Companies that rely on mergers and acquisition for growth have to build robust post-acquisition integration policies and controls.  Such a requirement applies not only to ethics and compliance program integration but to overall business operations.  Successful companies employ a robust pre-acquisition planning process, incorporating ethics and compliance  as an important part of the overall integration process.

Compliance officers have to participate in the integration process and can use the opportunity to develop important relationships with compliance personnel at the target company. 

Compliance officers have to use the integration process as an opportunity to build internal relationships with their companies.  By engaging in a comprehensive integration process the compliance officer can identify issues early in the process, work closely with the business to understand their operations and form important strategies and buy in for compliance issues.

From the business perspective, companies have to establish a framework for the integration process.  Such a framework should include: (1) an Integration Committee consisting of representatives for all key functions; (2) Regularly scheduled meetings with tasks and reporting requirements; (3) Project planning with timelines and specific task assignments; (4) Identification of basic topics.  A senior manager has to be assigned to lead the Integration Committee and report directly on a periodic basis to the company’s senior leadership team.

Global companies face a long list of topic areas.  Some basic topics include: (1) Implementing compatible ERP systems; (2) Ensure timely connection to communications systems; (3) Human Resource control over executives, managers and employees; (4) Physical facilities and inventory; (5) Staffing assessments and streamlining of operations; (6) Financial operations planning and modification to reconcile accounting controls, invoice-to-payment process, and authorizations matrix; (7) ethics and compliance program; and (8) health, safety and environmental requirements.

Digging into the ethics and compliance program functions, a CCO has to develop a comprehensive plan to integrate new managers and employees, third parties and critical compliance functions.  The basic list includes:

Code of Conduct and Compliance Policies and Procedures:  The CCO has to ensure that its code of conduct, compliance policies and procedures are applied “as quickly as is practicable” to the acquired business operations.  This requires prompt integration of the acquired company into the acquiring company’s intranet portal and other ethics and compliance resources.

Compliance Training:  The CCO has to prioritize ethics and compliance training of the acquired company’s directors, officers and employees.  In-person training of new employees is very effective and helps to reduce employee anxiety over the anticipated changes.  Depending on the acquired company’s risk profile, the acquired company should consider training of third-party business partners and third-party representatives.  Such training should focus on the FCPA and other anti-corruption laws, the company’s code of conduct and compliance policies and procedures (e.g. due diligence, gifts, meals and entertainment expenses).

In many cases, senior executives can play a critical role in emphasizing the importance of ethics and compliance to the new company employees. Employees at the acquired company are often anxious or excited about new ownership and CCOs should recognize quickly the prevailing concerns among the new employees.   CCOs usually can build on this initial meeting to reassure the new company employees and establish open lines of communication to address their concerns

FCPA Audits:  Based on the pre-acquisition due diligence and post-acquisition risk assessment, the CCO should act “as quickly as practicable” to conduct an in-depth and robust internal FCPA audit of the acquired company’s operations.  In essence, the FCPA audit should include deep dives into issues and operations that may have been identified during the pre-acquisition due diligence.  Whether this is conducted internally or by external attorneys and forensic accountants, the audit has to be detailed and involve a broad review and robust sampling to ensure that no potential violations occurred in the past or are ongoing.  This review is critical.  If the company does not uncover any illegal conduct, the acquiring company will bear the risk of liability if discovered after the post-acquisition audit.  Moreover, the company’s ability to secure a declination in such circumstances may diminish.