On 16 January 2014, the Institute of Chartered Accountants in England and Wales (ICAEW) together with a taskforce made up of representatives from key UK professional organisations (including the Law Society, the Takeover Panel and the London Stock Exchange), published a guide on cyber security in the context of corporate finance transactions.
The guide recognises the increasing importance for businesses, advisers, investors, regulators and other stakeholders to understand the threat to cyber-security. This is particularly crucial in the context of corporate finance transactions due to their significance as a source of entrepreneurship, innovation, expansion and economic growth for companies.
The publication of the guide is intended to raise awareness of the cyber-security issues, threats and areas of vulnerability and to show how cyber risk can be managed.
The guide suggests the following practical steps that all businesses can take to minimise the risks of cyber-security threats throughout the corporate finance process:
- Ensure your IT system and processes are appropriately managed and secure.
- Put in place an incident management plan specifically for the transaction.
- Identify one individual within your organisation who will have responsibility for the sharing of information. If possible, share information through a secure data store that is separate from your organisation's usual IT systems.
- Ask cyber security questions of the target as part of your due diligence exercise. The guide suggests some questions, including:
(a)When did the board of directors last consider the issue of cyber security?
(b)When did the target last experience a cyber or information security breach?
(c)What steps were taken to mitigate the impact of this breach?
Click here to view the full guide.