How Sarbanes-Oxley Affects Merger Considerations
Two attorneys analyze the ways in which the law could impact companies' merger activity - including internal control issues and public company deals for private firms.
For the better part of two years, financial executives have been inundated with analyses of the corporate governance and public reporting requirements of The Sarbanes-Oxley Act of 2002 and related corporate governance reforms. More recently, financial executives have been flooded with information on the internal control requirements of Sarbanes-Oxley Section 404, which, for larger companies, become effective beginning with their annual reports for fiscal 2004.
However, as much energy as financial managers may have exhausted on these issues, many have not yet considered the effect of Sarbanes- Oxley on their company's merger and acquisition activity.
The level of concern is not the same in all transactions. A target that already is publicly traded presumably is in compliance with Sarbanes-Oxley and stock market rules. And if the target, whether public or private, is immaterial in size relative to the acquirer, the likelihood of the transaction causing the acquirer any significant Sarbanes-Oxley issues is diminished. However, a public company can face real challenges when it acquires a significantly sized target that was privately held, and therefore historically not subject to Sarbanes-Oxley.
Public company acquirers should address these and related concerns by conducting more comprehensive due diligence of a target's Sarbanes-Oxley compliance and financial disclosure and systems before effecting a transaction. This diligence should include: 1) an assessment of the target's management team to take their corporate governance and ethical "temperature"; 2) a review of internal controls and any significant deficiencies in their design or operation that could impair disclosure of financial information; 3) an evaluation of the level of aggressiveness of the target's accounting policies; and 4) meetings with persons involved in the target's compilation of financial data. Acquirers also should require targets to make representations and warranties concerning internal controls, disclosure controls and procedures and other financial disclosure issues.
A discussion of several specific issues that public company management should examine in conducting a Sarbanes-Oxley "audit" of an M&A target follows.
Controls and Procedures
Public-company internal control standards have long been in existence, and therefore, at least theoretically, an acquired company's controls always have been an appropriate subject for due diligence. However, Sarbanes-Oxley Section 404 and related rules have raised the ante significantly.
As most are already aware, under Sarbanes-Oxley, public company CEOs and CFOs are required (or will be required, in the case of internal controls) to certify that they are responsible for establishing and maintaining internal control over financial reporting and disclosure controls and procedures, and that they have designed such controls, or supervised their design, to achieve the respective objectives of the two sets of controls. They must also evaluate the effectiveness of disclosure controls quarterly.
In the context of an M&A transaction, the CEO and CFO obviously would not have established or designed a target company's controls. Accordingly, thought must be given as to how the executives can provide the relevant certifications, particularly in the acquirer's first post-closing SEC periodic report (a current report on Form 8- K, even one with target or pro forma financial statements, need not be certified).
If the target's existing controls are being adopted by the acquirer, the acquirer and the certifying officers must establish a certain level of comfort with those controls through the diligence process. If the target's controls must be upgraded, or the acquired business must be integrated into the acquirer's controls (which presumably would be typical where the target was privately held and not subject to public-company control requirements), the acquirer may need to substantially complete the integration process by the time of the first post-closing certifications in order to permit the officers to safely provide those certifications.
This issue could be particularly troublesome in the relatively common context of an acquisition consummated immediately prior to the end of an acquirer's fiscal period. By definition, acquirers will have had little or no time to integrate the target, much less to evaluate the controls after the integration is completed.
The certifying officers may have difficulty concluding in the acquirer's first post-closing SEC report that the company's disclosure controls and procedures are effective if a significant acquired business has not been integrated into those controls by the relevant period end. It is possible to report in the SEC filing that the disclosure controls are not yet effective with respect to an acquired business that is still being integrated (the certification related to this disclosure item does not actually compel a conclusion of effectiveness), but companies will generally wish to avoid such disclosure.
With respect to management's annual internal control report and the related auditor attestation under Sarbanes-Oxley Section 404, a conclusion that internal controls are ineffective is obviously unacceptable. However, because internal control evaluations need only be conducted annually (as opposed to the required quarterly evaluations of disclosure controls), acquirers should have more time for control integration, depending on the timing of the acquisition closing. In any event, pre-closing input from the auditors will likely be required in order to ensure that they will able to attest to the combined companies' internal control.
An already-effective rule requires that any changes in a public company's internal control over financial reporting that has materially affected - or is reasonably likely to materially affect - the company's internal control over financial reporting be disclosed in the SEC report covering the quarter in which the change occurred, and that the CEO and CFO certify that this disclosure has been made. Therefore, changes to an acquisition target's internal controls that are implemented post-closing during the covered quarter may trigger this disclosure requirement.
Financial Statement Certifications
All of the SEC control requirements are intended to ensure accurate SEC reporting, and the CEO and CFO must certify as to the accuracy of their company's periodic reports. SEC reports and the financial statements they contain (and consequently, the executive certifications) will cover the operations of the acquired business post-closing. Performing sufficient diligence on the target's controls, or implementing an integration process efficiently, will contribute greatly to executives' ability to confidently certify the content of an SEC report covering the combined entity.
With respect to the financial information certification, the SEC has made it clear that the phrase "fairly present in all material respects" is not impliedly or otherwise qualified by the phrase "in accordance with GAAP." In other words, the fact that financial statements are GAAP-compliant will not shield the executives if the financial information in the report does not "fairly present" the company's financial condition and results. Accordingly, the acquirer should obtain representations in the acquisition agreement from the target that the target's financial statements both "fairly present" its financial condition and that they are GAAP-compliant.
Prohibition on Insider Loans
Private companies frequently grant loans to their officers, directors or other insiders. When a significantly sized target is acquired, target management may become directors or executive officers of the acquirer. Sarbanes-Oxley section 402 prohibits public companies, directly or indirectly, from extending or maintaining credit, or arranging or renewing an extension of credit, in the form of a personal loan to or for a director or executive officer.
This loan prohibition has engendered significant interpretative issues, and the SEC has been reluctant to issue guidance or specific rules. As a result, some arrangements that at first blush do not appear to be personal loans, such as split-dollar life insurance contracts, may trigger the restriction.
A loan to a private target insider that is legal the moment before closing of an acquisition by a public company arguably becomes illegal postclosing if the acquirer assumes the loan and the target insider becomes an acquirer insider. Loans in existence on July 30, 2002, the date Sarbanes-Oxley was enacted, are "grandfathered," provided they are not subsequently materially modified (it may be a fine question in some cases whether the consummation of an acquisition causes a material modification to an assumed loan).
However, it is not clear that post-enactment, pre-public loans made by private companies to their insiders are grandfathered. Given this uncertainty, it is advisable to identify and pay off or cancel, before closing, any loan-like arrangement that could give rise to Sarbanes-Oxley's loan prohibitions.
Corporate Governance Issues
New stock market listing standards that become effective at the time of most public companies' annual stockholders' meetin\gs this year require that a majority of the members of listed companies' boards be comprised of "independent" directors, and that the companies generally have all-independent audit, compensation and nominating/corporate governance committees. Some distinctions exist between New York Stock Exchange and Nasdaq rules.
These rules could potentially conflict with post-closing corporate governance arrangements, common in "mergers of equals" or joint ventures, where target directors or officers are guaranteed representation on the board of the combined entity. These arrangements must be examined to determine whether they comply with applicable corporate governance listing standards.
The stock markets do provide important exceptions. For example, majority-controlled companies are exempt from certain standards, and the requirement that director nominations be made, or recommended to the full board, by independent directors is not applicable where a company is legally required by contract or otherwise to provide third parties the right to nominate directors.
In sum, as the level of M&A activity continues to grow in 2004, it is critical that companies consider Sarbanes-Oxley and stock market reforms in performing due diligence on an acquisition target. Identifying and addressing concerns pre-closing could help to avoid more significant or embarrassing post-closing issues.
Neil D. Falis (nfalis@KilpatrickStockton.com) is a partner and David M. Eaton (deaton@KilpatrickStockton.com) is an associate at Kilpatrick Stockton LLP.
(C) 2004, FEI. Reprinted with permission from FINANCIAL EXECUTIVE, (issue month/s and year), © by Financial Executives International; 200 Campus Drive, Florham Park, NJ 07932-0674; 973.765.1000; www.fei.org.