Although many of the same considerations related to the acquisition or sale of any technology company apply, regulatory and compliance considerations are key in the fintech space.
Fintech M&A activity, in both the Canadian market and globally, is expected to be on the rise over the next few years. In its 2016 Report, FinTech: Prepare for a Wave of M&A, UK-based investment bank FirstCapital, predicts that fintech M&A deal flow will increase “as financial incumbents look to catch up with widespread innovation from new entrants, the internet majors scale up in financial services and the technology/software majors add new technology to deepen their offerings in this sector”.
Like with the acquisition or sale of any technology company, strategic due diligence is a critical component of the fintech M&A process. However, in addition to the typical focus on issues related to intellectual property and information technology, due diligence in the fintech space requires careful consideration of several unique issues as described below.
Understanding (exactly) what you’re buying or selling.
In a highly regulated space like fintech, regulatory considerations are key to the due diligence process, both to a prospective buyer and to a prospective seller.
For a buyer, due diligence is often used to gather a deeper understanding of a target’s business lines and assets, both current and historic. This is uniquely important in the fintech space, because the business model and compliance framework of a target business, which will be of critical importance to most buyers, is likely not readily apparent from external-facing business materials. A buyer that is a regulated entity, such as a Canadian bank, will be subject to regulatory limitations on the type of businesses and assets that it can acquire, and as such, will need to carefully evaluate potential targets that have pivoted through a variety of iterations or business lines, or were built with a focus on technology rather than compliance.
Regulatory requirements could, for example, require that a target company exclude certain “bad” assets or lines of business from the deal. And although creative structuring and post-deal implementation strategies can enable a more complex purchase of only the “good” assets, the first step is for a buyer to identify and understand the target’s assets and business through thoughtful due diligence. This can often include a buyer-side review process, requiring a prospective buyer to give thoughtful consideration to its own platform and capabilities, with a view to regulatory and integration issues. Leaving this analysis until it’s too late can result in the target being unexpectedly left at the altar, or, worse, buyer’s remorse.
Similar considerations apply from the perspective of a fintech seller. Prior to entering the sale process (ideally at the outset of launching the business!), a fintech seller will want to give careful consideration to the regulatory implications of its proposed business model in order to ensure that it preserves the highest value in a sale process. It is not enough for a fintech business to understand its own regulatory regime; a savvy fintech business being built for exit or partnerships will also have an understanding of the regulatory landscape that governs likely buyer candidates, to avoid being caught off-guard by considerations of concern to potential buyers and the intensity of the due diligence process.
Heightened focus on compliance.
Appropriate due diligence of a fintech target will involve a heightened focus on compliance issues, including, those related to privacy, consumer protection and anti-money laundering (AML) and know your client (KYC) matters. This involves understanding what a target’s compliance programs have looked like since the very beginning of its business, and the details of any significant hiccups along the way. For prospective sellers, this will mean being aware of the interest buyers will have in compliance matters, and ensuring that the target’s compliance procedures are implemented such that they enhance the company’s value.
For prospective buyers, compliance due diligence often starts with legal and other advisors who have specialist regulatory expertise outside of a typical core deal team doing a careful review of the target’s policies and procedures surrounding the collection and use of customers’ personal information, consumer protection requirements and AML compliance and KYC requirements. However, unlike with other areas of a due diligence review, in order to gain a solid understanding of the compliance risks a buyer might take on in acquiring a fintech target, the buyer’s advisors will likely need to have an ongoing dialogue with representatives of the target before the compliance diligence comes to an end. In addition, those involved in running the buyer’s compliance systems will need to work closely with specialist legal and other advisors in understanding how the acquisition of the target’s business will impact the buyer’s existing compliance programs.
In order to be in a position to respond to, and ultimately satisfy, the requests of an inquisitive prospective buyer, representatives of a seller will need to be aware of these considerations, including how the compliance due diligence process is likely to unfold and how to document and demonstrate its compliance framework and procedures.
In addition to the regulatory and compliance considerations described above – whether you’re the prospective buyer or seller of a fintech business – many other due diligence subject areas will be important to the M&A process, and will often ultimately depend on the structure of the transaction and the specific nature of the business in question.