Pressure is building to snag value while the getting is good. But mergers and acquisitions are always tricky—and boards have a whole host of new issues to consider.
By Russ Banham
Corporate Board Member magazine
In this period of record M&A values and volumes and ample capital, board members at public companies and private equity firms may feel pressured to greenlight acquisitions, despite accelerated (and shallow) due diligence into the target company’s strategic fit. Public companies are awash in capital from record stock prices, and there’s enough dry powder for private equity firms to spend like there’s no tomorrow. Why worry?
But like anything too good to be true, today’s M&A dealmaking may look foolhardy in no time. Over the past 50 years, 60 percent of the more than 1,000 M&A transactions with values ranging from $5 billion to $150 billion eventually bombed, according to a July report by Aoris Investment Management. Meanwhile, the scope of due diligence has never been wider.
“We’re in an age where a target’s digital readiness, ESG factors, new work paradigms and DE&I agenda can turn what looks like a great deal into a so-so deal or, frankly, a big mess,” said Thomas Smale, board member at LTV Fund, a large U.S. investment fund focused primarily on SaaS and software investments.
Financial factors like stock market volatility, supply chain disruption and inflation uncertainties also must be in scope, but board members are used to asking questions to senior management about the economic climate. “That’s nothing new, but what is new is all these other due diligence concerns,” said Smale, whose day job is CEO of M&A advisory firm FE International.
Other board members are equally concerned about a blind rush to the altar, a “let’s make a deal now before the good times pass” mentality. “There’s a lot of cash out there, but that doesn’t mean you go out and spend money like a drunken sailor,” said Anna Catalano, a board member at multiple companies, including Appvion, Kraton, HollyFrontier—and Willis Towers Watson, who saw their proposed merger with Aon recently derailed by antitrust concerns (see “Passing Biden’s Muster,” p. 34). “So much has changed in the last year and a half— ESG, ransomware incidents, how we work and the tools we use. We’re in unchartered waters where the usual M&A due diligence isn’t enough.”
These potential hazards certainly haven’t constricted the surge in dealmaking, which at press time remained on a record-breaking tear. The first half of 2021 saw more than $2.8 trillion in global mergers and acquisitions, of which $1.3 trillion was recorded in the U.S., according to Refinitiv. Deals exceeding $10 billion also were common, among them Discovery’s $43.3 billion acquisition of Warner Media and Dell Technologies’ $52.2 billion spin-off of VMware. And the year is far from over. Nevertheless, not all deals got the green light from regulators, as evidenced by the derailed merger of giant insurance brokers Willis Towers Watson and Aon.
With the economy roaring and interest rates holding steady in midsummer, even rising concern over the fast-spreading Delta coronavirus variant didn’t pause the dealmaking fervor. Going forward, more than three-quarters (76 percent) of CEOs participating in PwC’s midyear M&A survey expect that global economic growth will improve further in the next 12 months, virtually guaranteeing a nonstop parade of M&A deals tumbling into board members’ laps.
“I’ve been doing this for 20 years, and it is easily the hottest M&A market I’ve ever seen—bar none,” said Cathy Bedrick, financial due diligence service network leader at KPMG US. “That ‘hotness’ should make every board member pause, however. The deals are coming in so quickly, and competitors are moving just as fast to snap them up, and there isn’t the usual luxury to tick every box in the due diligence.”
Miss a few ticks and public company board members can end up at the other end of a shareholder lawsuit. “Boards have a fiduciary obligation to challenge management to ensure the metrics of the target company strategically align with the deal thesis,” said Trevear Thomas, national managing principal and M&A offerings leader at Deloitte.
The problem is offering constructive criticism on such newer risks as the target company’s ESG factors, DE&I initiative, cybersecurity and the state of its digital transformation progress. Accurate and thorough metrics on these risks take time for management to collect, review and provide to the board. Nevertheless, as Thomas said, “To drive M&A success and minimize disruption, board members have a clear responsibility to ask for and evaluate this information.”
A Grip on ESG and DE&I
If awards were given out for the business acronym of the year, ESG—for environment, social and (corporate) governance—would win in a landslide. Investor demand is aggressive for public companies to provide accurate disclosures of their ESG practices as they pertain to business and operations, employee engagement, health and safety, and corporate responsibility.
For more than a decade, large institutional investors like BlackRock and State Street have sounded the call, but many businesses and their boards listened without taking concrete actions. After a global pandemic, myriad #MeToo scandals and a recent heat dome boiling shellfish in the shallow waters of the Pacific Northwest, customers, partners and the public at large have joined investors in pressing companies to demonstrate ESG commitment. Apparently, so has the U.S. government: U.S. Securities and Exchange Commission Chair Gary Gensler is mulling the implementation of climate-related and human capital ESG disclosure rules
For now, boards must cope with the lack of an agreed-upon global standard and framework that companies can use to describe and disclose their ESG data. More than a dozen different ESG frameworks and standards exist, including the Global Reporting Initiative (GRI), Carbon Disclosure Project (CDP), Sustainability Accounting Standards Board (SASB) and the International Integrated Reporting Council (IIRC). Confusion reigns.
“I’m having a tough time as the board chairman of two financial services companies trying to figure out how to measure ESG,” acknowledged Stephen Kasnet, chairman of Granite Point Mortgage Trust and Two Harbors Investment. “The primary reason we do M&A is a strategic fit, where we believe both businesses will come out better together than remaining separate. Since we do a fair amount of real estate transactions, we’re used to doing environmental due diligence. But, like other boards, we’re grappling with the rest of ESG.”
At least these boards are trying. “Many board members stick their heads in the sand,” said Catalano. “But after the Exxon Mobil annual meeting in late May, when long-standing directors were unseated by a small activist group for not moving quickly enough to address climate change, ESG is getting serious attention. Board members know they must critique the target acquisition’s ESG factors. The last thing anyone wants is buying a company that damages value and drags you down.”
Bedrick agreed that boards have awakened to the ESG risks of the companies they serve and the businesses they buy. “ESG is the number one thing boards are talking about now, particularly our multinational clients in Europe that are moving faster to require ESG disclosures and reporting,” she said. “The ground is moving so quickly underneath them, and they’re not 100 percent sure which ESG standard will prevail. Consequently, we’re being asked [as the M&A advisor] if enough due diligence is being done to satisfy investors, customers, communities and other constituents.”
To provide clarity to board members on the subject, KPMG, Deloitte and other Big Four firms offer a range of ESG assurance services. “We look at the target company to compare and contrast its ESG maturity with the buying entity,” said Thomas. If the level of ESG is immature but the buyer decides to pursue the transaction anyway, Deloitte will provide “remedial actions” to smooth the integration process.
Down the line, hopes are high for a converged global ESG reporting standard. Recently, the International Financial Reporting Standards (IFRS) Foundation proposed the development of an International Sustainability Standards Board. Until an agreed-upon ESG standard is forthcoming, board members are the last line of defense to ward off an M&A train wreck.
M&A due diligence has long tried to account for possible cultural incompatibilities—behavioral norms and values of two companies that fail to converge. This mismatch in strategy, operations and management is blamed for the failure of many mergers and acquisitions. A target company’s workforce diversity also must figure into the post-deal culture fit.
“DE&I is drawing increased scrutiny from employees, investors and communities,” Catalano said. “In an M&A context, it’s important for boards to understand how the potential merged or acquired entity manages DE&I. Understanding how the company hires, retains and promotes its workforce tells you how much value it places on building a meritocracy and providing opportunities to all people.”
She is far from alone in this view. “Given everything that has occurred, there’s no question that anyone who seriously questions the value of a diverse and inclusive workforce, partnering organizations and customers is out of touch with reality,” said Duncan Smithson, senior director, HR Mergers & Acquisitions at Willis Towers Watson.
Smithson specializes in the people-related risks inherent in M&A due diligence. “Our hard survey data and similar surveys by other firms strongly suggest that more diverse and inclusive companies and boards perform better,” he said. “The challenge for the board is knowing the right questions to ask management. Otherwise, it’s difficult to get beyond [management’s] platitudes that the target’s DE&I program or its ESG factors are fine or are things we can take care of down the line.”
To avoid a box-ticking exercise, Smithson recommends that board members talk about DE&I and ESG in ways that make senior management realize they’re not about to leave these serious subjects to a post-deal cleanup. “Inevitably, only the board has the clout to ask the big question—’With all that’s going on with ESG and DE&I, should we even be doing this deal?’” he said. “That usually gets their attention.”
He further recommends that board members ask senior management to illuminate the issues giving them any pause whatsoever about the target’s DE&I practices. “If this is the case, I’d then ask if the purchase agreement [with the target company] has been restructured to include the target’s representations and warranties with regard to these issues,” he said.
Representations within an M&A purchase agreement ensure what the seller (and buyer) attests is true is in fact true, whereas a warranty is the promise of an indemnity if the assertion turns out to be false post-transaction. “For example, if the seller represents that it has not had any issues over employment discrimination, but it later is revealed that it had systematically resisted hiring and promoting people of color or LGBTQ individuals, that can easily blow up into a scandal post-transaction, reducing the value of the merger or acquisition,” Smithson said.
Insurance brokers can arrange the purchase of representations and warranty insurance to address the indemnity costs. “Buyers and sellers generally are loath to tie up capital in an escrow account to provide the indemnity,” said Smithson. “The insurance eliminates this issue, to allow the buyer and seller to proceed with a smoother and faster deal.”
Digital and Cyber Readiness
Another crucial due diligence consideration is a target company’s technological depth and breadth—its level of digital transformation and cybersecurity.
“It’s crucial for an acquirer to carefully evaluate the target’s digital readiness—the state of its digital transformation,” said Bedrick. “If the target has unique digital capabilities helping it manage its business in different and successful ways, that’s an attractive opportunity for a buyer wanting those capabilities.” Alternatively, if this is not the case and the target’s digital and cyber security readiness are lagging, she said, “you’d certainly want to know that before moving forward.”
Nearly half (47 percent) of CEOs are struggling with digitalization, feeling they are simply “out of their depth” or are just “hanging in there,” according to a May 2021 survey by CBM’s sister publication Chief Executive, conducted in partnership with Amazon Web Services. Nevertheless, 70 percent of CEOs say their organization is in “full swing” with various stages of digital initiatives. The challenge is determining which stage a target company has reached. Failure to heed this risk can be time-consuming and costly. An acquirer can end up with legacy applications that fail to easily integrate with its own digital assets, resulting in an expensive “lift and shift” migration.
Another concern is the security of the target company’s IT network and systems, especially following a recent spree in high-profile ransomware attacks drawing multimillion-dollar ransom payments. CNA Financial, one of the largest insurers in the U.S., recently paid a record $40 million ransom in Bitcoin to hackers. JBS, the world’s largest supplier of meat, paid $11 million in Bitcoin to cybercrime gang REvil to decrypt its locked-up systems. And as stressed-out drivers along the Eastern Seaboard will not soon forget, Colonial Pipeline paid cybercrime gang DarkSide a $4.4 million ransom in Bitcoin to decrypt its systems and resume pipeline deliveries.
The federal government recently elevated ransomware as a “critical priority,” with FBI Director Christopher Wray telling The Wall Street Journal the agency is investigating 100 different ransomware types. “If boards aren’t asking questions about the due diligence into the target company’s cyber-risk readiness, they may come to regret it during the integration,” said Thomas. “When integrating the target’s potentially antiquated and unpatched systems and IT assets, the acquirer’s enterprise network can unknowingly be exposed to a possible cyber incident like a ransomware attack.”
Finally, the target company’s remote and flexible work arrangements are another due diligence consideration, given that more than 36 million Americans may be working remotely by 2025, according to a study by Upwork—an 87 percent increase over pre-pandemic levels. “The ways we work are now an essential question board directors have to ask about,” said Catalano. “If they don’t, they’re still playing around with old models and yesteryear’s knowledge.”
Passing Biden’s Muster
Willis Towers Watson’s long-planned $30 billion merger with Aon, an even larger insurance broker, would have created the world’s largest insurance broker, surpassing behemoth Marsh.
But their plans came undone thanks to an antitrust lawsuit filed by the U.S. Justice Department in June asserting that the merged entity would reduce competition, “consolidating the industry’s Big Three (brokers) into a Big Two.” In late July, the big brokers called off their merger. (Anna Catalano, who sits on WTW’s board, declined to comment on the decision.)
The message from Washington appears to be: Big is fine, but too big is bad. It’s not a new message, per se, with the SEC under President Trump blocking or threatening to thwart big deals in several industry sectors. However, two weeks before the Justice Department’s lawsuit, President Biden sent a signal by signing an executive order “to combat the excessive concentration of industry, the abuses of market power and the harmful effects of monopoly.”
For boards, the hard part is understanding what constitutes “excessive.” “The new administration and its new people have no track record of [antitrust] enforcement or viewpoints to ‘read’ their actions and guidance,” said Stephen Kasnet, board chairman at Granite Point Mortgage Trust.
Minus this understanding, Thomas Smale, board member at LTV Fund, advises reviewing three major antitrust laws—the Sherman Act, the Clayton Act and the Federal Trade Commission Act. “While most board members aren’t actively sitting around thinking about how they can restrict competition or engage in price-fixing, they might be inadvertently violating the law—despite their good intentions,” he said.
Smale recommends consulting an attorney experienced in both M&A litigation matters and antitrust laws to review the terms and conditions of the contract.
Certainly, the SEC’s thumbs-down on the WTW-Aon merger is instructive. Board members should beware transactions involving peer competitors that unfurl a red flag, as the many months involved in closing the deal will consume substantial financial resources.
As Kasnet put it, “No one wants a surprise, so I expect that many positive combinations may be delayed until the picture is clear.”
Doing the New Due Diligence
As in past acquisition binges, the fear of missing out can compel unwise transactions. The pace of dealmaking in 2021 may be creating that type of frenzy. As of June, global mergers and acquisitions in 2021 totaled a record $2.4 trillion, up 158 percent from the same period last year, according to a report by Refinitiv Deals Intelligence. As the velocity of deals increases and a good portion of dealmaking remains in a virtual and remote setting, M&A due diligence is becoming “shorter, faster and with less lead time,” said Dan Hawkins, CEO at board advisory firm Summit Leadership Partners. “If any due diligence on the [target’s] management team takes place, it is often an hour of time with each person and is surface at best.”
It’s easy to trip when you run too fast and can’t see the ground below. Today’s accelerated dealmaking environment is occurring on such terrain, the M&A advisors and experts contend. Nevertheless, the board can suggest ways to finish the deal and finish it well.
For example, Thomas Smale, board member at LTV Fund, recommends spreading the due diligence across functions. “Every function, like operations, HR, IT, supply chain and so on, should be tasked to spend some time with their counterpart at the target company,” he said. “To assess the flexibility of work, the HR leader at the acquirer can discuss the subject with the HR leader at the target. To determine the levels of digital readiness and cybersecurity, the CISOs, CIOs and/or chief data officers at both companies can get together and converse.”
It’s a solid idea, one that boards should promote to safeguard that nothing is swept under the rug, including the newer issues dominating modern due diligence. “The board’s most important task in an M&A transaction is making sure the deal is a clear strategic fit,” said Smale. “To do that, members need to know everything that just might stand in the way of achieving the strategy.”
Kasnet has a similar opinion. “It used to be that growing for the sake of getting bigger was a reason to acquire or merge; that’s no longer something board members should be comfortable with, not anymore,” he said. “Bigger is better when it comes to income, not necessarily size. Anything that can affect future income needs to be on the board agenda.”