Comprehensive Pre-Acquisition Due Diligence a Must for Any Well Designed Compliance Program
As covered previously in the Financial Crimes Digest, the Department of Justice (DOJ) Criminal Division recently released new guidance on the evaluation of corporate compliance programs. This new insight into how the DOJ evaluates compliance programs builds on the guidance released by the department’s Fraud Section in 2017. While nothing unexpected appears, the new guidance reinforces what compliance officers have come to understand as the key foundations of an effective corporate compliance program. Interestingly, Hui Chen, the DOJ’s first-ever Compliance Counsel and author of the 2017 guidance, indicates the newest guidance shouldn’t be taken as a best practice guide. Rather, because it is guidance for how to prosecute instances where corporate crime has been committed, it should be considered as aiming for “slightly higher than the lowest common denominator.”
With this perspective in mind, compliance functions should aim to exceed the core standards outlined in the guidance, rather than to simply meet them. Similarly, if a compliance program does not meet a particular aspect of the guidance, the DOJ may consider that a serious deficiency. One such area where many organizations fall flat is with respect to pre-acquisition due diligence. The updated guidance continues to emphasize the importance of conducting comprehensive due diligence on any acquisition targets. In fact, the guidance indicates that “the extent to which a company subjects its acquisition targets to appropriate scrutiny” is a direct reflection as to whether or not an organization’s compliance program is effectively implemented. Unfortunately, for some organizations it is often the case that pre-acquisition due diligence is treated as a “check-the-box” exercise. Viewed as a necessary but not necessarily valuable undertaking, the compliance function is often only tasked with conducting a cursory review of the acquisition target in order to reach a simple “red light/green light” conclusion. This approach not only fails to meet the requirements outlined in the guidance, but also provides little to no value to the organization.
The DOJ’s guidance indicates that, at a minimum, pre-acquisition due diligence should identify existing misconduct and/or the risk of potential misconduct at the target organization. Beyond that, comprehensive, pre-acquisition due diligence should evaluate compliance-related risk through a commercial lens, identifying the issues that could impact an organization both near term and long term. This requires anticipating both material and seemingly non-material issues that could affect an organization commercially, in addition to the legal, regulatory and reputational issues that apply broadly to the target organization and its leadership. This approach not only enables organizations to protect themselves from compliance-related risks, but also benefits the organization commercially by allowing the acquisition team to accurately evaluate the target’s value and negotiate the costs of any risk and/or misconduct into a potential deal. In order to facilitate this level of pre-acquisition due diligence, the compliance team should be fully integrated into the acquisition team, with pre-acquisition due diligence commencing as early as possible. Integrating the compliance team into the acquisition process early allows for the prompt identification of commercially impactful, compliance-related issues and enables the acquiring organization to make a fully informed commercial decision. It also allows the compliance team to develop a plan to manage and/or mitigate the identified, compliance-related risks as expeditiously as possible, post-acquisition.
With the DOJ’s newest guidance re-emphasizing the importance of pre-acquisition due diligence, it’s more important than ever for organizations to ensure their due diligence program exceeds the minimum standards laid out within the guidance. Treating pre-acquisition due diligence as a “check-the-box” exercise fails to meet these standards and indicates that an organization’s compliance program, as a whole, has not been effectively implemented. In contrast, fully integrating the compliance function into the acquisition process and conducting thorough pre-acquisition due diligence through a commercial lens allows organizations to more accurately evaluate the value of potential targets and more effectively manage any identified compliance risks post-acquisition.
-- RANE Staff
