Being a CFO and other topics

Not just finance, hobbies too ….

Month: July 2016

Basic Information Security

If you are a CFO, you will be carrying a lot of confidential information with you, you will have a lot in your office, and your email and messaging system will be full of material, non-public information. If you want to save yourself from embarrassing leaks, at least practice some very basic security measures.

The very first step you need to do is become aware of the fact that risk exists. You’re reading this blog entry, so you must care enough. I cannot cover every single possible example in a simple blog entry, but I will try and do at least a grand overview of the biggest holes and issues you may face. I will be broader than just IT, but almost everything we do today comes from some digital source.

Before I go into my review, it is impossible to fully secure a typical commercial establishment against very sophisticated resources. If you have drawn the attention of national spy agencies or very skilled criminal groups, then you will be under even greater threat. Encryption is not even the most reliable option as there is reasonable evidence that the algorithms at the heart of most publicly available encryption were designed and seeded in such a way that agencies like the NSA could break it. Just because you cannot reasonably expect to always be able to stop such threats does not mean you should not make it harder for the average threat to get through.

Physical security

Even if you are very modern and rely heavily on computers, you will generate a fair amount of paper. I personally also carry around a moleskin notebook (the small size) which I use to quickly jot down notes in meetings. All of this paper is a potential leak.

Close to earnings reports, you will almost for sure have financial statement drafts and drafts of your press release printed out. Not just you, your Controller and your consolidation staff, your Investor Relations staff and your auditors and lawyers probably have advance copies. You need to try and not make it trivial to get access to the information. This starts with controlling access to the paper.

Before you start feeling smug about the receptionist and the locks on your office doors, think a little more broadly. It is an almost certainty that cleaning staff and security staff have master keys to enter any office. Many of these are even outside contractors. You also are probably having meetings in your “secure” office during the day, sometimes with outside vendors. If you leave sensitive copies on your desk or just casually toss drafts into your regular garbage, you are exposing yourself to more risk than you should be.

The measures to take are simple. Unless you are working on the pages, at least keep them turned over. If you are throwing out a draft, shred it or put into into a controlled container that will be shredded. Lock papers away in your desk out of sight when you leave for the day. If you are traveling with a paper draft, then be very sure and paranoid about their location and do not leave them easily accessible in your hotel room.

One final area of physical security you should worry about is either reading them on a screen (or paper form) in public places. In particular, in an enclosed space such as an airport, on an airplane or a train station or on a train. Most of my travel is business travel and I tend to have lounge access and if I am not sitting in business class, then I am up front in the more comfortable coach seats. All around me are other businessmen and I can tell you from personal experience that it is very easy to read other people’s screens without even meaning to or making an effort to. The same goes to overhearing phone conversations, so many people talking on their phone use headsets and really have no idea just how loud their voice is (and my natural speaking voice is pretty loud). There are privacy films that can be used on laptop screens that greatly reduce the viewing angle and you can be cautious about how you tilt or otherwise position your screen (likely to be a tablet or phone as well these days). Keep your phone face down to turn off the message preview. Use code words for transactions.

Social engineering

The second big danger that your company will face from a determined attacker is what is called social engineering. Social engineering is an attack that focuses on what. Is often the weakest part of a company’s security – the employees. It is remarkable what someone who is confident and expresses themselves well can convince employees to do. A call into your admin from some one claiming to be from IT that needs access to your account to do testing or upgrades can result in your password being given out. In one of my recent jobs, I received several emails a month that claimed to be from my boss requesting that a wire transfer be sent. You would think that such an attempt would never work, but actually fraud of this nature is already costing companies billions of dollars.

I want you to think about that. A simple spoofed email is allowing criminals to steal billions of dollars from companies. This is not a sophisticated and highly technical virus or exploit, this is a simple plain test email requesting that money get sent. The same type of scam is done on a smaller scale targeting elders via a phone call claiming that a family member is in trouble and needs an urgent wire transfer, but a phone call is not even needed in some cases.

The only defense to this is training and awareness that it will be attempted. No one will fall for such a scam if they know it could happen and have their defenses engaged at all, so make sure your staff is aware. I would alert my Treasury team occasionally about the emails I was receiving and warn my boss as well. Our IT team tried to modify our spam filter to catch more of those emails, but they are not the easiest to screen out without catching too many other emails.

Remember that criminals know that a few people have access to earnings releases and other highly sensitive documents and that you are one of those people. Plan accordingly and keep your guard up. Do not give out your password. Don’t open attachments in email from people you do not know and make sure that even people you do know are not sending you executable files. All the hard work your IT team does in securing your system can be undone in an instant if employees open up attachments without thinking. In general, opening up emails on your phone or tablet instead of your laptop is a little safer, but smart phones can be compromised and it is not a sure thing. Even the iPhone with a curated App Store had malicious code inserted on a mass scale from programmers in China using unauthorized tools they were able to download faster than the official tools.


Don’t use simple and easy to guess passwords and don’t write your passwords down where they are accessible. Make sure that your browser does not remember and autofill crucial passwords like those you use for banking.

In general, a phrase consisting of two words, at least one character in CAPS and a number and a special character makes your password much stronger and harder to break. It also makes it easier to memorize if you use a phrase. Try and change your passwords occasionally and don’t use facts like your birthday or family member names that can be easily researched online, especially in today’s open, social media filled world.

Let me say this again, don’t write your password down. If IT has a system of generating impossible to remember passwords under the mistaken assumption that nonsense characters are best, push back on that. All it leads to is post-it notes with the password written down and that allows the cleaning lady full access when no one else is in the building.

WIFI networks

When you travel, it is quite common to connect to hotel and other shared networks, like in airports. Everything you transmit is open and public. Most websites and email systems do encrypt passwords and other sensitive information, but many do not and not everything will be protected. Use a VPN (virtual private network) where you can. Otherwise, assume that what you share over the Internet can be read by any determined person on the network. Not that they need to as you are typing in plain sight and talking loudly on your cell phone.

Home router and home network

Have you ever updated the firmware on your home router? How about setting the default user ID and password to something else? The security cameras in your house, you realize that they often have mini-web servers embedded into them and they all have default user ID and passwords as well?

Maybe you’re just the CFO of a small company and it really does not matter, but maybe you’re not and it does matter. It usually is pretty trivial to find out where people live. Wifi does not stop at your house walls (or apartment walls) and if they can get onto your network you might as well be on a public network.

Same for the Network Attached Storage I suggested you buy in an earlier blog. They are all Linux based and quite a few have had massive security flaws. So all the documents you store there can be vulnerable, especially if you open it up so you can use it from outside your home.

Anti-virus software

I think that a good firewall (usually the router is the best line of defense for that) is important and not opening strange attachments is second on the list, but make sure that you have some defenses against virus attacks on your computer. Remember that you probably have kids and they may not understand the risks, especially when they are younger. So they can get their PC infected and since they are on your home network, you are at risk as well.

IT Policy and Awareness

As much as you might think that your IT team is on top of typical threats, it really depends. The more central control your IT department asserts, the less likely you are vulnerable to non-standard equipment but the more vulnerable you are to specific exploits that no one will have defenses against. As super restrictive policy will almost always result in individual employees rebelling and then your security becomes a factor of your least prepared employee.

IT is also especially vulnerable to social engineering and they control and know the master passwords and access onto your networks. If you are not running IT (as many CFO’s do), then make sure that security is discussed somewhat often at the leadership level.

Where to read more detailed information?

Budget an hour. Go here: and read the topics that interest you.

Oops, there was a leak

Consult your lawyers.  If material, non-public information was leaked, you probably have to do a press release under Reg FD.  If private employee of customer information was stolen, you probably have other serious disclosure obligations.

Book Review – The Greatest Knight

This is one of my infrequent book reviews where I make a recommendation on a book you could enjoy on a trip you are about to take. I try and recommend lighter and easier to enjoy books and I provide a link to the book on in kindle format in my reviews so you can download it right away if you are reading this in an airport and are interested. I actually use a fair bit and listen too books when driving or traveling (link is also below), but I find reading more efficient and I still read 4-5 books a month.

For those that access my blog via a computer or other device that has a full browser that shows the full site, you will notice that I have a statue of a knight as my banner image across the top. That knight is William Marshal and I recently finished a book called “The Greatest Knight:The Remarkable Life of William Marshal” that tells his story. The book is written by Thomas Asbridge, a noted historian who has written several other books on the Crusades.

William Marshal was a younger son of a minor noble in England. Born in 1146, he lived in the era of Henry II of England and Eleanor of Aquitaine and he served both of them and their sons, Henry, Richard the Lionhearted and John (the king who was so terrible that no other British King has been named John since), and finally as Regent for John’s son Henry who became Henry III of England. He died around the age of 72 in 1219. He was almost killed at the age of by King Steven when his father had given him up as a hostage to the King and then promptly broke his word. When King Steven threatened to kill him, William’s father told him to go ahead, saying ‘I still have the hammer and anvil with witch to forge still more and better sons.” King Steven decided to spare him and he went on to have a remarkable career.

Asbridge bases his book on a book dating from just after William’s death called “The History of William Marshal” which was commissioned by his family and disappeared from history only to be recovered in the very late 1800’s. The advantage of this source material compared to other histories of the time is that it was not written by the clergy and it represents the point of view of the nobles and knightly class who had very different goals than the Church.

Hostage, youngest son, poor knight, servant of kings and the realm, tournament champion, the story of William Marshal and his time is very interesting. The book moves along at a good pace and paints pictures with enough detail that the important facts are clear but not so detailed that it gets bogged down.

William Marshal was so deeply involved in British history from the 1160’s to 1219, and so much happened then that the writer easily could have fallen deeply into various rabbit holes and bogged the story down. Fortunately this does not happen. Instead, a vivid and engaging story of the greatest knight is told and by the end the reader is left with no doubt as to why the title applies to William Marshal. He not only was a great warrior, he was a key person behind the Magna Carta which is considered to be a significant constitutional document for England and thus for much of the Western world.

If I had to sum up the lesson that William Marshal can teach us today, it is that being true to your word and duties, even when difficult, is the right course of action. Several times during his life he had to choose between duty to his King or an easier path that would lead to more immediate, material reward. In every case, William chose duty and loyalty. That is not to say he liked his King in all cases (he did not appear to like John at all) but he still knew what his duty was and made the difficulty but right choice every day.

The author fills in the historical details of people and places when needed, but he does not get in the way of this rags to riches story. William started off almost penniless and ended as one of the most powerful and richest men in England. He was a sports star of his day, a noted and respected tournament champion and he also was a feared and renowned warrior. He inspired great personal loyalty in his friends and allies and they were steadfast in their support of him.

I recommend the book. The story is interesting and well written. The history of those times is fascinating. And the main focus, William, is deserving of his fame. What would William Marshal do?

The Greatest Knight (Kindle)

Mergers and Acquisitions – Part 3 – Afterwards

Part 1 explained the reasons why to do an M&A transaction ( Part 2 was on how to do it ( This blog will discuss what to do after the deal has closed. Each step of the process has the potential to result in a bad M&A, but what you do afterwards can turn a good idea into a mediocre one.

The two most important goals post transaction are integration and synergy recognition. There are post deal closing details that also need some attention, but those are mainly just after effects of the deal and PSA and financing process. Poorly integrated acquisitions can drag results down for years and cause internal divisions and fights. Poor integration also can spill over to recognition of the synergies that were expected. It is hard to recover from a deal that should not have been done (failure in the Why? stage) or a deal where you paid too much for it or were saddled with a bad Purchase/Sales Agreement (failure in the How? Process), but you can make a bad situation worse by not executing well after the transaction closes.

After the deal closes, there is a whole flurry of mainly admin items that need to get completed and, in many deals, the deal team vanishes or disbands and the regular staff and processes need to take over. This can expose a flaw in the previous steps – if you do not coordinate with the mainstream business people, then they will get a transaction dumped on their laps without the right background and details and they will get it wrong. The deal team needs to have a clear responsibility to cleanly hand over the deal to the the business as part of their deliverables.

Once you own what was bought, you need to account for it in your books. GAAP gives you up to a year to correct the accounting based on better information, but it is expected you get it right the first time, or at least very close. You also need to tie the accounting process into any post closing adjustments based on the target balance sheet and the actual closing balance sheet. In doing the accounting, your reporting team will be reviewing the accounts that are coming over and their basis under GAAP. This should have been a due diligence topic up front, but a properly written PSA will help if you find errors after the deal closes.

If you ran a financing process to pay for the M&A transaction, there might be post closing deliverables and covenants that need to be reported on and met. This is common, and the deal and financing team needs to make sure there is a clean hand-off and that the expectations are well known and planned for.


You not only have to do the initial accounting for the acquisition, you will need to account for the new business on an on-going basis. If you are a public company, you can get up to one year before the new business you bought needs to be Sarbanes-Oxley compliant, but if the target was not already a public company and subject the the auditing and reporting requirements that come along with this, then you will need to make sure that the existing staff is large enough and technically proficient enough. Accounting and reporting is normally one of the leading functions in an integration process because of the immediate reporting needs, but if this is the only integration you have planned, you will have a failed transaction.

I joined a company earlier in my career that was the product of many acquisitions, and the sub-companies were also the products of previous acquisition strategies. While working in the audit group, it was easy to see failed integration all across the company. You could instantly tell which previous company the business unit belonged to because the chart of accounts retained the same numbering scheme and the same account names. Job titles varied based on what company the business used to belong to and the different brand and company names were still used and not in a coordinated way. Our pretty new CEO (who was excellent) received even greater accolades for cleaning that problem up and saved a lot of money and finally achieved synergies that had been expected for decades in some cases. Don’t let that happen to you as a result of your M&A process.

The two most obvious places to start integration is the senior management and the company name. If you do not touch either of them, you not only are sending a message that they are not part of you, you will also bear additional expenses for the infrastructure both represent. Most business acquisitions should be done with the plane of you placing one or more senior mangement staff into the newly acquired business to run it. The three key positions to consider for this are the CEO role, the CFO role and HR. Without one or more of these positions being rapidly replaced by staff of your company, you risk ending up with a separate culture and you increase the risk of an “us vs. them” split developing.

I generally suggest changing the company name as well. It is a very public and visible sign that things have changed and you do not risk confusion in the market place about what is happening with the company after the transaction. There may be product brand names that have value, especially if the transaction is moving you into a business or country/region that you have not been in before, but that is not a typical occurrence. This does not always have to be a one-way change, maybe your own company name needs refreshing and a major M&A transaction will provide an opportunity for a rebranding event, but having many names in the market can be confusing. Even if you keep a brand name active, the actual company name can be changed.

You need to normalize the position naming conventions and the bonus and other pay conventions as well. If you buy a smaller company, many of the employees that come over from the transaction will have very inflated titles compared to the reality in the new company. Incentives usually drive behavior and you need to make sure that the targets align with what the new, combined company should be working on. Obviously, changing titles and pay can be very emotional to the people effected, but emotions will be high anyways because of the acquisition.

Reducing staff will be a key synergy item and you should do it as quickly as possible after the transaction closes. The longer you wait the harder it is to do. If done at or just after the close of the transaction, you reduce the personal nature of the cuts and you get them behind you as soon as possible.

The integration should be planned in advance and there should be a team set up with people from your company and the acquired company. I have done this process with and without an outside consultant. In my experience, an outside consultant helps here as in can reduce some of the emotional focus away from the acquiring company cutting to it just being a process where both sides are listened to. In reality, the consultant works for who is paying for them, but a good one will add balance and experience from prior transactions that you may simply not have.

You need to drive the integration all the way through the systems and vendors used by both companies. It is inefficient to use two different ERP vendors for too long. You should look carefully at both ERP systems and pick the best one, not just default to the acquiring company’s system, but you need to make the decision quickly and get a plan moving and then execute. You need to consolidate insurance coverage, typical hotel and airline partners, auditors and tax advisors, all the standard spending. Their may be very big savings from raw material suppliers and this needs to be integrated ASAP. You start a race against a short clock in this process because you have a lot of momentum when a transaction closes and you risk normal business distractions if you wait too long.


Synergies are expected cost reductions and additional revenue opportunities that come with the transaction. Turning these plans into reality can make the difference between a failed or lackluster transaction and a successful one. Like integration, speed matters and it should be planned in advance. I recommend that the person running the deal team not be the one to run the synergies planning as you need to execute quickly and getting the deal closed is typically too intense at the end and you could lose valuable weeks.

As I discussed in the integration section above, synergies mean reductions in staff and you should do that as quickly as possible. A well executed plan will have some happening when the transaction closes and the rest very quickly afterwards. You need to come in and let the people go in an efficient and respectful manner. Imagine that you were in the same position as they were. No one appreciates being kept in limbo and no one wants to be given false hope and then let go anyways once some task is done. It has been my experience that people are very accepting of an M&A transaction triggering a layoff as it is not personal. They also are accepting of short term assignments as part of the integration with separation at the end of the assignment.

You need to be very thorough and remove all the duplications you can as soon as possible. If you bought another public company, you need to streamline the extra admin cost that comes with being a public company. You also need to quickly review the management teams and staffing and reduce everything to one CxO for each function. Review everything and have clear goals for the savings you expect from operations efficiencies, including supply chain rationalization and economies of scale. If there are redundant factories, arrange the closing and consolidation to happen ASAP. Speed is important to capture the momentum that comes from closing the deal and there already should have been at least a preliminary plan before the deal closed.

There probably are a lot of synergies in the sales and marketing area. The trickiest one is any increased revenue you expect from the deal. If you expected to sell their products through your channels (or vice versa or even both ways), make sure this starts happening as soon as the deal closes. Marketing materials should be planned in advance and maybe even prepared in advance. The close of the M&A will create news in the marketplace and you need to take advantage of it right away. There usually is a fair amount of redundancy in the sales forces as well and this needs to be rationalized right away. If a customer will be transitioned from one sales person to another, it should happen quickly as to avoid confusion. Make sure the process does not automatically select the staff from your company. Ensure that the best sales person is kept.

IT systems are hard to switch over right when the transaction closes, but you should try and standardize quickly and have a process working to move to the new standard across all the company. I have been involved in several transactions where the systems in the acquisition were better than the ones in the acquiring company and the switch went that way. This is an area where an outside consultant doing an objective review can really help.

Part of capturing synergies is making sure the negatives of the merger that were identified in the valuation process do not happen. If there were risks identified, have people making sure that the risks do not turn into reality. Consolidate the new business into your risk management process. Review insurance needs and make sure that it is both adequate after the M&A transaction and that you do not duplicate insurance coverage.

You’ll need a lot of help from your HR function as eliminating duplication and realigning reporting is a core part of their function. They will have to do a lot of work in pay and benefits as well and there probably will be some recruiting that will be needed as unexpected resignations occur.

There is enough additional work in capturing synergies and integrating the new business that I usually suggest that you hire an outside consultant to help. The typical company does not have sufficient experience in this process and it is a short term (3-6 months) assignment. You need to make sure that you find a qualified consultant, and your accountants or lawyers might know of ones they have worked with in the past. You also gain some impartiality in the process which can help employees accept that the chance is logical versus being imposed by the acquiring company without fully considering the merits of what was acquired. Even help in keeping an aggressive schedule would be a big benefit if the outside consultant can deliver it.

At the end of this process, make sure you measure the results compared to your expectations and some synergies and integration will stretch over 2-3 years and you do need a process to follow there.

Here a few books that I have read that helped me in the past.

M&A Integration: How to Do it

Mergers and Acquisitions Integration Handbook


Mergers and Acquisitions – part 2 – How?

This is part 2 of my three part M&A process overview. Part 1 is Why? and Part 3 is Afterwards. This blog will focus on how to actually do the M&A transaction and run the process. I will mainly discuss buying but will also have some discussion on selling as for every buyer there needs to be a seller, but there usually are more than one interested potential buyers so generally there are more people working buy processes than selling processes. I will assume at this point you have reached the end of the Why? stage and have concluded that the transaction makes sense and you want to actually move into execution mode. The level and intensity of internal effort will now jump. You probably also will need some external resources and this is where having a good relationship with your investment bankers will help. Typically you also use an external law firm as well to help with the Purchase/Sales Agreement unless you have either the right internal legal resource or a big enough team that they can handle the extra work. Remember that your Legal team can review a draft of the contract but they will need specific direction on what the transaction and business risks are to make sure you are protected. You will have several processes running at the same time.

The Why? step gave a basic value range, but the transaction step requires a lot more substantive analysis. You need to establish how you will pay for the transaction, so a financing process will start running. You need a business and legal due diligence process. You need to research the accounting implications of the proposed process. As the deal advances and becomes more certain, you need a team to start up to develop the integration and synergies realization plan. You will be running an intensive contract process with Legal leading it with the input of the business leaders. This is a lot of work and usually deadlines are pretty tight.

I can tell you right now that you need someone to quarterback the administrative part of your process that is good and can keep everyone on track to hit deadlines. There will be a lot of processes that all with have different due dates and lots and lots of meetings and reports due. I do not suggest that you try and run this all yourself. Much better to have someone specifically in charge of this. I have been fortunate to have had several excellent people that have done this for me on past deals (my last executive admin and my last Controller were both huge helps to me), and you need to make sure you have someone you can trust doing this.

Analysis process

This is the central process and the result is what you would be willing to pay for the acquisition. All the other processes feed into this central process and the timing is important as you eventually will hit a bid deadline and need to make a firm commitment. Valuation is almost always calculated in a discounted cash flow model with auxiliary EBITDA multiples as well. Usually before and after synergies and with a discount rate range to test the effect on changing assumptions there. It will end up being a large and complicated model and Excel models are easy to make a mistake in. The last deal that I lead, my boss found an error when he stepped through it while trying to understand the value drivers. Make sure you check your model carefully here. You will need to identify potential synergies that could result from the transaction and a plan to make sure they happen. I will discuss that further in part 3.

If you do not have a good internal model or if you have not run such a model before, then this is an excellent item to ask help from one of your bankers. If you have a good relationship, you do not have to formally bring them into the M&A process just for a model. If they start providing real valuation assistance and bidding strategy, then you probably should formally sign them on as an advisor. In my experience, bankers do not have the same detailed industry and business knowledge that you and the management team do, but they do know valuation metrics and what other deals have cleared at much better than you will. If they help in the modeling stage, but not enough to earn a fee and just as part of the relationship, then you owe them a favor. I strongly suggest that you use them in the financing or in another project and make sure that the banker does get paid. This actually can save money in the long run as you do not have to maintain as many staff and everyone on the other side will appreciate the two-way relationship.

Be careful with the Non-disclosure agreement that you are asked to sign as well. I usually push back on the no hiring clauses which are usually too long and be very careful that there are not clauses that attempt to limit your ability to compete. There usually are ridiculous data destruction rules as well. Your legal team will probably catch these issues but you should help them push back as well.

The data in your model should come from the target company and from you team very similar to how you would build up an internal forecast. Sometimes you are making an unsolicited offer and you need to build the model from public information and informed guesses but even then you should reach a point where the other side has opened up and is providing more detailed information. You will need to do scenario analysis where you flex factors like discount rates but also where you flex sales, costs and other assumptions like synergies. This process can help you build your plans for after the transaction and hopefully give you options to follow in case conditions change and you need to change with them to hit or beat your internal targets.

Due Diligence

One branch of the valuation process is due diligence. Although you can protect yourself somewhat in the PSA in the representations and warranties section, it is much better to discover problems before a deal closes than afterwards. As CFO, you will be running the financial and accounting due diligence (DD). You might include outside accountants to help if needed. This DD will concentrate on determining if the accounting policies used by the target are appropriate and diving into various asset classes and liabilities to see if you can find appropriate back-up to see f they are fairly stated. Normally you look at accounts receivable and inventories to make sure they are not overvalued and are real, look at the sales numbers reported to see if there is evidence that they actually happened and in the periods stated, and do a general review to make sure that liabilities are proper. Typically there is a working capital adjustment clause when you are buying a business that will adjust for any differences between the target balance sheet and the actual closing balance sheet, but this process is important anyways as issues here can call in question the basic integrity of the process itself.

One other area of intense focus for financial DD is a review of the current tax position with an emphasis on determining how aggressive they have been in the past and if there is undisclosed potential tax liabilities. This includes liabilities that could be triggered via a change in control.

Another important DD process is legal DD. Exactly what is checked depends on what the transaction is focussed on. For example, in a technology company, you would want to review the current state of patents and look for existing issues and potential issues. Very often a competitor will become more aggressive in asserting patents if they think it can damage a deal that would make a competing company stronger. You also need to carefully review existing employment contracts and if there is a history of employee actions. If you are buying a factory, you need to verify actual ownership. When buying land/development assets, you need to carefully review titles and items like mineral rights and operating permits. Make sure that any patent licenses or mineral rights easements are transferable if there is a change of control. If the asset or business is in a foreign jurisdiction, you need to make sure you understand what the local laws are and if the target is in compliance and if you would remain in compliance if you owned the target. If there is a lot of detail to be checked, you are almost always better off hiring an outside legal firm that specializes in such work. Legal DD can also check if there are any product liability issues that may effect valuation or that need documentation in the agreement.

Linked to the legal DD but its own speciality is environmental and safety DD. If there is land ownership or a factory that is rented, you need to verify that the current or past activities, including activities for past owners, have not created environmental issues. If a previous owner created groundwater contamination, you could end up being liable even if you are quite removed from the entity or person that caused the issue.

If you are buying a factory, then your operations and R&D group should review the asset being considered and give their report on it. This is important because they will have to integrate it into their supply chain and production plans and economies of scale are often a big source of expected synergies. They will also give you good input on the state of the buildings and machines and if there is a lot of additional investment needed (which will change the valuation). The R&D review can reveal under or over investment into R&D, both of which can impact future operations. It also can give an insight into the patent process, in particular how integrated the risk management process is to ensure that patents are not being violated and that reasonable efforts are routinely made to check that. There are many more areas that you could possibly have to run a due diligence process. If you have never run such a process before, try and search and find a checklist to help you.

Financing Process

You can pay for an M&A by cash, shares, assuming debt, or a combination of the three. You can raise the cash through issuing debt or shares, or you can use your own cash on hand. You can also use the cash in your target to help pay for the transaction. The only real difference between M&A related related financing and other financings is the potential time line as it might be compressed to fit a deal deadline. I will not go into too much detail here as various methods of financings are topics in and of themselves, but this is an area where including an investment bank early can give you a head start in getting this closed on time. If you are selling shares or issuing debt, expect the deal to be at least a little bit harder as the market will probably take advantage of the tight deadline and the additional risk to push for higher than the average terms you usually can issue at. Hopefully the reasons why you want to do the deal are compelling.

Closing the deal

Once you are advanced enough in your analysis that you feel that you are confident about the valuation of the target and that you still want it, you need to close the deal. If the target is running a process, there usually is a bid deadline and very often there are two bids. The first bid, early in the process, is a non-binding indicative offer. Eventually there will be the request to make a binding offer. The goal of the non-binding offer is to make the next round (bid higher) and not be too out of line with reality that you are not taken seriously. Once your offer is binding you should be granted exclusivity as soon as you are the “winner”. There is still negotiation to come.

As part of most sales of businesses, there will be a presentation and a question and answer session with the management. This is a chance to evaluate the team you are potentially acquiring, but they will be evaluating you as well. Everyone appreciates honesty. If you foresee that you will be doing lay-offs, including some or all of the management team, telling them that you will not be laying anyone off is counter-productive. They will not believe you and mistrust will be the result. You also need to make sure that only one person is running the “tough” part of the negotiations. I recommend that the manager that will be leading the business be as isolated as possible from being seen as the person that is the “bad cop”.

You want to pay the lowest price you can and still get the deal done (and never more than what the business is worth). That will mean presenting a case in negotiations that explains the lower valuation. It also means making sure the PSA has lots of protection in it for you as the acquirer and that presents as mistrusting the current team who will be assuring you everything is fine. If at all possible, you want them to be arguing for you in the process. I typically have been the deal closer, so that means I am the one that pushes hard with the target and internally to get it closed. Listen to your lawyers. You are paying them a good fee so why ignore their advice. I have been lucky to have a good lawyer on my side for most deals and if your lawyer is stronger, you will often end up with a better deal. Know what are the contract points and the valuation point at which you will walk away from the deal. Have the discipline to do that if needed. A good deal that becomes bad if your PSA does not protect you or if the price is too high cannot become a bad deal. If you can, you want a break fee if the other side walks away. You may have to get your own shareholders to approve and maybe the seller’s shareholders as well. Even if both management teams agree, the deal may not be closed quite yet. If everything goes well, you will close the deal and buy the asset. Congrats. Now the really hard work starts.

Selling an asset or business via M&A

Please think about all the due diligence I discussed above. Think about the presentations and models that are expected to be received. Usually you write the first draft of the purchase/sales agreement, so you need a good lawyer to lead the process. All sorts of different functions from the other side will be making inquiries and you will need support. You also may have to deal with the reality that your team will be facing lay-offs and will have a lot of uncertainty. You can set retention bonuses and deal closing bonuses to motivate people, but this will be a very hard process for you.

Here are some valuation books I have used in the past: Little Book on Valuation Valuation – Measuring and Managing the Value of Companies  

In Person 5e D&D using Fantasy Grounds

Last weekend my gaming group flew to where I live to celebrate a milestone birthday for me. Three of my online group are old friends from high school and college when I was first starting to play D&D, one I met where I live now about now 10 years ago is Magic the Gathering and the last is my late teens daughter. We started playing D&D together (again for four of us) about 8 months ago and have been using the Fantasy Grounds virtual table top program ( to do so. This has allowed us to play remotely and we use a program called Teamspeak to talk during the games. We play once a week for about 3 hours and have finished the starter module The lost Mine of Phandelver and currently are playing through the Princes of the Apocalypse campaign. I previously wrote about Fantasy Grounds here ( and also wrote a blog on the benefits of role playing here ( I run my Teamspeak server on my network attached server and I wrote about NAS here ( ).

As a brief recap for newer readers to my blog, Dungeons and Dragons is a fantasy role playing game, probably the start to the hobby and industry that exists today that dates back to the mid-1970’s. It is traditionally played in person with pencils, paper and dice and quite often the use of miniatures to indicate where your character is in various tactical situations. D&D has gone through 5 editions of the advanced rules and several of the basic ones as well. Over the last 40 years. At its heart, it is a story telling game and the players tell their characters’s stories in a universe controlled by the game master/referee (dungeon master or DM in D&D terms). The rules provide a framework to judge the success of failure of what the characters attempt and there is a fair amount of combat in the typical game against various creatures, monsters and other foes. Typically, you roll a 20-sided die and the result is compared to the difficulty of the task and modified by how experienced your character is. The DM then announces if the roll was a success or failure and the story continues after accounting for the result. One advantage of Fantasy Grounds is that is automates most of the dice rolling.

D&D is a social game, and in many ways it can just be an excuse for a group of friends to get together. The three players from my older group used to come over to my house when we were younger and play most Sunday late afternoons and deep into the evening. I am fortunate that I had parents that were (and remain) supportive of their kids and their interests. 30 plus years later, I can say that our time gaming when younger does not seem to have greatly impacted us in our careers and other pursuits and I could make an argument that we developed social skills and imagination that helped us in later life. I do know that I have run into many former and active D&D players in my various international travels as a finance professional including a fair number of other CFOs.

When I originally had invited everyone over to my place to celebrate my birthday and to play a live session, I had envisioned a purely live session using nothing but pen, paper, dice and maybe some 3D dungeon terrain. However, we have all enjoyed playing with Fantasy Grounds so much that the group were interested in using it to automate a lot of the game. I did not want everything to be run off of laptops, because I wanted the game to be more social and I worried that everyone just looking into their laptops would detract from that. There has been a shift over time in accessories used in gaming. The origins of D&D go back to miniatures based war games, so a table large enough to play on and hold dice, rule books and a few figures were always there, but the use of maps has slowly increased and has gone from vinyl maps with pre-printed squares to make a grid and that could be drawn on by markers to fully 3D dungeon tiles (now 3D printed is the latest twist).

Companies have sprung up to serve the gaming market with dedicated gaming tables that actually are pieces of fine furniture ( being an excellent example of that). With the rise of different VTT programs entering more general use coupled with most adventure material, especially maps, being available in digital form, the latest trends in dedicated gaming tables has started to feature a large screen in the middle. Here is a full explanation on how to build such a table for gaming for about $250 (not including the TV) and you can use the table for eating or other purposes as it is quite nice:

Closed table

Open Table

The reason why I think it is important to have the central screen in the table is that it creates a discussion focal point. All the players are sitting there, but the map in the middle (or whatever else you choose to display) creates a natural conversation focus that will help draw the players away from their laptop screens and towards the other players. I did not have time to build a table, so I just lay a TV flat on the table I usually use to game on (my dining room table) and plugged an HDMI cable into it and my laptop and extended my screen to include it (using the standard process in Windows 7). In terms of what TV to choose, 40” is a pretty standard size and I would make sure that it is 1080P (HD standard) and able to display the 1920×1080 resolution the standard calls for. Most TVs only accept HDMI input, so be sure that whatever computer you are using can output to that. I would suggest that you get a “smart” TV as it increases what you can easily stream or send to the TV. The one I used had a built in ROKU which is a good platform. You should be able to find a good quality one under $250 (in the USA) and if you keep you eyes open for specials you can probably get one for around $200. I am not sure how the built in sound would be if I had countersunk the TV below the table surface, so you may need to mount external speaks as well. The TV can always be mounted vertically on the wall or on a stand, but that will preclude you from using miniatures and it also means that your seating has to be set up so that everyone can see the TV which normally results in you losing one side of the table for seating. image You can see from my picture of us gaming, one player did not have a laptop, so I set up an all-in-one computer right besides the table. If I had placed it on the table, the height of the screen would have blocked him off from the rest of the players. I ran the game from my business laptop. It has a pretty small screen (it is designed to be small and light) and a larger or multiple screens (I typically use a 3 screen set-up) makes running a session much easier when you use Fantasy Grounds.

We started the adventure where we left off the week before and that was in a small keep where the players had talked their way into a discussion with a minor cult leader and then made a mistake and caused him to order them to be attacked. I had plotted out all the other opponents in the keep before the session, but the Ranger cast an area of effect spell that filled the area in front of the doors they had to use with thorns and I had to reroute all of them around it and into the keep another way. Because I was using a small screen myself, the combat bogged down a little for a while until I finally had everyone positioned right. If I had moved my desktop computer to the gaming area, I would have had to position it so that I was not blocked from the group by the screens. In order to control the image on the TV in the center, I kept control of it. I ran a second instance (I ran two copies of Fantasy Grounds) at once on my computer. The way you do that if you use Steam, is that you find the executable file for the program (wherever Steam puts it on your computer) and you run it by double clicking it. You then connect to the game you are running on your computer by typing the word localhost into the spot you usually put an IP address or the connection phrase your GM gives you. If you are not using Steam, you just start the program twice, and run one as a player.

It is somewhat unnatural to control the cursor on the TV because of the orientation and positioning, and you do need to make sure you don’t lose your cursor if it wanders. You also need to keep the program in window mode, otherwise you can get the cursor trapped on one screen. If you are just using the program to display a map and to take advantage of a “fog of war” feature that allows the DM to slowly reveal the map as the party reveals it, then Fantasy Grounds is probably overkill. One weakness (partially corrected by an extension from the user community) is that Fantasy Grounds does not smoothly handle rolling your own, physical dice and then entering the die roll into the program. There are other, free programs that handle displaying a map and giving you a fog of war option and all you need is access to a digital copy of the map. In a pinch, you could always scan the map from a physical copy.

Because the FG design does not appear to fully take into account it being used as a “light” manager to display maps, you get a ton of functionality that you would not use. The cost of a standard license is $40 (and is $30 on sale) and you get all the online capabilities as well, so it is not like the program is a complete waste, but if all you want to do is display some maps and images, there are other less expensive choices. Fantasy Grounds can do a lot of the bookkeeping for you and to hit rolls are very quick because the math is done right away. You lose a little of the old time feel with everyone using a laptop, but you do gain more time to roll play and socialize as a lot of the administrative burden is lifted from the game. This really will end up being what you and the player group wants to do.

If all the players are using laptops, you need enough places for them to plugin. You also probably need something to recharge cell phones with. We started playing about 10:30 AM, and we took a break for lunch. I had smoked brisket and that worked well as smoking does not require a lot of hands on work that would have interrupted the game. Otherwise, ordering in pizza makes sense. With all the laptops on the table, liquid spills should be planned for and avoided where possible. None of the designs that I have seen for a TV in the middle of the table are water proof, so that is something you need to be careful of. I would rate my first attempt at a live game using Fantasy Grounds as being a success. I plan on building a table that will place the TV below the center of the table and when I get around to that I will do a blog on the process and the result.


These are links to buy the D&D 5e rule books: Player’s Handbook (Dungeons & Dragons) Monster Manual (D&D Core Rulebook) Dungeon Master’s Guide (D&D Core Rulebook)

Mergers and Acquisitions – Part 1 – Why?

Mergers & Acquisitions is a big topic, too big to cover in just one blog entry, so I will use the next three to give an overview of my views on the process. There are entire textbooks written on smaller parts of the process so my blogs will have to be, by definition, more top level. They will contain advice I have learned during my career actually considering and doing M&A.

Before an M&A transaction happens, you need to decide to do it. This phase of deciding if you want to do one is what I call the “why”” phase. You should be clear in the reasons and decision to do the transaction and there should be reasonable consensus within the senior management team. Some transactions require shareholder approval and you have to convincingly explain to them why it is a good idea.

The general reasons to do an M&A transaction is to save time or cost or both by buying from an external party instead of building it yourself. The best transactions are planned and executed as part of your over all strategic plan. Many are opportunistic and not part of your formal plan but become available and you decide to act on them. The opportunistic nature of many transactions means that you always need to be flexible and able to move quickly. This is why adequate staffing with the right people is important. If you have little to no ability to flex or change your work staff’s work plans, then you will find it almost impossible to take advantage of the good M&A opportunities that come your way.

A simple summary of the rule of this thinking is that your company should be more valuable after doing the M&A transaction than before it did it. You save cost or time or both. You get bigger and enjoy economies of scale or risk diversification or both. Or you get smaller and more focussed and can use what you were paid for the asset you sold to grow faster in the business you kept. In all ways, you need to increase shareholder value.

Opportunistic M&A is also a reason why it is hard to maintain good work/life balance as a CFO. If the transaction is significant, you probably will be leading it. M&A takes a lot of detailed effort and that will be on top of your other duties. You can and hopefully will delegate a lot of the work, but M&A is something where the little details can make or break a deal, so you will be spending time getting to know all the little details you can think of.

The reasons why you would do an M&A should be thought about in advance. Whether within your existing business or to go into a new business, you should have thought about what you want to do. You need to know the cost and timing of expansion in your existing business well as you will need to use that information when evaluating additional opportunities. The decision to enter into a new business needs even more thought in advance and an opportunist M&A will not give you enough time when it appears. Running the business always takes more time than you want it to, but you need to make time to think and discuss strategic options in advance with the other senior management and your own staff. If you have built the right team, your staff will be key in this forward thinking process. Of course, your peers in the senior management team will also be a good resource. Finance will bear a lot of the analysis burden when it comes to numbers and valuations, but the functional leaders will have to execute after any acquisition and they probably know the market better than your staff will.

A typical M&A transaction will cost more than doing it yourselves. Every once and a while this is not true, but my experience says that in any process, especially if competitive, you will pay a premium. Sometimes you have an advantage that the seller does not have in that you can deliver or complete or have a less expensive distribution system than they do, and that means they undervalue an asset compared to you. It still is likely to be cheaper if you do it yourself.

The cost advantage fades quickly when you are buying a product you already do not have or buying access to a market you have never been in before. Developing and marketing a new product can be quite expensive and you typically learn a lot of expensive lessons during development and crossing to manufacturing. Entering a new market is easy to mess up and even if you do succeed, it normally takes quite a long time to do it.

I can give three examples from my own past. If one of my former businesses sold a large laminate business as it was felt that we did not have a competitive advantage there and bought a sputtering target business. The company was already selling chemicals into fabs, and those chemicals interacted with aluminum on the wafers, but the sputtering target business was new. It was a large company and we could have learned the process to refine and cast the aluminum properly, but we would have had to win customers from scratch.

In another business I worked in, a semiconductor business, we looked at several different targets that would have moved us into a completely new area making products we already did not. It is a several year process to design, validate, tape out, validate again and then go into mass production. Most semiconductors today are part of an established system (PC, cell phones, automobiles, etc.) that all have standard operating systems that are used. You not only need to get the product right, you need to get the software right that allows your new product to work well and that is very difficult. The design cycles for cars and telecommunication infrastructure is quite slow and conservative, so breaking into those markets can be a long and expensive process.

Solar projects can take 2-3 years to develop and acquiring land and a spot on the list for interconnecting can also take years. We certainly could have developed projects for less cost than buying them (and in many cases we already had), but you cannot roll back the clock. If it takes years for others to develop something, you are unlikely to be able to do it in months. So balanced and well done project acquisition can be a very good strategy.

Another good reason to make acquisitions is if the market has rewarded you (or luckily bestowed upon you is often the reason) a superior and unsupportable valuation. Maybe you are one of the few public companies in your market and you have a public currency that others do not. If you do have this excessive valuation, you can execute a “roll-up” strategy and acquire companies that actually are accretive to you at your outsized valuation even though you are paying a fair market price. It is well known that such a roll-up strategy always eventually fails and the excessive valuation is lost, usually when you get too large or when your industry loses favor. However, until that happens, and it can take years, you can generate significant value for your shareholders. You need to make good acquisitions in a well disciplined manner, but it can work. When it stops working, you have gained significant size and scale and the normal fix while you are out of favor is cutting admin expenses and realizing more synergies. You may never get the same lofty valuation as in the past as Wall Street rarely makes the same mistake with the same company, but you probably would not be as large or high valued if you had not taken advantage of your circumstances.

Some bad reasons to do M&A (acquiring) are the need to get bigger or you will be acquired or because you have too much cash at low returns. Your job is to deliver shareholder value and forcing M&A just to be bigger and a harder target to acquire does not deliver value. You need to make an honest assessment and decide if spending your available resources (cash or dilution) will deliver more return than just being acquired at a premium. If you have too much cash, a dividend or share buyback is almost certainly better than bad M&A choices.

Another bad reason to do M&A is the thrill of the process. Some people just love doing deals and have trouble saying no to any deal that comes their way. You need to keep an open mind and not reject everything, but doing deals simply for the process and thrill of doing them is a bad reason and not responsible for shareholders.

Vertical M&A – buying your suppliers, can be very tricky. It is highly unlikely that your competitors will continue to buy from the supplier you buy. That needs to be factored into the reasoning of why you want to purchase a supplier. Buying a customer gets you closer to the end market for your products but it also puts you into competition with your other customers and also needs more careful consideration.

For most companies, early stage investments into technology ideas or start-up businesses is not a good idea. I know the returns that companies like Google and Facebook have delivered look tempting and if you have an active R&D group, you probably will be pitched new technology companies that are working on something new and exciting that can really help you. Keep an open mind and at least have your R&D head take a quick look, but these are bad ideas for several reasons. First, if you are being pitched these as part of a process and they had investors that are trying to get out, then the idea is probably not working out and they are not advertising why. There may be some value, but probably not. The other reason is that you probably are not an investment fund. If you get a chance to, try and meet a notable venture capital leader and talk to them. We always hear about the home runs but the reality is that for every huge success there are many that fail. An honest VC will tell you that they are better at selecting winners than average, but that they do invest in a lot of companies that do not work out and they lose much or all their investment. If they did not like the company, they would not have invested, so they obviously felt that there was a chance, but that chance does not come through in most cases. You are not an investment fund and the market rarely rewards you for a home run every once and a while that is not part of your core business.

I have been focusing on the active process where you buy (or merge with) an asset or business. However, M&A might be to make the decision to sell a product or business you own and divest. If this is well timed, and at a good value, you can receive much needed cash to grow the areas of your business that you believe. You have much more promise in. It is very common for a management team, especially a very successful team, to think they can fix any problem. This needs to be fought against just like the belief that you can buy and fix any business. On a regular basis you need to look at your products and decide if they are all worth continuing. If not, then a mature management team will consider selling the business as a viable choice.

M&A within your existing business is a more simple analysis. You should understand the risks and opportunities well, and the make vs. buy analysis should be more straightforward. The synergies will be more obvious and it will be easier to come to a fair value. M&A away from your existing business is much harder as you will not have the knowledge and experience to know as well as your existing business.

You need to be able to articulate the reasons for doing the transaction clearly with the risks and rewards simply explained. I find that the ability to simply but still accurately explain a transaction is a sign that it is well understood. Your explanation needs to consider the process and possible outcomes after an acquisition is done and what would be the consequences if you did not do it and a competitor did.

One final thought is that your initial evaluation process can benefit from a designated “devil’s advocate”. That would be someone who is assigned to argue against the transaction. Most leaders are optimistic as part of their basic personality and that sometimes leads to over eagerness and a desire to do something even if not doing anything is the better course. You can partially correct for that bias by building in a counter weight into the initial evaluation process. If the deal is good, someone strongly arguing not to do it should not stop it and will make the eventual reasoning on why to do it even stronger.

Powered by WordPress & Theme by Anders Norén