Consider CASL When Buying a Business
By Adam DwekPart 4 of our multi-part series on CASL focuses on CASL concerns and issues when buying a business.
When buying a business by shares or assets, CASL presents unique concerns and risks that must be addressed properly. This article looks at some of the issues and concerns associated with each method, and a purchase generally. Finally, some suggestions are made to minimize CASL liability post closing.
The great benefit of an asset acquisition is that the purchaser takes the business free and clear of any CASL violations committed by the seller. However, the purchaser must still concern themselves with ensuring the consents held by the business are valid, transferrable, and provable.
Can the Consents Even Be Transferred?
While the act explicitly states that existing business relationships are transferred on the sale of a business to the new owner, it does not say anything about whether consents held by the business are transferred or even that they may be transferred. Industry Canada’s Regulatory Impact Analysis Statement (“RIAS”) states that such consents may be transferred with the business so long as the purchase contract includes a provision transferring these consents, but the RIAS is industry Canada’s interpretation of the law and is not actual binding law. There is absolutely no guarantee that any court or government agency will recognize the consents as transferrable. This creates a risk for asset purchases that is absent from share purchases.
While a share acquisitions is generally not the buyer’s preferred method of purchase due to the transfer of liability inherent to it, they do have the benefit of also transferring all business relationships and consents obtained and held by the business (both express and implied). As discussed above, there is concern that under the act, consents may not be transferrable. This might be a significant issue if the business being purchased markets heavily to consumers through email, SMS or other electronic methods. Unfortunately share acquisition also presents the problem that the purchaser takes on all liability for CASL violations previously committed by the seller. While much can be done to minimize liability for past CASL violations, this may be a significant risk that needs to be managed.
Are the Consents Valid?
Even if we assume the consents can be transferred under CASL, a purchaser must still concern themselves with the “quality” of the consents, i.e. how well are they documented? Whether asset or share acquisition, a purchaser must do their due diligence and ensure the consents and even the business relationships claimed by the vendor are as promised. This means ensuring the target business has proper records and evidence of the consents – how, when, why, and for what purpose were they obtained? And does the business have the proper infrastructure to track and manage the consents? Remember, the onus is on the purchaser to be able to prove the consents are valid. If you can’t prove them, then under CASL you don’t have them!
The purchaser will also want to ensure the business has the necessary CASL compliance policies related to electronic messages sent by employees and agents of the business.
Without the above policies and tracking tools in place, a purchaser will face the costly and time consuming nuisance of implementing such policies. Not the way you want to start off your newly acquired business. Business owners should also keep the above-noted points in mind, not just to protect themselves from liability, but because they will have a direct effect on sale price and may even affect the ability to obtain financing. Implement CASL policies and consent management tools now to protect the value of your business.
You May Be Liable for CASL Violations
Keep in mind, that if you purchase a business that continues to violate CASL, you may be personally held liable for such violations if you direct or authorize the business to commit a CASL violation.
Regardless of the method of acquisition, proper due diligence is essential to not just minimizing risk, but also to identifying potential CASL liabilities that may exist or arise. Risk identified during the process can then be negotiated and managed by the parties. Representations and warranties, indemnity provisions, and the purchase price, can then be revised to allocate the risk to the parties as agreed.
In general, due diligence should include an examination of the following:
- Consent information
- How obtained – whether separate terms from the rest of the agreement, whether pre-checked boxes were used, etcetera
- When – whether time stamps for each consent held
- Information provided – whether CASL proscribed information included in the request (opt out mechanism, identifying information, etcetera)
- Purpose – specific purpose consented to
- Consent Management
- Policies to manage consent information
- Tools used to manage consent information – reliable, easy to sort through
- Sales and Marketing
- Examination of marketing and sales methods relied upon – whether electronic messages generally CASL complaint
- Whether employees trained in CASL
- Existence of CASL compliance policies
- Consent information, and consent management infrastructure.
- Consent information
Depending on the transaction, due diligence should be broadened or restricted as appropriate.
Representations and Warranties
Generally speaking, the purchaser should be sure to obtain representations and warranties expressly related to CASL, including the validity of the consents held and their documentation, the implementation of any CASL policies asserted to exist, and the training of employees as to CASL, among others. On a share purchase these representations and warranties should also include specific representations and warranties about past compliance with CASL. Of course, this is something a seller will no doubt want to avoid and may outright refuse depending on the nature of their business and what efforts have been made to comply with CASL. What representations and warranties are ultimately provided may have a significant influence on the final purchase price.
Both purchasers and vendors should consider CASL related indemnity provisions to protect themselves. Indemnity provisions can be tailored to allocate risk as agreed upon, giving further assurances to both parties as to what risks the transaction carries with it.
Explicit Transfer of Consents
For asset purchases, the purchaser should be sure to include a provision that any and all express and implied consents are validly transferred on the sale of the business.
Keep in mind, although the bulk of CASL comes into effect July 1st, 2014, a significant portion of the law won’t come into force until January 2017, and there are transitional provisions that further limit the immediate consequences of CASL. The bottom line is that a business may go on without issue for the next 2, 3, or even 5 years or longer without its CASL violations catching up to it. A purchaser needs to do its due diligence and ensure that the CASL provisions in force or coming into force will not significantly impair the business.
It’s unfortunate that CASL further complicates the process of buying a business, but it is an issue that needs to be addressed. Before you purchase, make sure you properly understand the effects CASL has on the business, and take the necessary steps to limit and control potential CASL liability.
References and Footnotes
- An Act to promote the efficiency and adaptability of the Canadian economy by regulation certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act, S.C. 2010, c. 23 (the “Act”), Section 10(12) ↩