M&A Compliance Officer Due Diligence Responsibility
Key Points:
- Compliance Officers should be involved in M&A decisions
- Regulatory Due Diligence Reviews should be a vital part of M&A
- Legal and Financial Due Diligence is not enough
- Using experts for regulatory due diligence is cost-effective
- Post-M&A findings of wrongdoing would be viewed as Compliance Officer failure
- Checklist due diligence creates minimal value
Mergers and Acquisitions (M&A) due diligence reviews provide vital information by assessing value and potential or actual compliance risks and liabilities. Compliance Officers bear considerable responsibility for ensuring that a regulatory due diligence review is made as one of the vital parts of any M&A deal to avoid inheriting severe regulatory liabilities. The March 2023 DOJ “Evaluation of Corporate Compliance Programs” presents many questions relating to the Compliance Officer’s involvement in strategic planning and operational decisions. Questions include whether the Compliance Officer was involved in transactional decisions such as in M&As and, if so, whether it resulted in raising regulatory concerns and the need for increased scrutiny. As such, if the DOJ or OIG were to find regulatory or legal violations after M&A, serious questions would be raised as to whether the Compliance Officer met their responsibilities.
Regulatory compliance due diligence should involve systematically reviewing an organization’s regulatory compliance status to confirm facts or details by which an acquirer can properly understand and identify the compliance risks related to the target. This includes identifying potential legal and regulatory violations, corrupt arrangements with referral sources, data privacy and security issues, improper billing practices, etc. It differs from financial and legal due diligence reviews, with the former using accounting firms to focus on financial accountability and reporting and the latter using law firms to focus on examining the entity’s structure, licenses, contractual rights and obligations, tax exposure risks, previous and/or current litigation, etc. Proper regulatory due diligence by compliance experts can identify compliance gaps, weaknesses, absences of controls over high-risk areas and operations, and action measures to mitigate liability exposure. Checklist reviews are of minimal value as it is critical to dig into compliance details in high-risk areas, which requires a level of expertise to ferret out potential problems.
Common compliance risk areas for most organizations involve claims processing and arrangements with referral sources. However, each type of entity has its own set of risk areas, many of which are identified in OIG Compliance Program Guidance documents. The right kind of experts can ask the right questions to identify problem areas, risk areas, and vulnerabilities within days, not months. Proper experts can also assess a compliance program, evaluate high-risk area internal monitoring, conduct claims audits and extrapolations, review arrangements, and monitor ongoing monitoring and auditing processes. Regulatory due diligence reviews can not only avoid future liabilities, but they can also provide a tremendous return on investment. Based upon many years of conducting regulatory due diligence, Strategic Management findings (a) did not result in killing a deal, but (b) always found grounds that strengthened the buyer’s leverage on the price and terms of the deal, creating a great return on the investment of time and effort.
You can keep up-to-date with Strategic Management Services by following us on LinkedIn.
