MORE ON DUE DILIGENCE

We are pleased that we have never been involved on the buyer's side of what could be considered an "unfriendly takeover." We base our client relationships on strategically planned, well thought out, negotiated transactions, almost exclusively in people-oriented business segments. In our considered opinion, therefore, due diligence is first and foremost a review, designed to ensure that discussions between parties to a transaction during the courtship phase were based on reasonably verifiable fact, rather than the enthusiasm of one party and the hopeful anticipation of the other.

Over the past 15 to 20 years a variety of legislative agencies have promulgated regulations which have added new dimensions to due diligence. Legal considerations in a more litigious society have made other operational functions considerably more complicated. "Personnel" has become "human resources," "insurance" is now "risk management;" and, while certainly more than simply an administrative characterization, environmental regulations are with us in a very real sense for the foreseeable future.

We do not minimize the realities of each of these new business dimensions. Rather we recognize that each of them have produced what we consider a need for significant expertise, which may or may not be present in the internal organizations of companies engaged with, or planning to become engaged with the acquisition process. In this article we will deal with risk management, probably that aspect of due diligence which has received the smallest amount of attention as its refinements and subtleties have increased.

During those very early years in which we were personally involved with audits of public corporations, the risk management review consisted primarily of securing a "schedule of insurance" from the client's broker, checking details of this schedule against the policies on file, and inquiring as to the existence of any legal claims which may or may not have been "covered" by the insurance then in force. Another "important" use for this schedule was the compilation of a prepaid insurance value for inclusion in the "other assets" caption of the client's balance sheet.

Much more recently we obtained a risk management due diligence check list from an acquisition seminar held by a multi-billion dollar corporation. This list contained only four items, two of which requested copies of various types of policies for the past two or five years and the other two of which requested claims history for generally the same policies for the same time periods. Even assuming the check list was to be used as a seminar graphic, we doubt that attendees would exit being qualified to handle a risk management due diligence effort.

Another document reviewed recently, also prepared by a multi-billion dollar acquirer and described as a "risk management pre-acquisition check list," was several pages long and single spaced. This list was considerably more comprehensive than that described above, but almost to the point of being redundant and most definitely difficult to follow for someone not involved with risk management on a daily basis. More important, unless the due diligence team member responsible for gathering the material was a qualified risk management expert, we doubt that the resultant information would be worth the time and effort necessary to collect it.

Compounding this reality by the "irritant factor" derived from the time spent by seller's representative to gather experience information, policies and other details, we arrive at what we believe to be an almost inescapable conclusion: the risk management portion of due diligence, as, for instance the environmental portion, should be outsourced to a qualified consultant. As with the cost of any other professional, in our opinion, a qualified risk management expert will produce faster, more accurate, and possibly results which might save many, many times the value of their initial "cost."

Earlier in this article we referred to human resources as having become a more significant function. When contemplating a due diligence effort, how many people responsible for creating a check list will correctly identify, or even think to identify the liability which arises out of "routine" employment? Even dealing as we do with "people" companies we have only recently had this particular problem brought to our attention as a risk management issue. Employment practices liability is a new and rapidly changing field and as such must be followed with the continuing effort traditionally associated with fast changing areas such as taxation.

More and more companies are being impacted by harassment, wrongful termination and discrimination claims. Since 1990 there has been an increase of more than 100 times the number of complaints filed with the Equal Employment Opportunity Commission.

Claims that allege workplace discrimination produce an average court award of $300,000.

Sexual harassment claims average awards in the $150,000 area.

Most existing business insurance policies offer little or no coverage for employment liability claims. These and other related claims can be covered by insurance but as a new area, must be carefully explored by risk management experts who can review key policy terms, conditions, definitions and exclusions. Acquisition and similar due diligence should absolutely contain provisions to determine whether and how employment liability coverage fits into the organization's portfolio of risk management techniques.

We have written at least two articles inveighing against business brokers as potentially having more interest in completing a transaction than concern for either buyer or seller as principals. In the case of insurance brokers, the due diligence team will encounter a problem that will in all probability be as remote to their view as was the iceberg which sank the Titanic, and with equally disastrous results.

A very few highly experienced due diligence teams will take steps to determine the solvency of the reviewed company's insurers. In our opinion, that percentage of teams which would question the solvency of the company's broker would range from extremely low, to nil. Yet there have been a significant number of instances throughout the U.S. in which insureds have had insurance policies canceled for lack of payment because premium moneys collected by the broker were never remitted to the insurer. While such practice is unquestionably illegal, when faced with financial difficulties, a broker may use fiduciary funds for personal purposes.

While many states require brokers and agents to establish a fiduciary account to maintain clients' funds separate from their own operating funds, existence of such an account alone does not guarantee that premiums paid to a broker actually find their way to the insurer. When a broker who is an agent of the insurance company diverts funds, the insurer is most often responsible for carrying out the terms of the issued policy. In the case of a broker who is not an agent, the insurance company has no such responsibility. Particularly troublesome is the situation where a past claim arising out of a situation such as this is presented to the insurer and rejected as having no in-place coverage.

As part of a due diligence effort, the professional risk management consultant should take steps to review the company's brokers. This should include: consideration of the size of the brokerage firm; checking the firm's financial statements; obtaining a noncancelable surety bond if satisfactory financial statement are not forthcoming; investigating the broker's history with the appropriate state insurance agency; and, finally, checking for any warning signs evident to an expert but which may completely elude the traditional due diligence team.

When insurance is purchased, a long period of time can elapse before the actual policy is issued and delivered to the insured. This issuance may not occur for weeks, or even months after the date of coverage, although some foreign insurance placements can take more than a year to be issued. Disputes over what is covered under a binder often arise during the period between the "effective date" and that date on which the actual policy is delivered. Too often binders are issued by brokers and not the company that will eventually issue the policy. Even those binders written by the issuing company can often describe coverage in general or vague terms which will not reflect the coverage in the actual policy. In our opinion problems of this nature would not arise in the minds of a typical internal due diligence team but could cause substantial financial losses to begin years after the close of a transaction.

We have never preached the doctrine of "overkill." While we have always suggested the use of appropriate consultants to review those portions of a deal not normally covered by internal expertise we do not recommend that expenditures be incurred on a routine basis merely as they represent the "correct" solution. We have, in fact, continually questioned any solution offered simply because "that's the way we've always done it."

We would suggest that any company about to enter into a program of acquisition or any company about to prepare itself for market to a larger entity retain the services of a qualified risk management consulting firm. As risk management is an extremely dynamic field we would further suggest that some arrangement be made to have due diligence teams and any other responsible individuals or groups brought up to date regularly by this consulting firm in a clearly defined manner. In any partnering situation we would recommend a review, the depth of which should be determined by the size and nature of each transaction. Transactions which involve the acquisition of stock, through which buyers can adopt both past and future liabilities from sellers, should be reviewed more carefully, no matter what their size. Transactions whereby purchasers acquire selected and defined assets might also require review, the scope of which should be determined by transaction size.

In any major acquisition, the risk management due diligence team might be composed of one or more of the following: (i) the acquiring entity's insurance broker if large enough to be thoroughly current in the most esoteric recent risk management developments; (ii) the acquiring entity's risk manager; and, (iii) an independent risk management consultant. Absent a large, completely dedicated and professional internal risk management staff, we believe that the team should be led by the proven risk management consultant, representing individuals who must maintain themselves on the leading edge of awareness of all current developments as they pertain to each client.

All due diligence efforts in the risk management area should include investigation of the following three areas:

Organizational, which includes analysis of the organizational structure and effectiveness of the seller's risk management function.

Financial, which includes an evaluation of claim or loss reserves that may be accrued on financial statements; and an investigation into the funding methodology used for payment of claims.

Technical, which includes an investigation into the existence of liability coverage for discontinued products, environmental risk or other catastrophic exposures; and an overall analysis of insurance contracts and other risk-transfer mechanisms.

Risk management may be the least regarded, yet one of the most important components of a due diligence review. Any potential benefit derived from a merger or acquisition can be eroded easily by undiscovered liabilities. Timeliness of the disclosure of such liabilities can quickly erase any amounts held back to ensure compliance with warranties and representations. Timeliness when combined with payments of earnout amounts based on earnings can also create significant unachievable recoveries of such amounts paid before discovery of problems.