Risk Management Failures in M&A: Can the Risk be Avoided?

Steven Minsky | Nov. 11, 2019

Multinational drugmaker Bayer acquired agriculture giant Monsanto last June as part of a broader initiative to focus on health, crop science nutrition, and digital agriculture. Now Bayer is worth less than the $63 billion they paid for Monsanto just one year ago.

The Germany-based, 155-year old company and creator of Aspirin severely underestimated what the merger would mean for their company’s reputation in today’s See-through Economy. This misstep could be the next “BP Disaster,” serving as a wake-up call for more effective risk management across Europe. Several major shareholders withdrew their support for Bayer Management at last month’s general meeting—an unprecedented move in German corporate history.  A large segment of the public considers Roundup weedkiller, one of Monsanto’s primary products, to be toxic and thousands of farmers who have developed cancer have filed lawsuits against Monsanto’s new owner.  As companies fail to meet consumer expectations, consumers can voice when they are not met, and move their business to new companies. In an age of transparency, consumers can escalate their concerns through social media, reaching far beyond their own networks. As a result, Investors now view Bayer shares as high-risk stocks they don’t want to include in their portfolios. 

Monsanto’s  business model was controversial, yet effective. Monsanto had spent years producing more food for less money on the same amount of land as a result of genetically engineering their seeds. In addition to their genetically-modified seeds, their other main product is Roundup. Monsanto’s seeds are resistant to the herbicide’s active ingredient glyphosate, so farmers can spray their fields as often as they please without killing their crops.  Add this to their evolving digital agriculture technology and Monsanto sounded like a major money-maker. Unfortunately for Bayer, they underestimated the power of the See-Through Economy in their assessment of the impact of the Monsanto acquisition on their reputation.

A Failure in Risk Management from the Get-Go

Failures in risk management are always known 6 months to 2 years in advance and are therefore always avoidable. The risk to Bayer in the Monsanto acquisition is no different. Monsanto is no stranger to  negative publicity. Decades of issues existed prior to the acquisition. Predominantly, their role in General Modified Organisms (GMO) sparked years of public outrage. Monsanto’s lack of favorability with the public has left them with an irreparable reputation from the beginning. This was Bayer’s first mistake. 

In the See-Through Economy, consumers’ and investors’ voices matter. It is no longer only about lawsuits and compliance. Consumers rely on one another’s opinions and reviews of products, services, and companies before they make a purchasing decision. Therefore, maintaining a positive reputation is critical. Consumers are more aware of corporate decisions and failures in risk management now than ever before, and they want protection. As a result, more than regulatory fines, failures in risk management are directly impacting top line revenue. Investors follow customers and withdraw their funds resulting in a dramatic increase in the cost of capital, which results in further collateral damage. This cycle is fully predictable and preventable.

Even before the acquisition, Monsanto faced class-action lawsuits, alleging that Roundup’s main ingredient, glyphosate, was carcinogenic. Without an enterprise risk management system, Bayer saw Monsanto as a siloed risk that would be contained. Therefore, they did not assess the damage this risky merger brought on to the rest of their enterprise. This March, the reality set in. The jury found that Monsanto’s Roundup was carcinogenic in two lawsuits, with thousands of additional class-action cases on the table. Soon after, Bayer’s stocks plummeted by 40%.  The company is now worth less than the $63 billion it paid to acquire Monsanto in the first place. 

2018 GRC Market Report Emphasizes New Risk Trends

5 Steps for Better Risk Assessments

Learn 5 Steps You Can Take To Implement Risk Management Best Practices with this eBook

Be Proactive, Not Reactive

Many companies have yet to realize that reacting to bad publicity after the fact is no longer effective in the See-Through Economy. Bayer is no exception. In hopes of shedding their recently acquired negative reputation, Bayer used the old trick of dropping  the Monsanto name as part of the merger. This reactive measure did little to rid the giant of the damaging financial repercussions, as customers have new levels of transparency in the See-Through Economy. Previously effective simple controls no longer mitigate new risks. How could Bayer have mitigated the risks brought on by Monsanto?  Only by directly linking controls to risks, can their effectiveness be evaluated. Enterprise risk management by nature is proactive and engaging, two essential characteristics that will help successfully navigate any organization through a merger.

An ERM platform empowers organizations to identify, assess, and mitigate risks through internal  controls, and prevent disasters entirely. Essentially, this results in a comprehensive action plan that can be presented all the way up to the board as needed. Bayer’s board was not fully sold on the acquisition in the first place and consequently, they became even more skeptical as things worsened.

Gaining the support of your board is vital as important business decisions are carried out. Housing all of the information in one centralized platform with reporting capabilities is key, as risk managers can take control and approach the board with a plan of action: “Here’s what could happen, here’s what we need, here’s where I need your help.” As a result, a robust ERM program allows you to protect  your company and ultimately your customers and stake-holders. 

2018 GRC Market Report Emphasizes New Risk Trends

So, How Do You Get Board Buy-In?

Download this eBook to learn the steps to effectively present your ERM program to your Board and get the buy-in you need.

Always Do Your Due-Diligence

While mergers and acquisitions are often seen primarily as a source of opportunity, they are also a classic source of risk. Similar to third-party integration, companies who are seeking to acquire or merge with another are taking on risks they are not aware of and may be out of their risk tolerance. As a result, new risks are acquired along with the new business opportunities that drive the merger and acquisition strategy. Another example is Marriott’s acquisition of Starwood. The deal created an opportunity for Marriott to attach its name to a world-wide network of hotels. At the same time, Marriott inherited a massive data breach and GDPR risk that Starwood experienced prior to the acquisition. Had an Enterprise Risk Management program been in place as a part of the acquisition due diligence, this risk would have been managed.

It’s clear that mergers and acquisitions need to become part of a robust Enterprise Risk Management program. In order to protect a company’s reputation (and bottom line), thorough due diligence must be performed prior to a merger or acquisition. Aggregating risks across multiple departments and managerial levels is made simpler with the use of an ERM program, allowing the business to proactively identify, assess, and mitigate risk and align with strategic goals, ultimately preventing corporate disasters.

Is your company prepared to make a huge acquisition? @LogicManager discusses the types of risks you can identify before a merger with #ERM
Click to tweet!