Business Turnaround Tip for a Successful MBO Turned Awry

When you acquire a company through an MBO, your hopes are always high. You know the business more than anyone else and you’ve got too much at stake to do a sloppy job. So how could things go wrong? Well sometimes they do. And if you don’t make a quick business turnaround, you could end up losing more than just your company.

If that management buyout was financed by a bank, then chances are you were required to invest a sizeable amount from your own pockets. I won’t be surprised if you even remortgaged your house for it.

Regardless of your source of funding, whether it was a bank, a venture capitalist or through a deferred consideration, the mere thought of losing your job and getting buried in enormous debt at the same time might be too much to bear. If you get too overwhelmed by your emotions and can’t think clearly, you’ll have to step out of the driver?s seat and have someone take over.

That someone can’t be a member of the management team that took part in the management buyout. Like you, he/she might be in panic mode as well. You need someone from the outside who has no emotional attachments to the company and hence can view the crisis from a clear perspective.

Here’s what’s needed:

Review and Plan

Take a closer look at all factors affecting your business: governance and organisational structures, employees, suppliers, systems and procedures, roles and responsibilities, etc. Identify potential risks and assess the likelihood of them affecting your business.

This will give a clearer picture of cause-and-effect relationships as well as the specific tasks on hand.

Thus, when it is time to draft a plan, you can do so from a well-informed standpoint. This will enable you to target specific areas of improvement and avoid pointless activities.

Assure all stakeholders

Once a watertight plan has been formulated, you will have to approach your stakeholders. They?ll need to know what your directions are. Once they’re all sold on the plan, you could implement our strategies unimpeded.

This is a very crucial part because a sceptical stakeholder can serve as a major stumbling block in our efforts to improve the situation. You need to convince your banks, sponsors, and investors in order to avoid additional financial obstacles. You need to convince your suppliers too. If they cut off or limit supply, you won’t be able to continue doing business.

Most of all, you need to persuade your staff and employees that the proposed major changes have to be carried out in order for the company to survive. You can’t run your operations without them on board.

Redesign and set up new systems and procedures

Any company requiring a turnaround will certainly have systems and procedures that are no longer working well in the current conditions and hence would require either major changes in key areas or a total revamp. You need to study personnel roles and responsibilities as well as systems and processes, including financial and IT systems, and supervise the implementation of necessary changes.

You will need to evaluate your existing IT architecture and determine how you can best maximise what you already have and propose what you think will work more efficiently for our proposed systems and procedures. Every piece of hardware or software recommended will take into consideration your present resources. There are many solutions out there, you just need to find the best fit.

Contact Us

  • (+353)(0)1-443-3807 – IRL
  • (+44)(0)20-7193-9751 – UK

Check our similar posts

How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

ESOS What is the Truth?

When the UK administration introduced its ESOS Energy Savings Opportunity Scheme reactions from business people followed a familiar theme.

  • Do nothing it will go away
  • The next Westminster will drop this
  • Another stealth tax. I don’t have time for this
  • Give the problem to admin and tell them to fix it

ecovaro decided to share three facts with you. These are

(1) ESOS is not a government money spinner

(2) all major political parties support it, and

(3) it is a cost-effective way to put money back in your pocket while feeling better about what business pumps into the environment.

Four More ESOS Facts

1. You Cannot Give the Problem to Admin ? Energy is technical. The lead belongs with your operations staff because they understand how your systems work. Some things are best outsourced though. ecovaro is here to help.

2. ESOS is Not Going to Go Away ? A company inside the regulation net must submit its first report by 6 December 2015. Non-compliance risks the following penalties:

  • ?5,000 for not maintaining adequate records
  • ?50,000 for not completing the assessment
  • ?50,000 for making a false or misleading statement

3. The Employee Count is the Annual Average – The employment criteria (unlike balance sheet and turnover) is the monthly average of full and part-time employees taken across the full financial year. The fact you have <250 employees in December 2015 when the first report is due does not necessarily let you off the hook.

4. The 6 December 2014 Report is No Big Deal ? When you think about it the administration is hardly likely to spend years wading through 9,000 detailed company energy plans. It has no authority to comment in any case. All that is required is for a senior director to confirm reading the document, and a lead assessor to agree it complies with the law.

Does this mean that ESOS is a damp squib? We do not think so, although some firms may take the low road. ecovaro believes the financial benefits will carry the process forward, and that the imperative to make the world a better place will do the rest.

Authentication and Access Control

Threats to your data can come from external or internal sources.

  1. There are individuals who don’t have the authorisation but are driven by malicious intentions to gain access to certain information. This may refer to individuals who already belong to your organisation (but don’t have the necessary access rights) as well as those who don’t.
  2. There are individuals who have both the authorisation and, unfortunately, the malicious intentions over certain information.
  3. Finally, there are individuals who have the authorisation, no malicious intentions, but have accidentally exposed the information in question to those without the proper authority.

While curbing threats 2 and 3 would require other methods, threat #1 can be countered if the right authentication and access control systems are in place.

Here’s what we can do for you:

  • Work with your key personnel to determine who gets access to what.
  • Help you decide whether a single factor or a two-factor authentication (2FA) is appropriate for your organisation and recommend which factors are most suitable. Login methods may include but are not limited to the following:
    • biometric devices
    • Kerberos tickets
    • mobile phones
    • passwords
    • PKI certificates
    • proximity cards
    • smart cards
    • tokens
  • Install the necessary infrastructure needed for the factors chosen. For instance, if you opt to use biometrics, then biometric scanners will be installed. We’ll make sure that the authentication terminals are situated in places where achieving optimal traffic and work flow has been taken into consideration.

Other defences we’re capable of putting up include:

Ready to work with Denizon?

Contact Us Today