Corporate Mergers: Internal Audit’s Role in “Happily Ever After”

The challenges associated with mergers and acquisitions are myriad. Yet every year, hundreds of companies across the globe conclude the potential upsides of combining two successful organizations are worth the risks.

A number of technology companies currently are grabbing the merger spotlight — AT&T and Time Warner, Level 3 Communications and CenturyLink, and Yahoo! and Verizon. I find that corporate mergers such as these are like celebrity weddings — splashy, highly orchestrated, and sometimes doomed to failure before the participants reach the altar.

Mergers and acquisitions are notoriously difficult and often fail to live up to the hype. Yet, the lure of creating something greater than the sum of its parts often overshadows the risks and pitfalls. Corporate managers and boards keen to expand into burgeoning markets, strengthen weaknesses, or even quiet a competitor, view these options as viable business strategies. Yet, they are strategies fraught with risks – for the shareholders of the respective companies, current and would be lenders, and even the companies’ customers.

Given all of the risks, it is imperative for internal audit to play a significant role whenever an organization identifies a potential takeover target. Ideally, internal audit should be invited to participate at the beginning of the process. Having a seat at the table often enables the internal auditors to better understand the business and strategic considerations that went into a merger decision. Too often, however, it is brought in after the decision has been made to move forward.

There are well-established due diligence processes that should be followed during a merger to determine a target company’s true value, fiscal health, labor relationships, and more. When companies merge, they each bring differing views of governance, risk, and control, and internal audit provides assurance in these areas and others.

At a minimum, effective due diligence should provide a clear picture of the target company’s corporate structure, information systems, control environment, and reporting lines. An excellent resource on internal audit’s role in mergers is Mergers, Acquisitions, and Sales: How Internal Audit Adds Value and Effectiveness, available through The IIA’s bookstore.

The pending US$4.8 billion Yahoo! and Verizon merger can teach us something about the importance of thorough due diligence. Merger talks were well under way, including public pronouncements of the mega-deal, when Yahoo! revealed a cyber hack involving half a billion customer accounts that occurred in 2014. Is it possible the breech might have been uncovered as part of Verizon’s due diligence? We’ll never know the answer to that question, but we do know the consequences of not knowing. At least one high-profile industry analyst is warning the deal may now fall through. Short of that, a renegotiated deal might well occur.

We can’t move off this subject without discussing the impact of mergers and acquisitions on corporate culture.

I’ve noted before that my favorite definition of corporate culture is “how things get done around here.” When organizations marry two cultures, “how things get done around here” can quickly become murky. For example, upstart competitors, often the targets of mergers, may bring a more youthful, technology-driven, or aggressive ends-justify-the-means approach to business that clashes with or erodes the existing corporate culture.

Potential problem areas that should be on management’s and internal audit’s radar include leadership styles, decision-making processes, attitudes toward change, and even how success is defined or valued. The importance of getting culture right can’t be overstated. Indeed, the inability to successfully merge cultures was cited in a Bain CEO survey as one of the principle reasons mergers fail to meet goals for combined value. Culture’s impact on the success of mergers was ranked 7.45 on a scale of 10 in a survey of more than 130 U.S. executives conducted by Pritchett in 2010.

These two surveys suggest culture is on the merger agenda. Yet the Pritchett survey found just 4 percent of respondents report their organization includes culture questions in their due-diligence checklist. The survey also found just 5 percent of respondents’ companies perform a “culture gap analysis” or some other compatibility study to determine a culture fit.

Deloitte offers strong advice in its report, Cultural Issues in Mergers and Acquisitions and offers seven clear steps for assuring culture is examined and addressed. The list includes making culture a key part of change management, identifying who “owns” corporate culture and having them report to senior management, and examining the strengths and weaknesses of culture at both organizations.

As stakeholders increasingly turn to internal audit to assess culture, it should become routine for that service to extend to the due diligence process in mergers and acquisitions.

As always, I look forward to your comments.   ​