On Nov. 12, the FAR -- or Federal Acquisition Regulations -- Council issued a final rule establishing a new business ethics compliance program and disclosure requirements for companies that sell goods or services to the federal government.
This new rule, which became effective Dec. 12, imposes novel risks for M&A transactions involving government contractors. Buyers and sellers who don't take the time to understand and comply with the new rule jeopardize their businesses and face the prospect of a failed deal.
The new rule represents a sea change in the way the government regulates federal contractors and includes four elements:
- All contractors, including commercial items contractors and small businesses, must establish and promote awareness of a code of conduct.
- All contractors must "timely disclose" to the government any "credible evidence" of (i) certain crimes, (ii) a violation of the civil False Claims Act (FCA), or (iii) a significant overpayment.
- A contractor's failure to "timely disclose" "credible evidence" of those same events -- even where the event occurred before the effective date of the new rule -- may result in suspension or debarment.
- Large companies with noncommercial item contracts must implement a comprehensive "internal control system."
Continue reading below
Each of these elements imposes significant new risks and
consequences. In the context of M&A transactions, they demand
sellers and purchasers re-examine their traditional approach to doing
deals. The new rule expands the threat of suspension or debarment -- the
ultimate penalty -- to encompass not just a past crime or civil FCA
violation but also a failure to disclose credible evidence of those
crimes, violations or overpayments. Similarly, the rule imposes
potential liability on a federal contractor for past misdeeds even if
the matter was previously resolved with the contracting officer
overseeing the relevant government contract.
This affects the way buyers and sellers value target companies
because the stakes are raised for all parties. Purchasers will want to
assess what impact the new rule might have on the value of a target,
particularly in light of any known compliance issues. This inquiry is
especially important for companies acquiring small businesses, which
are exempt from certain provisions of the FAR Council rule, including
the mandatory minimum requirements for internal control systems.
However, since small businesses often become "large" after being
acquired, because they exceed the applicable revenue or employee
thresholds, these previously exempt provisions may suddenly apply to
the target company. An acquirer of a government contractor therefore
will need to incorporate these additional compliance costs in the
valuation of the target.
The rule also affects how sellers and buyers conduct themselves in
M&A transactions. While sellers generally disclose relevant
information about a business being sold to prospective bidders as part
of the due diligence process, it now becomes even more important for
sellers to examine and assess what information may be relevant and
should be disclosed under the new rule to avoid future exposure and
liability.
Conversely, though buyers generally require a robust due diligence
review of any business being acquired, it is now even more critical for
-- and incumbent upon -- a buyer to properly evaluate a target and assess
any risks. This includes ensuring that (i) any undisclosed wrongdoing
is identified, (ii) the target business will not be subject to
suspension or debarment after the deal closes due to known or unknown
disclosure obligations, and (iii) any monetary risks associated with
past noncompliance are allocated to the seller. This can be difficult
and daunting under any circumstances. But given the severity of the
consequences for nondisclosure under the new rule, a buyer likely will
be unwilling to close a deal if it discovers any significant issues
related to previously unreported mandatory disclosure or other
noncompliance.
The disclosure requirements imposed by the FAR Council rule create a
prisoners' dilemma for both sellers and buyers. Although a contractor
will clearly avoid suspension or debarment if it makes a timely
disclosure of "credible evidence" to the government, it is at risk for
a host of other negative consequences. For instance:
- The contractor may still be subject to liability for the underlying conduct being reported;
- The disclosures can provide a roadmap for plaintiffs (including in qui tam actions under the FCA); and
- The disclosure itself could be viewed as an admission that credible evidence of wrongdoing exists.
These consequences can create unacceptable risks and require
affirmative mitigation strategies on the part of M&A players. As a
preliminary step, prospective buyers of a government contractor should
expand their valuation analysis of the target company to include any
costs that may be incurred as a result of the new mandatory disclosure
rule. Specifically, acquirers should consider whether (i) the
applicability of the new internal control system requirements will
materially increase the target's costs after closing, (ii) the target
has the resources and infrastructure necessary to conduct periodic
audits and reviews required under the new rule, and (iii) the target
may lose any key personnel as a result of a vetting requirement for new
hires to ensure ethical and legal compliance. While these issues are
material for any target acquisition, they are essential for small
businesses that will realize a post-acquisition growth spurt requiring
additional compliance costs.
To mitigate against the risks of unreported wrongdoing, a buyer
should focus its due diligence inquiry on whether a target government
contractor is likely to be harboring reportable but undisclosed
misconduct. Buyers need to review prior disclosures to the government
as well as any reports or other documents related to prior
investigations and audits. Buyers also need to review the target's
subcontracts, supplier agreements, and reseller agreements to ensure
the new rule has been "flowed-down" appropriately through the various
associated parties performing under the government contracts. Perhaps
most important, the acquirer should evaluate the compliance
infrastructure of the target to assess whether the relevant systems
encourage or discourage wrongdoing and the reporting of wrongdoing. The
due diligence process should include a review of whether the target
company has (i) a written Code of Conduct made available to all
employees, (ii) a formal and effective internal controls system that
meets minimum mandatory requirements set forth in the new rules, (iii)
an effective training program for all employees, (iv) a process for
identifying, reporting and reviewing allegations of wrongdoing (for
example, a hotline), (v) an effective management and compliance
program, and (vi) a system for performing periodic reviews and audits.
Parties to an M&A transaction should clearly allocate any
monetary risks related to past noncompliance under the definitive
purchase agreement. For example, the purchase agreement should include
representations and warranties from the seller that expressly provide
for compliance with the new rule. Moreover, except for liabilities
specifically assumed by the buyer in the purchase agreement, the seller
should indemnify the buyer for any losses arising from known or unknown
breaches of the new rule attributable to periods before the deal's
close. Further, parties should consider other structural alternatives
to allocating risk, like establishing special escrow arrangements or
earnouts payable after closing once noncompliance issues associated
with the relevant business have been resolved or relevant statutes of
limitation have expired. The aim here being to allocate the risk of
unknown liabilities to the party in the best position to know about and
assume them.
Buyers and sellers must approach and structure M&A deals
involving government contractors with a view to averting and mitigating
risks posed by the new FAR Council rule, using advisers familiar with
the legal and regulatory terrain. Armed with these protections and the
right outlook, M&A players can avoid land mines as they navigate
the new regulatory relay course to a successful deal.
Lucantonio N. Salvi is a corporate partner specializing in
aerospace and defense M&A transactions, and Jonathan Aronie is a
government contracts partner, in the Washington office of Sheppard,
Mullin, Richter & Hampton LLP.
