Considering an Acquisition? Get Ready for Litigation

Planning a merger or acquisition? Count on litigation.

Lawsuits related to M&A are skyrocketing. According to data from Cornerstone Research, 96 percent of deals completed in 2011 valued at over $500 million were followed by litigation, up from 53 percent in 2007. And the number of lawsuits per deal is way up, too; deals that big generated an average of 6.2 lawsuits each last year.

That means merger-minded companies need to be on the legal defensive from the moment a deal gets considered, including putting a bullet-proof e-discovery strategy in place. And the task is further complicated by the need to integrate disparate IT systems—an area that many companies often overlook and seldom know how to handle.

Large companies are doing a better job of adopting tools and processes that unify and integrate their data infrastructures after a deal is completed, says Robert Rohlf, e-discovery counsel with software company Exterro. Small to mid-size companies, on the other hand, are “totally unprepared,” he says. But most companies do a poor job of managing their data, any of which could be relevant to a lawsuit. “Most companies don't have a good handle on their data assets,” says Rohlf.

To avoid mishaps during the due diligence process, a comprehensive e-discovery checklist should include the following essential components:

Investigate the target company's litigation background. Even before the lawsuits start flying the demand for information during the deal process is voracious. Prior to completing a merger, each company in a transaction valued over $200 million must undergo a pre-merger “second request for information” from the Department of Justice or Federal Trade Commission, which requires the retrieval, review, and production of significant volumes of data relating to the sales and assets of each company. The purpose of a second request is for the government to fully assess the potential competitive implications of the transaction.

Tom Mullane, an e-discovery specialist at United Technologies, says the biggest challenge is the time constraint, since companies must “meet what is always a very short deadline,” typically between 30 to 90 days. After that, the government may approve the transaction, or it could challenge it in court or negotiate a resolution for any concerns it might have, outcomes which can require additional information.

If possible, says Mullane, companies should try to anticipate what data the government may seek for the second request and plan in advance how to start gathering it. “This stuff is going to come at you quick, and it's going to be driven from a high level in the company,” Mullane adds. “You definitely want to have your act together and be prepared.”

Assess the target company's data profile. Integrating each company's data infrastructure in a way that maximizes, rather than inhibits, e-discovery processes that are already in place is another challenge. Effectively achieving that means understanding as much about the acquiring company's data infrastructure as possible to make sure that each company's processes align as seamlessly as possible.

Mullane offers a laundry list of important questions to consider, including:

What types of data do they have? How is it stored?

Is there a data map in place?

Are there legacy applications that need to be merged?

Is encryption in place? If so, how can that be merged?

Who are the data custodians? How will custody be preserved?

What intellectual property will need protecting during the transfer?

These questions need to be built into an e-discovery checklist that extends to data not only within the company, but also with outside counsel or vendors, says Mullane. “Merging those mentalities to create a new e-discovery process is something to think about,” he says.

Understanding the acquiring company's “data culture” is also important, says Mullane. For example, what are users permitted to store on their personal computers? Where are they prohibited from storing data? Are smart phones, and the data on them, owned by the companies or employees?

“This stuff is going to come at you quick, and it's going to be driven from a high-level in the company. You definitely want to have your act together and be prepared.”

—Tom Mullane,

e-Discovery Specialist,

United Technologies Corp.

Understand how the target company handles e-discovery matters. Does the company preserve in place, or collect to preserve? With collect to preserve, the data is immediately collected and stored safely on a server inside the company's network. Preserve in place means documents are kept in place where they were created and collected only if absolutely necessary.  “That's a real huge difference in approach,” says Mullane. He says the combined company needs to decide which way to go after the merger. 

Other questions to ask include:

Does the target company have a data retention policy? If so, is it being actively followed or enforced?

Are there data preservation and litigation holds in place? How will those be preserved? 

What happens in a SharePoint environment when a hold is issued? Is there a restriction on SharePoint activities?

You want to make sure that you fold your litigation portfolio together to make sure that your litigation holds align, and that things that should be on hold are on hold, says Mullane.

The other issue to think about is who will do all that work collecting that data.

“Do you have enough staffing to do that?” says Mullane. “All those things are going to drive both your staffing and your cost.”

BEST PRACTICES

Below is information from slides presented by Exterro during a recent Webcast on managing e-Discovery during M&A:

Pre-Merger:

Understand your own data infrastructure

Understand the other guys during infrastructure

Create an e-Discovery Checklist:

Cost analysis for continued/new preservation of ESI

Identification of different data types held by each organization

Data management technology

Litigation background: History of discovery-related sanctions

Quick Response to DoJ 2nd Requests—Be Proactive:

Identify key personnel to quickly produce information

Review to protect IP and privileged information

Model timeline/budgetary issues

Know FTC guidelines and reference guides

Post Merger:

—Formulate a Team

Solidify roles/responsibilities

Include IT and legal

—Create a Comprehensive Plan

Integrate existing data

Employ data management protocols

Utilize Technology to Create a Defensible and Streamlined M&A Process

Quickly understand, identify risks and legal obligations

Transparency throughout M&A

Regulatory and litigation compliance

Source: Exterro. ="http:>

Identify data storage for structured and unstructured data. Without a clear understanding of where data is stored and who has access to it, the acquiring company will have no defensible proof that it has exhausted its data search in the event of an e-discovery request.

One of the big legal challenges is that most M&A activity results in loss of staff. That may include the departure of individuals who are most knowledgeable about the company's electronic data and its location, says Amy Longo, a partner with law firm O'Melveny & Myers. “If you are dealing with personnel turnover, you could find yourself missing those former resources,” she says.

Another e-discovery risk posed by M&A activity that “often goes unnoticed,” says Longo, is the potentially discoverable orphan data sitting in locations unknown to the parent company from prior M&A activity, or internal re-organizations. “The problem only becomes exacerbated as time goes by with the departure of knowledgeable people, and the expansion of data,” she says. 

Data mapping—creating an inventory of where all of a company's information is stored—is a crucial e-discovery exercise. For most companies, however, data mapping is still a “huge pain point” and in “a primitive state,” Rohlf says.

“I'm not a huge fan of data mapping, in general, because I think it's so hard to keep up with,” says Mullane. But to the extent that a company wants to put in place a data map, making it a distributed effort with IT is “going to help you a lot,” he says. 

There are a lot of challenges that arise during M&A activity—from regulatory hurdles to economic concerns. In the end, companies that are proactive about their approach to M&A will be much better suited to handle e-discovery processes than those that approach it from a reactive standpoint.