Regulatory whiplash: shifting enforcement priorities changing deal strategy

April 2026  |  FEATURE | MERGERS & ACQUISITIONS

Financier Worldwide Magazine

April 2026 Issue

Dealmaking remains central to the prospects and ambitions of companies regardless of sector or jurisdiction. M&A is a fundamental and high-impact pillar of corporate strategy, often serving as the fastest route to growth, diversification and competitive advantage.

In today’s economic and geopolitical climate, companies are increasingly using M&A to acquire capabilities that can secure a competitive advantage. This is particularly evident in high-growth areas such as artificial intelligence (AI), but it is equally important in other aspects. The global economy is entering a new epoch in which the post-globalisation era has, over the last decade or so, been characterised by rising geopolitical tension, increased regulatory scrutiny and a shift from a bipolar world led by the US and China to a more multipolar economic environment that includes the European Union (EU).

As companies attempt to navigate the fragmented markets of the post-globalisation era and unlock growth opportunities in fast-evolving industries, many are turning to M&A.

M&A rebound

By most metrics, 2025 was a banner year for dealmaking as activity surged. Companies sought to reinvent themselves and stay ahead of technological disruption and shifting profit pools. AI continues to influence many aspects of business, and despite warnings of a valuation bubble, enthusiasm for AI‑related companies remains strong. This has been particularly evident in the US, where the combined market capitalisation of the ‘magnificent seven’ forms a significant share of the S&P 500.

According to PwC, AI is reshaping deal strategy across industries. Of the 100 largest corporate M&A transactions in 2025, roughly one‑third cited AI in their strategic rationale. The technology, manufacturing, and power and utilities sectors referenced AI most frequently.

Companies are also preparing for the substantial investment needed for AI infrastructure, which has driven M&A aimed at acquiring essential capabilities. Cyber security remains a key area of focus.

The M&A rebound extended well beyond AI. Bain & Co reported that deal value rose sharply in 2025, delivering the second‑highest year on record. Lazard noted that global M&A value increased by 40 percent, supported by a rise in megadeals, significant growth in large divestitures and strong sponsor‑led take‑private activity in North America.

Regulatory realignment in the age of AI

The dealmaking environment has been influenced by significant changes in the antitrust enforcement agenda of the US Federal Trade Commission (FTC) and the Department of Justice (DOJ). Following the re-election of Donald Trump, both agencies have adopted a less aggressive stance on merger enforcement. Under the leadership of Andrew Ferguson at the FTC and Gail Slater at the DOJ Antitrust Division, the agencies have increasingly embraced structural and behavioural remedies to address anticompetitive concerns.

Alongside the broader rebound in dealmaking, there have been notable shifts in regulatory enforcement affecting deal structuring and execution. Recent years have seen heightened scrutiny of data protection, financial crime, sanctions and competition, all of which influence valuation assumptions, jurisdictional choices and exit strategies for corporates, private equity investors and advisers.

There has also been a significant evolution in the regulatory treatment of AI. AI is now subject to a growing number of regulatory regimes. In the EU, the AI Act, which applies broadly to providers, deployers, importers and distributors of AI systems, became effective on 1 August 2024 and will be fully enforceable on 2 August 2027.

Despite uncertainty in the global economy, rising geopolitical challenges and expanding foreign direct investment regimes, M&A is firmly back on corporate agendas.

In the US, the Trump administration revoked the previous administration’s ‘Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence’ executive order and replaced it with a new directive titled ‘Removing Barriers to American Leadership in Artificial Intelligence’, issued on 23 January 2025. The new order instructed federal agencies to develop a coordinated action plan within 180 days to maintain and enhance the US’ global AI leadership. On 3 April 2025, the administration issued two additional memoranda outlining how federal agencies should use and procure AI technologies.

Meanwhile, several US states, including Utah, Colorado and Texas, have enacted AI-specific laws governing the development and use of AI tools. Alongside these requirements, existing federal, state and international data privacy laws continue to regulate the collection and use of personal data in training AI models, adding further compliance complexity.

Intensifying competition scrutiny in AI transactions

Competition regulators are also scrutinising AI sector deals, concerned that acquisitions and partnerships involving dominant technology firms could suppress competition and innovation. The Securities and Exchange Commission and the DOJ have signalled heightened vigilance regarding transactions involving AI, particularly those in which major technology companies seek to acquire AI competitors.

As AI becomes increasingly recognised as a strategic technology, governments are moving to prevent sensitive capabilities and data from falling under adversarial control. Non-US investment in US AI businesses is therefore subject to national security scrutiny. The Committee on Foreign Investment in the United States (CFIUS) can review, block or impose conditions on such transactions. Deals involving ‘critical technologies’ – a term that includes certain advanced software and hardware – are subject to mandatory CFIUS notification. Many AI-related technologies, including specialised chips, fall within this requirement.

The US is not alone in implementing such controls. The UK imposes similar requirements under the National Security and Investment Act, which mandates government approval for foreign investments in AI businesses. Antitrust regulators in the EU and the UK are also paying close attention to AI transactions. The EU’s competition commissioner has warned that dominant platforms may use acquisitions to consolidate their AI advantage. Under the Digital Markets Act, designated gatekeepers must notify the European Commission of all technology-sector acquisitions, enabling closer scrutiny of AI startup takeovers.

In the UK, the Competition and Markets Authority (CMA) has opened inquiries into several high-profile partnerships between major technology companies and AI start-ups, including Amazon’s minority stake in Anthropic and Microsoft’s expanded partnership with OpenAI. Although many investigations have closed without action because the targets were too small to trigger formal thresholds, the CMA has made clear that it will intervene if an AI deal poses a competition risk.

Companies participating in this space must consider a range of strategies to manage growing antitrust risks. Acquirers require a more targeted and proactive approach than in traditional transactions. Enhanced due diligence tailored to AI-specific issues is essential. This extends beyond standard reviews of contracts and intellectual property (IP) to include the provenance and licensing of training data, compliance with data protection regimes such as the EU General Data Protection Regulation (GDPR) and relevant US state laws, reliance on open-source or third-party components, cyber security resilience and the testing of AI systems for bias, fairness or other ethical concerns.

Engaging technical specialists or independent auditors to evaluate AI models can provide essential insight into hidden risks. These findings should be reflected in transaction documentation through bespoke representations and warranties addressing data rights, IP ownership and non-infringement, regulatory compliance and the absence of unlawful bias. These measures provide buyers with clear recourse should problems emerge after completion.

Where material or difficult-to-quantify risks arise, such as unresolved IP disputes or known privacy weaknesses, buyers may seek specific indemnities, escrow arrangements or holdbacks. Buyers may also consider warranty and indemnity insurance, although some policies now exclude certain AI-related exposures. If issues are capable of remediation, buyers may require corrective measures before completion, adjusting price or timelines if necessary.

Strengthening regulatory diligence in a shifting enforcement landscape

Regulatory considerations are increasingly central to deal planning. Early in the transaction process, acquirers should identify required approvals and notifications, including antitrust and national security reviews, and clearly allocate responsibility for securing them. This is particularly important in regulated sectors such as healthcare and financial services. Effective post-completion integration is also critical. Acquired businesses must be integrated into the buyer’s governance, compliance and risk management frameworks, supported by ongoing monitoring as AI regulation evolves.

Recent developments within the EU will have significant consequences for dealmaking. The European Court of Justice’s 2023 Towercast ruling fundamentally altered the antitrust risk profile of sub-threshold transactions. National competition authorities may now review deals that fall below traditional merger control thresholds under abuse of dominance rules, even after completion. This increases the risk of ex-post intervention and means regulatory scrutiny is no longer limited to pre-closing processes.

Similarly, new call-in powers in jurisdictions such as the Netherlands, France and Belgium allow authorities to review transactions that raise competition concerns even when turnover thresholds are not met. As a result, the absence of a mandatory filing requirement no longer guarantees regulatory certainty. Early and substantive antitrust analysis is now essential, including for deals that would previously have been viewed as low risk.

Anti-money laundering (AML) risks have also become increasingly important in M&A. The new EU AML package, which will take effect between 2025 and 2027, introduces a harmonised rulebook and strict supervision by the new Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA). Key changes include uniform customer due diligence requirements across the EU, a €10,000 cash transaction limit, enhanced regulation of cryptoassets and expanded obligations for high-risk entities.

AML deficiencies can derail transactions, damage reputations and in some cases affect a target’s business model by limiting market access or client relationships. AML risk is therefore a core area of legal and commercial due diligence across the financial sector and other industries, calibrated to a buyer’s risk appetite and the need to integrate the target into groupwide AML frameworks after completion.

Where issues arise, parties increasingly rely on bespoke protections such as pre-completion remediation obligations, conditions precedent, purchase price adjustments, indemnities and tailored warranties. However, uncertainty regarding regulatory outcomes can make precise quantification difficult, and warranty and indemnity insurance often excludes AML exposure.

Reputational harm is also difficult to mitigate, particularly when sanctions become public. In this environment, early identification, careful structuring and robust contractual protections are essential to ensure AML risks do not undermine deal value or strategic objectives.

Positioning for future transactional challenges

To prosper in the evolving dealmaking landscape, parties must be prepared for heightened scrutiny. They must conduct early, comprehensive regulatory assessments, anticipate multifaceted reviews and develop flexible strategies to address divergent enforcement approaches. Transactions are becoming increasingly complex and completion is becoming less certain. As a result, parties must be willing to engage proactively with legal advisers and regulators from the outset.

Despite uncertainty in the global economy, rising geopolitical challenges and expanding foreign direct investment regimes, M&A is firmly back on corporate agendas. Companies will continue to use it to drive growth, diversify and create competitive advantage. However, growing regulatory challenges require acquirers to be prepared for the scrutiny that accompanies their transactions.

By taking appropriate steps to identify and mitigate issues, particularly during the due diligence phase, acquirers will be better positioned to succeed in an increasingly regulated market. This will be particularly important as regulatory bodies across jurisdictions prioritise money laundering, financial crime and national security issues.

Acquirers must ensure that they have the appropriate deal structures in place and a clear understanding of what they are acquiring if they are to remain compliant. Parties must therefore consider antitrust and other regulatory risks from the outset. Doing so will help them navigate uncertainty as transactions progress. Allocating the necessary time and resources early in the process will help acquirers manage multiple regulatory processes, which will be especially important for cross-border transactions.

© Financier Worldwide

BY

Richard Summerfield

©2001-2026 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.