In light of these trends, PE firms should understand trends in the data security space, and the risk profiles, security systems and processes of their target and portfolio companies. • In 2023, regulatory requirements and the threat of operational impacts will require a meaningful understanding of data security and quantitative security risk assessments by PE firms, with particular attention to unique risks faced by certain niche businesses. We expect tailored reviews to replace ineffective boilerplate approaches overly focused on managing data breach response. • The uptick in breaches of third-party vendors highlights the need for actually conducting strong third-party risk management programs in 2023. • While the average cost of a healthcare data breach has increased substantially, cyber insurance remains harder generally to acquire, particularly for smaller companies serving healthcare organizations. By leveraging broader insurance relationships, PE firms can assist these companies in the coming year. • Ambulance chasing plaintiff’s firms are more effective at monitoring state filings for each breach. Expect duplicative data breach lawsuits to increase in 2023 and insurers to focus more on coverage limits. PE firms can assist portfolio companies in 2023 by maintaining a relationship with counsel familiar with the PE firm’s portfolio companies to efficiently manage these matters in a cost-effective manner and under privilege. 7. Structuring Earnouts BY TATJANA PATERNO Valuation expectations are still being reset and buyers are increasingly using various tools to bridge the gap between the parties’ performance expectations for the target’s business. Those tools include, among others, the following: 1. Seller notes. 2. Equity grants that are subject to vesting based on the future financial performance of the target business. 3. Earnouts. Based on recent experience, we expect that the frequency with which earnouts will be used in 2023 will continue to increase as compared to earlier in 2022 when we were still in a seller’s market. The size of earnouts as a portion of the purchase price is also likely to grow.
When structuring earnouts, consideration should be given to the following:
• Earnouts are prone to disputes, so clarity around the applicable earnout metrics (revenue, EBITDA, etc.), earnout period (1-3 years), payout formula, measurement standard (i.e., GAAP and exceptions to GAAP) is very important. • If applicable, consider expressly addressing any potential Medicare/Medicaid recoupment issues and their effect on the achievement and payment of the earnout. • For businesses that derive revenue directly or indirectly from federal healthcare programs, earnouts should be carefully structured, considering applicable healthcare laws and regulations, including the federal Anti-Kickback Statute, preferably at the LOI stage. Guardrails should be employed mainly if any business derived from the referrals of physician owners is being considered in the calculation of the earnout.
5 HEALTHCARE PRIVATE EQUITY: 2023 OUTLOOK & TRENDS IN M&A |
Powered by FlippingBook