While African M&A continues to rise, it seems that information security remains a major barrier to closing deals. Research conducted by ansarada found that 71 percent of CFOs involved in M&A deals have experienced increased risk and delay due to a loss of information or a security breach. This includes a temporary or permanent loss of data within documents, emails, devices, and IT systems. Considering the sensitivity and confidentiality at stake, it is alarming that information loss remains such a big issue. What can deal makers and CFOs do to ensure they remain secure?
First, to share information for an M&A deal, fundraising, IPO or tender, CFOs should choose a tool specifically designed to conduct due diligence. In-house FTP sites, email, instant messenger or file sharing sites will not guarantee information security or leave a clear audit trail of access.
Second, consider which data room best suits your deal. Will it proactively prevent mistakes and breaches? Can you track a document wherever it is? Can you access it on any device and any browser, without additional plug-ins? Will the security assist the efficiency of the deal, rather than slow it down?
Third, consider your Q&A process. Stay within the closed loop of a data room so that sensitive questions and documents are only accessible by valid participants. By contrast, exchanging multiple documents over email frequently results in documents being sent to the wrong people, or bidders receiving conflicting versions of the same document. Q&A tools can expedite the process by setting restrictions on volume, priority and scope of questions - guiding bidders through a faster, more focused exchange.
A recent ansarada study found that these Q&A changes saved an average 27.75 days per deal - a considerable reduction in cost and workload for a CFO.
Fourth, how secure is the data? While VDR providers make similar security claims, the reality is that implementation differs wildly. If they claim the necessary ISO27001 certification, does it apply to their whole business and product or their data centre? What is the escalation process for an information security incident?
With advancements in compliance, Q&A and security, CFOs should be more in control of their deal information than ever. It is disappointing to know that they are often not.
Arie Maree is the ansarada Managing Director Middle East & Africa
