By Glenn Hayward, CEO at Com Laude
Last year, deal makers around the world announced $5.1 trillion worth of M&A transactions; this was up by 34% when compared to 2020. In 2022, the M&A market can expect another strong year as businesses continue to recover and bounce back from the pandemic.
While high levels of M&A activity signal a healthy economy, businesses going through M&As often leave the door wide open for bad actors. Bad actors are sophisticated cybercriminals and opportunists who are ready to take advantage of businesses that are changing roles, responsibilities, systems and services.
A key component of business infrastructure is a company’s domain name portfolio; however, this can often be overlooked during an M&A – both in pre-deal due diligence and in the post-completion integration phase. As two businesses merge, domain names all too often slip through the cracks of management responsibility. With an exposed domain portfolio, businesses are left vulnerable, forced to deal with a myriad of issues relating to brand protection and cyber security. A loss of online customer traffic will be only the beginning of the worries for the business.
So, let’s explore some actionable insights in relation to these assets – where the principles of ownership, control and risk management feature heavily.
Prioritising transferring domain ownership
When a business is going through an M&A event, the integration plan often includes the formation of new teams with fewer roles (due to planned cost synergies). As responsibilities are allocated, domains are often neglected in the transition. This can lead to domain registration rights leaving with the person who originally registered them, or with the registration remaining with an old (and redundant) email address from the acquired company. Control is already being eroded.
While domain name portfolios feature in share purchase agreements, it is usually in a schedule to the agreement setting out a simple domain list. More often than not, legal undertakings address initial control but do not address the transfer process to another legal entity where control is required going forwards. It is vitally important therefore to retain the services of a trustworthy corporate domain manager to ensure that, post deal, the domains are securely consolidated to the acquiring party. The process of updating the legal registrant to the correct entity, ensuring the names are delegated to resolve to the correct name servers and updating contact details to, ideally, role-based email accounts, will ensure the security and good husbandry of the portfolio going forward; providing sound brand protection, as part of a robust domain strategy.
Audit all domain portfolios before an acquisition announcement goes public
M&As can be exciting times, yet secrecy is essential to secure the new acquisition and reveal a new company name or brand as the transaction completes. However, bad actors are well versed in monitoring sites such as Companies House and the IPO and will systematically review these resources to determine the availability of domains that match the name of newly registered companies; if available, they will secure domain registrations. In this scenario, and with no established equity in the new brand, the various dispute resolution polices will not provide a remedy and it is not uncommon for the speculators to offer the names for sale on the after-market at inflated prices. Inevitably, this can cause serious headaches for the new business that needs the names, and the traffic they will generate, ahead of the official brand launch. Confusion reigns.
Prior to announcing details of an M&A, acquiring businesses should conduct an audit of their future domain portfolios and ensure that all potential online real estate is secured. This is critical due diligence. By registering these domain names in advance, (and preferably anonymously) organisations can safeguard against any costly acquisitions from unrelated third parties.
Domain names can normally be secured for reasonable sums in the tens of dollars, but they can be sold for many thousands if they are fundamental to the future of a high profile brand. Take the example of TikTok: two friends anticipated that the app would gain in popularity, such that, following TikTok’s launch they registered tiktoks.com for $2,000. TikTok’s parent company offered $145,000 to secure the transfer of the domain, however upon rejection of the offer, the brand was forced into lengthy and costly legal processes to secure the name.
The lesson is clear: stop and think about your domain portfolio and ensure all potential domains are registered and accounted for prior to your announcement at deal completion.
Understand the vital infrastructure of your business
A lack of awareness of how vital domains are to business infrastructure and the potential implications of their neglect during an M&A event may give rise to costly errors. And it’s not just in M&A activity that this is important. There are many examples of brands being consigned to history on account of the absence of appropriate domain name diligence – at not insubstantial cost to the rights owner.
And this is something that is not just the preserve of large global players. Regional brands are not exempt from being targeted and when they are, the damage can be proportionally higher given limited funds to rectify errors.
Lean on the experts during the planning stages
When planning for future business acquisitions, organisations can help to mitigate these issues by ensuring they retain the services of a trusted corporate domain manager. Collaboration coupled with expert advice ensures that the deal principals can focus on the fundamentals of the acquisition process in the knowledge that the domain name component is being suitably managed in tandem.
There are many pieces to an M&A process – make sure securing the valuable domains doesn’t end up being the missing piece of the puzzle.
