August 7, 2019
From: Portland Business Journal By Malia Spencer
Lake Oswego-based Navex Global is beefing up its capabilities in the risk management arena with the acquisition of Overland Park, Kan.-based Lockpath.
Terms of the deal were not disclosed, but Navex CEO Bob Conlin noted the company did not need any added equity from its new owners, BC Partners, to complete the transaction.
“We are in an enviable position, we have grown to a size where we are hovering around $250 million in revenue and quite profitable,” he said. “We are able to make acquisitions using cash and debt.”
In Lockpath, Navex - which makes software systems for customers to deal with ethics, compliance and governance risk - picks up a broader line of business that means it will now be able to help customers assess and mitigate risk throughout the organization. This added capability includes everything from operations risk, IT and data privacy risk, and supplier risk.
“We focus on ethics and compliance risk, (or) risk associated with people,” he said. “(Lockpath) is risk associated with systems.”
Combining Lockpath’s software platform with Navex’s existing software means that customers gain a one-stop vendor for more of their risk management needs. The deal is " a game-changer" for Navex, Conlin said.
“Every week we see dozens of customers buying a risk management solution and they aren’t buying them from us,” Conlin said. This deal fixes that.
Through the acquisition, all of the roughly 100-person Lockpath team is joining Navex. The company will keep the Kansas office and make it the “center of excellence” for this line of the business.
Navex also gains more than 100 new customers. However, Conlin said the more exciting aspect is that the Lockpath software can now be sold to Navex’s more than 14,000 customers.
Conlin plans to invest into the research and development as well as customer success capabilities at Lockpath.
This is the second acquisition this year by Navex, which now has about 1,300 global employees with nearly 300 locally. In June, the company acquired Expolink Europe Ltd., which makes a whistleblower hotline and is based in Chippenham, England. That deal is part of the company’s plans to expand in Europe as well as the Middle East and Asia.
Navex has an M&A strategy in place to find acquisition targets within its core business as well as adjacencies such as data privacy and security, environmental and social governance and employee health and safety, said Conlin. Targets must be in growing markets and sell into the same customers that Navex already works with, such as chief risk officers, audit heads, chief compliance officers or general counsels.
To manage this strategy the company hired Shane Harrison in May as senior vice president of corporate development.
“His role is to go and help us find other companies to acquire,” said Conlin.
Lockpath, which was founded in 2010 and raised $8 million from investors, wasn’t marketing itself for sale, Conlin said. Instead, Navex identified the company as a leader in its space. Conlin started to follow its progress and eventually landed a meeting with the CEO.
“Lockpath was built on solving the complex problem of managing risk across the enterprise, doing so with a purpose-built software solution that is flexible, scalable and quick to implement,” said Chris Caldwell, co-founder and CEO of Lockpath in a written statement. “We share Navex Global’s business philosophy that puts customer success first while delivering best-in-class solutions, support and services. We all look forward to working together in service of our customers’ success.”