The importance of assurance and due diligence: The nature of strategic evaluation means that businesses have to make choices and take decisions about what course of action, or what strategy, to pursue. In order to take these decisions, businesses need adequate, relevant and reliable information.
Table of Contents
However, in relation to key strategic choices (such as whether or not a company should acquire another company) problems may arise when one party to a transaction has more, or better, information than the other party. In other words, there is information asymmetry.
This problem is exacerbated by the fact that frequently there is an incentive for the party with greater information to use their superior position to gain an unfair advantage in a transaction. For example, if an acquisition target presents an optimistic forecast of its level of future earnings, this could lead to the purchase price for the company (and therefore the sale proceeds earned by its shareholders) being greater than if a less optimistic forecast had been presented.
Although the company hoping to make the acquisition will be able to review the statutory audited financial statements of the target company, these may not be sufficient to narrow the information gap between the purchasers and vendors, because the financial statements are prepared for a different purpose.
A greater, and more specific, level of assurance may therefore be required for acquisitions, mergers or joint ventures. The most common type of assurance in this context is a report of due diligence.
There are several different forms of due diligence, some of which are carried out by accountants and financial consultants, while other aspects require the expertise of other specialist skills.
Objectives of Due diligence
Due diligence will attempt to achieve the following:
Confirm the accuracy of the information and assumptions on which a bid is based
Provide the bidder with an independent assessment and review of the target business
Identify and quantify areas of commercial and financial risk
Give assurance to providers of finance
Place the bidder in a better position for determining the value of the target company
However, the precise aims will depend on the types of due diligence being carried out. Due diligence
could be financial, commercial or operational, although ultimately due diligence shouldn’t only be focused on compliance – it is also about having confidence in the people you do business with, and having a better understanding of their business.
Financial due diligence
Financial due diligence is a review of the target company’s financial position, financial risk and projections (for example, in relation to earnings and cash flows). However, it is not the same as a statutory audit, its purposes are more specific to an individual transaction and to particular user groups, and there is normally a specific focus on risk and valuation.
Another difference between financial due diligence and a statutory audit concerns the importance of projections. The focus of a statutory audit is primarily historical – reporting on actual performance and results – whereas projections are, by definition, forward-looking. Therefore, an accountant undertaking financial diligence may need to gain assurance over prospective financial information.
Commercial due diligence
It complements financial due diligence by considering the target company’s markets and external economic environment. The information used in commercial diligence work may come from the target company and its business contacts, but it may also come from external information sources.
It is important that the people carrying out commercial due_diligence have a good understanding of the industry in which the target company operates. In this respect, it may be appropriate for people other than accountants to carry out commercial due diligence work.
The information that is relevant to commercial due_diligence is likely to include the following:
Analysis of main competitors
Analysis of resources
Strengths and weaknesses
Market growth expectations
Ability to achieve forecasts
Critical success factors (CSFs)
Key performance indicators (KPIs)
Operational due diligence
Operational due_diligence considers the operational risks and possible improvements which can be made in a target company. In particular, it will:
Validate vendor-assumed operational improvements in projections
Identify operational upsides that may increase the value of the deal
Technical due diligence
In many industries the potential for future profitability, and thus the value of the company, may be
largely dependent on developing successful new technologies.
A judgement therefore needs to be made as to whether any technological benefits that have been
promised by the vendor are likely to be delivered. This is very common in a whole range of different
industries, including electronics, IT, pharmaceuticals, engineering, biotechnology and product development.
Such technological judgements are beyond the scope of accounting expertise, but nevertheless the
credibility of technological assumptions may be vital to the valuation process. Reliance will thus need to
be placed on the work of relevant experts.
IT and cyber-security due diligence
IT due_diligence assesses the suitability and risks arising from IT factors in the target company (for
example, any issues surrounding IT security, or integrating IT systems post-acquisition). These risks are
likely to be relevant to most companies, particularly given the increasing importance which IT systems
play in supporting modern businesses, and in view of the increasing focus on cyber risks and cybersecurity.
The ICAEW’s Cyber-Security in Corporate Finance – highlights how mergers and acquisitions can increase the risk of a company’s cyber-security being compromised. The publication offers the following illustration. A company which was seen as an example of good cyber-security practice acquired a smaller business, which had much weaker network security. However, the acquisition meant that the larger company inherited the weaknesses in the smaller company’s security.
As a result, it suffered a cyber attack, and subsequent investigations showed that the attacker had access
to the whole network, and was able to steal data relating to new technology.
As such, a target company’s cyber-security should be considered as part of a due diligence exercise.
Possible questions to ask are:
When did the board last consider cyber-security? And who is ultimately responsible for managing cyber-security in the company?
Has the company audited its cyber-security?
How confident is the company that its most valuable information is properly managed and protected from cyber-threats?
Has the company experienced a cyber- or information-security breach? If so, what steps did it take to mitigate the impact of this breach?
Legal due diligence
Legal issues arising on an acquisition are likely to be relevant to the following:
(a) Valuation of the target company – eg, hidden (or pending) liabilities, uncertain rights, onerous contractual obligations
(b) The acquisition process – eg, establishing the terms of the takeover (the investment agreement);
contingent arrangements; financial restructuring; rights; duties and obligations of the various parties
(c) The new group – eg, new articles of association, rights of finance providers, restructuring Reliance will need to be placed on lawyers for this process.
Human resources due diligence
Protecting and developing the rights and interests of human resources may be key to a successful
acquisition. There may also be associated legal obligations (for example, obligations under a pension
scheme, and regulations which protect employees’ terms and conditions of employment when a
business is transferred from one owner to another).
Tax due diligence
Information will need to be provided to allow the potential purchaser to form an assessment of the tax
risks and benefits associated with the company to be acquired. Purchasers will wish to assess the
robustness of tax assets, and gain comfort about the position regarding potential liabilities (including a
possible latent gain on disposal due to the low base cost).
Information relating to any tax warranties that the vendor might offer should also be made available
with the due diligence report as part of the ‘marketing’ information. This should generally not form a
part of the due diligence itself, though.