Why security should be a key player in due diligence investigation

June 2001 Security Services & Risk Management

When corporations contemplate the acquisition of a company or plan a merger, the first thing they do is assemble an army of lawyers and accountants to conduct a due diligence.

Balance sheets are dissected, P&Ls torn apart, no number is left unturned. Such exercises are ruthlessly efficient in every way except one. They seldom involve the participation of the most important member of the team - their security departments or consultants. By leaving the security personnel on the sidelines, they are missing out on a vital contribution to their investigations.

Due diligence investigations seek to assess the accuracy or adequacy of the preliminary information the company has been given about the persons, companies or situation at issue. Is the background information false or incomplete? Is income from the sources claimed? The security department or consultants could play a vital role in finding more in-depth answers to questions raised in the due diligence.

Team not complete without security

If this situation is to change, then security managers must first ask themselves how they could be involved and why the due diligence would be more complete with their participation. They must also understand how companies handle this responsibility and why security is often excluded.

A consultancy that performs due diligence tasks for a corporation becomes privy to sensitive information about the client company and about the project. That information is categorised as positive, negative and grey.

If everything the investigation reveals corresponds with the information provided, the information is positive, and relaying it to the client does not raise any concerns. With negative or grey information, the situation becomes delicate. It could happen that investigators find no hard evidence of problems but come across substantial rumours of shady dealings. The corporation must be sure that that all information is reliable and the consultant must be comfortable that the information will be used with discretion.

Security departments are experienced in dealing with this type of sensitive background information on a trusted basis. The due diligence consultant will feel more relaxed discussing information gained from confidential sources with a security professional than with a member of any other department. Both the corporate security professional and the due diligence or corporate investigative consultant are members of the security profession. They share a common purpose that may not exist across corporate lines. A corporate security manager, because of the rapport he or she will establish, will get more information from an outside consultant than will anyone else in the corporation.

Avoid making due diligence a rubber stamp

Another concern is that the contact person is already sold on the idea of the merger or project and considers the due diligence nothing more than a rubber stamp. A conflict of interest is less likely if corporate security is the contact, because the security department will be focused on the primary duty of safeguarding the corporation's assets and will rarely have a vested interest in pushing the project.

There are many reasons why security should be in the due diligence investigation team, but seldom are security managers included.

It is clear that corporate management is often under the misguided impression that protecting assets (the security manager or consultant's job description) means nothing more than keeping physical guard over property and people.

Security itself is partly to blame for the problem. Corporate security may not be well enough prepared on the workings and designs of management, or has not taken the trouble to market itself well enough to management.

Knowledge gathering and evaluation

Good corporate security will position itself to play a role in due diligence. The first step would be to gain a clear concept of the company itself - its mission, its business activities, its shareholders, its clientéle, the geographical and business environment it operates in, and its plans for the future. It is only by having an overall view of the company that the security director can know what information the due diligence should seek and how to evaluate it.

Security consultancies or in-house departments must market themselves, their expertise and their interest in the company they serve. To ensure that the board understands how security fits into the picture, it is an excellent idea to give executives a report that explains why corporate security should coordinate the company's due diligence investigations.

As companies broaden their business activities, due diligence becomes increasingly important. By getting involved in this critical activity, security can contribute to the bottom line while enhancing its own value within the company.

For more details contact Howard Griffiths, Griffiths & Associates on tel: (011) 786 8556.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Stolen credentials on the Dark Web
October 2019 , Cyber Security, Security Services & Risk Management
Over 21 million credentials belonging to Fortune 500 companies, 16 million of which were compromised during the last 12 months, are up for sale.

Read more...
Vodacom and SAPS launch MySAPS mobile app
October 2019 , Security Services & Risk Management
Vodacom, in partnership with the South African Police Service, will empower citizens to contribute to their own safety as well as the safety of their communities through the newly launched MySAPS app.

Read more...
Enterprise security must change
October 2019 , Cyber Security, Security Services & Risk Management
The recent wave of cyberattacks against local banks has highlighted the importance of protecting data against malicious users.

Read more...
Drones improve risk management
October 2019 , Security Services & Risk Management
Indwe embraces drone technology to help improve risk management and optimise insurance.

Read more...
Body-worn cameras transforming security
October 2019 , CCTV, Surveillance & Remote Monitoring, Security Services & Risk Management
Police Service Northern Ireland now has over 7 000 officers using 2 500 cameras covering approximately 173 000 incidents each year.

Read more...
Protecting your customers’ data
October 2019 , Training & Education, Security Services & Risk Management
Simon Murrell, head of development and executive director at BrandQuantum says companies need to protect their customers from identity theft and data breaches.

Read more...
Success lies in planning
November 2019, Vox Telecom , Security Services & Risk Management
A safe and smart city will only be successful if it is planned properly, if there is buy-in from all the stakeholders and if it is managed efficiently.

Read more...
Matching governance to context
November 2019, ContinuitySA , Security Services & Risk Management
When building resilience and planning for business continuity, take proportionality to heart, advises Michael Davies, CEO of ContinuitySA.

Read more...
Essential tips for a successful disaster recovery plan
November 2019 , Security Services & Risk Management
Arcserve Southern Africa offers six crucial steps necessary to design a successful disaster recovery (DR) plan.

Read more...