The wide adoption of Virtual Data Rooms has been fundamental in the reduction of deal leaks, the two words that can spell disaster for a high value deals. The ability to track every user’s movements within the dataroom, remotely block access to users and call on this information at a later date has all contributed to more secure deals.
Whether it’s careless employees, malicious competitors or hackers you are protecting information from, there are steps that are increasingly being taken in the industry to prevent leakages and we will guide you through these below.
How do Deals Leak?
Deliberate Leaks -
There are two angles to a (deliberate) deal leak – One from the sell side one from the buy side :
• Sell Side leaks - By leaking deals, the sellers attempts to increase the price as it would attract more interested parties who might also like to bid. The rival bids may then push the original bidder to increase their offer.
• Buy Side leaks are more of an exit strategy from a potential bid. During the due dilligence process, the buyer may run into issues and decide to move out of the process without running into any legal or regulatory hurdles. Some do this by leaking the deal which in turn results to a delay in completion time. This makes the sellers look for alternate bidders and the buyer now has an easy exit without having to pay the price of breaking the deal agreement because the deal is broken by the seller and not the buyer.
Sometimes deals are deliberately leaked to expedite the process. A buyer might leak a deal and put pressure on the seller when he sees delays from the sell side and a seller might leak the deal to force the interest level out of the buyer.
Then there is deliberate leak for personal gains by way of insider trading etc.
Inadvertent Leaks –
“Humans are the weakest link in Security Chain "…Does this phrase ring a bell? If it does, you know exactly what we are trying to explain here. People are often ignorant of the consequences of being careless with information. By way of socialising, people sometimes let slip that critical information without even realizing it. Deal teams these days have a number of individuals working on specific areas in the DD process. With so many individuals being a part of the transaction, the risk of accidental leaks is much higher.
Social Engineering is another equally important aspect to consider here. It’s a very competitive world out there and you are under constant watch by your competitors, you might tricked into spilling just enough details to get through security and disrupt the deal.
How do you prevent these leaks?
Whether deliberate or inadvertent, these leaks can seriously hamper a deal. By enforcing strict rules and regulations on Manipulations and Insider Trading around M&A deals help in reducing leaks to certain level. But every country has its own set of regulations and in the case of cross border deals, companies have to come up with a clear plan to protect against and prepare for leaks.
Informing you Employees :
First and foremost, you need to make your employees understand what is actually expected of them. Everyone who is part of the transaction should sign an extensive confidentiality agreement. They should also be briefed on the sensitivity of the information and what constitutes a confidentiality breach. Trust and ignorance are the two most common human behaviours that add to the gap even when you have strict policies and procedures. Every employee should be formally educated on social engineering. Living in the age of big data, new avenues for unintentional disclosures keep popping up. Take social media blunders for example – in an instance where a potential buyer has been looking at a profile of an employee from a target firm without realizing that the employee can see that a competitor had viewed his information. Rumours start to spread when this happens to more than a few employees at a target firm .These early hints puts not just the deal but the whole company at risk.
Gatekeeping Access – Leveraging on Virtual Data Room Technology :
Too many people working on the process increases the risk of a leak. The smaller your deal team, the better it is. Limiting is one way of going about it, but not the only way. In a situation where you have multiple participants in a deal – make them aware that they are accountable. Companies these days are leveraging on technological innovations like Virtual Data Rooms to accomplish this. Since access to particular sections of the deal documents are given to specific individuals, it becomes easy to trace the source of any pages released (or leaked). With the ability to completely monitor and trace activity, individuals realize the accountability of their actions. Even when the deal ends or when a user is removed from the project – the documents downloaded by them for the purpose DD can be remotely controlled and locked down.
Pay attention to Details :
Another extremely important part of the process that is often taken lightly is the disposal of confidential documents. Every company must have a consistent and competent document retention policy to minimize risk and ensure that data is handled properly as per the protocol set for saving and discarding documents received or created in the course of the deal. Companies should implement a consistent and secure system for the disposal of records in accordance with an approved Records Retention Schedule
A research conducted by Cass Business school in London shows a declining trend in deal leaks. The study shows factors like strict regulatory polices , efficient tools for managing confidentiality as some of the primary reasons for the fall in deal leaks.