checklist for payroll mergers ☑️

Payroll mergers from deals often land on HR and Payroll (and HRIT) without much warning and often without additional resourcing help to handle a successful operational consolidation effort.

This often results in a failure to realize ROI on expected administrative cost savings of IT and HR overhead specifically.  It also can mean a bumpy and disengaged transition for the incoming or outgoing workforce.

HR & Payroll are often tasked with figuring out the roadmap, project plan and deliverables required for operations to be integrated quickly.

Be sure to have an understanding of each of these concepts before attempting a merge or acquisition-  the below is not comprehensive and is just a starter list to help you begin:



Will employees keep their existing employment contracts or do they need to sign new ones?

Who will handle historical manager or employee information requests (e.g. W-2s, paystubs, job history, unemployment verification, non-discrimination testing, labor audits, etc.)?


Do we need to handle Year to date tax and wages migration?

How will we manage Paycheck history?

Who will handle W2s/W-2c’s creation, printing and distribution?

How do we avoid State Unemployment tax “dumping” risks?


Who will respond to FLSA or ACA audits and inquiries for time cards and payable time records?

Do we need to carry over Paid Time Off (PTO) Balances?

What about Sick Time balances for States like California and countries like Canada for legal reporting?


Are employees going to have to enroll in new plans or keep their existing ones?

Do we want to migrate year to date payroll balances for statutory limits like 401k, Flex Spending health and dependent care, etc.?


Are compensation plans aligned, do they reflect market rates?

Do employees have long and short-term incentive plans for handover?

What about Stock option plans or Restricted Stock plans (RSUs) that need to be accommodated?

Data Privacy

Data Privacy and cybersecurity risks until recently have been severely underestimated during M&A transactions.  Many large organizations run acquisitions in a way that compartmentalizes operations.  That  is to say there is often minimal effort to combine and optimize technology, processes and people across the subsidiaries.  Fragmentation is a major threat to data privacy and cybersecurity management.  In turn, global financial penalties are set to skyrocket starting in 2019 with the enforcement of GDPR and other upcoming privacy legislation. 

Bad actors have also learned to exploit organizations during M&A announcements.  Hackers will look for weaknesses in particular via social engineering and email phishing knowing that sensitive data is changing hands between organizations and people are expecting to receive information requests via email.  Therefore it is well worth the time to ensure you are de-risking the People technology landscape during the handover process. 

Some of those questions are below to get you started but this is a major new risk area to be addressed in itself.

 If we are taking on new Personally Identifiable Information ( PII ) how will we ensure compliance with multi-national data privacy laws? 

What Countries and regions are in scope (including citizenship and work locations)?

What consents has the employee provided in contracts?  Do we need to re-collect any employee data consent?

Are there ageing HR and Payroll systems that can and should be retired due to outdated security protocols?

Are there any known data breach risks or incidents?

What are the best practices cybersecurity measures expected of the systems pertaining to personal data?