By Manik K. Rath and Tamara Jack, LMI
In the 20th century, projecting U.S. power meant having a large military presence in Europe and East Asia, and the ability to strike distant enemy nation-states. Today, projecting power means knowing when and where an asymmetric and sometimes furtive enemy will strike, before anything happens. Today’s enemies may be nation states, failed states, terrorist groups, or individuals, hence intelligence gathering has become increasingly important in projecting power.
Given the volume and complexity of the intelligence that can be gathered, the intelligence agencies have come to rely on intelligence contractors to provide innovative solutions, resources and skill sets to deal with such unique problems. Thus, despite the overall decrease in mergers and acquisitions in the last year, the volume and valuation of deals involving companies that contract with the intelligence agencies has remained relatively strong.
It has occurred to us that very little has been written in the mergers and acquisitions literature on the unique considerations to executing such transactions. M&A deals involving intelligence contractors are more complicated due to special issues associated with doing classified work. Below we discuss top things to understand when undertaking the acquisition of such a company.
The Intelligence Community. Led by the Director of National Intelligence (DNI), the U.S. Intelligence Community (IC) is a body of 16 different federal government agencies and organizations with a defined mission of dealing with national security issues.
The Security Classification. The U.S. security classification system safeguards critical military, foreign policy and intelligence data and information. For the purposes of understanding the basic structure of this complex regime, the following information is relevant:
- The Department of Defense (DoD) manages the largest industrial security program;
- Several other intelligence agency’s manage their own security programs;
- The DoD classification system has three levels:
- Confidential
- Secret
- Top Secret
- Additionally, there are nine other protection categories
In order for individuals or companies to gain access to classified data, the U.S. government must first authorize such individuals and companies through the security clearance process. For individuals, this process is called Personnel Security Clearance (PCL); and for companies this process is called Facility Security Clearance (FCL).
Security Clearances. Companies interested in acquiring intelligence contractors, must be familiar with the National Industrial Security Program (NISP) and the National Industrial Security Program Operating Manual (NISPOM) and NISPOM supplements. NISP is monitored by the Defense Security Service (DSS). DSS is charged with ensuring NISP compliance by the DOD and other federal agencies contractors. Further, contractors with access to agency top secret programs with “special compartmentalized information” status (SCI), must be familiar with additional regulations, independently administered by such agencies. These may include the CIA’s Director of Central Intelligence Directives (DCI-Ds).
For personnel security clearances, generally, the company must demonstrate to the government’s satisfaction that there is a need for such employees to have access to classified information. The company can demonstrate this need if the employee will be working on a classified contract, or if the employee in question is a Key Management Personnel (KMP). Generally, KPMs are individuals with control over the company, such as owners, partners, officers, and directors.
For facility security clearances, a government agency or another cleared contractor must sponsor a company by showing a definite, classified procurement need. This sponsorship is accomplished by a sponsorship letter which the government agency or the sponsoring contractor submits to the applicable security office.
Classified Assets and Clearances. During the due diligence phase of the deal, the buyer should be looking at the classified contracts it is acquiring, target’s employees with security clearances, as well as understanding any special contractual requirements associated with the target’s involvement in the classified space.
The buyer must start with the “Contract Security Classification Specification” on Form DD 254, issued by the government for each classified contract. The DD 254 sets security classification and applicable safeguarding requirements. Also, the DD 254 will provide much needed information on whether the buyer is equipped with the personnel and any facility safeguards required to continue the classified work post-closing.
M&A activities affect the company facility security clearance. Accordingly, the parties to the deal must comply with the NISPOM requirements associated with such M&A activities. These include: submitting a “notification of change” letter to the Cognizant Security Agency (CSA), obtaining CSA approval for any new cleared facilities or for the transfer of sponsorship of the existing facility security clearance, and examining any requirements related to physical security of the building, hiring of new personnel, the need for any special telecommunications connections for transmitting Secret and Top Secret data, and the need to create special rooms for storing and handling classified information, called Sensitive Compartmented Information Facilities (also known as SCIFs, or Special Access Program Facilities).
The above steps should be underway during the due-diligence and integration planning phase, and completed or nearly completed during the post-closing integration phase.
We have provided an overview of a few special considerations associated with M&As involving intelligence agency contractors. Such companies operate within a very complicated space of the U.S. industrial security regime. Special understanding of this regime and the associated requirements will help the parties to advantageously complete the deal and ensure successful post-closing integration.