In the context of mergers and acquisitions under the FCPA, in a near perfect example of the Howard Sklar maxim that ‘water is wet” the 2012 FCPA Guidance stated “mergers and acquisitions present both risks and opportunities. A company that does not perform adequate FCPA due diligence prior to a merger or acquisition may face both legal and business risks. Perhaps most commonly, inadequate due diligence can allow a course of bribery to continue—with all the attendant harms to a business’s profitability and reputation, as well as potential civil and criminal liability.” While most compliance practitioners have been long aware of the requirement in the post-acquisition context, the 2012 FCPA Guidance focused many compliance practitioners for the need to engage in robust pre-acquisition due diligence.
Under Prong 11. Mergers and Acquisitions; there were a series of queries which tied together how pre-acquisition due diligence and post-acquisition integration. Due Diligence Process –Was the misconduct or the risk of misconduct identified during due diligence? Who conducted the risk review for the acquired/merged entities and how was it done? What has been the M&A due diligence process generally?
The pre-acquisition process was then tied to post-acquisition with the following: Process Connecting Due Diligence to Implementation – What has been the company’s process for tracking and remediating misconduct or misconduct risks identified during the due diligence process? What has been the company’s process for implementing compliance policies and procedures at new entities?