When performing due diligence on a potential merger or acquisition, companies will typically take a long, hard look at financials, learning everything there is to learn about a target’s assets and liabilities. But often, these companies do not take into account other equally important factors, such as ethics and compliance matters. There are a number of risk factors that companies need to take into account when diving into the deep end of mergers and acquisitions (M&A), and Jimmy Lin, vice president of product management and corporate development at The Network, a governance, risk and compliance firm, sat down with InsideCounsel to explain four of the matters to consider when factoring in risk assessments during M&A due diligence.



1)   Remember the FCPA


While companies that are considering M&A transactions that involve foreign businesses consider a number of business factors, like assets and market share and whatnot, it’s essential to consider risk and compliance factors as well. “With a plethora of M&A happening in recent years in the international arena, some industry segments have more activity in general, groups buying up or down the chain, getting into new markets, etc.,” Lin explains. “This activity is more inclusive of Foreign Corrupt Practices Act (FCPA) risk. With more international pieces touching and reaching into secondary markets, this is a higher risk area for corruption.” Lin recommends that compliance professionals have a seat at the table during the M& A process, as boards and executives need to know that the company under consideration is more than just a good business. It’s essential to know if the merger or acquisition will lead to FCPA complications.



2)   Know your risk factors


When considering corruption factors in M&A transactions, Lin notes a few items that should be high on the priority list. First, is the company under consideration a high corruption risk? Does it have a presence in countries like Russia, and do you know how to operate there? Second, is the company in a high-priority or targeted industry? Some industries, he says, are high risk and subject to more scrutiny and enforcement. Finally, Lin recommends looking into third parties, digging deep to see if there are any companies that the target does business with that you may not know about, and get a clear picture of how those companies operate.


case study

3)   Learn from others


While it is imperative that companies be proactive and do comprehensive research, it’s also important to take a look at what other businesses have done. “Use case studies from industry peers in situations where things have gone wrong and resulted in fines or headaches for the acquirer,” he recommends. “Especially look at case studies from a peer who has gone through an FCPA investigation.” You can highlight risk and fallout that your peers faced from not doing their homework in the first place. Compliance officers who are involved in the decision making process can demonstrate with specific examples what went wrong in other cases and show real business value.


4)   It’s in the details


Finally, Lin recommends taking into account every piece of information available. For example, companies should take a look at how the acquisition target works with foreign governments, what its contracts look like and how you would fit into that equation. He also recommends taking a close look at the FCPA resource guideline, as it provides pointers and a roadmap on how to limit FCPA risks in acquisitions, and how to make sure controls and compliance are working together to mitigate risk. In this way, a larger organization can avoid having its brand tarnished by scandal if and when something goes awry.