The huge upheaval of Covid-19 has left many businesses more vulnerable than ever to ransomware attacks. Criminals are looking to capitalise on the disruption by executing sophisticated and dangerous cyberattacks. This year, ransomware has been at the centre of several high-profile corporate hacks. It is emerging as a key threat to the security of private equity firms, their portfolio companies and advisers.
Ransomware is a significant threat to every business in every sector, but private equity (PE) firms face specific challenges that can only be tackled with well-conceived and robust plans.
Ransomware costs businesses about $75bn per year, and the sums hackers seek to extort from organisations have increased sharply over time. The impact of ransomware does not stop with the ransom itself. The average cost to businesses of ransomware-related downtime can be five to 10 times the cost of the ransom itself, and ransomware has profound second-order effects on operations and business continuity.
Private equity firms occupy an unusual space when it comes to cybersecurity. They must take steps to secure themselves, but also have intimate relationships with their portfolio companies throughout the duration of their ownership.
Cybersecurity due diligence on prospective investments is more important than ever. Seeking appropriate contractual protection as part of the deal documentation should a ransomware attack occur or be discovered post signing is also vital.
During their period of ownership, some PE firms may adopt an approach that centralises support for portfolio companies. However, most PE firms will require their portfolio companies to get on with the job of securing themselves by implementing appropriate governance and risk mitigation strategies to deal with cyberattacks, with the PE firm having some oversight.
Before assuming ownership, carrying out cyber due diligence on prospective targets could be as critical as the financial or operational due diligence that is par for the course.
If a ransomware attack is discovered pre-deal, then it is important to fairly and accurately price the impact into the transaction (assuming the deal proceeds). This includes indemnity protection for any fines or claims, and detailing any steps the target company may need to take before closing in order to reduce the risk of further attacks. Parties may also agree to a more detailed cyber investigation, which can unearth evidence of prior ransomware attacks and more properly assess the risk of future attacks.
If due diligence throws up concerns, or if there is material risk of a damaging future attack, then negotiating appropriate contractual protection in the sale and purchase agreement will be critical. Including a specific provision allowing the purchaser to terminate the contract should a ransomware attack come to light pre-closing is one route that could ease worries.
For many PE firms, a core part of their offer to target companies is their network of top advisers across different professional services. As well as building bridges between their portfolio companies and expert legal or financial counsel, investors should look to connect their portfolio with best-in-class security expertise.
Post-deal, if a ransomware attack should come to light, it is vital to check whether the attack actually occurred pre-closing, and whether it is covered by a warranty or any contractual indemnity. There is often a delay between an attack occurring and the ransomware demand being made. Putting in place risk architecture in this area that is appropriate to the risk profile of the new portfolio company should be part of the business plan for that portfolio company.
If an exit is near, it may not make sense to “pool” that business with the rest of the portfolio in terms of cybersecurity oversight.
It is also crucial to understand third-party and supply chain risk. Supplier contracts may not be clear on the liability of different parties in situations where assets are compromised or put at risk. PE firms should look for indemnities where possible against this risk being transferred to the end customer or shareholder.
Suppliers may try to claim force majeure exemptions if they suffer a ransomware attack. Unfortunately, under GDPR the customer and supplier are jointly liable for any ransomware that affects personal data.
The speed at which criminals are moving means that new variants of ransomware are springing to life all the time. Finances and data are not the only assets at risk: the knock-on effects of ransomware on general business operations and the potential for severe reputational damage are very real.
The good news is that there are frameworks available by which PE firms can better manage cyber risks – their own, and those of their portfolio companies.
Choosing the right degree of oversight, and communicating that strategy to the portfolio and other stakeholders, is a marker of good governance.
Lorenzo Grillo is managing director, cyber risk services at consultancy Alvarez and Marsal, and Ashley Winton is a partner at law firm McDermott Will & Emery.
Europe’s 50 Most Influential in Private Equity
The third annual list of the 50 Most Influential People in European Private Equity, compiled by Private Equity News and Financial News
The pandemic has slowed down dealmaking and made it trickier to raise funds this year, but that hasn’t stopped the executives featured on this year’s list. Deals have been done via conference call and funds have beaten targets despite being raised in the middle of lockdowns.
ESG has been a consistent feature in 2020. The industry has tended to lag mainstream investment firms when it comes to environmental, social and governance issues, but these themes featured in many of the entries, with firms stepping up their efforts and ensuring that their portfolio companies do the same. Some have also raised funds for organisations responding to healthcare and social needs arising from the Covid-19 crisis.
Here is a selection of the executives chosen for the list. The full 50 can be found here https://www.fnlondon.com/articles/private-equitys-top-dealmakers-fundraisers-and-advisers-in-europe-20201130 Source: https://www.penews.com/articles/europes-50-most-influential-in-private-equity-20201130
From climate change to free-trading apps, brace for an aggressive SEC under Biden, experts say
The trajectory of SEC policy depends on whom Biden nominates to fill the role
US President-elect Joe Biden will have the opportunity to nominate a new chairperson of the Securities and Exchange Commission starting 20 January, and given the likelihood of congressional gridlock next year, the choice could be one of the most consequential decisions he makes for financial markets and the economy in the coming years.
Current SEC Chair Jay Clayton, who has announced that he will step down from the role at the end of the year, has been the subject of praise from business leaders and criticism from advocates for stricter regulation of financial markets. A Biden nominee could work to reverse some of Clayton’s deregulatory agenda, experts say.
The trajectory of SEC policy, however, depends on whom Biden nominates to fill the role. Reports suggest that top candidates for the SEC under Biden include Gary Gensler, former head of the Commodity Futures Trading Commission, Preet Bharara, former US Attorney for the Southern District of New York, or former Democratic SEC commissioners Kara Stein or Robert Jackson Jr.
Regardless of the nominee, however, investors should expect a more energetic SEC that will work to broaden what public companies must disclose and bring a wider array of enforcement actions against financial firms and actors, according to Chester Spatt, professor of finance at the Tepper School of Business and former chief economist at the SEC. “The classic orientation is Republican regulators have tended to view investor protection issues relatively narrowly and Democratic regulators have viewed it expansively,” he said.
Here are five areas investors should look for a new chair to focus on:
For years, Democratic lawmakers have pressured the SEC to require public companies to disclose more information about how climate change will impact their businesses. They argue that the growing threat of climate change will affect the entire global economy, and investors must have information on how public companies are dealing with these changes in order to make informed investment decisions.
“In order for the SEC to make sure that companies stay honest, disclosure rules have to keep up with changes to our economy and one of the biggest changes bearing down on our economy is climate change,” senator Elizabeth Warren, Democrat from Massachusetts, said during a Senate Banking Committee meeting on 18 November.
Liberal Democrats like Warren hope that a new SEC chair will implement rules that require all public companies to report how climate change poses a risk to their companies, but Craig Miller, partner at Manatt and leader of the firm’s financial services practice, told MarketWatch that a new chair could take a more conservative approach by prodding individual companies to disclose risks without mandating that all companies do.
Each year the SEC publicly presents letters to companies critiquing their disclosure practices. “The comment process can hit big companies first,” he said. “Those letters are now public and those requirements will trickle down to all the other companies.”
One area in which Clayton worked to force companies to disclose more information was human capital – with a new rule that says companies must disclose information about their employees and workforce management.
However, “The SEC didn’t provide a lot of guidance as to what that disclosure needs to look like,” Miller said. “They left it up to the public companies.”
Democrats are eager for the SEC to provide much more detailed guidance as to what they’d like to see included in the disclosures, including employee turnover rates, amounts spent on employee training, whether workers are full-time or contract and data on workforce diversity. A Democratic appointee could be much more aggressive in this regard.
The Clayton SEC has publicised that it has brought a comparable number of enforcement actions and examinations as his predecessor did during the Obama Administration, while winning a record amount of penalties against financial firms, totaling $4.7bn, helped by a $3bn combined settlement with the Department of Justice against Wells Fargo.
But commissions observers say these data can be misleading. “A lot of their cases were on the same topic,” said Amy Lynch, a former SEC regulator and president of FrontLine Compliance, adding that the number of actions brought doesn’t tell the whole story with regard to the quality of enforcement actions.
“The previous administration was so anti-government, and it did a lot to prevent the SEC from taking action,” she added.
Healthy Markets’ Gellasch agreed. “It’s not the number of cases that matter, it’s the quality of cases that matter,” he said. “The SEC should be aggressively ensuring compliance by all market participants – regardless of firms’ size, and not just chasing a few big dollar cases or whacking the smallest firms,” he added, predicting that a Democratic SEC would take a much harder line on financial misconduct.
Clayton continued an effort started by his predecessor to move markets away from a controversial practice whereby stock exchanges pay brokers rebate fees for directing trades to them, potentially setting up a conflict of interest.
A pilot programme aimed at understanding the impact of barring these so-called “maker-taker” payments was launched in 2018, but a federal judge forced the SEC to stop the practice in June.
Former SEC chief economist Spatt said that this won’t be the final word on reforming market structure. “Clayton’s views on market structure might line up pretty well with Democratic regulators,” he said. “There may be more efforts to push on the relationship between brokers and exchanges.”
Free trading apps
Another area that may draw interest from a Democrat-controlled SEC are the plethora of new smartphone applications that allow often young and inexperienced traders to speculate on complex instruments, like stock options and futures.
During a Senate Banking Committee hearing 18 November, Democratic senator Catherine Cortez Masto of Nevada brought up the story of a young college student who committed suicide after believing that he owed investing app Robinhood more than $700,000 due to complex options trades.
The company did not immediately respond to a request for comment, but told MarketWatch in June that “all of us at Robinhood are deeply saddened to hear this terrible news and we reached out to share our condolences with the family.”
Clayton told the committee that the SEC recently released guidance to online platforms saying that “you need to make sure the people who are trading these instruments have the capability to understand those instruments.” A Democratic SEC may lead a more aggressive crackdown on these applications and the use of complex instruments.
City warns of new pressure from Paris in battle for London’s finance crown post-Brexit
The French are expected to put pressure on other EU member states to close London’s perceived loopholes
Paris is opening a new front in its battle to win business from London in the wake of Brexit, senior City figures have warned.
The French are expected to put pressure on other EU member states to close what Paris sees as loopholes allowing UK firms to access some EU markets even without broader agreements on regulatory equivalence.
Individual EU members have their own long-standing national rules governing market access, with countries such as Germany and the Netherlands having much more open regimes than France.
“The concern is that Brussels will try to harmonise at a more closed and protectionist regime, like France,” says one senior City official.
Brussels has refused to reciprocate UK government moves allowing EU-based firms to access UK financial markets by declaring regulatory equivalence. But some City firms are planning to make use of the more liberal rules on market access in countries such as Germany.
Barney Reynolds, head of financial services at lawyers Shearman & Sterling, says firms can use these national rules and the technique of “reverse solicitation” to continue providing some services to clients from London.
“It is a mistake to think of the EU as a bloc. For many practicalities of law, it is still a bunch of individual countries,” he says.
Alan Houmann, head of European government affairs at Citigroup, says European Commission officials have made clear they are unhappy with having different terms of entry to EU markets which they see as “loopholes” in the EU. “I have no doubt whatever that is under review… That is a very interesting debate coming up in the very near future,” he told a City & Financial conference on the UK’s post-transition regulatory regime.
James Chew, head of regulatory strategy at HSBC, says the lack of progress in talks on EU-wide access for UK firms has put a much greater focus on bilateral access. He told the same conference that it would be difficult for the EU to harmonise these rules as the national arrangements were the result of relationships that had evolved over many years.
According to Reynolds, there is a clear split between the relatively open northern EU countries and some southern countries led by France which are more protectionist.
In a report for UK Finance, lawyers Slaughter and May found that “certain national licensing regimes contain market access mechanisms which would be available to mitigate, to a limited degree, some of the risks” posed by the lack of broader access agreements. For example, investment banking sales and trading services can be provided largely unrestricted into Ireland but not into France, with Germany somewhere in the middle.
Although the French may try to impose their model on the rest of the EU in the hope of winning more business, Reynolds doubts they will succeed. “The French will not prevail in my view because that would not be in the interests of other member states – or in fact themselves, longer term.”
But other City observers are less sanguine, pointing to the very hard line EU negotiators, led by French former services commissioner Michel Barnier, have taken on finance.
While financial services are largely excluded from the main UK/EU trade talks, the City had hoped that EU regulators might make some regulatory equivalence determinations before the transition period ends. But EU officials have made clear they will not make most equivalence assessments before the end of the year, arguing that the UK has not provided enough information on any plans to diverge from EU rules in future.
Chancellor Rishi Sunak recently announced equivalence decisions that will allow UK customers to use EU-based exchanges, clearing houses and benchmarks. But EU moves have been limited which Katharine Braddick, head of financial services at the Treasury, has described as “regrettable”.
The Commission has declared the three UK clearing houses used for derivatives trades as equivalent for 18 months, and EU regulators have made some further concessions designed to avoid chaos in the derivatives markets. But Brussels has still not said it will allow EU firms to use share trading platforms in the UK. As a result, Goldman Sachs has just announced it will open a trading hub in Paris to serve its EU clients.
The City is hoping that the EU will make some additional concessions before the end of the year to minimise disruption. But it is the outcome of the trade talks that will be more important for the City in the longer term, even though they have little direct impact on financial services.
City leaders fear that a no-deal outcome would badly sour relations, making it more difficult to reach agreements on regulatory equivalence. It could also bolster French efforts to persuade other member states to change their national rules, and pull up the drawbridge.
David Wighton is a columnist at Financial News
Don’t Get Hoodwinked by Hidden Bitcoin Trading Fees
Yearn Finance Continues Growing with Latest DeFi Acquisitions
UMKM EXPO(RT) Brilianpreneur 2020 ofrece el escenario mundial para más de 400 MSME indonesias líderes
Win Huge Crypto Promos at Sportsbet.io
Cinco naciones se unen para lanzar la Organización de Cooperación Digital para lograr un futuro digital para todos
Targi UMKM EXPO(RT) Brilianpreneur 2020 – globalna scena dla ponad 400 najlepszych małych i średnich przedsiębiorstw z Indonezji
Play Neon Rush: Splitz at BitStarz Casino
Tezos, Augur, Verge Price Analysis: 30 November
Carleton ‘Holly’ Hollister’s New Book ‘Getting There’ is an Encouraging Journey That Helps Individuals Attain Personal and Professional Fulfillment in Life
Joel Schlesinger’s New Book ‘The Risk-Takers: American Leaders in Desperate Times’ is a Compelling Read That Delves Into America’s Brand of Leadership Throughout History
Wanda Fowler’s New Book ‘Belle’s Story’ is a Heartwarming Tale About a Little Dog’s Journey of Finding Her Perfect and Eternal Home
Carol Stern’s New Book ‘The Tiny Lamb’ is a Meaningful Tale About Believing in Oneself and One’s Purpose
Julia Haynes’ New Book ‘As He Said’ Accounts a Riveting Tale in a Town Challenged by New Rules and New Systems
Sentinel Midstream’s “Texas GulfLink” Deepwater Port Achieves Major Milestone
S&P Global and IHS Markit to Merge in All-Stock Transaction Valuing IHS Markit at $44 Billion, Powering the Markets of the Future
Top Crypto Gifts for the 2020 Holiday Season
Bitcoin’s Weekend Bullish Rebound is “Fakeout,” Analyst Explains Why
Europe’s 50 Most Influential in Private Equity
Malta AI & Blockchain Summit CEO: Malta Intends to Remain Pioneer in Digital World
Bitcoin Recovers After Sharp Drop Below Support
Press Releases1 week ago
Picosun’s medical ALD solutions enable safer surgeries
Venture Capital1 week ago
The Information’s 411 — Dark Side of the Loon
Venture Capital1 week ago
Airbnb’s Chesky Takes Far Lower Salary Than Most Tech CEOs at IPO
Venture Capital1 week ago
Chinese Self-Driving Startups Plus and Hesai Considering Going Public
Blockchain1 week ago
Chainalysis Sees Raising $100M in Venture Capital at $1B Valuation: Report
Press Releases1 week ago
Catalyst Cannabis Co. Applauds the Decision of the City of Oxnard to Revise and Revisit Its Retail Cannabis License Process
Press Releases6 days ago
‘HettichXperiencedays’ 2021 – Hybrid Event Platform Shows Hettich’s Expertise Worldwide
Press Releases1 week ago
Microdose Presents The Mushroom Conference: A Molecular Masterclass