Apr 14 ‘23
15 min read
Mergers and acquisitions (M&A) mean two companies become one through a financial transaction. As of Q1 2023, the global M&A volume was $559 billion. It’s the third-lowest value in ten years.
Based on our experience, companies typically pause transactions and reduce M&A risks when facing unfavorable circumstances. However, deal risk management goes far beyond pausing transactions amid a recession.
This time, we uncover the most common M&A risks with real-life examples and describe working mergers and acquisitions risk management strategies. Keep reading to discover the types of M&A risks.
Types of M&A risks
“Why do mergers and acquisitions fail?” is a frequent concern among business executives. When two companies join forces, they must survive financial, legal, operational, and reputational risks. Here are the most significant risks that break 70-90% of deals.
| M&A risks | Risk factors of mergers and acquisitions |
| Financial |
Poor valuation practices |
|
Unexpected costs resulting from missing assets and unknown liabilities |
|
|
Uncertain tax position |
|
|
Tax risk, including unexpected tax implications |
|
|
Unforeseen factors affecting the business economy |
|
| Legal |
Intellectual property risk |
|
Deal cancellation due to anti-monopoly laws |
|
|
Compliance issues |
|
|
Warranties risk |
|
|
Existing or threatened litigation |
|
|
A constantly changing regulatory environment |
|
| Operational |
Post-merger integration risk |
|
Succession planning issues and cultural differences |
|
|
Supply chain problems |
|
|
Poor customer retention |
|
| Reputation |
Negative media coverage and stakeholder management issues |
|
Past market disruptions and M&A scandals |
|
|
Loss of customer trust and investor confidence |
|
|
Loss of revenue due to damaged brand equity |
The most common M&A risks explained
Let us break down risk factors in mergers and acquisitions with real-life examples from the following categories:
- Financial risk
- Legal risk
- Operational risk
- Reputational risk
Financial risk — Quaker Oats and Snapple
The potentially catastrophic risk of mergers and acquisitions come from the buyer’s inability to appraise the target company’s value correctly. It happened to Quaker Oats Co., which bought Snapple Beverage Corp. for $1.7 billion in 1994 to discourage the PepsiCo takeover.
Quaker’s spokesman, Mark Dollins, said Snapple would generate stellar profits from its soft drinks. However, many considered this deal overvalued.
Worse yet, Quaker didn’t realize expectations because Coca-Cola and PepsiCo products already saturated the soft drinks market. Failed synergies and financial losses forced Quaker to sell Snapple for $300 million in 1997. As a result, Quaker Oats lost as much as $2 billion in this deal.
Legal risk — AT&T and T-Mobile
According to McKinsey, over 10% of large deals (over $1 billion in value) break due to antitrust laws. Legal authorities might ban such transactions as they threaten market conditions and lead to price hikes.
AT&T’s acquisition of T-Mobile became a vivid example of overlooked litigation risk. AT&T, a telecommunications company, attempted to purchase T-Mobile, its rival, in 2011 for $39 billion.
However, the U.S. Department of Justice and the Federal Communication Commission blocked the deal. It would harm the consumers due to high subscription prices resulting from the lack of competition.
This deal resulted in At&T paying a $4 billion deal reimbursement to the T-Mobile owner, Deutsche Telekom.
Operational risk — eBay and Skype
According to Harvard Business Review, 70-90% of deals fail during the post-merger integration phase. Operational risk originates from unrealized expectations, value overestimation, unsuccessful synergies, and cultural differences.
It happened to eBay when it acquired Skype for $2.6 billion in 2006. eBay planned that buyers and sellers would communicate via Skype. However, the eBay audience, both buyers and sellers, preferred email communications due to anonymity and convenience.
The cultural discrepancies between management teams also impaired the joined business. Additionally, eBay lost $1.4 billion in charges related to Skype owners in 2007, inflating the deal’s purchase price to $4 billion.
In 2009, the marketplace giant sold Skype to private investors for $2.75 billion. eBay lost at least $1.25 billion, not to mention day-to-day synergy expenses.
Reputational risk — Bayer and Monsanto
A study finds that reputational penalties make the company lose $0.8 for every $1 of its share value. The most devastating reputational losses come from the acquired business.
It happened to Bayer, a health and nutrition giant, after it acquired Monsanto, an agrochemical biotech company, for $63 billion in 2018. The Wall Street Journal named this deal one of the worst in history.
Bayer suffered immense reputational losses following Monsanto’s lawsuits regarding its cancerogenic herbicide.
Soon after the acquisition, Bayer paid $190 million in damages and waited for 18,000+ more complaints while claiming Monsanto’s herbicide was safe. Plaintiffs sensed an opportunity to punish the company, which often happened during M&A deals, according to Aon Litigation Risk Group.
Investors and customers started ditching the brand, and Bayer’s market capitalization shrunk by 40% to $59 billion, less than it paid for Monsanto. Its net debt also spiked ten times. As of 2023, Bayer’s new CEO plans to restore the damaged reputation, while the company’s market value is still 50% from 2018 levels.
Risk mitigation in mergers and acquisitions through due diligence
The table below summarizes the key reasons why the above deals failed.
| Deal | Deal breaker |
|---|---|
| Quaker Oats and Snapple | Overestimating the transaction due to unrealistic market expectations. |
| At&T and T-Mobile | Legal issues and misjudged competitive landscape. |
| eBay and Skype | Unrealistic priorities and poor customer understanding. |
| Bayer and Monsanto | Poor target investigation and overlooked customer risk concerns. |
According to Bain & Company, 60% of executives attribute deal failures to poor due diligence. Meanwhile, correctly conducted due diligence could save the above companies from deal breakers. It centers around the value creation proposition, financial statements, tax issues, tax insurance, and other aspects. Careful due diligence offers the following benefits:
- Identifies the target’s potential and reduces unrealistic expectations. Defining the firm’s intellectual property, estimating synergies, assets, liabilities, revenues, and profits helps to reveal its accurate acquisition value.
- Clarifies M&A risks. Investigating the company’s operating history, pending or possible litigation, and other aspects allows one to identify legal, operational, reputational, and commercial risks.
- Boosts post-deal success. A complete picture of the target’s capabilities improves post-merger integration success and contributes to business longevity.
The process can take 60 days or more, and it directs further deal evolution. Let’s take a look at successful acquisitions achieved due to thorough due diligence below:
- PepsiCo and Quaker Oats
- Apple and Shazam
- IBM and Red Hat
PepsiCo and Quaker Oats
Quaker Oats couldn’t realize its acquisition intentions in 1994, which led to PepsiCo buying it in 2001. PepsiCo acquired Quaker Oats shares for $13.4 billion, according to the Securities and Exchange Commission (SEC).
PepsiCo made a clever move, expanding its product portfolio and increasing profits by 14% by the end of the year, according to Forbes. According to the SEC, the acquired company delivered PepsiCo 13 brands with over $1 billion in sales.
Apple and Shazam
Apple acquired Shazam, a music recognition app, for $400 million in 2017. Music recognition was a game changer for its customers as they could discover new songs via Shazam and enjoy them in App Music.
With Shazam’s acquisition, Apple expanded its audience and sales several times. It has over 820 million subscribers, while J.P. Morgan says its music and gaming revenues will reach $8.2 billion by 2025.
Shazam’s acquisition exemplifies how Apple avoided financial (zero losses) and legal risks (zero antitrust lawsuits).
IBM and Red Hat
IBM acquired Red Hat, a cloud computing and open-source tech provider, for $34 billion in 2018. Before the deal, IMB faced competitive pressure from Microsoft.
The tech giant sought improvement in cloud technology, considering about 20% of its clients operated in the cloud. Acquiring Red Hat allowed IMB to provide 80% of its customers with hybrid cloud tech in a flourishing cloud computing market.
This case exemplifies successful competition, market conditions, and target company due diligence. Moreover, this deal perfectly aligned with IBM’s growth plans to keep its competitive advantage. According to TechCrunch, IBM grew 8% in 2022, demonstrating success after a decade of decline.
Risk management for mergers and acquisitions: Risk allocation mechanisms
While due diligence is the most effective risk management strategy, our findings indicate that a few more risk allocation approaches can reduce damages.
In fact, J.P. Morgan, a global leader in financial services, identifies the following risk allocation mechanisms:
- Escrow arrangement. An acquiring company involves a third party to secure and hold a portion of the deal payment during the M&A process. A buyer claims this price portion if a seller breaches warranties and contracts.
- R&W insurance. A buyer uses an objective third-party insurer to recover losses if a seller breaches representations and warranties (R&W). Insurance coverage usually equals 10-30% of the deal purchase price. However, some insurance providers offer judgments-only catastrophic insurance.
Other risk reduction strategies include:
- Merger arbitrage. Attracting merger arbitrageurs can help a seller increase its share value and generate higher profits post-deal.
- Indemnification negotiation. It is when dealmakers negotiate compensation they will pay each other if either party breaks warranties. An indemnification agreement can be one-sided as well, benefiting either buyers or sellers.
Risk management in mergers and acquisitions: Best practices
Here are the three best M&A risk management practices:
- Customer-centric M&A
- Cybersecurity due diligence
- Thorough post-merger integration planning
Customer-centric M&A
Most companies look at financial benefits, market expansion, and takeovers while overlooking customer needs. Christina Öberg, a business administration professor, says companies fail to realize how their customers impact M&A outcomes.
A company should carefully research their audiences’ needs while preparing a comprehensive valuation report as customers drive revenue. Thus, IBM and Apple deals succeeded because they satisfied audience demands. Contrarily, Quaker and eBay failed because they overlooked customer needs.
Cybersecurity due diligence
Cyber risk accompanying deals contributed to $8 trillion in cybercrime damage in 2023. Data breaches and misconducts follow M&A deals due to large volumes of high-risk information exchanged in the process.
They cause potentially catastrophic damages to reputation, finances, and operations. According to PWC, one of the largest advisory firms, 85% of customers won’t cooperate with the company if it raises digital security concerns.
Wise business executives conduct cyber assessment to overcome associated risks. The Accenture study revealed that cyber due diligence uncovers critical risks and saves the transaction in 92% of cases.
| Check this comprehensive guide to cybersecurity due diligence in M&A transactions. |
Thorough post-merger integration planning
Boston Consulting Group states that over half of M&A transactions never realize their potential due to post-merger integration (PMI) challenges.
Dealmakers should address PMI much earlier than usual to extract the most value from the transaction. The following practices help companies seize the post-deal momentum:
- Establish PMI leadership. Establish a steering committee and a post-merger integration office to plan and supervise post-deal activities. Deal structure and change management are the highest priority.
- Begin PMI planning early. Successful buyers plan post-merger integration before the deal closes. This approach ensures critical synergies get addressed from day one post-deal.
- Conduct thorough PMI due diligence. PMI due diligence should start after pre-deal diligence. It provides working insights into financial, operational, and other integration areas and minimizes associated risks.
| Get this post-merger integration finance checklist to complete financial integration and proceed to more complex areas as soon as possible. |
How virtual data rooms can help
Virtual data rooms (VDRs) are M&A collaborative workspaces built around security, due diligence, and collaboration. The virtual data room market is growing steadily at a CAGR of 14.5% due to increasing demand for secure M&A processes amid the rapid digital transformation.
According to Accenture, companies close transitions three months earlier and generate up to $45 million in additional value while using digital solutions, including virtual data rooms.
Based on our observations, a data room for M&A significantly enhances risk management mechanisms during M&A while focusing on cybersecurity and due diligence. Buyers and sellers use virtual data rooms for the following:
- Technology-powered due diligence. Q&A workflows, user activity tracking, and data management tools eliminate redundant work during the due diligence process. VDRs assure robust communication between all parties involved and simplify file sharing and shareholder agreements.
- Fewer contract breaches. Granular user permissions, enforceable agreements, and document security policies minimize data misuse and contract breach. Screen capture blocking, encrypted download, restricted viewing, and other features allow deal parties to have complete control over data flows.
- Data-driven post-merger integration. Drill-down activity reports, user roles, and M&A workflows allow dealmakers to centralize PMI governance. Q&A tools with approval workflows, in-app discussions, and activity logs help to track synergies and report to leadership.
- Security and regulatory compliance. VDR capabilities ensure GDPR, CCPA, HIPAA, and FedRAMP-compliant M&A processes, from pre-deal due diligence to PMI and beyond. Data room providers secure deals with 256-bit encryption, malware protection, IP restrictions, session timeouts, and remote device management tools.
| Check this comprehensive due diligence data room checklist to avoid as many M&A risks as possible. |
Key takeaways
- M&A risks include financial, legal, operational, and reputational issues. Studies show that most deals fail due to unsuccessful due diligence and unrealized post-merger integration.
- Thorough due diligence is the best way to prevent the high risk of mergers and acquisitions. Meanwhile, escrows, warranty issuance, indemnification agreements, and merger arbitrage help dealmakers reduce financial damage due to arising issues.
- Companies should also take a customer-centric M&A approach, conduct cybersecurity due diligence, and plan integration in advance.
- Most importantly, dealmakers can boost M&A due diligence using project management platforms, including deal-centered virtual data rooms. Overall, businesses are advised to prevent risks in the first place to maximize deal value.
Category
Mergers and acquisitionsSecurity & risksFAQ
Mergers and acquisitions involve financial, legal, operational, and reputational risks.
You can leverage due diligence for risk assessment and use escrows, R&W insurance, indemnification agreements, and merger arbitrage to secure the deal value.
Risk management plays a pivotal role, and up to 90% of M&A failures could be avoided if companies heavily invested in risk management mechanisms.
