IT Integration in Mergers and Acquisitions
… and what you need to know about Post-Merger Integration (PMI).
1. Executive summary: mergers & acquisitions and post-merger integration
Mergers & acquisitions (M&A) transform the IT infrastructure of the companies involved. This overview provides an introduction to key aspects of M&A, including mergers, acquisitions and carve-outs, and highlights the strategic motivations behind such transactions. The key challenges of IT integration, such as resource management, security and compliance, are also described in detail. Special emphasis is placed on the eight planning phases that ensure successful IT integration after a merger or acquisition. In addition, different approaches to the depth of integration are explained and the critical role of an experienced partner such as SEEBURGER in the success of the project is highlighted.
2. Mergers & Acquisitions 101
Mergers and acquisitions typically have a profound impact on the IT landscapes of the companies involved. As a result, their IT teams face significant challenges, which we will discuss in chapter 3. But first, a definition of M&A and one of its subsets, the carve-out:
What are mergers & acquisitions?
Mergers & acquisitions (M&A) are complex business transactions that enable companies to strengthen their market position, expand operations or take advantage of synergies. Although the terms merger and acquisition are often used interchangeably, they have different definitions.
Merger
A merger is the combination of two or more independent companies to form a new legal and economic entity. This is often referred to as a "merger." A merger usually involves the dissolution of at least one of the original companies and the formation of a new company that takes over the activities and assets of the merging companies. There are different types of mergers, and depending on the type of merger, different IT systems may need to be consolidated or transferred.
Acquisition
An acquisition or takeover is the acquisition of control of another company through the purchase of a significant portion of its stock or assets. Unlike a merger, in an acquisition both companies remain legally independent, with the acquiring company usually exercising control over the acquired company. This can have an impact on the design of the IT landscapes of both companies, for which there is another solution besides mergers and acquisitions: the (IT) carve-out.
Carve-out
A carve-out is the separation of a business unit or subsidiary from a larger company. This is usually done for reasons of strategy, efficiency or to focus on the core business. It can also be done to facilitate the sale of the carved-out business unit.
An IT carve-out, on the other hand, is the spin-off of a company's IT infrastructure, IT services or IT department. This creates an independent entity, or these services are outsourced to third parties. An IT carve-out requires technical and organizational expertise. IT systems, data, people and processes must be separated. The outsourced IT team must implement new management structures, infrastructure and systems. Careful planning and implementation are essential to ensure that IT functions operate seamlessly and efficiently in the new environment.
3. Reasons for mergers & acquisitions
Mergers and acquisitions are generally designed to create or enhance a competitive advantage. This is achieved by combining and optimizing the resources and expertise of two or more companies. There are many reasons for embarking on an M&A project:
M&A processes are change processes that affect the flow of information. This makes the strategic linking of all old and new information, data sources and data targets during mergers and acquisitions vitally important. The first step is to take an accurate inventory of the existing IT infrastructure. Merging applications and systems usually presents a number of challenges.
4. IT challenges in mergers & acquisitions
In the context of M&A, it is irrelevant whether the two companies want to maintain separate systems, implement joint reporting or operate as one company in the future. Access to revenue, planning and sales figures needs to be centralized for business reporting. Joint HR systems for human resource management, joint inventory management tools and a common CRM are just a few examples of the far-reaching impact an M&A project can have on companies’ administrative and core processes.
This is especially evident in post-merger integration (PMI), where these integration activities are actively addressed. Available resources and expertise, security and reliability issues, and, of course, cost, are all key considerations:
Post-merger integration resource management
Managing the project volume in the context of a PMI is very resource intensive. Coordinating all the IT teams and activities involved requires careful planning and effective time management. Ensuring that all systems are running smoothly and that any problems can be resolved immediately requires above-average human, IT, and financial resources, particularly during the transition period.
Know-how for post-merger integration
The integration of different business processes and IT systems as part of an M&A project or during the PMI phase requires a deep understanding of company processes, as well as the ability to bring them together harmoniously. It is important to keep key people in the company who have these skills and a detailed understanding of the internal systems.
In some cases, bringing in external consultants or experts with M&A integration experience to support the internal team may be a good idea. An external perspective and specific expertise are often beneficial. However, this increases costs and the risk of dependence on external resources.
The internal team can also be prepared for M&A-specific requirements through training and development.
Security aspects of post-merger integration
The integration of IT systems and data presents a variety of security risks that affect different areas of the IT infrastructure. It is important to identify and mitigate these risks:
- Ensure data security during post-merger integration:
Data integration can create security gaps that allow unauthorized access to sensitive information, resulting in data leaks, intellectual property theft or data breaches. - Identify vulnerabilities in systems and applications during post-merger integration:
Different IT systems and applications of the merging companies may have different security standards, providing attackers with a gateway to compromise the systems. - Consider compliance risks in post-merger integration:
Merging companies must ensure that they continue to comply with all applicable legal and regulatory requirements, particularly those related to data privacy and data security. Failure to comply can have legal and reputational consequences. - Eliminate insider threats during post-merger integration:
During the M&A process, employees of merging companies may disclose sensitive information or commit intentional malicious acts. This can lead to internal security breaches that are often difficult to detect and remediate.
Susceptibility to error during post-merger integration
When consolidating or migrating systems, there is always the risk of misconfigurations or data inconsistencies leading to operational disruptions or malfunctions. Particular attention should be paid to the differing security standards and practices of the merging companies. Security audits and the implementation of robust security measures help minimize these risks.
Post-merger integration costs
Unexpected costs can arise during an M&A project, whether due to integration complications, legal issues or technical difficulties. Let's take a closer look:
- Post-merger integration complications:
Different platforms, architectures or data formats, such as outdated software and legacy systems on the one hand and a more modern cloud-based solution on the other, require additional customization or development of specialized interfaces to ensure smooth data flow. These adaptations are often time consuming and costly. - Legal aspects of post-merger integration:
M&A transactions are subject to a wide range of legal requirements and regulations, which can vary depending on the companies involved and the geographic location. A number of legal complications can arise, for example, if unexpected legal obligations or liability risks are uncovered during the due diligence process. These must be carefully reviewed and, if necessary, negotiated to minimize the legal impact on the M&A project. - Technical issues in post-merger integration:
The technical implementation of an M&A transaction can be complex due to various challenges such as data migration, software integration and network harmonization. One example of a technical challenge is the loss or corruption of critical data during data migration. This can result in business interruption or data breaches. Overcoming such technical challenges requires careful planning and close collaboration between the IT teams of both companies.
These factors must be considered in order to successfully manage the IT component of an M&A project. The following are some approaches to overcoming IT challenges in M&A projects.
5. The eight planning phases of IT integration in the course of an M&A project
Mergers and acquisitions are undertaken for both corporate and economic reasons. As described above, such transactions have a huge impact on the digital ecosystem of the merging companies. Data from existing systems is merged, new systems are implemented and legacy systems are modernized or replaced. New trading partners must be connected, and existing partners must be migrated to new systems. New interfaces must be created and old ones replaced. The process of post-merger IT integration can be planned relatively accurately in eight steps:
IT analysis/IT due diligence in M&A projects
The goal of due diligence in the context of M&A processes is a comprehensive inventory and evaluation of existing IT infrastructures, systems, and processes, including the identification of synergies, risks, and potential savings.
This includes existing deployment and operating models as well as the use of specific industry solutions, cloud services or connectors, existing mappings and partner connections.
To what extent is the complex area of B2B integration covered by modern EDI solutions and where is it necessary to consider EDI modernization and the introduction of a modern integration landscape?
It is necessary to determine which applications and data are currently integrated via EAI and A2A, which APIs are integrated and how they are managed, which processes can be automated, and to what extent the possibilities of IIoT integration are implemented for future innovations.
Is managed file transfer already being used to securely exchange large amounts of data? How do you manage current access rights, adherence to new corporate policies, and international compliance regulations?
Last but not least, an important part of the IT due diligence is to determine the incurred IT costs and current personnel expenses.
Definition of objectives for post-merger integration
After its completion, the IT due diligence provides a comprehensive documentation of the current state of the IT landscapes of the companies or divisions affected by an M&A transaction. This forms the basis for the target definition. It identifies the challenges that the new IT or integration structure will have to overcome and the requirements it will have to meet. The optimal result is defined and its achievement is made measurable.
Harmonizing and integrating the IT landscape is a key aspect of defining goals. For example, it can be determined which areas of IT will be managed in-house or via an iPaaS (integration platform as a service) in the future, or which areas are better outsourced to an expert as fully managed services. Also under discussion is whether to deploy services and systems on-premises, in a private cloud, or in a public cloud or hyperscaler such as AWS, Azure, or GCP.
This includes another important goal of post-merger IT integration: independence from labor market fluctuations. With a forward-looking IT strategy, the use of best practices from an IT managed service provider and innovative integration technology, internal IT can be freed up to focus on value-added activities.
When planning the goals of a future IT system landscape and the necessary staffing levels, there is one aspect that is paramount: cyber security. Many standards and guidelines have been developed to ensure this. Here are just two:
- DIN EN ISO/IEC 27001 "Information technology – Security techniques – Information security management systems – Requirements" is the standard for information security management systems (ISMS) requirements and is widely used.
- The EU NIS2 Directive aims to improve the cyber security of networks and information systems in the European Union.
Enterprises can also take steps to better protect their organizations, such as two-factor authentication (2FA). Password security is also important. Measures such as single sign-on and Security Assertion Markup Language (SAML) should be directly addressed when setting goals for password fatigue and standardizing password policies in the wake of M&A activity.
Planning post-merger integration activities and resources
When companies consolidate their IT landscapes, simply copying the existing structure is not a sustainable solution. Operating in parallel is not sustainable, either. Rather, a trade-off must be made between a quick and easy-to-implement solution and the optimal design of the new IT infrastructure.
Based on the results of due diligence and the goals derived from it, decisions must be made regarding the development of a future-proof IT ecosystem, the necessary systems, deployment models and the selection of an external integration service provider to provide professional support for all these measures.
This has a direct impact on the staffing plans of IT and other departments. The more integration and migration activities that can be outsourced, the more resources can be saved internally. It is important to engage and brief external resources in a timely manner to define common goals and make the post-merger integration a success.
Post-merger integration execution and implementation
The critical phase of post-merger IT integration begins when the contract is signed and deadlines are set. During this phase, the planned integration activities are actually implemented. New systems are implemented, data is migrated, adjustments are made and processes are automated and updated. The goal is to ensure that the integration is carried out according to the defined plan and schedule.
The quality of the preparatory work now becomes visible and has a direct impact on the success of the integration.
To deal with unforeseen challenges, agile planning is critical. It allows for flexible adaptation to new circumstances and challenges, and it helps make the integration process efficient.
Post-implementation testing for post-merger integration
Before systems go live, extensive testing is required to ensure that all integrated systems function properly. Testing includes functional, performance, security and user testing. The goal is to identify and resolve potential issues early to ensure a smooth transition to go-live.
Go-live of IT in the course of post-merger integration
The integrated IT systems are officially launched and released for productive use. All employees are trained on the new systems and business operations are being migrated to the consolidated, modernized and integrated IT landscape. The goal is to ensure a seamless transition to the new IT environment and minimize the impact on business operations.
Hypercare after the go-live of the integrated IT landscape
Hypercare is the critical phase following the go-live of an integrated IT landscape. During this phase, the newly implemented system is intensively monitored to ensure that it works as expected and meets all requirements.
To this end, special support structures are set up to quickly identify and resolve any problems that may arise. These are an essential part of the hypercare process and help ensure the stability and performance of the new IT infrastructure.
It is also important to ensure that all user requirements are met. This includes both the needs of the end users and the needs of the organization for the system.
IT change management in the course of post-merger integration
IT change management plays a critical role in M&A integration. It takes into account not only technological changes but also the impact on employees. The goal is to prepare employees for the upcoming changes, support them and ensure that they can successfully use the new systems and processes.
This includes communicating changes, training employees on how to use IT, providing resources and support, and addressing employee feedback and concerns.
Effective IT change management helps to minimize resistance, promote acceptance of change and ensure the success of the M&A integration.
6. M&A project integration depth
The depth of integration of IT systems provides companies with different approaches to merging, modernizing, or maintaining their IT landscapes in the context of mergers and acquisitions (M&A). These approaches are typically classified as greenfield, brownfield, bluefield and orangefield integrations. Each approach has its own set of challenges and benefits, as described by the examples below.
Greenfield integration of IT landscapes as part of post-merger integration
A greenfield integration involves building an entirely new IT infrastructure from the ground up. This provides the opportunity to implement modern technologies and best practices without being constrained by existing systems and processes.
Example: A large multinational acquires an innovative start-up. Instead of integrating the startup's existing IT systems, the company decides to build a new, cloud-based infrastructure. This allows them to adopt modern technologies and security standards from the outset without having to worry about legacy systems.
Brownfield integration of IT landscapes in the course of post-merger integration
Brownfield integration leverages the existing IT infrastructure and incrementally extends or modernizes it. This approach is usually the most cost-effective, as existing systems and processes are retained and enhanced.
Example: An established automotive manufacturer acquires another long-established company in the same industry. Both companies have similar ERP systems. In this case, the existing ERP system of the acquired company is gradually integrated with that of the parent company. This minimizes customization costs and enables seamless business process integration.
Bluefield integration of IT landscapes in the course of post-merger integration
Bluefield integration combines the benefits of greenfield and brownfield approaches. It replaces critical and obsolete components with tried and tested systems, while maintaining systems that have proven themselves. This provides flexibility and efficiency.
Example: A pharmaceutical company acquires a mid-sized biotech company. As part of the bluefield approach, the pharmaceutical company decides to retain its established and robust production IT infrastructure while integrating the biotech company's innovative research and development platforms. This allows the company to continue using the proven systems while modernizing them at the same time.
Orangefield integration of IT landscapes in the course of post-merger integration
The goal of orangefield integration is to harmonize IT systems. This involves the complete merging of selected systems and data, while others remain separate. This is particularly useful when full integration is not necessary or possible for strategic or operational reasons.
Example: An international retailer acquires a regional retail chain. The regional chain's point-of-sale (POS) and inventory management systems are integrated into the global IT landscape, while local marketing and customer service systems remain separate due to regional differences and requirements. This allows the company to take advantage of synergies in central business areas without compromising regional flexibility.
7. Conclusion: IT integration in mergers and acquisitions
Integrating and optimizing IT infrastructure is a key challenge in mergers and acquisitions (M&A). Successful IT integration requires detailed planning that covers the entire process, from analyzing existing systems to implementing new systems and training employees. Strategic decisions, such as the depth of integration and the selection of the right technologies, play a critical role during planning. Security, compliance and minimizing business disruptions are also important factors that significantly impact the success of an M&A project. External expertise can help but must be carefully considered to maintain control over internal processes. Overall, IT integration is a complex but critical step in realizing the desired synergies and competitive advantages of an M&A transaction.
8. This is how SEEBURGER can help with post-merger integration
One factor for the success of M&A projects is choosing an experienced partner like SEEBURGER. We support the entire process with the powerful SEEBURGER BIS Platform, whether in the cloud, a hybrid environment or on-premises, and provide flexible software and service resources. SEEBURGER Consulting Services work closely with you in an ongoing process from design to migration planning. See for yourself! Read a case study of a post-merger integration projects that we have successfully implemented for our customer.
Case Study
