Top Ten Regulatory Considerations for Executing Consumer and Retail Deals

Bloomberg Law is a comprehensive solution designed exclusively for transactional attorneys to help draft and finalize agreements more quickly and with better terms.

Melissa Sawyer Audra  Cohen

By Melissa Sawyer and Audra Cohen

Melissa Sawyer and Audra Cohen are partners in the M&A group of the New York office of Sullivan & Cromwell LLP. The authors are grateful for the assistance of Carlo Zenkner, an associate in the M&A group of Sullivan & Cromwell, in preparing this article. The views and opinions expressed in this article are those of the authors and do not necessarily represent those of Sullivan & Cromwell LLP or its clients.

Even though the consumer and retail industry is not typically considered a “regulated industry” compared to banking, insurance or energy and power, the regulatory landscape for consumer and retail companies has become increasingly complex in recent years. This complexity, in turn, can pose challenges for consumer and retail companies executing M&A deals. Now more than ever, acquirors of consumer and retail companies need to have a heightened focus on the key regulatory regimes that are relevant in the M&A context. This will usually include some or all of the ones described below.

1. Antitrust and Competition Law

During the past few years, the U.S. antitrust regulators—the Department of Justice (DOJ) and the Federal Trade Commission (FTC)—have pursued more aggressive theories with respect to defining relevant markets and assessing competitive effects of acquisitions, and they have instituted enforcement actions in connection with M&A deals. The termination of the Staples/Office Depot and Sysco/US Foods transactions are just two examples.

Most transformative deals with meaningful synergy opportunities involve some antitrust risk, and antitrust planning should be front and center in deal preparations. The planning should encompass not just analyzing whether the parties have overlaps that could raise a red flag for a regulator, but also working with outside counsel and, if necessary, economists to develop compelling arguments about why the deal is not anticompetitive and how potential issues, if any, can be resolved. These arguments are not always successful. In Staples/Office Depot, for example, the parties argued unsuccessfully that their competitors in the market for office supplies included Amazon and large discount retailers like Walmart and Target, not just specialized office supply stores. The FTC persuaded the court that there was a narrow business-to-business market for consumable office supplies in which only the merging parties had a significant presence.

For transactions with a cross-border component, it is also important to assess what jurisdictions outside the U.S. may require the parties to make filings or secure approvals and the potential time frame for securing the approvals. The E.U. has a well-established procedure for handling competition law filings, whereas some other jurisdictions have more opaque and seemingly less objective processes. For example, media reports suggest that some jurisdictions have competition law enforcement policies (recently, particularly in connection with technology-focused businesses and licensing) that are influenced by protectionist policy goals.

2. FCPA and Anti-Bribery

Investigations and enforcement actions under the Foreign Corrupt Practices Act (FCPA) and anti-bribery statutes in other jurisdictions are a serious issue for companies in the consumer and retail industry. In the last three years, Hitachi, Goodyear Tire & Rubber Company and Mead Johnson Nutrition have all paid fines, penalties or settlement amounts due to alleged FCPA violations. The Securities and Exchange Commission (SEC) has stated it will enforce the FCPA to its “fullest extent,” and the DOJ and the SEC fines for FCPA violations totaled $1.25 billion in the aggregate in 2014. In addition to potential monetary penalties, acquirors may also be subject to reputational risk for FCPA violations and have exposure to related civil suits. Therefore, it is critical for an acquiror to diligence not only a target's FCPA policies and procedures, but also to attempt to develop an understanding of the risk profile of the transactions and countries in which the target operates. In some cases, the acquiror may even need to retain an outside consultant to perform transaction testing.

FCPA risk assessments are particularly important for acquirors looking at targets that operate in territories where bribes, unrecorded transactions or other “favors” were historically considered to be customary local business practices and in industries where the target interacts regularly with government officials. This may be the case for consumer and retail companies that manufacture, supply or distribute alcoholic beverages, tobacco products, firearms or certain other “vice” or regulated products, or that conduct business or manufacturing activities in developing countries that give officials substantial discretion in how they enforce import/export controls or licensing requirements.

3. Cybersecurity Issues

There have been a number of high-profile data breaches involving retail and consumer companies. Retail companies are particularly at risk if they retain consumer data or accept, process or store cardholder or other payment data (including via mobile apps). Just because a target has not publicly reported any data breaches, this does not mean it is free of data security risks. Breaches can go undetected for months or years, as evidenced by Yahoo's recent announcement that it just discovered it had suffered a breach two years earlier, creating problems (such as FTC enforcement or civil cases) long after a deal has closed.

Breaches of a target's cybersecurity, especially those which result in the theft of consumers' personal data, can have an effect on the reputation and valuation of a business, especially if accompanied by significant negative publicity. Accordingly, an acquiror must understand whether cybersecurity is a key focus of the target's business. In addition to diligence on the policies, systems and business processes of the target, an acquiror should assess whether senior management of the target has devoted adequate management time to (and has a sophisticated understanding of) the target's cybersecurity protections and potential risks. The cost of implementing and/or improving cybersecurity systems and infrastructure to an acceptable level should also be factored into the acquiror's valuation of the target.

In the M&A context, the parties to the transaction need to agree on the appropriate allocation of the risk of a cybersecurity breach that occurs between signing and closing, as well as, in private deals, the risk of post-closing breaches that result from systemic issues in the design of the target's network pre-closing.

4. Counterfeit Goods, “Grey Market” Sales and FTZs

Consumer companies are continuously looking for ways to leverage their global supply chain to reduce manufacturing costs. This benefit is accompanied by risks, including the possibility of having goods counterfeited at the place of manufacture or by other actors in the same geographic location. Once evidence of counterfeiting has been identified in diligence, an acquiror needs to determine the damage to the business and whether patent and trademark enforcement, or other action, is a realistic or economical remedy.

Patent and trademark enforcement (or seizure orders) can be challenging for consumer and retail companies. Remedies can take time to obtain and, in many cases, the infringing party may be an inadequate source of monetary recourse. Rather than relying solely on post-transaction remedies, an acquiror should ensure that the patent and trademark portfolio of the target is appropriately registered and protected in each key jurisdiction in which the target operates, as well as consult local counsel to understand the effectiveness of enforcement remedies.

Consumer and retail companies should also take care to diligence the extent to which the target's products are being sold on the “grey market.” “Grey market” sales, although not necessarily illegal, are usually carried out by third parties operating outside of official distribution channels (often by sourcing goods from other markets to take advantage of price disparities). For those companies that tailor their products to different markets, a thriving “grey market” can undermine local consumer perceptions of a product and, therefore, brand equity (and consequently, deal value).

Several jurisdictions also operate a system of free trade zones (FTZs). While consumer and retail companies can benefit from the logistical advantages these FTZs offer, it is important to ensure that operational due diligence on a target covers an investigation of whether goods have been sold out of a FTZ into the domestic market without paying the appropriate duties and complying with the appropriate clearances, import/export licenses and quotas.

5. Environmental Risks

Environmental issues can result in fines from regulators in the U.S. and China, among other jurisdictions. They can also severely damage the reputation of a business. As a result, an acquiror should be aware of any potential environmental violations by the target. For example, in May 2013, Walmart pleaded guilty to six counts of violating the Clean Water Act in connection with illegally handling and disposing of hazardous materials at its retail stores across the country, resulting in $81 million in criminal penalties. Walmart also settled with the EPA and paid $7.6 million in civil penalties due to related RCRA and FIFRA violations.

The acquiror should also be aware of a target's potential violations of state and local environmental laws. State and local authorities, especially in California, are quite active in environmental enforcement. Lowes, TJX Companies and Albertsons were all defendants in civil suits brought by district attorneys in California in environmental enforcement actions. The actions alleged that retail stores of these companies throughout California unlawfully handled and disposed of various hazardous wastes and materials. The companies settled and were ordered to pay civil penalties collectively totaling $23.9 million.

Consumer companies, not just retail companies, may also be at risk of environmental compliance issues. This could be the case, for example, for consumer companies that own and/or operate manufacturing facilities.

6. Currency Controls and Repatriation of Funds

Repatriation of foreign earnings may be limited by foreign currency regulations, U.S. and foreign tax laws, including U.S. restrictions on inversion transactions and newly proposed guidance on related-party debt/equity characterization, or not be economical due to the tax rates imposed in connection with repatriating such earnings. Although the details are beyond the scope of this article, acquirors should consider with their tax and financial advisors how to value any acquired cash that is located in non-U.S. jurisdictions. Some companies doing business in Venezuela, for example, have converted those businesses to the cash method of accounting due to uncertainty regarding their ability to extract dollars from the country. If the acquiror is seeking to finance the acquisition using foreign earnings or through borrowings at its U.S. entities, it and/or its financing sources should give consideration to any tax leakage that may result from accessing the target's foreign earnings.

Targets should pay particular attention to acquirors from jurisdictions that have currency controls. For example, there were reports that China's KingClean failed in its bid for German coffee machine maker WMF because it could not transfer enough funds offshore by a deal deadline, and the business was ultimately sold to a European buyer. Even where issues with currency controls are not anticipated, it can take weeks to get the appropriate permissions, which may put an acquiror at a relative disadvantage in an auction process, and a target in an uncomfortable situation where there is a need to complete an acquisition expeditiously.

7. Non-GMO/Organic Issues

The consumer food industry is subject to a range of sourcing regulations across various jurisdictions. For example, the European Union, Japan, Russia and China have mandatory GMO labelling. Despite chemical, agricultural and food companies spending over $100 million on anti-GMO labelling campaigns in four US states—Oregon, Colorado, California and Washington—in August 2016, President Obama signed into law the Safe and Accurate Good Labeling Act, which requires food manufacturers to clearly label products that contain GMOs. For targets with a complex supply chain, the new federal law creates a minefield of potential compliance issues that an acquiror needs to understand.

Comparable issues arise when an acquiror is seeking to acquire a business with “organic” or other certifications (such as Danone's recent pending acquisition of WhiteWave Foods). In this context, the acquiror must ensure that the production processes continue to be in compliance with the regulations associated with these certifications. This may have a bearing on the anticipated synergies of the deal, if such processes are different from the production processes used by the acquiror in its own manufacturing.

8. Product Liability/Defect Issues

Consumer and retail companies have long operated under substantial risk of regulatory action and potential liability relating to product contamination or defect, especially businesses in the food and beverage industry. Recalls, such as Kraft's recall of 6.5 million boxes of macaroni and cheese or General Mills' recall of Gold Medal Flour, can cost millions of dollars in operational costs alone, and expose the company to product liability and mass tort litigation. The potential for reputational damage from product contamination or defect is also significant, as seen by the decline in Chipotle's sales following its foodborne illness crises. Similar effects can be felt in non-food businesses, such as Lululemon's loss of one-third of its market value after complaints that a line of its yoga pants was sheer (resulting in a recall and destruction of the faulty garments).

Acquirors can attempt to mitigate their risk in several ways. Firstly, a comprehensive diligence exercise, with particular focus on product safety processes and procedures, the target's insurance coverage (including whether a change of control transaction will invalidate the insurance, or whether, in a carve-out sale, the benefit of any seller group-wide policies can be passed to the acquiror) and areas of concern within the relevant industry, can help with the identification of any specific risks. Secondly, in any negotiation for the purchase of part of the business of a seller, the acquiror should consider negotiating for a contractual allocation of risk for product liability issues. A stronger case for the seller retaining a share of the risk can often be made if due diligence has identified specific areas of concern.

9. Child Labor and Slavery Issues

While most companies selling into the U.S. market adhere to strict policies to prevent the use of child labor and slavery in manufacturing, acquirors should pay close attention to the audit process by which the target confirms it does not use child or slave labor in its production process. Particular issues can arise in the use of third-party subcontractors or providers (whether directly or indirectly engaged by the target). For example, in 2016, human rights organization Amnesty International accused Apple, Samsung and Sony, among others, of failing to do basic checks to ensure cobalt used in lithium iron batteries in their products is not mined by children.

Certain jurisdictions ( e.g., California's Transparency in Supply Chain Act) have statutes requiring disclosures relating to slavery and human trafficking in supply chains. Costco and Nestlé have both been the subject of consumer lawsuits pursuant to such statutes. Equally, if not more important than the statutes, can be the reputational damage to a brand if child or slave labor is used in the supply chain. This is particularly important for companies whose brand perception includes “ethical sourcing” or those that sell to consumers in jurisdictions where child and forced labor are “hot button” issues. Although it will often not be practical for an acquiror to visit or diligence all supply chain operations, a due diligence exercise should include discussions with target's senior management on this issue, as well as requesting both internal and third-party supplier operating codes relating to labor.

10. False Advertising

As well as the risk of extensive reputational damage, false advertising can bring with it civil charges. For example, in January 2016, consumer retailers Bed Bath & Beyond, Nordstrom, JC Penney and were fined a total of $1.3 million by the FTC for misleading environmental labelling. The companies settled the FTC charges and were barred going forward from labeling and advertising rayon textiles as made of bamboo. In January 2013, Amazon, Macy's, Sears and Leon Max (a women's clothing retailer) agreed to pay a combined $1.26 million to settle similar claims.

For larger scale M&A relating to consumer and retail businesses, false advertising claims are unlikely to move the needle by themselves. However, they can be an early warning sign of lax internal regulatory compliance. Acquirors in the food industry should pay particular attention in their diligence to verifying any target claim of “all natural” or other nutrient content claims. Such claims, if not true, can result in class actions under state specific statutes ( e.g., in California).

The issues discussed above highlight the importance of a comprehensive diligence process to understand and identify the risk areas for a particular consumer or retail target. Understanding those risks is the first step in figuring out how to ameliorate them ( e.g., through risk sharing with the seller, or through appropriate representations and warranties) or whether the risk profile of the target affects the price an acquiror is willing to pay. Those who continue to view consumer M&A as a business area with limited regulatory overlay underestimate the complexity of this market sector and the risk profile associated with industry targets.

Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Transactional on Bloomberg Law