Your company has just made its largest acquisition ever and your Chief Executive Officer (CEO) says that he wants you to have a compliance post-acquisition integration plan on his desk in one week. Where do you begin? Of course you think about the recently released Department of Justice (DOJ) Guidance on the Foreign Corrupt Practices Act (FCPA) but remember that it did not have the time lines established in the recent enforcement actions involving Johnson & Johnson (J&J), Pfizer and Defendant Data Systems & Solutions LLC (DS&S) regarding post-acquisition integration of a FCPA compliance program by an acquiring company into a company. While there are time frames listed in the Deferred Prosecution Agreements (DPAs) that can be ascertained, one of the things that most compliance professionals struggle with is how to perform these post-acquisition compliance integrations. I recently saw an article in the December issue of the Harvard Business Review, entitled “Two Routes to Resilience”, which presented some concepts that I thought might be of use to the compliance practitioner in a post-acquisition compliance program integration scenario. It certainly might give you some ideas to present to your CEO next week.
The authors, Clark Gilbert, Matthew Eyring and Richard Foster reviewed the situation where an entity must transform itself in response to various factors such as market shifts, new technologies or low cost start-ups providing competition. In order to make such a transition, the authors posit that two transformations must take place. The first one “adapts the core business to the realities of the disrupted marketplace.” This process creates a “disruptive business” within the older more established culture. This leads to the second transformation, which the authors denominate as “establishing a ‘capabilities exchange’- a new organizational process that allows the two efforts to share resources without interfering with each other’s operations.” It is this second transformation that I want to focus on in this article.
Anyone who has gone through a large merger or acquisition knows how terrifying it can be for the individual employee. Many people, particularly at the acquired company will be fearful of losing their jobs. This fear, mis-placed or well-founded, can lead to many difficulties in the integration process. In whatever time frame the FCPA compliance practitioner faces: whether 18 months under the J&J DPA, 12 months under the Pfizer DPA or ‘as soon as is practicable’ under the language of the DS&S DPA; the process needs to move forward in an expeditious manner. In their article, the authors suggest the creation of a ‘Capabilities Exchange’ which allows “the two organizations to live together and share strengths” and will coordinate “the two transformational efforts so that each gets what it needs and is protected from [unwanted] interference by the other.” The authors put forth five steps in this process.
- Establish Leadership. The authors note that while this may be the “simplest step but also the one most open to abuse.” The authors believe that the process should be run by just a few top people. To establish the correct ‘tone-at-the-top’ I believe that you will need the Chief Executive Officer, Chief Financial Officer (CFO) and Chief Compliance Officer (CCO) of the acquiring company and a similar counter-part from the acquired company.
- Identify the resources the two organizations can or need to share. Here the authors are concerned with how much can be brought from the acquired organization into the integration. Hopefully the acquiring organization will have some idea of the state of the compliance program before the deal is closed. It may be that there is some or all of a minimum best practices compliance program in place. If so, attention needs to turn to what can continue and how will need to be integrated.
- Create Exchange Teams. The authors recognize that in many “synergy efforts, everyone is expected to think about ways resources might be shared.” However, they advocated that in Capability Exchanges, the responsibility should be “carefully confined to a series of teams.” Senior leadership should create these teams by assigning a small number of people from both entities with the responsibility of allocating resources used in the integration project.
- Protect Boundaries. The authors believe that for true transformation to take place the organization “must operate as if the future of the company depended on it.” But they must do so in a way that does not “stomp on the camel’s nose” simply because it sticks it in the tent. Once again the Leadership Team established under Item 1 must provide back up if policing boundaries is needed.
- Scale up and promote the new compliance program. Interestingly the authors believe that it is important to celebrate and promote the new entity to both the acquiring company, others in the company and even external stakeholders. It is important that markets and others in the same or similar industry see this evolution and growth.
Given the pressures and time frames in both the pre-and post-acquisition arenas, I believe this article provides some insight into how the CCO or compliance practitioner can think about the compliance program integration that is required in the mergers and acquisition (M&A) context. While the ideas presented by the authors relate to a different area, I believe that they can provide insight into the compliance field as well. It also could of great use to you in presenting a program to your CEO.
This publication contains general information only and is based on the experiences and research of the author. The author is not, by means of this publication, rendering business, legal advice, or other professional advice or services. This publication is not a substitute for such legal advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified legal advisor. The author, his affiliates, and related entities shall not be responsible for any loss sustained by any person or entity that relies on this publication. The Author gives his permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author. The author can be reached at firstname.lastname@example.org.
© Thomas R. Fox, 2012