What To Do if You Were Just Acquired by a SPAC

June 01, 2021

By Nina Kelleher

Download Newsletter

Congratulations! You were just acquired by a special purpose acquisition company (SPAC). Now what?

Your company is now thrown into the public company world, opening doors to capital to fund growth, yet also accompanied by regulatory requirements. Chances are that if you were determined to be SPAC-worthy, you may have already designed and implemented procedures and controls to address some of these requirements.

To effectively transform into a public company, investing in a sound foundation including governance, reporting and control is imperative. From a practical perspective, let’s examine some of the ways public companies are expected to build and support this foundation:

  • Policies and procedures should be developed. Policies would align management’s strategic vision and objectives with the company’s operations. Procedures would describe how the policies are put into action.
  • Robust reporting should be in place. Management reporting, such as budgeting and forecasting, along with accurate financial reporting are paramount. Financial statements must be filed timely, so it is imperative the financial close processes be accurate and as streamlined as possible.
  • Corporate governance and regulatory compliance guidelines should be established. The company should establish a way to monitor, maintain and comply with applicable regulatory requirements. Management should ensure proper oversight structure via a company organization chart clearly depicting reporting lines, employee handbook, and whistleblower hotline and forming both a compensation committee and audit committee. Additionally, there may be a need to create new roles such as risk management, SEC reporting and investor relations.
  • An effective internal control framework should be designed and implemented. The company would have to comply with Sarbanes-Oxley (SOX) and have effective controls over financial reporting. A determination should be made around whether the company qualifies as an emerging growth company (EGC) under the JOBS Act as there are certain benefits with respect to SOX.
  • Cyber hygiene and an information technology infrastructure that can scale and sustain a growing business. With information technology general controls (ITGCs) to comply with SOX as the baseline, there exists other cybersecurity planning that should occur, such as but not limited to, securing data to comply with privacy regulations, business continuity planning (BCP) and disaster recovery (DR) planning.

The above provides a taste of the effort involved to operate as a public company. Many have adopted a framework such as the Committee of Sponsoring Organizations of the Treadway Commission (COSO) 2013 Internal Control Integrated Framework to guide them. While the list above may seem daunting, oftentimes the most difficult challenge is a shift in the mindset of employees; the transition typically goes smoother when executive leadership sets an example for others to follow.


Digital Intelligence Newsletter - Q2 2021

About Nina Kelleher

Nina Kelleher is a Director leads the risk advisory services within EisnerAmper Digital with expertise, including planning, executing and leading audits, conducting risk assessments and completing financial statement due diligence.