Risk Management | Acquisitions PRIORITISING INTEGRATION A poor compliance culture can leave a business vulnerable to ﬁnancial crime risks
Overcoming culture clashes
Promoting a collaborative approach to transitioning financial crime risk compliance during an acquisition is a key ingredient for success Many years ago, I worked for a large law ﬁrm. One of the ﬁrm’s areas of expertise was corporate mergers and acquisitions. As a junior solicitor, I spent many hours toiling away in due diligence data rooms, reviewing documentation to identify whether a company that a client was targeting for acquisition (target company) had areas of possible regulatory risk.
The types of regulatory risk I reviewed ranged from health and safety, environment and other regulatory requirements, for which a licence or other authorisation was needed. In those days, regulations relating to financial crime were not as developed as they are today and were not seen as being as big a regulatory risk. The findings from these reviews were assessed by partners overseeing the acquisition and were then incorporated. 112 Ethical Boardroom | Spring 2019
Founder and Director of Ex Ante Advisory Services Limited The findings were then incorporated into reports provided to the client and advice given where areas of elevated regulatory risk were identified. The types of risks included were instances where the target company was conducting unauthorised regulated commercial activity, was the subject of a regulatory investigation, or had been fined by a regulator. At that time, my knowledge about the relevance of these findings was limited to what impact they had upon the negotiated purchase price and the conditions and warranties attached to the transaction. Often, those warranties included the seller ‘promising’ that it had disclosed all actual fines and censures imposed on it by a regulator and any pending regulatory investigations that could give rise to future financial liabilities post-acquisition. Fast forward to 2019. These days, due diligence undertaken on target companies is
both more sophisticated and complicated. Regulatory obligations related to detecting and preventing financial crime are a significant consideration. The existence of an appropriate and effective compliance programme to mitigate financial crime risks – an anti-financial crime (AFC) compliance programme – is a crucial part of the due diligence process, along with whether a target company’ activities would violate any AFC regulations the acquiring company’s was required to comply with.
Regulatory compliance basics
It’s fair to say that most businesses are aware of their obligation to comply with financial crime regulations. They range from regulations on anti-money laundering, terrorist financing, bribery and corruption, tax evasion and sanctions. Responsibility for complying with regulatory requirements runs across the ‘three lines of defence’ – the front office, the compliance department and the internal/external audit function. Sitting atop the three lines is the board or an equivalent www.ethicalboardroom.com