Tuesday, January 26, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

What’s the Plan? – Planning a Post-Acquisition Merger Strategy

Monitoring in an M&A Context, Part 3

by Jay Rosen
November 6, 2019
in Featured, Risk
concept of merger, shadow of multiple pawns creating a king's crown

How should you plan your post-acquisition merger strategy? Jay Rosen continues his series on monitoring in an M&A context with this exploration of how to strategize the merger following an acquisition.

To plan your post-acquisition merger strategy, first you should start with the Department of Justice (DOJ) and the information contained in various resolution documents on the DOJ’s website. These documents stress that an acquiring entity apply or ascertain that its code of conduct, policies and procedures regarding corruption are consistent with the acquired company’s policies and processes.

If they are not consistent, the acquiring company should apply its code of conduct and anti-corruption policies and procedures to the newly acquired company within 18 months or “as quickly as is practicable.”

Employees from the newly acquired entity must be trained on their new code of conduct and policies and procedures. There must also be a forensic audit to see if any FCPA issues pop up. This same language was brought forward into the 2012 FCPA Guidance.

All these requirements were clarified in the 2017 Evaluation of Corporate Compliance Programs, which outlined the following manner to think through the issues involved:

Due Diligence Process – Was the misconduct or the risk of misconduct identified during due diligence? Who conducted the risk review for the acquired/merged entities, and how was it done? What has been the M&A due diligence process generally?

Integration in the M&A Process – How has the compliance function been integrated into the merger, acquisition and integration process?

Process Connecting Due Diligence to Implementation – What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures at new entities?

These issues demonstrate that there is a continuum from pre-acquisition into post-closing and that they build on the prior steps.

From the pre-acquisition phase, you should be in position to develop your post-closing plan.

Moreover, under the recent addendum to the FCPA Corporate Enforcement Policy, the safe harbor advocated by practitioners such as Michael Volkov have now been memorialized in the U.S. Attorney’s Manual. This now-memorialized safe harbor makes your planning – literally from the time you identify a target through pre-acquisition to closing and into integration, investigation and reporting – even more critical. The DOJ is looking for robustness of process and, of course, how you documented that process through the tenure of events.

Here are some examples of what the DOJ expects to see in a such a process: If pre-acquisition due diligence is performed correctly, it will identify risks associated with the target, and a risk assessment of that company should follow as a part of your pre-acquisition due diligence along the line to your post-acquisition to give you a roadmap of what areas of risk need to be addressed immediately.

Some of the things you would specifically look for in an integration plan are around internal controls. So, are you going to use the acquired entities’ internal controls, or are you going to put your company’s internal controls regime in place? If so, how are you going to integrate them? How are you going to address any training and awareness gaps related to the acquired company’s employees’ ethics and compliance responsibilities? Do people understand the acquiring company’s anti-corruption posture and their anti-corruption, bribery and compliance policies and procedures and all that needs to be well-documented into an integration plan?

The documentation component is crucial. If no plan is followed, it’s extremely hard to demonstrate the pre- and post-acquisition due diligence to an external entity like the DOJ.

The real issue has to do with how a company demonstrates to a government regulator that they have done everything possible to identify risk associated with corruption and misconduct.

And if misconduct is identified, has the acquirer undertaken adequate steps to inform the government and make the necessary disclosure?

Finally, let’s consider how and why an independent monitor can be useful in this process. One of the ways we’ve seen it work extremely well is to help allay some of the concerns around an acquisition. If a company utilizes an independent monitor to do an assessment proactively after that acquisition has taken place, such a third party can come in and conduct the same assessment (or a similar kind) as you would do under a government requirement.

This process allows a determination of whether there has in fact been full integration, whether employees understand their responsibilities and are comfortable reporting issues to their new managers under the combined company and the new structure, whether there have been any training gaps, whether those gaps have been completely filled and whether the company has done an adequate risk assessment of where the post-acquisition risks might lie.

This can be used to demonstrate to the DOJ (or anyone else that might be looking) that the company has performed adequate due diligence, which is exactly what they are looking for.

Please join me next week when we will consider the types of things a monitor would review to determine if a company adequately considered ethics and compliance during the M&A process.

 


In case you missed the earlier installments of this ongoing series, please see the links below.

Everything You Always Wanted to Know About Monitors But Were Afraid to Ask

Part 1, Part 2, Part 3, Part 4 and Part 5

Potential Issues in Corporate Monitorships

Part 1, Part 2, Part 3, Part 4 and Part 5

Suspension and Debarment in Monitoring

Part 1, Part 2, Part 3, Part 4 and Part 5

Monitoring in the Health Care Sector

Part 1, Part 2, Part 3, Part 4 and Part 5

The Basics of Corporate Culture

Part 1, Part 2, Part 3, Part 4, Part 5

Monitoring in an M&A Context

Part 1, Part 2


Tags: DOJmergers and acquisitionsmonitoring
Previous Post

How Emerging Technologies Are Disrupting the Banking Compliance Landscape

Next Post

Sexual Harassment: Focus on Culture, Not Compliance

Jay Rosen

Jay Rosen is Vice President, Business Development and Monitoring Specialist at Affiliated Monitors, Inc., the first company in the U.S. to focus on providing independent integrity monitoring and assessment services across a wide range of regulated industries and professions. Jay previously headed up Merrill Brink’s FCPA Investigations and Ethics and Compliance translation group. He has over eight years of experience assisting clients on cross-border investigations, as well as helping them localize their code of conduct and other mission-critical English documents for their global colleagues. For almost three years, Jay has co-hosted the #1 weekly FCPA podcast, “This Week in FCPA,” with Tom Fox. Tom and Jay recently launched a second podcast, “Popcorn and Compliance,” and Jay is also a commentator on the biweekly podcast, “Everything Compliance,” with Jonathan Armstrong, Tom Fox, Sarah Hadden, Matt Kelly and Mike Volkov.

Related Posts

RiskMap 2021: Legal and Compliance Outlook

RiskMap 2021: Legal and Compliance Outlook

January 25, 2021
illustration of man on ladder with binoculars, 2021 outlook concept

Financial Services Compliance in 2021

January 25, 2021
illustration of mafia man in silhouette with red tie

The Mafia’s Jackpot: How Criminal Organizations are Profiting from COVID-19

January 22, 2021
illustration of videoconference, screen and speech bubbles

New Risks as COVID-19 Forces Rapid Technology Adoption

January 21, 2021
Next Post
businesswoman pushing businessman away

Sexual Harassment: Focus on Culture, Not Compliance

Access realtime data
Dynamic Risk Assessments with Workiva

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights