Over this series, I am visiting with Eric Feldman, Senior Vice President, Don Stern, Managing Director of Corporate Monitoring & Consulting Services, and Rod Grandon, Managing Director of Government Services, from Affiliated Monitors, Inc., (AMI) who is the sponsor of this series. In it, we explore how to go about assessing ethics and compliance in the mergers and acquisition (M&A) context. In this first episode I visit with Feldman on the why’s, what’s and how’s of an independent assessment of a target.
Feldman began with the observation that most of the issues in the M&A context come from the target or acquired company and most usually from the acquiring entity simply not paying enough attention during the pre-acquisition phase and making a discovery post-closing. This one of the reasons the Department of Justice (DOJ) has put such important stock in the pre-acquisition phase where a company needs to perform compliance due diligence and a risk assessment which will inform the entire process.
I asked Feldman for some of the items that he would look for in the pre-acquisition phase. He said he would begin by asking for the indicia of a best practices compliance program. “You should begin with whether or not the company has a Code of Conduct, appropriate policies, procedures and controls and what they may look like. Consider some of the basic policies you might expect such as anti-retaliation policy, anti-harassment policy and, most importantly, an anti-corruption policy which has been implemented. Moreover, have they been effectively implemented.”
From there move onto the Chief Compliance Officer (CCO) and the compliance professionals and determine if they have the independence, the authority, and the resources to do the job effectively. Next you would want to look for is whether there is an anonymous reporting hotline. From there consider compliance at the Board of Directors. Does the Board have a Compliance Committee or compliance professional on it? If not does the Audit Committee handle compliance issues? Does the CCO have contact with the Board? If so, how often is it reflected in the Board meeting minutes. Are they briefing the board? Is the board providing leadership?
We then turned to less structural and more cultural issues to test the values and integrity of a potential target. Feldman said one of the things you want to try to get at is the culture of the company and whether the company has been committed to creating an ethical and compliant culture. You should inquire as to whether there is a performance management system including hiring promotions and bonus determinations that place ethics and compliance factors as part of the calculation in addition to financial factors.
The next step would be to consider employee morale. Are there any red flags in the target which might indicate they have tolerated harassment or bullying? Are employees comfortable with raising their hand or speaking up? Have there been employee surveys in these areas and if so, you should review them as well.
Certainly in the anti-corruption realm another key inquiry is the target’s sales model. Is it internal with their own employees or is it through third parties such as agents, representatives or distributors? If it is third parties, you need to perform as much review of the target’s files on their third parties as possible. This means reviews of the full five-step process around third party management: (1) Business Justification, (2) Questionnaire, (3) Due Diligence and its Evaluation, (4) Contract issues including compliance terms and conditions and compensation rate, and (5) Management after contract execution. You should also interview key stakeholders in compliance, the Chief Financial Officer (CFO), head of Internal Audit and Internal Controls and business unit Vice Presidents (VPs) on issues relating to third parties, in addition to your more general interview questions about compliance, corporate culture and values.
Near and dear to my mantra of Document, Document, and Document, was Feldman’s thoughts on keeping a thorough record of your entire process. Not only should the target (or at least you would hope) have a documented process of all of the above issues, but you should be sure to document your entire pre-acquisition process as well. This could be important if you discover any nefarious conduct in the pre-acquisition phase which you should report to the DOJ or if such discovery occurs after closing. If it happens after closing you will need to be able to document the reasonable steps you took in pre-closing and how you will remediate the issue(s) going forward.
Finally, your pre-acquisition investigation and due diligence will inform your post-acquisition steps. Hallmark 10 of the Ten Hallmarks of an Effective Compliance Program mandates that companies will develop and implement policies and procedures for mergers and acquisitions requiring the company to conduct appropriate risk based due diligence on potential new business entities including Foreign Corrupt Practices Act (FCPA) and anti-corruption due diligence. Obviously, this should be a documented process. By having an independent third party do this, with a documented process, it can lower the risk if there is a problem. As problems are identified, the acquiring entity can decide whether to go forward with the M&A. If there is a very specific identification of misconduct, the company can make a disclosure to the DOJ. By using this process, there is a road map created for remediating the issue as a part of your post-acquisition steps after closing.
Tomorrow, we consider the impact M&A has on both the acquirer and the acquired entity.