Conducting thorough due diligence
6 minute read
This is a case study for business owners on the importance of conducting thorough due diligence before and after acquiring another business, to prevent the risk of being implicated in historic or post-merger bribery.
SwiftCo is a medium-sized telecommunications business which has experienced success in the Australian market in recent years. In an exciting new opportunity, SwiftCo is planning to merge with ByteCo, a similar sized telecommunications business based in Europe that already conducts business in several countries. The merger will create a new entity, incorporating parts of the businesses of SwiftCo and ByteCo. Executives from both firms will sit on the board of the new entity.
SwiftCo is currently conducting a due diligence review of ByteCo’s business, with a particular focus on its service contracts, communications with clients and financial documents. ByteCo has given SwiftCo access to documents and assured SwiftCo that these documents are all SwiftCo needs to see. While conducting the review, SwiftCo staff notice the following:
- International service contracts often refer to ‘administrative operations fees’ in connection with dealings with foreign departments without any specific details of why these fees are incurred; and
- Some incomplete financial record-keeping.
SwiftCo’s staff are unsure of how to interpret these issues. At the same time, the business learns that an Australian competitor is looking to acquire ByteCo and it is keen to seal the deal. As a result, issues identified by SwiftCo’s staff are not thoroughly examined. SwiftCo decides to take ByteCo’s word that there is nothing to be concerned about.
After the merger, SwiftCo staff notice the following:
- Invoices issued to ByteCo sometimes do not match the service contracts agreed to by overseas customers; and
- Correspondence about meetings with customers shows that meetings regularly take place in fancy restaurants with ByteCo executives often treating customers to expensive meals.
SwiftCo’s senior executives do not want to create complications with their new business partners. They assume this conduct is ‘business as usual’ in the overseas markets in which ByteCo operates, and remind themselves that nothing of concern was identified in the due diligence process.
Eighteen months after the merger is complete, the newly created entity is charged with foreign bribery offences for conduct that took place before and after the merger. SwiftCo’s executives learn that prior to the merger, ByteCo’s growth strategy relied heavily on third party consultants to facilitate entry into offshore markets. These consultants received large administrative operations fees from ByteCo that do not appear attributable to services provided.
The newly created entity finds itself facing potential criminal proceedings and is at risk of having to pay a large fine.
What should SwiftCo have done to prevent this risk?
SwiftCo should have ensured thorough due diligence and followed up, and investigated the red flags that were identified prior to, during and after the merger. Its ‘desktop’ review of ByteCo was insufficient and contributed to the failure to identify further red flags post-merger.
To be able to pick up on red flags in the first place, it is crucial that businesses understand anti-bribery and corruption risks. Prevention is the strongest tool to reduce bribery and corruption risks. Due diligence is an important step in that process. It can save a business from serious financial and legal problems if red flags are identified and properly addressed at an early stage.
Due diligence is also required for business relationships – it is not only necessary in mergers and acquisitions. Robust due diligence is vital in preventing and detecting bribery and corruption.
The measures below will help a business avoid a situation similar to the one SwiftCo finds itself in.
Step 1: Help staff understand how to identify risks of bribery and corruption in their industry
The business needs to set a tone of zero-tolerance for bribery and corruption.
Implementing an anti-bribery and corruption policy, keeping it relevant, and ensuring it is understood and followed by the business, is a must.
The business should educate staff and directors on what potential risks look like in practice. This will support people in the business to be alert to risks when carrying out due diligence.
Red flags that should be escalated in due diligence may include:
- Large hospitality expenses;
- Vague or unexplained invoices or descriptions for amounts paid to third parties, or suspicious patterns of payments such as payments being made in multiple smaller amounts, in cash or to personal or offshore accounts;
- The target company winning tenders unexpectedly or frequently;
- Agents or business partners charging large commissions, demanding upfront fees or ‘success fees’ payable only if a tender is won;
- Political donations;
- A target company dealing in industries or countries where bribery and corruption are known to be more prevalent; and
- Interactions and involvement between a target company and foreign public officials.
Step 2: Evaluate the target business’s approach to anti-bribery and corruption compliance through due diligence
When undertaking due diligence, it is important to ask questions about how the target company manages anti-bribery and corruption risks. A desktop review is a good start, but should be followed up with interviews and requests for further information, such as a request to see an anti-bribery and corruption or risk management policy, or records of relevant staff training sessions.
In this example, SwiftCo should have questioned ByteCo’s suspicious invoices and asked for an explanation of its incomplete record keeping. It could also have discussed with ByteCo staff how the organisation identified non-compliant or suspicious transactions.
Step 3: Promote anti-bribery and corruption within the merged entity through post-acquisition activities
Considering bribery and corruption risks only prior to a merger or acquisition is not enough. Due diligence is an ongoing process.
In the scenario above, post-acquisition, the newly created entity could have:
- Conducted a risk assessment and review of the operations of ByteCo and its customers to identify relevant risks and standard business practices;
- Developed and implemented practices across the merged entity:
- prohibiting facilitation payments;
- concerning giving and receiving gifts and hospitality;
- detailing expenditure categories for the business with monetary limits; and
- enhancing record-keeping practices.
- Made inquiries about overseas business partners to understand better their role and purpose;
- Made an anti-bribery and corruption policy available to all staff and implemented it throughout the merged entity through communications and training programs. See the Implementing an anti-bribery and corruption policy case study;
- Required business partners and agents to comply with the merged entity’s anti-bribery and corruption policy as a term of engagement; and
- Made a whistleblower policy and hotline accessible and available to all staff and encouraged a ‘speak up’ culture. See the Implementing a whistleblower policy case study.
Step 4: Ensure effective audit processes are in place
An effective audit process is an important tool in the due diligence process. It is often the first time a red flag can be identified internally. Any audit process that detects bribery red flags allows an organisation to:
- Take steps to adequately address the matter;
- If necessary, seek further advice; and
- Potentially mitigate the risk of serious legal and financial implications.
The Bribery Prevention Network acknowledges the pro-bono contribution of Corrs Chambers Westgarth in developing this case study.