, controls and compliance infrastructure for a successful offering and to support future growth, according to a new report by PwC US. The report, entitled Fortified for Success: Building Your Company’s Risk, Controls and Compliance Ecosystem for the IPO and Beyond, outlines the seven critical steps businesses need to take in building a scalable risk management and compliance system to protect shareholder value post IPO.
“It’s easy for companies preparing for their offerings to get IPO tunnel vision and postpone getting their risk, control and compliance ecosystem in place until the IPO is behind them,” said Dean Simone, leader of PwC’s US Risk Assurance practice. “The reality is they will save time and money if they focus on long-term risks and controls upfront, protecting them from missteps and embarrassments in the future.”
Risks, controls and compliance become vital drivers of sustainable growth, giving companies the tools to meet their new investor, market and regulatory expectations, according to PwC. “Companies with long-term vision can reach their IPO having already built many of the structures, processes and systems they’ll need to manage the risks, rules and obligations they’ll face as a public company,” added Jason Pett, Internal Audit Services leader for PwC. “The pre-IPO process requires a business to envision the company’s future state and needs beyond the IPO. Companies with this forward-looking mindset will be better positioned for success beyond their transition into the public markets.”
To amplify their chances of success leading up to the IPO and beyond, PwC laid out seven focus areas to help companies capture the full value of their offerings:
- Hone your leadership and build your teams
Investors want assurance that there’s a depth of talent to endure the long process of becoming a public company and to demonstrate the ability to lead the company’s future growth. Building an expanded leadership team may require adding individuals with public company experience, in addition to potentially adding third-party advisors to help efficiently scale potential risks, controls and compliance efforts.
- Evaluate your Sarbanes-Oxley readiness and controls infrastructure
Meeting the provisions of the Sarbanes-Oxley Act represents a compliance challenge for many companies planning an IPO. Management should start planning as early as possible to understand the various compliance timeframes and strategically plan for implementation.
- Gauge the capabilities of your systems to meet new requirements
A company’s existing systems and processes will often prove inadequate for its future state as a public company. Areas in which risk assessments will typically uncover scalability issues include accounting, human resources and customer relationship management systems.
- Create your ethics policy, standards and controls
Institutional investors and the investing community are paying more attention to creating and refining their corporate governance principles and practices when planning their public offering. Companies need to define each element of the code of conduct, detail compliance standards and address how they will be adopted across the enterprise for the long-term.
- Conduct a compliance risk assessment
An IPO-bound company should conduct a thorough compliance risk assessment to help the organization catalogue and prioritize the full spectrum of its compliance risks and gauge its resource allocations. A compliance risk assessment is part of a larger enterprise risk assessment that provides a detailed, overall picture of current and emerging risks to the organization.
- Elevate your governance, risk management, compliance and internal audit activities
Companies preparing to go public will need to build out their risk, controls, compliance and internal audit functions, prioritizing the people, processes and technologies that will be most valuable. When these efforts are brought together in a coordinated system rather than operating in silos, the result is not only greater in efficiency but the ability to align systems, people and culture with management’s strategic priorities.
- Instill a public company mindset
Becoming a public company requires a change in mindset, including finding the right balance between risk and control. Public companies must learn to speak the language of risk and compliance for a post-financial crisis audience of regulators, investors, analysts, journalists and NGOs in order to not erode stakeholder esteem.
We live and operate in a world of risks — now more than ever. As companies plan the jump from private to public, the time is right to also plan the jump from reactive to proactive risk, controls and compliance management. Taking measured steps to establish your risk, controls and compliance ecosystem now can support your company through the IPO process and beyond and save you the expense and risk of retrofitting systems and processes to the company later. This paper outlines seven focus areas that form the core of those early efforts.
Read the paper by PWC in its entirety here.
About PwC’s Risk Assurance practice
PwC understands that significant risk is rarely confined to discrete areas within an organization. Rather, most significant risks have a wide-ranging impact across the organization. As a result, PwC’s Risk Assurance practice has developed a holistic approach to risk that protects business, facilitates strategic decision making and enhances efficiency. This approach is complemented by the extensive risk and controls technical knowledge and sector-specific experience of its Risk Assurance professionals. The end result is a risk solution tailored to meet the unique needs of clients.
About PwC US
PwC US helps organizations and individuals create the value they’re looking for. We’re a member of the PwC network of firms, which has firms in 157 countries with more than 195,000 people. We’re committed to delivering quality in assurance, tax and advisory services. Find out more and tell us what matters to you by visiting us at www.pwc.com/US.
© 2014 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved. PwC refers to the U.S. member firm and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details.