This sample guide outlines the role of internal auditors in the mergers and acquisitions (M&A) process.
As boards are taking a more active oversight role in these deals, they will need assistance to evaluate the risks independently and understand if management is providing the appropriate risk management planning and execution for these transactions. The internal audit function should seek to become involved as early as possible in the M&A process and provide value-added assistance by conducting a risk assessment, including assessing the corporate strategy process, especially as it relates to growth by acquisition.
Internal auditors’ involvement in the mergers and acquisitions lifecycle includes M&A strategy and target screening, due diligence, and integration. Key success factors include obtaining early and ongoing support of executive leadership and the audit committee; collaborating early and often with external auditors and other compliance groups (e.g., Sarbanes-Oxley); conducting regular touch point meetings with management; participating in executive steering committees; meeting and strategizing with management early in the planning process; performing a robust risk assessment to prioritize resources and efforts; participating throughout all phases at the program/project level; and communicating frequently with project management to provide guidance on key risk areas.