What national security review can learn from merger control
August 2026 | SPECIAL REPORT: COMPETITON & ANTITRUST
Financier Worldwide Magazine
National security review has become a defining variable in almost all cross-border dealmaking. The world has entered a new age in which economic strategy and security are tightly interwoven and capital investment is increasingly judged through a security lens.
Security has always mattered to investment, and review bodies such as the Committee on Foreign Investment in the United States (CFIUS) have long reached well beyond defence, into chemicals, technology and infrastructure.
What is changing is the breadth of the net. As the concept of security stretches to absorb economic security, supply chain resilience and technological leadership, a far wider range of transactions is drawn into review, through procedures that differ across jurisdictions and reasoning that is often undisclosed.
That direction of travel runs against the path merger control has taken, where a quarter century of convergence has made multijurisdictional review more predictable. The risk is a fragmented landscape in which the same transaction is assessed differently in each jurisdiction it touches, and in which the parties cannot reliably anticipate the outcome.
In the US, controls of this kind are longstanding. The Mineral Leasing Act of 1920 restricted foreign nationals from holding federal mineral and energy leases. Section 310 of the Communications Act of 1934 limited foreign ownership of radio and broadcast licences. And CFIUS reviews of inbound investment has existed since 1975.
Other countries have maintained controls of their own, though to varying degrees. But broad CFIUS-style screening is now spreading across the globe, carried by conceptions of security that have grown strikingly broad.
By 2024, around 40 dedicated screening regimes were in operation worldwide, most of them in Europe, a sharp rise from the far smaller number in place two decades earlier. By the end of that year, 24 of the 27 European Union (EU) member states had national screening legislation in place, and a revised EU framework, agreed in principle by the parliament, Council and European Commission in December 2025, would require every member state to maintain a mechanism and would align national rules more closely.
If anything, the trend is intensifying: in 2024 the Organisation for Economic Co-operation and Development (OECD) recorded its first rise in investment restrictiveness in six years, concentrated in energy, critical minerals and financial services. And, in practice, all 27 EU member states have now enacted foreign direct investment screening legislation with Greece, Croatia and Cyprus enacting their frameworks in 2025-26.
The definitional problem
The proliferation of regimes is the visible part of the change. The deeper problem is definitional. National security has never had fixed boundaries, and governments continue to extend them. That is the heart of the difficulty: security is a category without a fixed edge, expanding with the political mood, and a boundary that moves cannot be mapped in advance.
A 2026 OECD background note describes the trend plainly: security considerations are expanding beyond defence to encompass economic security, security of supply, resilience and technological capability, even as jurisdictions continue to diverge in how they define the concept and its limits.
The EU published a dedicated economic security strategy in June 2023 and has since built an expanding toolkit around it, spanning investment screening, export controls and research security. The US, UK and Canada have moved in the same direction.
Executive Order 14083 of 2022 directed CFIUS to weigh supply chain resilience, technological leadership and sensitive personal data. The UK’s National Security and Investment Act 2021 created a standalone regime with mandatory notification across 17 sensitive sectors and Canada’s Investment Canada Act, modernised in 2024, reaches a comparable range of concerns.
A concept this elastic carries a cost. As its scope widens, an ever broader set of transactions is drawn into review, often in ways the parties cannot anticipate, and uncertainty of this kind is itself a deterrent to investment.
Capital is mobile: where an investor cannot predict whether a transaction will clear, or on what conditions, it will discount the opportunity, price in the added risk, or look elsewhere. Those costs fall even on transactions that pose no genuine security concern, and they are borne not only by the parties but by the economies that forgo the investment, the tax revenue, the know-how and the competition a beneficial transaction would have brought.
The burden is compounded by the multiplication of parallel reviews. A non-EU acquirer pursuing a target in Europe may face the EU Merger Regulation, one or more national investment screens, and the EU Foreign Subsidies Regulation, in force since 2023, each run by a different authority on its own criteria and timetable. Every additional layer adds cost, delay and the prospect of inconsistent outcomes.
What merger control achieved
This is the trajectory that merger control has avoided over the past quarter century. Merger review is now a feature of well over 100 jurisdictions, yet the cost of operating across them has, in important respects, fallen instead of risen, because those regimes have steadily converged.
The International Competition Network, established in 2001 and now comprising more than 130 competition agencies from over 120 jurisdictions, has worked with the OECD and United Nation’s Trade and Development (UNCTAD) to narrow the differences between national regimes.
Through instruments such as the International Competition Network’s ‘Recommended Practices for Merger Notification and Review Procedures’, and the OECD’s Recommendation on Merger Review (2025), agencies have converged on what must be notified, on timing and review periods, and on the substantive analysis applied, with the explicit aim of lowering the public and private cost of multijurisdictional review.
Convergence has not made the regimes identical, but it has made the system more predictable, and predictability is what lets parties plan, price and execute cross-border transactions with confidence.
National security review pulls in the opposite direction. Three features of the present landscape sit in tension with predictability. Definitions diverge sharply from one jurisdiction to the next, so that the same investor and target can be treated very differently depending on where the deal is examined.
The reasoning behind decisions is frequently opaque, and at times classified, which limits the guidance available to later parties and narrows the scope for review. And there is no shared substantive standard comparable to the competitive-effects analysis that anchors merger control.
This last point is not a gap that better drafting could close. As the OECD has observed, where security concerns rest on geopolitical assessments and intelligence inputs, the question is institutional rather than evidentiary: such judgments call for political accountability and are properly made by governments or specialised bodies, not reduced to a common analytical test.
The consequence for investors is nonetheless a setting in which a single transaction may be assessed against different criteria, through different procedures, with different outcomes, in each jurisdiction it touches.
A realistic path forward
There are serious arguments on each side. Governments point to genuine risks: the acquisition of critical infrastructure or sensitive technology by hostile state actors, dependencies that can be exploited for coercion and the transfer of know-how with military application.
These risks are real, and few states will cede their judgments to an external standard, so a degree of opaqueness and divergence is the price of an effective security policy. The business perspective does not contest the legitimacy of these concerns; it emphasises that indeterminate definitions and unpredictable procedures deter beneficial investment and impose burdens out of proportion to the security they deliver.
Both positions can be sound at once, which is what makes the problem difficult, and what makes a purely substantive solution unattainable.
The question is whether the investment side can recover some of the predictability that competition enforcement has built, without asking states to surrender judgments. The experience of merger control suggests that it can, provided expectations remain realistic.
Convergence on the meaning of national security is improbable, and may not be desirable, because the content of a security judgment is properly a matter for each state. Convergence on procedure is a different matter. The features that make multijurisdictional merger review workable are largely procedural: clear and objective tests for what must be notified, predictable timetables, reasoned decisions, transparency as to process, and access to independent review.
There is no reason in principle why investment screening cannot move toward the same disciplines while leaving the substance of security assessments to national authorities.
An initiative of this kind would build on foundations that already exist. The OECD’s 2009 ‘Guidelines for Recipient Country Investment Policies relating to National Security’ already commit adhering governments to non-discrimination, transparency and predictability, proportionality and accountability, including specifics such as strict review time limits and the protection of commercially sensitive information.
Those principles are useful and helped shape the EU’s own screening framework. Together with the OECD’s longstanding work on freedom of investment and UNCTAD’s analysis of screening mechanisms, they map much of the procedural ground already.
A soft-law set of recommended practices for investment screening, developed through these bodies and modelled on the convergence instruments that reshaped merger control, would be a natural next step.
Its aim would be modest but valuable: not to limit what a government may treat as a security concern, but to make the process by which it does so more transparent, more predictable and more consistent across borders. Predictability, convergence on procedure and due process are attainable even where agreement on substance is not.
Competition and national security are not opposing objectives, and the spread of investment screening is not, in itself, a cause for alarm. Open and competitive markets are themselves a source of national resilience and few would argue that a state should be indifferent to who controls its critical assets.
The risk lies not in the existence of screening but in its direction: an expanding and indeterminate concept of security, applied through opaque and divergent procedures, that fragments the global market for investment and leaves dealmakers unable to plan.
Merger control is the example worth keeping in view. Over a single generation, patient and multilateral work narrowed the differences between merger regimes and lowered the cost of operating across them, without asking any state to surrender its own substantive judgment. That is the model national security review should follow.
Hugh Hollman is general counsel, antitrust at Honeywell Aerospace. He can be contacted by email: hugh.hollman@honeywellaerospace.us.
© Financier Worldwide
BY
Hugh Hollman
Honeywell Aerospace
Q&A: Algorithmic collusion: antitrust enforcement
Cartel hunt: how enforcers use whistleblowers and AI to detect conspiracies
Competition regulation and enforcement trends in the EU’s digital economy
Canada tests limits with increased use of production orders
What national security review can learn from merger control