Group discusses technology mergers & acquisitions

Technology M&A risks trends and insurance solutions

Despite the global disruption caused by the COVID-19 crisis, technology merger and acquisition (M&A) deal volumes showed little signs of slowing down in 2020. In the final two quarters of the year, the UK alone saw 276 deals announced and, globally, deal values rose consistently over the same period.1,2

However, with new legislation expected to give the UK government fresh powers to intervene in tech M&A deals on national security grounds and issues like IP ownership, complex cap tables, and tax complicating risk allocation, the use of specialist insurance products to protect value is on the rise.3

A recent Marsh webcast brought together tech M&A specialists from international law firm RPC and Marsh JLT Specialty to explore these trends in detail and discuss the growing role of insurance in maximising shareholder value and minimising risk for buyers.

A Changing Tech M&A Landscape: National Security Controls

The government is expected to bring a draft bill before the current parliament, setting out proposed legislation giving itself much wider and stronger powers to intervene in M&A transactions on national security grounds – driven in part by concern that Chinese companies with close links to the Chinese state may seek to acquire important technology.

Any new legislation will replace existing controls set out in the Enterprise Act 2002, and is expected drive big change in the way in which tech M&A transactions are done.

One of the real difficulties is defining what exactly national security means, given that most private citizens are not privy to the inner workings of MI5 and MI6 – it cannot simply be assumed that a deal will be cleared because an acquirer is not from China. Equally, we don’t know if the new legislation will also address broader public interest concerns, such as the loss of highly skilled jobs from the UK.

All this uncertainty is likely to have a chilling effect on transactions – which is likely to be compounded by the way any new rules are applied in practice. While pre-clearance of transactions is likely to be voluntary, the government will be able to call in a transaction after the event, potentially imposing penalties, sanctions, and even unwinding the transaction.

As a result, it seems likely that a lot of deals will seek voluntary preclearance, which raises questions about how this is going to be administered and resourced. The government white paper suggests there might be 200 pre-clearance applications per year, but with 276 deals announced in the second half of 2020 alone, this is likely to be a significant underestimate – which again raises the prospect that tech M&A will slow down as deals get stuck in the system.

Tech M&A risks: common deal issues

In addition to these macro issues, a number of trends have been affecting tech M&A deals with increasing regularity over the last 12-24 months – and understanding these issues is vital when it comes to identifying acquisition targets, and protecting against value destruction for sellers:

  • Intellectual Property (IP) and Source Code: In tech M&A, IP rights and ownership of the code that underpins software goes to the heart of value, and there are three issues here that increasingly crop up – whether the target is the sole owner is its code, whether it relies on Open-Source software and associated licences, and whether it relies on third party licenced-in IP. Any issues that might limit ownership or access to code are increasingly targets for due diligence.
  • Complex Cap Tables: Many tech companies are funded by capital investment and use equity to attract talented employees – both of which can create complexity in shareholder bodies. In the tech sector, it is increasingly common to see layer upon layer of share classes and large shareholder pools create messy or ‘broken’ cap tables – which can be really destructive when it comes to deal value.

From due diligence to risk allocation: a tech M&A timeline

The due diligence stage in tech M&A is hugely important – and there is a much greater weight placed on technical due diligence because the value in these transactions is often driven by the underlying tech.

So, issues around IP and ownership of code all feature prominently but so does ‘the new oil’ – data – particularly with the strengthening of data privacy regulation, for instance through GDPR. There are plenty of examples of data governance issues emerging in due diligence, and having a material impact on deal value. For instance, when Verizon bought Yahoo! in 2017, the disclosure of two data breaches at Yahoo! resulted in a 7% price chip – worth $300 million.

All this creates a quite a complex environment for risk allocation – negotiations as to which party in the deal should carry any risks identified in due diligence, using warranties to transfer general risks, indemnities to address specific risks identified during due diligence, and ancillary documents to plug gaps around issues like IP assignment.

This complexity has driven huge growth in the use of warranty and indemnity insurance in tech M&A, because it moves risk allocation negotiations away from often quite difficult, binary discussions about whether the buyer or seller should carry transaction risks.

Maximising value and minimising risk: tech M&A and insurance

In fact the M&A insurance market has existed for about 20 years, but it is in the last eight years or so that is has been used with increasing regularly to help navigate transaction risks.

The tech M&A sector is the single largest user of these products, because they can answer often difficult questions about risk allocation and streamline negotiation around the ownership of unknown risks – related to issues like third party licencing, cap tables, forced divestures and innocent breach of warranty by acquired management teams.

In essence, these products offer a replacement route of recourse for breach of warranty or a call under a tax deed and give both buyer and seller the best of both worlds. The seller will still offer a set of warranties and undergo a typical disclosure process – but will cap its liabilities at £1 so, on completion, can simply walk away. The buyer on the other hand retains a route of recourse, since residual liability for breach of warranty has effectively been transferred to an insurance market.

Insurance solutions are also increasingly being used to deal with known, contingent issues – for instance, a tax position that is a matter of interpretation and where there is a risk it will be challenged by tax authorities in future. In these cases, tax insurance is used as a means of ring-fencing these contingent risks so that neither buyer nor seller has to take them on.

Similarly, IP insurance is commonly used to manage known IP risks in tech M&A, for instance risks associated with future legal challenges to the target’s IP ownership, and to help fund litigation to enforce IP rights in the event of future infringement by a 3rd party.

Tech M&A risks: protecting the investment

Clearly, understanding the risks in a target business, how they are managed, mitigated, and transferred is vital to protecting the value of an investment – and there are two particularly important workstreams for tech M&A here.

The first is cyber due diligence, which is specifically about allowing a buyer to understand the cyber risk that sits within the target business. This is a detailed process seeking to identify and quantify cyber risk exposure, assessing the strength of cyber security controls in place and, crucially, assessing how the business transfers those risks to the insurance market.

For the buyers – where cyber issues can directly affect value – it is vital to understand the extent to which the target understands these risks and manages them appropriately – because putting issues right after a transaction will likely involve significant capital expenditure.

Secondly, insurance due diligence is particularly important in the context of tech M&A – for reasons including the fundamental role of IP in deal value, and the risk that a target’s insurance arrangements may not have kept pace with rapid business growth.

So, from the perspective of protecting value, an insurance due diligence process – with a particular focus on IP and how professional negligence exposures are covered – is an important assessment to make because, without that protection, the buyer can carry a fundamental risk of value destruction.

But insurance due diligence can also directly affect valuation, because it provides an understanding of the cost of risk within the target business, the cost of any claims running through the business, and whether they are on the balance sheet or transferred to an insurer.

Tech M&A claims highlight a changing risk landscape

The impact of these risks trends in tech M&A is already being felt, and can be clearly seen in a breakdown of recent transactional risk insurance claims.

That is, while claims associated with financial statements and tax issues remain far and away the most common, accounting for 23% and 31% of claims respectively, change is afoot. In the tech M&A space the two fastest growing claims issues over the last 12 months have been around litigation warranties – particularly related to contracts between targets and 3rd parties – and breach of 3rd party licences.

There can be little doubt, then, that it is vitally important for technology business leaders and deal-makers to understand trends in detail - macro trends around regulation and the emergence of IP in particular as a common deal issue.

With that in mind, the Marsh webcast, Technology Mergers and Acquisition Risks, is available to watch in full here.