🏦Financial Services

Regional Bank M&A: Merging Two SharePoint Tenants in 90 Days

Two separate Microsoft 365 tenants with conflicting user identities, permissions, and regulatory content post-bank merger

Regional Bank M&A: Merging Two SharePoint Tenants in 90 Days - Financial Services case study by SharePoint Support
3,200
Users Consolidated
8TB
Content Migrated
100%
Regulatory Holds Preserved
90 days
Migration Timeline

The Challenge

Two separate Microsoft 365 tenants with conflicting user identities, permissions, and regulatory content post-bank merger

Our Solution

Tenant-to-tenant migration with identity consolidation, regulatory hold preservation, and zero-disruption cutover during regulatory review period

Key Results

Two tenants merged into one
3,200 user identities consolidated
All regulatory holds preserved
90-day delivery under regulatory deadline
"The regulatory hold preservation was critical — we had active OCC examinations during the merger. SharePoint Support ensured zero disruption to our compliance posture throughout."
Chief Compliance Officer
Regional Bank

Project Overview

Following the acquisition of a competing regional bank, our client needed to merge two separate Microsoft 365 tenants into a unified environment within 90 days — the regulatory deadline set by the Office of the Comptroller of the Currency (OCC) for operational integration.

The Challenge

The merger created a complex technical and regulatory challenge:

- Identity conflicts: 1,800 users in Tenant A, 1,400 in Tenant B — many with similar names and overlapping email domains

  • Active OCC examinations: Regulatory holds in place in both tenants could not be disrupted during migration
  • Conflicting site structures: Both banks had independently developed SharePoint intranets, document libraries, and workflow systems
  • SEC retention requirements: All trading communications and financial records required continuous 7-year retention
  • Two weeks of parallel operations: Both tenants needed to operate simultaneously while migration executed
  • SOC 2 audit continuity: Annual SOC 2 audit was scheduled for month 3 — evidence trails could not be disrupted

    Our Solution

    We deployed a structured tenant-to-tenant migration approach with compliance as the primary constraint:

    Phase 1: Discovery and Compliance Mapping (Weeks 1-2)

    Before touching a single file, we mapped every regulatory hold, retention policy, eDiscovery case, and audit log retention configuration in both tenants. We documented the compliance state of both environments and defined the merged target state.

    Key finding: Tenant B had 47 active eDiscovery holds from a previous regulatory matter. These required special handling — hold memberships needed to migrate to the new tenant before the source content was moved.

    Phase 2: Identity Consolidation (Weeks 3-5)

    We used Azure AD Connect and Microsoft's IDFIX tool to resolve identity conflicts between the two tenants:

  • Conflicting UPNs (user principal names) resolved using new unified email domain
  • Azure AD objects deduplicated — preventing duplicate accounts post-migration
  • Service accounts audited and consolidated (63 service accounts in Tenant A, 41 in Tenant B, consolidated to 28)

    Phase 3: Compliance Framework Migration (Weeks 5-7)

    Before migrating any content, we migrated the compliance infrastructure:

  • All eDiscovery holds recreated in the target tenant
  • Retention policies recreated with identical scope and timeline
  • DLP policies from both tenants merged (removing duplicates, resolving conflicts)
  • Sensitivity labels consolidated into unified taxonomy

    Phase 4: Phased Content Migration (Weeks 7-14)

    Content migrated in regulatory risk tiers:

  • Tier 1 (Non-sensitive, no holds): Migrated first with Sharegate, minimal verification
  • Tier 2 (Retention labels, no active holds): Migrated with retention label mapping verification
  • Tier 3 (Active eDiscovery holds): Migrated last with full hold membership verification and legal team sign-off

    Phase 5: Cutover and Validation (Weeks 15-16)

    48-hour cutover window with:

  • Both tenants in read-only mode for 4 hours during final sync
  • Legal hold verification by in-house counsel before Tenant B decommission
  • Regulatory submission of integration completion documentation

    Results

    Operational integration delivered on time:

The OCC deadline was met with 2 days to spare. The merged organization operated as a single Microsoft 365 tenant from day 91.

Compliance continuity maintained: No eDiscovery holds were disrupted. All 47 active holds from Tenant B were successfully recreated in the merged tenant with complete custodian membership. The OCC subsequently reviewed the migration and found no compliance gaps.

SOC 2 continuity: The scheduled SOC 2 audit proceeded as planned in month 3. The audit firm accepted our migration documentation as evidence of control continuity, and the organization achieved SOC 2 Type II recertification without qualification.

IT consolidation achieved: IT support costs reduced by 35% through elimination of duplicate systems, consolidated license management, and unified administration.

Ready for Similar Results?

Let our SharePoint experts help you achieve your goals. Schedule a free consultation to discuss your project.

Get a Free Consultation