A few years ago, I had a great idea (I might be a bit biased about my ideas). The idea was to selectively but persistently...
refactor and modernize our legacy software products and turn them into a technology platform. The design goals of this platform were:
- It would utilize common services (user authentication, common communication tools, common architectures, etc.).
- It would be built on a microservices-API-centric architecture.
- It would give us options to buy versus build (historically, we built everything); for example, why build a user store when we can buy one? Why build a rules engine when there are others who specialize in this software?
- It would separate the user experience layer from the business logic layer and the business logic layer from the data layer. (Our legacy software products jumbled all three together.)
The rationale for this project -- and it became a pretty big project as we had a lot of code to refactor and modernize -- was that doing this work would allow us to innovate faster by using an existing set of services rather than building new services each time we created some new functionality. The new technology platform would also let us integrate with our clients' systems, with other applications and services -- and with other platforms.
At the time, I thought that my hard work would be making sure this approach actually worked. I was wrong.
While it took time and a great staff to implement this new technology platform, now that the work is somewhat complete, we can do the things listed above plus innovate faster plus pursue acquisitions. Which brings me to the topic at hand: managing acquisition risks.
Acquisition risks for IT
All acquisitions today involve some level of technology integration. As noted, our new technology platform -- this tremendous effort to modernize our legacy software products -- has also allowed us to do more acquisitions, and that has meant more work for me. More effort, more responsibility and more risk. We are in the midst of an acquisition right now and it is work.
In my career, I have been involved in pretty much every aspect of acquisitions -- from the initial searching for target acquisitions to the business modeling to the due diligence to the integration to the post-mortem -- and I have learned that acquisitions are risky because they introduce uncertainty and complexity, and uncertainty and complexity create risk.
My first rule of acquisition preparation is to define the specific drivers of uncertainty and complexity and then take specific steps to reduce the uncertainty and complexity. What are the drivers of uncertainty and complexity? It depends on the type of acquisition.
Acquisition risks associated with four types of acquisitions
I classify acquisitions into the following categories:
Subsidiary acquisition: We acquire a company (or product) and let it run as it did before. We operate as a holding company in that we own the company but let it operate independently. The acquisition risks of this type are pretty low -- as long as the acquired company (or product) continues to perform.
Product acquisition: We acquire a product or products and move the acquired products into our product lines. We might end up reducing the operations of the acquired company because what we want is their products. Some years ago, I worked for a company that mastered this type of acquisition. We would find a compelling but regionally constrained product, acquire the company that owned the product and move the product into our global sales and distribution system. From a risk perspective, I like the odds on the acquisition risks associated with this type because we control our destiny -- we get to decide how we move their products into our portfolios.
Customer acquisition: We want the company so that we can transition its clients to our products. This type is tricky because it could very well be that our acquisition target is a competitor to us and those clients -- that we want to move onto our products -- chose against us some years ago when they selected our competitors' products. Somehow, some way we need to convince these customers to change their minds and want to do business with us. Because of this uncertainty, this acquisition can be pretty risky.
Full integration: We do a technology, sales, marketing, business process and rules, and cultural integration. We consume the acquired company. In my experience, this type is the most complex and uncertain and, therefore, the most acquisition risks.
All of these types of acquisitions -- including the holding company, as there might be some good technology synergy opportunities -- require some IT work.
This brings us full circle to the notion of a technology platform of common services that can support whatever the future might hold. As for myself, I never want my technology to be a barrier to a good business decision or acquisition.
I am human; therefore, IT security doesn't come naturally
How to communicate: Tell stories