Neil Kirton is a Managing Director with Kroll’s Investigations & Disputes practice, based in the London office. Neil has spent his entire career operating and advising at senior management or board level. He joined Kroll in 2013 having spent 27 years working in the securities industry and investment banking in the City of London. During Neil’s City career, he was Global Head of Equity Distribution at ABN AMRO Bank NV and a member of ABN AMRO’s Global Equity Directorate. He was also Deputy Chief Executive at Hoare Govett and Head of Corporate Finance and Chief Executive Officer at a London securities house.

Benedict Hamilton is a Managing Director in Kroll’s global Investigations & Disputes practice. For Kroll, Benedict has assisted clients in obtaining vital information from Africa, the Middle East, Europe and the Americas as an investigation specialist. After graduating from Oxford, Benedict spent twelve years making investigative television programmes for the BBC and Channel 4, and was twice Channel 4’s nomination for RTS best journalism awards for programmes on Northern Irish terrorism and Combat 18. Benedict started working for Kroll in 1999.

Christopher P. Skroupa: In the context of a career spanning both investment banking and more recently Kroll, how would you suggest that boards most effectively gather relevant and useful information in a potentially hostile situation?

Neil Kirton: The first thing to say here is that boards should consider gathering information about themselves as well as any potentially hostile party or aggressor. To give you an example, we recently completed an assignment for a listed corporate who felt that that they were vulnerable to an attack from a specific party. We undertook the work in two parts. Firstly, we reviewed in some detail the current directors and the operations of the client. We also researched certain aspects of the company’s past history, utilizing a range of publicly available material. Most companies aren’t equipped to do this themselves, especially as it’s often done in several languages. There is also much to be learned from discreetly talking to a range of sources who are likely to have a perspective on the issues we are analyzing. This can range from reputational reviews of relevant individuals to a local perspective on a company’s operations in an emerging market—from a political, social and reputational perspective. Really we are looking for anything that could constitute either a weakness or firepower for a potential aggressor.

With regard to the aggressor, a range of work can be undertaken depending on the specific circumstances. Last year, our forensic accounting team dismantled the acquisition history of a European conglomerate to analyze underlying trends in ROCE. Our investigators also found a number of situations overseas which related to disputes and contract awards that could have adversely impacted its reputation. In another case, we looked closely at pre- and post-acquisition behaviour—had the management’s promises been upheld once the acquisitions or takeovers had been completed?

So much depends on the specific circumstances, but a review of your own vulnerabilities, whatever they could be, can dovetail well with a look at an aggressor.


Skroupa: In helping a board prepare for an engagement, what other advisors would you work with to ensure that its defense is organized and effective?

Kirton: Usually, the other advisors at the table include the investment bank, the lawyers, and very often strategic communications, public affairs or public relations advisors. If there is a typical situation (and I’m not sure there is), we were recently engaged directly by a corporate who was preparing a possible defense. All the calls during the assignment were undertaken with the other advisors present. The real need is for us to pursue a work stream which is relevant and useful.

I think it helps that we employ a range of people ourselves from different backgrounds, be it journalists, lawyers, investment bankers, accountants, and many others. It’s very important that the results of our analysis and work can be shaped into a robust body of information. We do a lot of work that has a capital markets focus to it but at the end of the day, communicating with markets and formulating M&A strategies is a profession in itself. We work in a very complimentary way with the other advisors. Furthermore, if we were undertaking a piece of work and other advisors weren’t “at the table,” we would suggest that they be included. Our own connectivity to the other advisory groups can result in us recommending their inclusion for specific situations on assignments.


Skroupa: When investors are analyzing a hostile or activist engagement, what could they be looking for that will exacerbate the vulnerability of a company?

Kirton: There could be a number of things here that are relevant—poor corporate performance, inefficient capital allocation and low ratings may all contribute. On a reputational front, it has been clear in recent campaigns that signs of management excess, lack of real independence of directors, and in some extreme cases, misreporting the reality of an event or situation can significantly undermine investor confidence. Shareholders must be offered consistent communication and high quality corporate governance at a minimum. It goes without saying that corporates who don’t embrace best practice are already reducing their ability to garner votes in an unwelcome overture, be it a bid or an EGM which is calling for boardroom change. It’s also vital that companies undertake thorough due diligence on their own board appointees—others will, and they often go back many years. If a red flag emerges, it may not be a show stopper, but it needs to be addressed beforehand and explained.

If you are a listed corporate, it’s important to remember that a hostile attack could also be generated by the desire of one or more investors to short sell your stock. There are a large number of things outside the scope of most sell-side analysts that could be relevant to the way a stock could be perceived and then valued.

Short selling has for a long time been part of many hedge fund strategies, but the last few years have seen the emergence of specialist research boutiques (often with very low profiles and unregulated) as active promoters of short selling strategies on particular companies. At a minimum, this creates uncertainty amongst both existing and prospective investors—it increases the number of “red flags” and ultimately makes accessing capital harder unless it is addressed proactively by the target. Protesting your innocence generally won’t work in a risk-averse environment, particularly in response to something that appears thoroughly researched, and in many cases, doesn’t warrant funds to investigate otherwise. It may be easier to simply sell the shares!

Many companies who do find themselves in this situation are asking Kroll to conduct independent investigations, including analyzing accusations or innuendo, and in a sense preparing a defense, but in some cases, highlighting issues of which even senior managers were not aware. This is an increasing and sometimes very costly concern for some listed companies.


Skroupa: Given how data breaches and loss of confidential information can negatively affect shareholder value and senior executives’ reputations, how do you integrate independent reviews, mock attacks and other planning into the risk analysis?

Benedict Hamilton: We have seen an increasing level of awareness from both investors and boards around these vulnerabilities for some time. There are now a number of high-profile examples of cyber-attacks which have impacted European corporates. In some cases, share prices have been hit, reflecting the loss of economic value that can result from these situations. In other cases, these attacks can cause significant customer anxiety. Some damage the reputations of owners and managers.

The result of this has been more client requests to incorporate network and data security into due diligence assignments ahead of acquisitions. An increasing number of corporates are now asking both for independent reviews of their policies and procedures, and help running responses to mock attacks. Essentially, they know that if they are hit, it’s vital to have rehearsed and organized a response. There can be an unusually large number of stakeholders to think about in these situations, all of whom need to be managed.

On a different note, leakage of confidential information is receiving much higher levels of attention by those affected. Employers witnessing senior individuals or teams depart are much more aware of the potential for IP loss. Leaks of information from boardrooms when they are real or suspected generate an increasing source of incoming traffic to Kroll and can often prompt the use of a wide range of investigative techniques in an effort to unearth the source.

There’s no certainty of security, but understanding and mitigating these types of risk is, for some, a relatively recent addition to the worry list. Constant vigilance is required and it’s vital to give these risks thorough coverage in a boardroom.


Skroupa: Of real concern to boards is that an escalating data breach situation will have significant economic and financial impact on a company. In your experience, what is the worst outcome from this kind of situation?

Hamilton: It’s hard to be precise about the definition of “worst,” but what we do know is that taking steps to prepare and rehearse helps manage this type of crisis. What’s noticeable in the capital markets is a higher appreciation that this is real risk. So, if a CEO is already under pressure from operational concerns regarding a potential data breach, it may not be the end at that moment, but it’s very unhelpful and could be a further trigger to eventual departure.

In a different situation, unimpressive media performances in the aftermath of a breach have significantly undermined not only a CEO’s standing, but triggered customer attrition and significant downgrades to forecasts. Increasingly, with the onset of new legislation in Europe, the possibility of substantial fines associated with data breaches is another trigger for both corporates and their shareholders to be very alive to risks. In a recent IPO, one CFO noted to Kroll that a large number of would-be investors seen on the pre-IPO roadshow asked about data security. Early hesitancy was soon replaced by more informed answers, but it’s a testament to shareholders’ increased attention to the risk.


Christopher P. Skroupa is the founder and CEO of Skytop Strategies, a global organizer of conferences.