How Businesses Can Stay Safe as M&As Move Risk Around with Increasing Frequency

Highlights from My Interview with Compliance Week

2018 was a year that broke records for its rate of corporate consolidations. In the first 9 months of 2018, mergers and acquisitions announced in the United States alone were worth more than $1.3 trillion. By December, deals were made worldwide worth $3.3 trillion, the highest number in the nearly forty years that records have been kept[1].

The merger of BB&T Corporation with SunTrust—a deal that affects thousands of branches and hundreds of subsidiaries—is a prime example of the staggering pace of change amongst entities both financial and non-financial—a pace that shows no signs of slowing down. While M&A activity is generally positive and terrific for growth, it also shifts the “multiple, interconnected relationships” of businesses in ways that can expose entities to new risk.

I had the opportunity to sit down with Joe Mont from Compliance Week and discuss the merger. Below are the highlights.

When Two Leviathans Merge, Risk Exposure Shifts

Careful consideration of the implications of a merger between two giants like BB&T and SunTrust—as far as risk exposure, regulatory reporting requirements and the additional responsibilities of creating clean and holistic single views of data—can offer important lessons to businesses facing mergers of their own.

For instance, if I’m a bank and I hold debt for any entity in any of those family trees (in the SunTrust or BB&T family of entities), I now have a very different overall exposure. Looking with clarity at all the exposures and aggregations that result from a large merger is never a simple exercise.

In this instance, data must be updated to reflect the changes inherent in a $66 billion merger, fully considering how it “moves exposures and potential aggregations of exposures around.”

The Complexities of Merging Data

Since many post-2008 financial crisis regulations have been about mandating that businesses know, and even more significantly, can report their exposure to other legal entities at any given time, it has become of critical importance to have a full view of exposures all the time.

You really need to be able to demonstrate that you’re risk rating uniformly towards the same risk—and you don’t have one assessment in one business division and one in another—so it’s really critical for a bank to have a clear and complete  view into their exposures.

When combining the data of two discrete entities, massive tasks like merging the content that is licensed from dozens of providers, each with their own naming conventions and numbering systems are absolutely necessary. Banks use many data sources to build their view of the risk around an entity. For example, they may get some risk attributes from Bloomberg while getting other information from Dun and Bradstreet or BvD.

With each data source a business relies on for risk-relevant information about legal entities that they’re exposed to, they need to make decisions about how to match that data source’s identifiers with the correct legal identities for each entity in their database. There is the risk of getting the wrong match, so your chances of getting the absolute correct view of like for like data across multiple data providers becomes less likely with each incremental data partner it has a degree of risk of a false match.

Further complicating matters is the fact that different divisions of the same business can often adhere to wildly different naming conventions or be domiciled in altogether different states from each other, making it difficult to impossible to match entities with their correct legal identifiers.

Using again the example of the BB&T-SunTrust merger, when merging your data, it may slip your mind that BB&T owns Lehigh Bank, for example. When trying to match Lehigh to its correct identifiers, clearly you will not be able to rely on any likeness between names to guide you.

Here at Opus, we collect and cross-references more legal entity data from more sources than any other specialist data company and over the course of a year, there is about a 25% rate of change. So, one in four records on those files in any given year is going to have a substantive change.

Additionally, Opus has cross-referenced all legal identifiers for most entities, so for any given entity, it’s a simple thing for the service to match identifiers from, say, Bloomberg, S&P, Dun’s and Moody’s, allowing companies to remove much of the guesswork that comes of merging data sources. This greatly reduces their margins of error with confirmed matches of exact legal identity data from all providers from which they are licensing content.

Reducing Your Risk

In 2017 there were more than 50,000 mergers and acquisitions that represent over 50,000 times that a company’s parent company changed. They were either bought or they bought another company. There are a lot of deals that fundamentally change the picture and the risk of a business that you may well be exposed to either as a bank—because you have loans extended to an entity or you’re holding assets—or as a non-financial corporation, another entity could be a critical supplier or business partner. You need to be aware of these things.

Increasingly, regulatory agencies are compelling this awareness. The good news is maintaining a clean and holistic single view of all data can greatly facilitate compliance for businesses, allowing them to focus on success, not mitigating risks and exposure.

To listen to the full interview:

Kelvin Dickenson
Follow Kelvin on Twitter, @kelvindickenson