M&A, Business Models and Ecosystems in the Software Industry

Karl´s blog

Systematic identification of PMI risks in the due diligence process

[this blog is an excerpt from an interview with me]

 "My experience has shown that there are certain risks that can always be observed in an acquisition."

According to your experience, what merger integration risks are there?

Every takeover of a company    is associated with numerous risks. On the one hand, there may be unpleasant surprises lurking in the target company, but on the other hand, integration itself also holds many dangers. Finally, risks may also be present in the organization and strategy of the acquiring company.

There are many examples of what can happen in a merger. Particularly in the software industry, it is not uncommon for employees to leave the target. The following points are therefore crucial for the success of an integration process:

  • How can I motivate relevant employees to stay?

  • Are there opportunities to document their know-how and make it available to the company in a sustainable manner?

  • Is the target company really in possession of all intellectual property rights?

Project risks in the context of a merger and the resulting integration already arise during the definition of the project scope, the assessment of the necessary resource expenditure as well as during the coordination of its implementation.

How can the risks of merger integration be classified?

The most comprehensive classification is based on the findings of the merger integration expert Dr. Johannes Gerds. My recommendation is that every company should use this as a basis for identifying risks and identify the problems specific to the company. These can be summarized in a risk catalogue and subsequently supplemented by further project-specific risks during the concrete due diligence. This provides an extremely solid basis for the entire risk management process.

What is the best way to identify risks?

In any case, a structured approach is advisable. As a rule, this is based on a company-specific risk catalogue, which is used in every due diligence. But first and foremost, the project and its integration should be examined from a neutral perspective. In the course of a risk workshop, the entire project-specific risks can then be identified and assessed together with all experts and managers involved.

It is always important to adopt and maintain a neutral position. This not only serves the critical questioning of hypotheses regarding adoption and integration, but also a concretization of the entire planning to be carried out. As a rule, this can be done by the finance department and the central units of the organization that are assigned to support acquisitions.

What are the most common risks?

My experience has shown that there are certain risks that can be observed again and again in an acquisition. These are primarily personnel attrition, serious differences in the corporate culture as well as an underestimation of the actual integration effort and the project management requirements in the case of more complex integrations.

Which risks can have the most adverse effects?

This question must always be considered in connection with the size of the buying company and the company to be bought. In the case of smaller acquired companies, the departure of a few key employees can have a major impact on the success of a merger. However, integration often suffers from a lack of experience on the part of the project members involved as well as insufficient resources on the part of the acquired company.

Large companies, on the other hand, often underestimate the complexity and effort required for integration. In addition, the cultural differences between the company buying and the company to be bought also involve a recurring risk potential.

Medium-sized companies tend to show mixed forms of problems with mergers, such as those found in small or large companies. Although the resources are often better and often more experience is available than for smaller companies, there are the risks known from them. But even the acquiring company can create considerable distortions through wrong decisions and negatively influence the success of an integration. Examples of this can be found in surprising strategy changes or sudden changes in the receiving organization in the middle of the integration process.

Once risks have been identified, how should they be dealt with afterwards?

In my view, there are four very typical approaches to dealing with risks: Ignoring and observing or actively initiating countermeasures and sales. Of course, the first approach is the easiest, but also the most dangerous way. Therefore, it is not really recommended, even if the probability of these risks is minimal. Perhaps I should note at this point that we are not talking about probabilities in the statistical sense, but rather about assumptions, i.e. assumptions about the probabilities of occurrence. According to this, even a risk with a low probability of occurrence can occur at any time, precisely because one does not know its probability.

Observation appears to be the most sensible step for risks that are unlikely or can hardly have any consequences for the success of the project. They are identified and regularly checked to see whether their probability of occurrence and thus their influence on the success of the project have changed. Accordingly, active countermeasures can be taken in good time in the event of an expected hazard potential.

But one can already act in advance and take countermeasures if the occurrence of risks is to be avoided for very pragmatic or political reasons. An example of this is the impending departure of relevant employees, which can be prevented at least temporarily by contractual regulations. In this way, time can be gained which is actively used to transfer their relevant knowledge about products or workflows in the company to be purchased to other persons or to document them if necessary.