National security merger screening changes proposed in the UK

Merger control experts Paul Williams and Tadeusz Gielas of Pinsent Masons were commenting after the government announced a series of proposed reforms to the regime that operates under the National Security and Investment Act 2021 (NSIA). The proposals, trailed in the industrial strategy published by the government in June, include refining the sectors of the economy subject to the regime, and creating new exemptions for certain internal reorganisations. They are aimed at reducing regulatory burdens on businesses while maintaining robust national security protections.

The NSIA came into force on 4 January 2022. Under the current regime, businesses and investors must notify the government of certain ‘notifiable acquisitions’ that relate to 17 sensitive areas of the economy. Notifiable acquisitions include the acquisition of a 25% stake or more, or equivalent levels of voting rights, including, in certain cases, certain shareholdings or voting rights which carry extensive ‘veto’ rights, in an entity carrying on activities in the UK or supply goods or services to people in the UK, as well as to certain increases in interest above the 25% threshold. Transactions subject to mandatory notification require approval from the UK secretary of state in the Cabinet Office, and can be subject to in-depth review, following a ‘call-in’ notice.

Transactions that are not required to be notified can also be 'called in' for a national security review by the secretary of state. Voluntary notifications can be made by businesses where potential national security concerns arise. 

Under the government’s proposals, which are open to consultation until 14 October, the scope of mandatory notification requirements would be streamlined via amendments to the Notifiable Acquisition Regulations (NARs). The government plans to update how sectors in scope of the NARs are defined in light of its review last year of the NARs and feedback it had received, to improve clarity, and to bring the sectors up to date with the latest economic and technological developments.

Under the plans, the number of distinct sectors in scope of the NARs will rise, from 17 to 19. Water is proposed to be added to the list of sectors, while semiconductors and critical minerals will be carved out from the advanced materials sector they currently fall under. The current computing hardware sector will be subsumed within the new semiconductors sector.

In relation to the water sector, the government said: “The water sector will be receiving around £100bn of investment between 2025 and 2030, and it is important to ensure the right security protections are in place to enable this investment in line with the government’s growth mission. The addition of water as an NSI mandatory area would strengthen the government’s ability to take action on national security grounds and increase its awareness of changes of ownership that could create national security risks.” 

Under its proposals for bringing water in-scope, the government intends the NSI regime to apply to cover the regional water and wastewater monopolies operating across England and Wales. On that basis, the government expects at least 17 companies to be brought into scope of the NARs.

The scope of mandatory notification requirements applicable in the AI sector would also be changed, under the government’s plans. The government wants to remove notification requirements for entities conducting low risk activities involving consumer AI, while requiring notification for entities developing AI systems, or that test the safety or security of AI systems, evaluate the risk of disinformation or misinformation, or conduct research into the capabilities of AI systems that could potentially create a risk to the health, safety or security of persons.

Another change planned is to how the data infrastructure sector is defined. The new definition will capture third-party operated data centres, including data processing and data storage facilities, in addition to those offering peering/interconnection or subsea cable connections. This proposed change, the government said, is to “reflect the changing national security risks”.

How the critical suppliers to government sector is defined is also subject to potential refinement. Under the proposals, the sector would be widened to include suppliers of certain services – including accounting, facilities managements, HR, IT and security – to a specific list of UK ministerial departments.

Paul Williams said: “These developments suggest a more nuanced and risk-based approach to national security screening, which should provide greater certainty for investors and advisers.

“However, the current consultation only covers proposed updates to the sensitive sector definitions where mandatory NSIA notification may be required, it does not cover proposed notification exemptions under the regime for certain internal reorganisations and the appointment of liquidators.”

“It is hoped the UK government will soon launch a separate consultation on its proposals to implement targeted exemptions in the NSIA regime for certain types of internal reorganisations or appointing liquidators, special administrators and official receivers – as these are likely to materially reduce the regulatory burden on certain businesses,” he said.

“Overall, the proposed changes represent a measured and pragmatic evolution of the UK’s investment screening regime. They reflect a growing confidence within government about how to balance openness to investment with the need to protect national interests. For businesses, the message is clear: the UK remains open for business, but with eyes wide open,” he said.

The changes the government is considering are designed to reduce the number of notifications and allow the Cabinet Office’s Investment Security Unit (ISU) to focus its resources on genuinely high-risk transactions. The government has estimated that the cost to business of an average NSIA notification is between £30,000 and £40,000, with wide variation outside the range depending on the complexity of the particular deal. It has further estimated that its proposed NARs changes could result in “around 10 fewer or 35 more notifications per year”.

This shift is backed by data from the NSIA annual report for 2024-2025 that was published in parallel with its consultation on NARs amendments.

According to the report, of the 1,143 notifications received during the reporting period, 56 were called in for further assessment – 49 notified transactions and seven called-in for review. Remedies were imposed in relation to 16 transactions, with just one of the 56 transactions blocked. This is an increase from the five final orders which were issued in 2023-24. The report also highlighted an increase in the number of notified acquisitions the government reviewed in 2024-25, to 1,079 from 847 in the previous reporting period. More than 95% of the notifications in each of the years resulted in no further action being taken.

Pat McFadden, the chancellor of the Duchy of Lancaster, who provided the foreword to the report, said the statistics are “testament to a system that is working”, that “the vast majority of inward investment continues to pose no threat to our national security”, and that “most businesses will never need to interact with the takeover screening process”.

According to the report, most NSIA notifications relate to acquisitions in the defence, critical suppliers to government, and military and dual use sectors, with the majority of acquirers linked to the UK, followed by those from the US.

During the 2024-25 reporting period, out of the 17 final orders issued, the highest number involved acquirers linked to the UK, followed by those linked with China and the US. The largest number of the final orders related to acquisitions in the defence and military and dual use sectors.

Tadeusz Gielas said: “The annual report indicates that the UK government increasingly views economic security as closely linked with national security, particularly in light of geopolitical instability and the rapid development of frontier technologies such as AI and quantum computing. This means that even as the regime becomes more targeted, the underlying policy rationale remains expansive.”

“Demonstrating a balanced approach that acknowledges the complexity of the NSIA regime, it is notable that during the most recent reporting period the government identified 60 offences of completing a notifiable acquisition without approval, but did not impose penalties in those cases. Instead, parties were required to provide reassurance to the government that steps had been taken to prevent any future non-compliance,” he said.

Williams added: “In practical terms, businesses contemplating transactions in sensitive sectors should continue to assess NSIA risk early in the deal process. While the proposed reforms may reduce the number of mandatory filings, there will be greater focus on risk sectors including AI, defence and critical government suppliers.”