Thursday, 29 August 2019

Letter of Intent in Public M&A: Six drafting points on the scope of exclusivity

We will continue our blog on SPAs and private M&A deals next, but in the meanwhile I take a step to the public M&A world and write a few words about exclusivity. This is often a hotly debated issue, but the main principle and aim of the clause are clear.

Let us assume that we have a situation on the table where Company X made an indicative proposal with respect to a potential transaction involving a voluntary tender offer to acquire all of the outstanding shares and equity securities of Company B. In the following Letter of Intent, Company X requires that, during the agreed period (which we can call “restricted period”), Company B “...will not and procures that its affiliates and their respective representatives will not solicit, initiate, or negotiate any approach, offer or indication of interest from or with any third party with respect to any alternative transaction.” Sounds clear so far? Well, for those who are not familiar with the concept of alternative transaction, let me share some thoughts on the concept and what the issues are that should be considered.

First of all, from Company X’s point of view, it is important to define the scope of exclusivity in such a manner that there are no loopholes that Company B can use to circumvent the protection. Therefore, there is typically an exhaustive list of various types of transaction that are restricted, i.e., alternate transactions. From Company B’s point of view this kind of exclusivity needs to be considered carefully not only because of the board’s fiduciary duties may require certain freedom to operate without contractual restrictions, which, as it happens, is a topic outside the scope of this blog, but also to ensure that that the scope is not too wide, unnecessarily restricting the ordinary business of the company.

From Company X’s point of view the definition of an alternate transaction could be, e.g., the following: (a) any transaction concerning the subscription or acquisition of any shares in, or any equity securities of, Company B or any of its affiliated companies, (b) any transaction for the sale by Company B or any of its affiliated companies of all or a significant portion of their respective businesses or assets, (c) granting a licence to any intellectual property rights or assets of Company B or any of its affiliated companies other than in the ordinary course of business and consistent with past practices; or (d) any merger, demerger, formation of a joint venture by Company B or any of its affiliated companies and any transaction having a similar effect.

Second, while we have seen these kind of proposals in the past, we do not consider that these are necessarily business-oriented. Naturally, in point (a) one needs to make a distinction between two cases: one in which the board discusses on the sale of all or majority of the shares in which the control changes, as opposed to a case where an individual shareholder of a listed company trades his or her shares.

Third, in paragraph (c) there is a distinction that should be noted whether the licence is exclusive or non-exclusive. Wide licence to a company’s core IPRs may also be part of an ordinary business and in such case it may not be harmful to give the Company B such rights depending on the field of business as well. If it is outside the scope of ordinary business or exclusive, then there is a potential of value decrease but even then if such deal were to be detrimental to the value of the company, the board naturally would not implement that.

Fourth, in (d) there is a slightly similar issue as above, whether we should expect that there is a change of control. There are many collaboration deals that may be within the ordinary course of business and therefore not even harmful to the offeror.

Fifth, while the concept of alternative transaction is relatively wide, it might be prudent for Company B to consider whether a sentence on ordinary corporate finance transactions and the related security measures should be added. Further, there might be contractual or other rights relating to shares which would also require an express carve-out from the scope. At this point, Company B might not have full visibility as to what arrangements there are affecting the exclusivity and therefore this gives additional comfort to Company B.

Finally as a point number six, in all these types of alternate transactions, one needs to consider whether these reactions should apply to Company B only or Company B’s group as a whole or Company B or its affiliated companies as written above.

As you can see, even a small clause in LOI may be enormously fascinating if you dig deep enough and start playing with different scenarios when finding the optimal drafting. Based on our experience, standard models are used too often without thinking about the particular case in question. 

Hopefully, this will help and looking forward to hearing other comments around exclusivity theme!

Best Regards,


Monday, 27 May 2019

Some take-aways and personal after-thoughts on competitiveness, financing and platform ecosystems following IBA's Global Entrepreneurship Conference

For various reasons, I have not posted anything here in ages. I have been active otherwise and, for example, have written our firm's M&A and Corporate Finance Update. Anyways, this time I decided to focus on some issues other than ICT agreements or M&A and generally look at the market trends and views from the Nordic point of view. The main topic was discussed at the 5th IBA Global Entrepreneurship Conference "The Nordic model—rising up to the global challenge in Copenhagen" earlier this week.

One of the most interesting discussions was about how in Norway start-ups were able to get funding relatively easily, but the problem was that exits take place too early. After the panel, we actually continued discussions on the topic with my fellow colleagues from Sweden. I do not think that the question about the early exits was approached from the financing point of view. My personal view is that the exit stage usually coincides with hitting the "funding cap". By this I mean a stage when it is difficult for a growth company to get additional funding. Naturally, this stage where this funding cap exists, e.g., from €2 million upwards or something else, just varies slightly depending on the Nordic country in question. So in Finland, the exit stage is reached earlier than in Sweden for example. This would also explain why valuations in M&A context are higher in Sweden than in Finland—the companies in Sweden are developed further before exit as the funding cap is higher. Of course, there are other reasons as well, but it would seem to be quite human a trait that if there is a funding cap, additional growth starts feeling difficult and burdensome and next financing round would seem to require massive efforts and so forth, and therefore you start considering that it might be a good time to exit. Also by that time you might have already achieved enough to cover your personal expenses and paid your home mortgage, so this decision is even easier. On the other hand, it has been said that at least in Norway 2/3 of hirings are done by private firms so these entrepreneurs are also serving a valuable purpose. I would encourage anyone to find solutions to keep entrepreneurs interested in growing their companies even further and postponing this exit stage.

One of the main concerns we should all have is the low level of investments in R&D, especially in this global competitive environment in which we in Europe are lacking behind the US and China. While companies such as Amazon and Google have massively grown during the past few decades, we have not been able to establish quite similar success stories here in Europe. This can also be further be illustrated by looking at the R&D budget figures and activities of FANG (Google, Facebook, Netflix & Amazon):

And here, in this era of large platforms and massive concentrations of data why large platforms prevail and so many companies fail in data sciences? Well, in data sciences area it is not sufficient to have only one of the four described above, but you most likely need all four elements to create a winning strategy. 

Let’s take another topic that was discussed a lot in the conference as an example—GDPR, data protection and data security. This is an important subject but in the context of this blog posting when talking about Nordic firms and their competitive position in the global market, taking into account the insufficient investments in R&D, one can validly ask whether we have made a smart decision to invest such a large sum of resources in the protection of personal data and whether this investment is something that European firm can actually turn as a competitive advantage? One firm mentioned that they have spent approximately €3 million on GDPR compliance here in Europe, and therefore the valid question is whether the company will be able to earn back this investment? How long will it take? Or, if the company had spent, perhaps together with some other firms, the same amount on R&D focusing on the creation novel business models based on advanced data analytics or artificial intelligence, would it be in a better competitive position against its US or Chinese counterparts? In case of GDPR, this decision to invest has already been made so now it would be time not to be scared about the consequences and focus on sanctions and sanction levels, which I understand are interesting at least for lawyers but, instead, to focus on the creation of additional value, ways of turning data protection and privacy and the legislative framework into a competitive advantage for European firms. For Finnish firms, I do find it difficult to compete against these global platforms with our limited resources, but there are so many things to do "on top" of these platforms.

Looking forward to hearing your views on this and, in the meanwhile, have a splendid continuation of your week and greetings to all familiar and new faces at the IBA, we'll see you in Amsterdam next year!



Tuesday, 2 October 2018

Avoiding vendor lock-in with cloud solutions? six practical tips

Yesterday I posted feedback on Marsh & McLennan´s and FireEye's study that found that "companies in the European Union take three times longer than the global average to detect a cyber intrusion" and stated that this issue should also be taken into account in the financial sector outsourcing, e.g., due to diminishing control arising out of cloud infrastructure. 

Today I read about cloud strategies and vendor lock-in which actually gives an interesting angle to the above topic, and therefore I decided to write about this. The issue is topical also because Gartner forecasts that worldwide public cloud revenue will grow 21.4 percent in 2018 (see here). So to the main question: is it possible to retain more control and avoid vendor lock-in with cloud solutions?  Here it should be noted that term "control" is multi-faceted and in the financial sector this term also relates to the control exercised by financial supervisory authorities (FSAs) over their regulatory subjects. Here we do not address control from that perspective, but think generally about customer-purchased cloud services.

There are at least five main issues one should consider:
  • Due diligence, like in any case involving business-critical vendors: create a process for the selection of the cloud service provider and most importantly determine your goals;
  • Consider a multi-cloud strategy to avoid a single vendor scenario (read more from here);
  • Require an exit plan and check out potential costs;
  • Pay attention to data portability and ensure that you have an easy way of extracting the data;
  • Consider container technology or configuration tools (read more here)
From the contractual perspective we see more and more clauses of the type "no vendor lock-in" that  naturally also serve their purpose. These are slowly becoming a standard in diligently drafted ICT acquisition templates (although surprisingly many Finnish companies have not yet implemented this as a standard models). It might be an issue for a prudent drafter to consider updating. However, as we all know, most popular cloud agreements are still heavily beneficial for the cloud service providers and the reality for having this kind of additional clause in your company agreement may turn out to be impossible task. One could address this issue when dealing with managed service vendors or similar cloud brokers implementing your solution.

Splendid continuation for you cloudy day in Finland! Personally I head to Rome to enjoy IBA's 2018 conference and hopefully seeing many of you there as well!


Wednesday, 30 May 2018

Five Cases how Succesful Transactions are Created

Many studies indicate that even as high percentage as 70-90% of the M&A deals fail and often there are human elements behind. But given the percentage is as high as this one it is interesting to evaluate the opposite, when acquisitions actually create additional value?

Typical ways of value-creation include for example:

1. excess capacity removal from the market;
2. talent acquisition creating costs-saving;
3. tech or IP acquisition creating cost-savings (if compared to, e.g., in-house development expenditure, licensing also worth considering);
4. performance improvement or exploitation of industry scalability; and
5. successful selection of early-stage high-growth companies.

In the current economic environment where there are political risks, global economy is suffering turbulence, interest rates are low but valuations are high, some of the above "success types" are even more difficult to execute (depending naturally on the buyer's strategy).

Based on our experience from the past deals, in particular from tech & digitalisation -driven exercises, also different kind of legal insight and business acumen is required so that legal would contribute to this value-creation process in the optimal way!

As an example, in one of the exercises involving outsourcing of a tech team of very high-profile experts, we involved the personnel to the deal-making process in an exceptional way just to ensure that these persons, although subject to divestment but who are at the same time our crown-jewels, are motivated and incentivised appropriately. The end result was successful, but needed to be carefully planned to avoid unnecessary complications (as if M&A process is not sufficiently complex on its own).

So think, how do you plan to create additional monetary gains from M&A? Should you be interested in hearing our views how we secure this and create even more, feel free to contact and we are pleased to tell more!



Friday, 27 April 2018

Onko väite “cookiet käsitellään vasta ePrivacy Regulationissa” totta ja mitkä ovat 5 keskeisintä korjauskohtaa?

Yllä mainittu väite tulee usein esille yrityksien kanssa keskustellessa. Lähtökohtaisesti väite sisältää kaksi erillistä kysymystä: a) millä edellytyksillä cookie tai kotimaisesti eväste on tietosuoja-asetuksen mukaan henkilötieto itsessään tai yhdessä muiden tietojen kanssa; ja b) miten cookieihin tulisi GDPR:n aikana suhtautua vai tarvitseeko? Tässä käsitellään jälkimmäistä eli tulisiko evästeitä koskevat ohjeistukset uusia jo nyt vai voiko asian käsittelemisen siirtää tulevaisuuteen noin vuoteen 2020, kun ePrivacy ehkä tulee voimaan? 

Mitä cookiet ylipäänsä ovat ja miten ne toimivat? Teknisenä johdatuksen aiheeseen ohessa eräs verkosta löytynyt sitaatti:

"Cookies allow a Web site to store information on a user's machine and later retrieve it. The pieces of information are stored as name-value pairs.

For example, a Web site might generate a unique ID number for each visitor and store the ID number on each user's machine using a cookie file.

If you type the URL of a Web site into your browser, your browser sends a request to the Web site for the page (see How Web Servers Work for a discussion). For example, if you type the URL into your browser, your browser will contact Amazon's server and request its home page."

Evästeet alun perin kuuluivat sähköisen viestinnän tietosuojadirektiivin alaan (direktiivi 2002/58 / EY ja vuoden 2009 päivityksestä, direktiivi 2009/136 eli ns. "ePD"). Siitä tuli EU: n jäsenvaltioissa kansallista lainsäädäntöä asteittaisella täytäntöönpanolla johtaen kansallisiin eroihin ja toisin sanoen melko epäyhtenäiseen täytäntöönpanoon eri maissa. Tietoyhteiskuntakaaren 205§:n mukaan: 

"Evästeiden tai muiden palvelun käyttöä kuvaavien tietojen tallentaminen käyttäjän päätelaitteelle ja näiden tietojen käyttö on sallittua palvelun tarjoajalle, jos käyttäjä on antanut siihen suostumuksensa ja palvelun tarjoaja antaa käyttäjälle ymmärrettävät ja kattavat tiedot tallentamisen tai käytön tarkoituksesta. Edellä säädetty ei koske tietojen sellaista tallentamista tai käyttöä, jonka ainoana tarkoituksena on toteuttaa viestin välittämistä viestintäverkoissa tai joka on välttämätöntä palvelun tarjoajalle sellaisen palvelun tarjoamiseksi, jota tilaaja tai palvelun käyttäjä on nimenomaisesti pyytänyt. Edellä tässä pykälässä tarkoitettu tallentaminen ja käyttö on sallittua ainoastaan palvelun vaatimassa laajuudessa ja sillä ei saa rajoittaa yksityisyyden suojaa enempää kuin on välttämätöntä."

On olemassa useita aloja, joilla nykyinen ePrivacy Regulation luonnos ja GDPR ovat epäjohdonmukaisia ja aiheuttavat näin sivustojen omistajille monimutkaisuutta. Cookiet ovat yksi näistä. Teoriassa GDPR korvaa evästeiden kansalliset lait, mutta se koskee vain evästeiden osajoukkoa, joka käsittelee henkilötietoja, joten muut evästeet kuuluvat edelleen ePrivacy-direktiivin piiriin. GDPR:n soveltamisalaan kuuluvat evästeet voisivat vedota oikeusperustaan, joka ei ole suostumus, josta ilmeisimmin oikeutetut edut. Koska suostumus on ainoa oikeusperusta voimassa olevan ePD:n sisällä välttämättömiä evästeitä lukuun ottamatta, syntyy mielenkiintoinen tilanne, jossa ei-henkilötietointensiivisellä evästeellä, esimerkiksi eväste tallentaen tietoja näytön koosta, voi olla GDPR:ää tiukempia suostumusvaatimuksia. Tämäntyyppinen eväste ei tallenna riittävästi tietoja, jotta sitä pidettäisiin henkilötietoina, joten GDPR ei sovellu, mutta se ei myöskään todennäköisesti ole "ehdottoman välttämätöntä", sillä sivuston tarvitsisi vain nämä tiedot yhteen istuntoon. Se voi olla hyvä optimointia ja suorituskykyä varten, mutta se ei ole "välttämätön eväste".

Miten käytännössä GDPR:n voidaan arvioida vaikuttavan henkilötietointensiivisiin evästeisiin käytännössä ja mitkä viisi asiaa tulisi huomioida evästepolicyjä mietittäessä:

1) Implied consent eli "käytökseen perustuva suostumus" ei riittävä
2) Suostumuksen tapauksessa oltava oikeus peruuttaa
3) Peruutuskeinon oltava yhtä helppo kuin suostumuksen antamisen
4) Evästepolicyjen uusiminen huomioiden edellä kuvatut lainsäädännön jaon mukaiset erityyppiset cookiet tuntuu perustelluimmalta vaihtoehdolta
5) No track – asetuksia kunnioitettava

Nyt ei muuta kuin uusimaan cookie policyjä ja samalla erinomaista Wappua kaikille! Lisätietoja cookie policyistä ja niiden uusimisesta tästä linkistä!