A robust defence

Jonathan Corsico and Joseph West, partners at law firm Gibson Dunn & Crutcher, discuss risks involved in investing in the defence sector and how to mitigate them.

Defence industry transactions present private equity firms with a unique set of hurdles, from diligencing classified programmes, to managing the risk that government contracts may be audited years after completion, to addressing personnel issues that may arise in far flung and dangerous jurisdictions like Iraq or Afghanistan. Addressing these risks requires a tailored approach to deal-making.

While all M&A deals involve risks, some of the risks present in defence industry deals differ from those in deals involving other industries. Often, these differences arise in the following manners:

• Defence industry risk can be very long lived; the government can audit a defence contract many years after completion – with the results of the audit having a potentially dramatic impact on historical EBITDA. 

• Defence industry risk can give rise to very serious consequences; for example, misconduct can result in the contractor not only owing money to the government, but even being debarred from future contracts. 

• Because the customer is often the government, there are special and onerous rules that govern the contractor which do not exist in purely private settings. These include the False Claims Act; contract novation requirements; Foreign Ownership, Control or Influence (FOCI) rules; security clearance rules and others. 

• Because the government enforces the above rules, disputes over compliance can easily become lopsided; the government is both a party to the dispute and also the judge in the dispute. 

• Although it is common for government contracts to have long durations, the government typically possesses the right to terminate at any time (often called “termination for convenience”). Also, many contracts are subject to annual funding appropriations from Congress, meaning there is risk that the contract may not be funded in any given year. 

• Because many defence businesses have only a single customer – the government – the consequences of losing that customer – whether through losing a bid, a rule violation, or otherwise – can be particularly dramatic.

• The specialised risks present in many defence industry deals require solutions that are directly targeted at minimising those risks.

Due diligence is the first mitigation strategy, and is a particularly important strategy because certain risks cannot be adequately mitigated through contractual protections alone. Buyers should begin their diligence by identifying key areas of risk, and then developing a diligence process that will fully explore those risks.

It is often wise to focus on historical results as a predictor of future events. For example, what is the target’s record of challenging government audits? Does the target repeatedly have to make significant adjustment payments to the government? Or are the target’s infractions only minor? Have individual target personnel ever been formally investigated? Charged? Debarred?

What is the target’s culture? Does it have a culture of compliance or a culture of playing fast and loose? Does the target rely on “in country partners” when operating in foreign jurisdictions? If so, who are these partners and what has the target done to ensure that these partners comply with US anti-bribery laws? Does the target have a history of bid protests, either offensive or defensive? Have those bid protests been successful and, if so, on what bases?

Where there is smoke, there is often fire. And where there has been fire in the past, there is often fire in the future. Documentary due diligence can go a long way towards uncovering risks, but it is also prudent to take additional steps, such as background checks on key managers and in country partners; site visits; and discussions with key subcontractors, customers and suppliers.

Site visits and discussions with rank and file employees during these visits can be particularly revealing, and can speak volumes about an organisation’s culture. In situations where bribery is a high risk, consider engaging a forensic accountant to investigate prior expenditures, searching for illicit payments.

The second mitigation strategy is to negotiate contractual protections, bearing in mind that, in a public company deal, post-closing indemnification is not going to be available. Be certain to include robust representations and warranties addressing key risks, but be mindful of the fact that, even with robust reps, most indemnification constructs will cap the seller’s liability for breaches of reps at a relatively small dollar amount – usually 5 percent to 20 percent of the purchase price. A False Claims Act issue, or a Foreign Corrupt Practices Act issue, or a significant cost audit, could easily exceed this cap.

With that limitation in mind, consider whether an “our watch / your watch” indemnification construct – where the seller is economically responsible for all pre-closing conduct and the buyer is economically responsible for all post-closing conduct – is appropriate. While most sellers will understandably resist such a proposal vigorously, it is worthy of consideration.

For example, should the seller be economically responsible for the results any cost audits that occur post-closing, but that relate to pre-closing periods? From the buyer’s perspective, if the seller has kept the revenue associated with that pre-closing period, it seems logical that the seller should also be on the hook to return a portion of that revenue to the government. But under that construct, does the seller get to participate in the cost audit? What if the buyer chooses to “throw the seller under the bus” in the audit? And hasn’t the buyer purchased the entire business, along with all attendant risks including the risk of future audits?

It is also worthwhile to consider whether an earn-out is appropriate. Earn-outs are essentially the opposite of an indemnification payment – indemnification payments are made when something goes wrong, while earn-outs are payments that are made when something goes right. If the target has a pending bid, consider whether a portion of the purchase price should be contingent on that bid being won. Once the target agrees to that construct, however, there will be may details to negotiate.

For example, when should the earn-out payment be made – at the time the bid is awarded? At the time the bid protest period ends? At the time all bid protests are fully and finally resolved? What happens if the target wins the bid, but is then forced to modify the terms of the bid in order to fend off a bid protest? Or what happens if the target is forced to defend the bid in litigation, incurring millions in legal fees? Should those fees be deducted from the earn-out?

The third mitigation strategy is to isolate target company risk to ensure that it does not infect other portfolio companies. One way to isolate risk is to delay integration of the target into existing portfolio companies until there has been a healthy transition period. Another way to isolate risk is through processes and procedures designed to ensure compliance. Be particularly careful not to allow the private equity firm itself – the management company – to become intertwined with the target.

The fourth mitigation strategy is to develop an “it wasn’t me!” defence. The goal of this strategy is to be able to credibly state to the government that anything bad is confined to only the target company or only selected individuals at the target. Following the steps outlined above, such as detailed due diligence and robust reps, will help establish this defence. While this defence is very unlikely to completely defeat a government investigation, it does have a legitimate chance at confining the consequences of the investigation to only the target company or only a few bad apples at the target company.