After the Trump administration blocked Broadcom's effort to buy chipmaker Qualcomm last year, CEO Hock Tan turned his attention to software — chasing aging companies that public markets had largely forgotten.
First it was CA Technologies, which Broadcom agreed to acquire a year ago for $19 billion, snapping up a 42-year-old developer of software used by information technology teams.
Now, the company is in talks to acquire 37-year-old security software vendor Symantec, a company that's been plagued by deteriorating financials and a revolving door in the C-suite. Bloomberg reported on Tuesday that the companies were in advanced talks, and CNBC confirmed with sources familiar with the matter that discussions had been underway.
If the Symantec deal doesn't get done, Broadcom has also been working on a deal to acquire an infrastructure software company and has considered Tibco, according to three people familiar with the matter. Vista Equity Partners acquired Tibco for $4.3 billion in 2014. Bloomberg reported Vista was considering a Tibco sale last year.
Buying Tibco or another infrastructure software company would be delayed or sidelined indefinitely if the Symantec acquisition occurs, said the people, who asked not to be named because the discussions are confidential. Different sets of Broadcom advisors have been working on both deals simultaneously because Tan is determined to do a large acquisition this year, the people said.
The move would mark a fundamental shift for a company that's long counted on a few big buyers of processors for a significant chunk of revenue. Broadcom estimates that Apple, which buys components for phones and tablets, accounted for 13% of sales in the latest quarter (down from 17% a year earlier) through various suppliers including Foxconn. Aggregate sales to Broadcom's top five customers made up about 32% of revenue.
Broadcom needs software because its semiconductor business is hurting, primarily due to uncertainty surrounding Huawei. Since the Chinese networking giant was blacklisted in May from buying U.S. equipment without permission, Broadcom cut its forecast for semiconductor sales this year by $2 billion. The business was already struggling, with semiconductor solutions revenue dropping 10% or more in each of the first two quarters this year.
"It is clear that the U.S./China trade conflict, including the Huawei export ban, is creating economic and political uncertainty, and reducing visibility for our global" manufacturing customers, Tan said during the company's fiscal second-quarter earnings call last month. "As a result, demand volatility has increased and our customers are actively reducing inventory levels to manage risk."
Tan didn't know the Huawei ban was coming when Broadcom acquired CA in one of the biggest software deals ever, but he clearly recognized the need to diversify. After the deal, Broadcom divided itself up into three divisions: semiconductor solutions, infrastructure software and the very small intellectual property licensing business. Thanks to CA, infrastructure software now accounts for about a quarter of total revenue.
More importantly, it provides some level of hope for investors wondering where the company can turn as the core business declines.
Representatives from Broadcom and Symantec didn't respond to requests for comment. A Vista spokesman didn't immediately respond for comment.
Should Symantec agree to a deal, Broadcom would acquire a company that's currently valued at $15.5 billion (after reported talks pushed the stock up 14% on Wednesday) on $4.7 billion in annual revenue. Combining Symantec with CA, software would account for 37% of Broadcom's total revenue.
But Broadcom wouldn't be buying growth with Symantec. Sales at Symantec have dropped in three of the past four quarters, as newer cloud security providers have taken a bigger slice of the enterprise market and emerging companies focused on mobile devices have grabbed revenue from consumers.
Rather, Broadcom would be grabbing a highly recognizable brand in security software at what could be viewed as a discount since the company has had such instability in the managerial ranks. The latest blow came in May, when Symantec announced the unexpected resignation of CEO Greg Clark just three years into the job, and less than four months after the departure of finance chief Nicholas Noviello. Clark was the fourth CEO to step down in seven years and was replaced on an interim basis by Richard Hill, a director at the company.
At the same time in May, Symantec reported fourth-quarter revenue that trailed analysts' estimates and provided a disappointing forecast for the first quarter and full year of 2020, sending the stock tumbling 13%. Even after Wednesday's rally, the stock is down more than 10% from two years ago.
The key for Broadcom would be its ability to take somewhat of a private equity-type approach and get the most out of Symantec's subscription revenue while cutting back costs. Since it acquired a significant enterprise software sales staff from CA, there are presumably opportunities to merge the two groups and save some real money.
In a report on Wednesday, Piper Jaffray analysts wrote that they envision "a replay of CA strategy."
"We see Broadcom driving deeper relationships with selected customers in order to leverage the SG&A (selling, general and administrative) costs while abandoning the pursuit of new customers," the analysts wrote. "In addition, we can see an extension of the 'all-you-can-eat' strategy with Symantec as well, allowing Broadcom to further penetrate select customers."
Tan has made a career out of big deals. As CEO of Avago Technologies, he spearheaded the $37 billion acquisition of Broadcom in 2015 and became CEO of the combined company, which assumed the name Broadcom. He then tried to orchestrate an unsolicited purchase of Qualcomm, which would have cost over $100 billion. President Donald Trump blocked the proposed deal in March 2018, citing national security concerns — Broadcom was based in Singapore, but the company moved its headquarters to the U.S.
With Broadcom now domiciled in San Jose, California, an acquisition of a U.S.-based company such as Symantec or Tibco will not draw CFIUS oversight. That would prevent U.S. regulators from blocking a deal due to national security reasons. Still, regulators could strip a security company such as Symantec of certain clearances if they felt Broadcom ownership posed risks that could make a deal less appealing.