Insurtech insights: the do’s and don’ts of insurtech M&A
Insurtech M&A - identifying the opportunities
We expect 2019 to be another big year for insurtech M&A. Established insurers are working hard to develop and progress their ‘digital transformation’ journeys and, together with insurtech start-ups, they are beginning to realise the value of insurer-insurtech investments and collaborations.
We recently published a report on ‘The world of digital M&A’, in which we analysed over 25,000 deals involving the S&P Global 1200. Our analysis focused on almost 4,000 digital/tech deals – that is, deals whose principal rationale was to further the acquirer’s digital transformation, bolster its tech offering or to consolidate the market in a particular class of tech. That expenditure on digital and tech assets will only continue to grow, with a significant proportion spent on healthtech and AI, both of which are key focus areas for the insurance industry.
For insurers, acquisitions of insurtech start-ups can be transformational, if they are done right. Being able to navigate the pitfalls presented by this type of deal will drive the success or otherwise of an insurer’s entire digital transformation project. With this in mind, we set out below some key do’s and don’ts for insurtech M&A…
Understanding insurtech business liability and risk
- DON’T expect your due diligence exercise to look like traditional M&A
- Start-ups are often characterised by quick growth, founder-centric organisation and small teams, so your diligence should be tailored accordingly. This means focusing on key business areas, such as data, IP rights and regulatory. For example: how does the legal ownership of the technology impact your valuation, deal structure and future opportunities for development?
- Insurtech financials may not tell the same story as those of traditional businesses, so opportunities may be missed if relying on established valuation metrics (eg a data-heavy business may show very low revenues). Ensure your financial and legal advisors work closely with you to implement the right valuation method and pricing mechanic for the investment.
- DO make sure your due diligence looks forward as well as back
- Consider scalability - understand the business you are investing in and how it will grow in the future. For example: is it primarily a technology business driving process optimisation, an intermediary business providing new distribution platforms or an insurer underwriting new products?
- Consider the regulatory, capital and data issues that may change as the size of the business grows.
- DON’T forget that M&A is not the only option
- Consider the possibility of partnering with/investing in start-ups or consider building up insurtech capabilities internally – does the investment form part of a strategic relationship beyond equity investment?
- Keep focus on the what rather than the how: what is your goal and what do you actually need to achieve it?
- DO consider future new types of liability, even if regulators/legislators haven’t
- Examples include liability for damage caused by driverless cars, algorithmic or robo-advice and smart contracts, for which there is no consistent legal framework.
- Cyber risk and liability for failures in operational resilience are also key focus areas for regulators.
Capturing and protecting key assets
- DON’T forget to retain specialist advice from the outset
- Data, IP and tax expertise in particular will be essential to defining strategy for the deal and preserving value post-execution.
- Insurers face a difficult balancing act: a promising-looking insurtech start-up coming to market can attract high valuations and significant competitive tension - strategic buyers can’t afford to be slow-moving, but may need time to properly assess and price the risks involved.
- DO prioritise agreement on intellectual property and data protection
- Loose treatment of IP can derail acquisitions of start-ups – look for evidence that start-up has properly considered its IP estate and how to manage it. Consider what impact this may have on the structuring of the investment.
- Data protection is a hot topic for regulators and the public, inadequate protections create reputational risk and GDPR sanctions can be severe. For example, you will want to ensure that (i) the current processing of data is in compliance with the relevant laws, in particular in relation to any analytics and automated decision making (which are typical issues in data deals), (ii) the location of storage and practices around transfer of data will not be materially adversely affected by Brexit or data localisation laws, (iii) the future opportunities are not adversely impacted by regulation on data (eg in relation to the development of AI) and (iv) any system risks are flushed out, eg cyber risk.
- DO get early agreement on other transaction parameters
- Effective management of key internal stakeholders will be essential.
- Acquirers should hold frank discussions on respective ‘red lines’ at the start of the process.
Deal certainty and execution
- DO expect the regulator to analyse and test your business case
- Regulators are rapidly getting to grips with new developments and innovative business models.
- Regulators are in regular contact with industry players (through sandboxes etc) and can be expected to understand key risk areas.
- DON’T assume the deal will take place in a political vacuum
- From the Silicon Allee to the Silicon Fen, the Silicon Gulf to the Silicon Glen – everywhere wants to replicate the success of Silicon Valley. And tech success is hard-fought for among governments.
- Countries may therefore take a protectionist approach, especially where deals affect sensitive customer data (eg many potential Chinese acquisitions of US tech assets have been thwarted by the US government’s politicised approach).
- DON’T underestimate the importance of culture
- Employees will be used to different working cultures – this can extend from office layouts and working practices to ownership models.
- Successful deals in this space are often characterised by parties adopting a partnership mindset – learn to speak the same language!
- DO implement the right incentive structures for founder-centric insurtechs
- At a minimum, an acquirer should make sure the insurtech founder’s goals align with the acquirer’s own aims. Consider use of earn-outs or other incentive plans to incentivise management involvement in the future. Consider also whether the use of warranty & indemnity insurance can help with the deal dynamics where management have given warranties and are remaining with the business.
- Post-execution, the right place for the founder is not always at the head of the acquired unit, positive changes may come from offering a cross-organisational role, or from allowing a ‘serial entrepreneur’ to leave on good terms and start their next insurtech venture.
- DON’T assume that an internet-based business is a portable one
- Even where the offering is entirely internet-based (eg robo-advice), acquirers need to consider where staff want to work and the impact on managing the workforce.
- The perceived benefits of technology-driven elements to any insurance product may vary from market to market, so a sales strategy/team that is successful in one country may not be able to replicate that success elsewhere.
- DO think about how your own procedures and controls will apply to an integrated business
- Consider areas where the start-up’s tech/data does not adhere to the acquirer’s security protocols.
- Hastily bolting on a start-up with less mature IT infrastructure (or vice versa) can create a back door for cyber-attacks and greater vulnerability for the combined business.
We’d love to discuss with you
We’d love to discuss the insurtech space with you or your team - please do get in touch.