Faculty launches new cyber security guide

ICAEW’s Corporate Finance Faculty launched its latest guide at the end of January – Cyber Security in Corporate Finance. It’s the second edition – an update of the guidance published in 2014 – and is aimed at providing guidance on cyber security issues for businesses that are raising finance, undertaking M&A or involved in a restructuring.

The launch event featured two panels chaired by ICAEW head of corporate finance David Petrie. The first featured Rosalind Gray, head of market surveillance and IT at The Takeover Panel; Michael Izza, ICAEW CEO; Ian Jeffery, chief executive of The Law Society; and Andrew Rogan, head of resilience, technology and cyber policy at UK Finance.

Izza said the flow of sensitive information during a deal could expose businesses to security breaches. “A cyber attack could have a potentially disastrous impact on the dealmaking process, and so it is crucial that boardrooms across the country treat threats very seriously and take preventative action. We must do all that we can to ensure London remains a pre-eminent place to do deals, raise investment and generate growth.”

Jeffrey highlighted why M&A is a vulnerable time for businesses from a cyber security point of view: “There’s enormous value being traded or worked with at that point. There is a larger number of people involved than usual, not all of them knowing each other, and things happen under significant time pressures. So the need for good cyber security is even greater than in a steady-state business-as-usual scenario.”

When it comes to public transactions, Gray said: “Maintaining secrecy around public takeover transactions has been a fundamental tenet of takeover regulation for many, many years. At The Takeover Panel we are increasingly conscious of information security and that goes hand-in-hand with cyber security. You cannot have the one without the other.”

When it comes to what has changed since the last guide, Rogan said the increasing threat of state actors looking to disrupt M&A is a major factor: “There is the hacker, the cyber criminal and nation states – it’s becoming an incredibly congested threat environment. It’s much more complicated and what is required is concerted, definitive investment and engagement at all levels of the business and all phases of a transaction, from the very beginning to the very end.”

The second panel was a Q&A session focused on the adviser network, and featured James Arthur from Grant Thornton; Kerry Beynon from The Law Society; Elizabeth Huthman from KPMG; Jamie Iles from Deloitte; and Michael Young from EY.

National Cyber Security Centre (NCSC) deputy director for economy and society Sarah Lyons said chartered accountants are an increasingly attractive target for threat actors, given the sensitive financial and risk data they handle. “A breach can undermine trust, confidence and reputation. I’d encourage everyone from across the industry to engage with this report and the NCSC’s range of practical guidance, to help increase their cyber resilience.”

Arthur said that whoever the attacker is, they will target low-hanging fruit, so basic cyber hygiene goes a long way to help security. Iles said identity theft and privileged access is a major problem: “That’s what attackers will focus in on because that’s the biggest area for mistakes, giving them the biggest reward.” 

Huthman added: “We’re doing a lot of work with private equity houses on insider risk. One client noticed lots of issues coming up at the point of transactions and when they dug into it, they found they had a disgruntled employee who was leaking information.”

The faculty, in collaboration with the NCSC, led a cyber security taskforce – which included the Law Society, the Association of Corporate Treasurers, the British Private Equity and Venture Capital Association, the Takeover Panel and UK Finance, as well as BDO, Deloitte, EY, Grant Thornton, KPMG, PwC and the London Stock Exchange – that wrote the guideline.

The new guideline can be found at the ICAEW Cyber Security hub.

New year, new member firm

Cork Gully, an advisory firm specialising in business transformation, restructuring and special situations, has become the latest member firm of the Corporate Finance Faculty.

The origins of Cork Gully go back to 1906, when William Henry Cork established an insolvency practice, and in 1935 Cork Gully came into being when he formed a partnership with his son Kenneth Cork, and Harry Gully. In 1980, Cork Gully merged with Coopers & Lybrand and, after its merger with Price Waterhouse to form PwC, the Cork Gully brand of its insolvency practice was discontinued. 

In 2010, Stephen Cork, the great grandson of William Henry Cork, acquired the business and relaunched the Cork Gully brand.

Stephen Cork (above) trained as an ACA in Moore Stephens and became partner in 1994. In 2000, he moved to Smith & Williamson (now Evelyn) as partner, becoming head of restructuring in 2005. He has been managing partner of Cork Gully for 14 years.

The firm has 13 partners. As well as the head office in London, the firm has offices in New York, Jersey, Guernsey, Luxembourg, Cayman Islands and Mauritius.

As well as traditional insolvency, restructuring and reorganisation services, the firm offers corporate advisory, which includes accelerated M&A, refinancing, fundraising, valuations and debt advisory services. Cork Gully also offers fund and asset management services.

Recent appointments have included those in relation to private equity group Abraaj and Redcar Bulk Terminal.

Stephen Cork said: “We are delighted to be joining ICAEW’s Corporate Finance Faculty and look forward to contributing towards the organisation’s continued success. ICAEW’s focus on promoting, developing and supporting professionals in our industry closely aligns with our firm’s ethos. We look forward to working closely with the wider ICAEW.”

Public bodies consultations

The faculty is inviting responses from members to feed into two consultations that close for comment this month: the FCA’s Primary Markets Effectiveness Review and the Department for Science, Innovation and Technology’s Cyber Governance Code of Conduct.

The FCA consultation response is due by 22 March and to accommodate members’ views in its response the faculty invites input by 15 March from faculty members. 

The FCA is seeking views on its proposed measures following the consultation it initiated in May 2023. Its proposals seek to create a simpler, more disclosure-based listing regime with a single commercial company category. With the changes, the FCA hopes to boost UK growth and competitiveness by making the regime more attractive to a wider range of companies, so they list in the UK. 

The FCA says it ‘remains open to further views and evidence from all sides of the market on whether the balance is right’. As well as companies and investors, the FCA is looking for input from the capital market advisory community.

The Department for Science, Innovation and Technology consultation response is due by 19 March and the faculty is looking for input by 12 March. In this consultation, the government is aiming to ‘improve cyber resilience across the UK economy and ensure businesses and organisations have the tools and support to protect themselves against cyber threats’.

The consultations can be found on FCA: Primary Markets and GOV: Cyber Views.

In brief

• David Petrie attended the 14th Annual Outlook for M&A event, hosted by the M&A Research Centre at Bayes Business School at the end of January. The expert panel was chaired by Susan Kilsby, advisory board chair of the M&A Research Centre, with six panellists: Stephen Pick, UBS; Russell Enright, SS&C Intralinks; Edward Little, Ardian; Lucinda Guthrie, Mergermarket; Jana Mercereau, Willis Towers Watson; and Liz Claydon, KPMG. The event was preceded by a board meeting, which Petrie also attended as the ICAEW representative at the M&A Research Centre.

• The Corporate Finance Faculty is hosting the first in a series of events for corporate financiers developing their career in M&A, or ACAs looking to start a career in transactions – Building a career in corporate finance & investments – on 27 March, 18:00-20:00 at The One Moorgate Place Club at Chartered Accountants’ Hall. Speakers will cover strategies for professional growth in corporate finance and there will be informal drinks. Places can be booked here.

• The Corporate Finance Faculty’s AGM will be held on 20 June 2024 at Chartered Accountants’ Hall, 12:30-14:00. Booking details will follow.