Risk & Management Association
Society of Actuaries
Society for Risk Analysis
IT Governance: Guidelines for Directors provides advice for boards and
senior managers on how to approach compliance issues.
This page intentionally left blank
The relevance of due diligence
5 The relevance of due diligence
At this stage it is therefore useful to consider the risk management process
in the context of other business issues and the general objective to under-
* Risks and rewards of sustainable risk management;
* Repercussions of mergers and acquisition integration and synergies;
* Interaction with due diligence and corporate governance.
Practitioners emphasise that it is important to understand that risk manage-
ment must not be restricted to looking only within the company. The exter-
nal environment in which the company operates, hires personnel, deals
with suppliers, etc., is a significant component. In this context the term
â€˜environmentâ€™ is used to group together the elements that support and
impact the company.
The mission of any risk management process is based upon verified corporate
goals. The goals have to be prepared and be able to be articulated. A statement
such as â€˜we want to compete in the bicycle marketâ€™ is much too vague and does
not provide any support for people who are trying to implement a business plan.
Clarity and specificity are much better than vague assumptions and generalities
if the business goals are to be understood and achieved. Another important rea-
son for clarity is to enable the risk management team to be able to recognise
when the business is heading off course. Falling asleep at the wheel is not a dan-
ger if the car is not moving and the keys are in someone elseâ€™s pocket. However,
if the company is moving ahead, falling asleep is not recommended. The object-
ive is not to find reasons and justifications to keep going. While there are always
exceptions to every procedure, the more business operations are guided by
consistent principles, the easier it is to identify the exceptions and determine
Chapter 5 â€“ The relevance of due diligence 95
whether this time such exceptions are justified or not. With enough exceptions,
the company operations manual needs to be adjusted to embrace them as it is
now a standard procedure, not an exception.
There are several key objectives for company operations to support a SERM
environment. Sustainable risk management demonstrates:
The companyâ€™s business capabilities;
The stability of the company, the industry and the overall economy;
The revenue and expense flows for business operations;
Company support methods;
Both tangible and intangible risks â€“ business, personnel, economy, environ-
ment, reputation, etc.;
A clear strengths and weaknesses assessment of the company; and
Specific business continuity issues (see Chapter 8).
As will be seen in case studies referred to in later chapters the SERM approach
helps to create the framework that enables companies to operate effectively.
While each company, or business organisation, is different, the objectives are
typically the same:
Achieve business goals and objectives;
Reduce risk to the company;
Sustain profitability; and
Improve the quality of life.
Drivers for sustainable risk management
Some consideration has been given in Chapter 3 to the drivers for compliance
risk management and legal due diligence processes mainly in the context of
transactions. Mention has also been made of the growing importance of an
ongoing internal process that supports the corporate culture and good corpor-
ate governance positively. In view of the concerns raised by the high failure
integration rate it is useful to summarise in this chapter some of the key drivers
and business issues, thereby setting the scene for the chapters that follow.
External drivers have already been noted in the context of the earlier discus-
sion. These include:
Corporate governance issues and trends;
Consumer satisfaction; and
Government compliance issues.
Part A â€“ Overview of Risk Management
This list continues to expand: what it is essential to understand is how the
environment outside the organisation needs to be included within the elements
that the risk management process covers. As indeed, risk owners need to access
where this information can be gathered on a continuing basis. SERM has found
certain external information to be of practical value. For example, trade associ-
ations are a good source for this information. The data collected can be used to
compare the company operations with other companies, other industries and
These have also been touched on earlier and include:
Operational implementation; and
While this list is more bounded than the external list above, it does not mean
that any of this information has limits and is exhaustive. As regards internal
issues, risk management needs to be attentive to the results of interactions
among works and management. Proper implementation requires overall coordin-
ation and consistency by the people who are empowered to perform the various
tasks. For example, if in a transaction a bookkeeper is allowed to change the
data of a sale entry unilaterally without any transaction trail, then chaos could
result. There could also be a problem that could lead to fraud and/or the com-
mission of criminal acts. Exposure to such risks is not what business wants and
supports the appropriate use of due diligent activities.
Risks and rewards of risk management: integration
One of the most risky activities undertaken by an organisation is a transaction that
involves a close relationship with another organisation, such as a merger or joint
venture. In this era of heightened pressures for risk management and corporate
governance it is important to assess the real value once the deal has been done,
having regard to the growing number of stakeholders. Despite the many processes
that may be in place and the detailed checklists that have evolved in commercial
circles the question is often raised: do organisations try to gain value from acqui-
sitions? This analysis of risks and rewards is relevant to the SERM process. For
decades commentators have asserted that the majority of acquisitions and mergers
do not deliver shareholder value. Research by McKinseyâ€™s in 1998 concluded that
around 60% of mergers fail in financial terms. In an earlier study in 1987,
Harvardâ€™s Michael Porter highlighted that 58% of acquisitions were later divested
Chapter 5 â€“ The relevance of due diligence 97
due to underperformance. Other commentators have noted that 70% do not
deliver intended value. Whatever is the actual figure today there is no doubt that
it will also be high.
* Why is acquisition integration effective â€“ which is the method whereby
the paper strategy begins to realise value?
* Why are targets chosen wrongly in the first place?
* Is the problem that doing the deal is seen as the conclusion to the
merger rather than the beginning of the process of integration?
The issue of integration is an important area and key business issue. It is
critical as regards ongoing risk management and has implications for
risk culture. It is clear that in the deal, the momentum, pressure to close
and limited time to assess information can result in decisions that will
seriously impact the ability to integrate in the longer term. This can
range from operational detail through to more organisational concerns
such as the loss of tacit, codified corporate knowledge that lives in the
heads of key personnel that have been lost. A further example is in IT
where often only the most basic inventory of physical hardware is
undertaken, when programming skills and long-term single-source ser-
vice deals may in fact be the critical factors to consider.
Need for synergy
In all these areas advice and assurance are required to enable the ability
to retain and modify key assets post-merger. One significant issue is to
anticipate the effect on integration that contractual financial arrange-
ments, remuneration practice and other obligations will have.
In the 1970s and 1980s, acquisitions were generally typified by the
conglomerate approach: acquired companies were viewed as assets to be
financially engineered to improve profits, and often a diverse set of com-
panies was brought under one corporation to achieve a diversified port-
folio. As such, acquired targets were often only integrated to the extent
of a financial reporting manual. Today, such an approach actually attracts
a â€˜conglomerate discountâ€™ from analysts evaluating the share price of
firms â€“ shareholders can create a diversified portfolio of companies
themselves. In the 1990s, the concept of related diversification by acqui-
sition has been touted as a more effective route to wealth creation. That
is, for effective acquisition, acquirers should bring a synergy to target
firms that will create more value than the previous entities when they
were not combined. Such synergy may be brand image, manufacturing
know-how, physical asset overlap, R&D skills or just pure economies of
scale. The merger of Mercedes-Benz and Chrysler in the automotive
Part A â€“ Overview of Risk Management
industry is an example of an attempt to achieve synergy in terms of global pres-
ence, range of vehicles offered and manufacturing and purchasing know-how.
In reality, accessing true synergy in acquisitions means that:
The acquirer is fully aware of the depth and breadth of its core skills;
It is similarly aware of the targetâ€™s; and
There is always a clear and focused set of acquisition objectives for integra-
tion post-merger that will create new wealth from an optimised combination
of assets whether intellectual, physical or informational.
The objective of synergy can lead to a potentially vast and complex web of prac-
tical detail that ongoing sustainable risk management can assist with.
Successful acquisitions and competitive advantage
In the earlier times of conglomerate acquisition financial control was often the
only overlap that had to be managed. However, when a â€˜synergisticâ€™ acquisition
takes place marketing, manufacturing and IT functions may also have to be
combined. Thus the risk and complexity of the acquisition is much higher.
Yet, as is clear from the chapters that follow, this risk and complexity, how-
ever daunting, is a vital area of corporate life that has to be managed effectively.
There are a number of reasons for this. At the strategic level it is likely that the
ability to achieve successful acquisition will become a competitive advantage
as corporations look more and more to this method of accessing growth and dif-
Tactics and price
When considering sustainable risk management at the tactical level in any
transaction, the actual price paid for a target firm should reflect the proposed
synergies to be achieved. One acknowledged method of looking at the price of
any target is:
The fair market value of the firm;
Add or subtract any applicable premia or discounts; and
Add the perceived operational synergies created by the merger.
If such synergies are not a major factor, then the process is merely asset capture â€“
the purchase of an ongoing businessâ€™s revenue stream â€“ and the price paid
should reflect this. If synergies are a major factor in price determination, then
the realisation of post-merger synergies should be a priority for business man-
agers. It is important not to pay a premium for intended synergy and then not
integrate properly to get the value and the benefits paid for in advance. In a
sense this is a double blow for shareholders and other parties involved. A pre-
mium is paid for the target firm above true market value â€“ if integration does
not then follow, the price paid has been too high, and the intended synergies
have not materialised: investors lose both ways. Organisational and strategic
Chapter 5 â€“ The relevance of due diligence 99
research has led to the conclusion that unsuccessful or piecemeal integration
often leads to M&A failure.
When considering risk management the question is whether organisations find
that acquisitions become too difficult, and that asset capture remains the easiest
and most worthwhile route â€“ irrespective of whether or not this affects the over-
all success of the acquisition. There has been extensive research carried out in
various jurisdictions. For instance, some answers are available from work that
studied all UK acquisitions in the period 1991â€“1994. The study (â€˜The acquisi-
tion challenge â€“ realising the potential of your purchase, D. Angwin and
R. Wensley, Warwick Business School Paper, Vol. 1, Number 4, 1997) used a
framework which usefully highlighted the different types of integration under-
taken by acquiring corporations, as follows:
Absorption: full integration of the acquisition by the buyer;
Preservation: where the acquisition is not integrated at all and held at armâ€™s
Symbiotic: where there is mutual dependence (but not integration) between
the two companies; and
A fourth option â€“ holding â€“ is also discussed which indicates that the
acquired company is held to be (possibly) traded at a later date.
It has been argued that the simplest way to view these four alternatives is to note