Mergers, Acquisitions & Divestitures: Managing Information And Risk

Published On April 19, 2017

Mergers, Acquisitions and Divestures (MA&D) happen for many reasons – to create scale and growth, position a company in the marketplace or to gain an advantage. During a MA&D event, goal number one is to become one company as fast as possible.

Yet each MA&D is unique and comes with a new set of prioritized challenges. Immediate challenges include prepping staff and operations for business-as-usual on Day 1. Another fundamental challenge is how to manage information risks. After all, your information is the lifeblood of your organization and it must continue to flow in a controlled and predictable manner before, during, and after the MA&D. There are many risks including:

• Where is the information and data required for the MA&D located, including redundancy in any systems or repositories?
• How long should it be retained legally and operationally, and how are the rules applied?
• Is the information and data securely protected and easily accessible to support key functions of the company?
• What are the contractual obligations related to records – IT, HR and Legal?

There are some key practices that can help identify and minimize risks:

Diligence – understanding the current state of the company’s Records Information Management and Information Governance Program. Questions you should ask your MA&D steering committee, include:

• Is there a current records retention schedule and policy in place? When was it last updated operationally to represent all the functional areas of the company along with appropriate legal research (no longer than two years)?
• Is there a current datamap of all the structured and unstructured data?
• Is there someone(s) designated as a Records Manager or Information Governance leader? What is commitment and level of experience and competency of the person(s) managing the records?
• What compliance/governance tools or technologies are in place to manage compliance?

Progress – create a roadmap that includes input from key functional areas along with prioritization, transparency and contractual alignment. Important first steps should include:

• Create an integrated or separated retention schedule and policy
• Design a taxonomy that includes both physical and electronic records
• Designate a staffing structure that will support records management requirements for functional areas of the company as well as support the compliance and governance capacities
• Identify tools/technologies that will enable efficient and compliant processes to be appropriately applied and measured along with the contractual obligations

Outcome – implement processes and sustainable solutions that provide compliant practices and disciplines for the company now and ongoing. You will need:

• An appropriately applied retention schedule to address information in all formats and locations– a “policy everywhere” concept
• Trained staff structure that delivers support and governance
• Integrated tools/technologies to deliver compliance efficiencies, full audit capabilities and ongoing support.

Each MA&D is unique, and to gain compliance and manage the records and information often requires expertise and experience beyond the internal capacities of the company(s). Combined efforts within the company and service providers that can deliver capabilities, proven and process and methodologies, and technology tools will assist in mitigating risks, improving and protecting information assets, helping to control or reduce costs—all while helping you become one, fully functional and profitable organization as quickly as possible.