The merger and acquisition scenario seems pretty upbeat for the coming year. According to various research studies and reports, global M&A activity will be on the rise in 2018 with the first quarter expected to witness a positive beginning that would pick up gradually in the subsequent quarters. The positive mood in the global market and the fall in inflation in emerging economies have paved the way for a conducive M&A atmosphere but the upcoming General Data Protection Regulation (GDPR), to be implemented by the European Union (EU), has raised concerns among businesses.
What is GDPR?
GDPR is a regulation that was adopted by the European Parliament in April 2016 and will be implemented on 25 May 2018. It is a regulatory act that seeks to protect the personal data and privacy of EU citizens.
Its impact on M&A deals
The GDPR is a framework for regulation of data belonging to the EU citizens. All the companies that make use of this data have to comply with the new rules and as far as the M&A activities are concerned, the regulation will have the most impact on the due diligence process. The acquiring company will have to be more alert during this process and will have to evaluate the skills and processes of the target as to how the latter collects, stores, uses and transfers the personal data of its customers. The acquiring company will have to carry out stricter scrutiny so as to make sure that the target complies with the GDPR rules.
Ensuring GDPR compliance
Companies can ensure a smooth merger/acquisition in sync with GDPR rules by:
1. Ensuring full understanding of how the company’s data moves from place to place
2. Weaving privacy into design
3. Hiring a data privacy officer to make sure GDPR rules are followed
4. Setting up and implementing a data security strategy
5. Grading the data according to level of secrecy and conducting risk assessments at necessary intervals
The advent of GDPR will surely have an impact on the M&A deals across the globe and though it means more work on the part of businesses, it is not something to be dreaded. There are still five months to go before the regulatory framework comes into effect and during this period, companies can take appropriate measures to understand the GDPR rules and put in safeguards at the necessary points to ensure data protection.
Read and download the complete Intralinks Deal Flow Predictor Q1 2018 here to also know about applying artificial intelligence and machine learning to M&A deals.