Cover Story (#07-08 July-August 2018)

Market Standard

Operating in the global marketplace, investors regularly face bribery and corruption risks that have to be addressed in their strategic decisions. Emerging markets with attractive raw industries present significant challenges, imposing an anti-corruption clean-up agenda during an M&A process. We asked Iryna Nikolayevska, counsel in the Kyiv office of Kinstellar, how this works internationally and when will it become a market standard in Ukraine.

 

Ñonducting compliance due diligence in cross-border M&A transactions has become a global trend. What drives this trend?

Iryna Nikolayevska: Compliance due diligence in cross-border M&A transactions is increasingly becoming a market standard across the globe. Due to the significance of the compliance risk, it is equally important not only in large cross-border deals but also for small and mid-size transactions.

The reasons why compliance matters have moved to the top of the agenda in M&A transactions are quite complex and versatile. One of the main drivers remain US and UK anti-corruption and anti-money laundering legislation, which is well known by its extraterritorial reach and severe penalties; as well as the proactive enforcement approach of the US and the UK regulators and enforcement authorities
(e.g., the US Securities and Exchange Commission (SEC) and the Department of Justice (DoJ), the UK Serious Fraud Office (SFO), the Financial Conduct Authority (FCA), etc.). Enhancement of compliance laws and their enforcement throughout many other countries (e.g., China, Brazil, France, Germany, Italy, Spain, etc.), the increasingly strict prosecutions and sanctions practice implemented by enforcement authorities, and rapidly developing international cooperation in detecting and punishing regulatory breaches should also be named among such drivers.

In some jurisdictions companies may be exposed to compliance-related liabilities during an M&A deal. For example, under UK anti-money laundering legislation, a company can potentially commit an offence if it uncovers and fails to report only suspicion of unlawful conduct during a due diligence exercise, irrespective of where the offence has taken place (provided that there is a UK nexus to the transaction). In the US, the DoJ has often reiterated that it expects buyers to investigate compliance issues prior to, or if impossible, after an acquisition and to promptly incorporate the target company into all its internal controls, including its compliance program. The DoJ also expects buyers that discover possible corruption concerns to self-disclose them to the DoJ, cooperate in their investigation and remediation, and seek guidance from the DoJ through its FCPA Opinion Procedures before finalizing the deal. Otherwise, the buyer may face the initiation of proceedings should violations of law or regulations that have previously occurred in the target company be undisclosed.

Increasing corporate and personal liability of managers is also one of the main drivers. For example, in some countries (e.g., Germany) the so-called “business judgment rule” requires the management of the buyer to conduct a comprehensive analysis and to explore all available information (including information on the related compliance issues) prior to making a decision on the acquisition of the target. If they fail to do this, they may become
liable for breach of their duties. Companies are also paying closer attention to identification and accurate assessment of the compliance risks, as the penalties for non-compliance, both on a corporate and personal level, have become larger and more far-reaching.

Though the regulatory framework has a significant impact, it is not the only factor that needs to be taken into account. Growing globalisation and expansion of M&A into emerging markets that are more exposed to corruption practices are forcing corporates to sharpen their focus on compliance due diligence. Companies are recognising that the cost of remedial and "clean-up" actions on the part of the buyer are much higher than the cost of compliance due diligence of potential targets. Therefore, they contribute time and effort to reduce the risk of bad investments and facilitating the integration of the target in the buyer’s organisation. Reputational damage may also be severe.
The re-establishment of public relations and reputation, settlement with regulators, implementation of a "clean-up" programme are all matters that distract management’s attention from the important task of operating a business post-acquisition.

 

Is it regular practice in Ukraine to conduct anti-bribery compliance due diligence in M&A transactions? How does the situation look from the global perspective? Do you anticipate the facilitation of anti-corruption due diligence in Ukrainian transactions?

I. N.: Local market practice varies and depends on the type of client. Thus, more and more international strategic investors devote a great deal of attention to initial background checks of their counterparties and conduct compliance due diligence in almost every acquisition. This is no surprise, as for multinationals any compliance misstep may cause significant repercussions. International private equity investors are increasingly considering following this trend set by strategic investors as well.

From a worldwide perspective, the situation looks as follows. In countries like China, Germany and the U.S. almost 85% of companies do anti-bribery and corruption due diligence before high-risk M&A. In Japan, Singapore, France and the UK, the rate varies from 58% to 78%.

In contrast, Ukrainian companies do not usually conduct any due diligence in this area. However, their interest and awareness of the importance of compliance and reputational issues arose quite rapidly. Therefore, we believe that Ukrainian companies will pick up the baton from multinationals and that best international practice will become a part of the local market standard soon.

 

How can corruption risks affect the parties of cross-border M&A: buyers, sellers and the target itself?

I. N.: M&A activity gives rise to some of the biggest anti-bribery and corruption risks. Therefore, it should be obvious that compliance issues are important in the context of acquisition of companies. One of the biggest concerns for M&A is the succession of liability. In particular, in M&A a buyer may inherit the target company’s liability for earlier corrupt offences, even if it was not aware of them. It also may become liable if it fails to tackle bribery risks that arose after closing or buying a company that it knew was engaged in a corrupt practice.

Compliance due diligence helps to identify and avoid unwanted “surprises” which may affect the valuation of the target, its post-acquisition integration and synergy, the reputation of the buyer and cause significant losses to the latter. It also prevents buyers from overpaying for the target once it has become aware that the target is involved in corrupt activities and enables the mitigation of compliance risks by establishing a post-acquisition compliance program tailored to deal with specific risks.

For example, the existence of a sound risk and control management system within the target that meets the buyer’s standards may be viewed by the latter as a significant advantage since it may ensure seamless operation of such systems after the acquisition, ease the post-acquisition integration of the target, and decrease related costs. On the contrary, acquiring a target involved in questionable activity or that has committed compliance violations undiscovered before or after the acquisition may result in material costs to the buyer. For example, this may lead to overpaying for a business whose revenues may not be sustainable going forward because they depend on the continuance of questionable practices; significant fines to be imposed on the target or the buyer; the loss of valuable contractual rights and business partners, etc. Unknown compliance risks may, when revealed, also come back to haunt the seller in the form of damage claims, allegations of fraudulent or similar conduct, etc.

 

How is compliance due diligence conducted? How does it differ from standard due diligence in M&A transactions?

I. N.: In contrast to other due diligence work streams, compliance due diligence extends beyond a classical legal due diligence exercise. In other words, it is more complex and focuses not only on purely legal matters. Its main goal is to identify the compliance risks that are material to the target company, ascertain that its compliance management system has been established to effectively address these risks, and understand the extent of ethical behaviour and culture of the target’s management and employees. The existence of the above-mentioned compliance tools is a positive signal to the buyer that necessary safeguards to avoid and reduce the target’s liability and preserve its business reputation are in place. The absence of any compliance management system in a target may raise serious concerns about its compliance culture and liability risks that need to be addressed in the purchase price or through guarantees in transaction documentation.

Compliance due diligence may cover a wide variety of business areas, from anti-bribery and anti-corruption to data protection, sanctions, money laundering, commercial fraud, etc. It often includes not only legal but also financial, accounting and tax aspects. Therefore, it is very important that the buyer and its advisors clearly define the scope and goal of an upcoming compliance due diligence
exercise. Such scope will largely depend on the industry in which the target company operates, specific risks attributed thereto and the company itself, the general industry environment, the company’s business model and operations, the countries where the company conducts business and their risk ratings, etc.

The particular steps, their sequence and the depth of the due diligence review will, inter alia, depend on the acquisition process, timeline and sensitivity of the data (i.e., the greater the sensitivity, the later that the seller would be willing to disclose it). It could be carried out either in three phases (i.e., pre-signing, post-signing and post-closing) or which is more usual, in two phases (i.e., pre-signing and post-closing). When an acquisition needs to be executed in a short time frame and in a competitive environment, the two-step approach prevails.

Since pre-closing disclosure can often be incomplete, pre-closing due diligence should rather be viewed as a tool to reveal potential compliance problems, assess the general awareness of compliance in a target and determine whether the terms of the deal are viable or need to be significantly revised. Therefore, post closing compliance due diligence is especially important if the target does not have an established management compliance system or if there are specific indications of compliance breaches. It is also highly advisable to involve not only the buyer’s legal team but also the compliance officers in this due diligence exercise at the very outset, as it may help to asses potential bribery risks in connection with the buyer company’s business, shape the scope of due diligence, etc.

A compliance due diligence review usually involves specific, compliance-related information that is not normally contained in the data room designed for legal due diligence. This may be information on compliance of the management system, the organisational chart and compliance structure, description of reporting and control lines, the code of conduct, policies, information on trainings, the use of whistle-blower hotlines, whistle-blower reports, compliance officers job description, specific financial and sales data, accounting records, some publicly available information, etc. Interviews with compliance officers and key individuals at the target, as well as its main contractors also constitute a core element of the review process. In the absence of specific findings they will most likely have a general scope; nevertheless, they can provide the buyer with valuable information on the risk environment, content and interpretation of compliance policies, the level of the target’s compliance culture, and its practices in this area.

 

What are the typical areas of concern in the course of M&A compliance due diligence? Where do compliance risks usually sit?

I. N.: When acquiring a company, the buyer faces a number of different compliance risks. The most typical are corruption and bribery by management or employees of the target, as well as breaches in areas such as customs and foreign trade regulations, public procurements, regulatory requirements and permits (architectural, construction, mining and exploration, etc.), sanctions, data protection, competition and antitrust. Other areas of concern are non-transparent shareholding structures and sources of financing, unjustified expenses, relations with third parties and intermediaries of any kind, relations and/or provision of services to state institutions, public companies, public officials, specific instances or allegations of bribery uncovered during due diligence, etc.

 

How can these risks be mitigated? What is the role of a legal counsel? Have you ever faced the situation in your legal practice when a deal was aborted due to corruption risks?

I. N.: The answer to these questions largely depends on the particular risks or violations identified. Buying a company exposed to bribery is not always a deal-breaker if the buyer can clean up its business. For example, if the violation is caused by the behaviour of certain individuals (e.g., CEO or Head of Sales Department) or internal business processes or policy deficiencies, it can be mitigated relatively easy by proper training or, if necessary, the replacement of a particular individual or implementation of a sound compliance programme dealing with concerns discovered during the due diligence. As we discussed above, in most cases conducting an extensive post-closing compliance due diligence and development of the integration plan to bring the target company into line with the buyer’s compliance standards is crucial for uncovering and mitigating compliance risks. At the same time, any large, systematic violation that cannot be re-
medied could be a definitive deal-breaker. The role of a legal counsel in this situation is to properly identify and assess the risks (which sometimes, due to the lack of available information, could be quite a challenging task) and to openly report its findings and their fair assessment to the client. A legal counsel should help its clients make well-informed decisions and address bribery-related concerns rather than ban transactions or allow them to be closed blindly.

In most cases the results of a compliance due diligence have an impact on the valuation of a target, negotiation of transaction documents, and may rarely be a deal-breaker. From our experience they are usually addressed through warranties and indemnifications in sale and purchase agreements or used as a bargaining chip to negotiate a different offer. The main areas of concern, however, are whether the seller would be solvent enough to cover those warranties and indemnities;
whether reputational damages and lost profit could be measured and compensated; if the purchase price would need to be significantly reviewed to take into account the exposure; or to which extent a compliance breach may affect the target and its business. Additionally, if the buyer was unable to conduct a comprehensive compliance due diligence, he may try to negotiate a respective closing condition. This would enable him to conduct a further review between signing and closing and walk away if the results are not satisfactory.

 

Kinstellar Kyiv Key Facts


  • Year of establishment:

2016

  • Number of lawyers/partners:

16/2

  • Core practice areas

Banking, Finance & Capital Markets

Competition & Antitrust

Compliance, Risk & Sensitive Investigations

Dispute Resolution

Energy

M&A / Corporate

Real Estate & Construction

Subscribe
The Ukrainian Journal of Business Law

Subscribe to The Ukrainian Journal of Business Law right now and enjoy the most relevant issues on doing business in Ukraine on your device or in print.

All this for just USD 9.99 a month.

 

Subscribe now