Contract terms are only part of the picture
Even a well-drafted change of control clause does not capture the whole risk, because acquisitions can trigger mandatory regulatory regimes that operate independently of the contract. A transfer the parties are content with may still require government or regulator clearance, and the consequences of getting it wrong can be far more serious than a contractual breach.
So change-of-control analysis is two layers: the contractual triggers in each material agreement, and the regulatory approvals that apply to the transaction itself.
UK national security: the NSI Act
The National Security and Investment Act 2021, in force since January 2022, requires mandatory pre-completion notification of acquisitions in 17 sensitive sectors that cross 25%, 50%, or 75% shareholding or voting thresholds. Acquisitions of material influence over an entity are not caught by the mandatory regime, but can be called in for review by the Secretary of State, or notified voluntarily. It is one of the most consequential regimes because completing a notifiable acquisition without clearance renders the transaction void - not merely voidable - and exposes the parties to significant financial penalties and potential criminal liability.
There is no turnover or market-share de-minimis: if a deal is in a mandatory sector and crosses a threshold, it must be notified regardless of size. Proposed reforms would refine the sector definitions, so check the current scope for any deal in a sensitive area.
UK financial services: the FSMA controllers regime
For acquisitions of regulated firms, Part XII of the Financial Services and Markets Act 2000 requires prior FCA or PRA approval before acquiring or increasing control over an authorised firm. The control thresholds are graduated - broadly 10%, 20%, 30%, and 50% - which is far more granular than a typical contractual change of control definition, and acquiring control without approval is a criminal offence.
So a financial-services target adds a regulatory change-of-control layer that triggers at much lower shareholdings than the contract might. Updated FCA and PRA guidance governs how the assessment is carried out; build the approval timeline into the deal.
US and EU overlays
Cross-border deals add further regimes. In the US, CFIUS reviews foreign acquisitions in sensitive technology, infrastructure, and data sectors (mandatory in some cases), and Hart-Scott-Rodino requires pre-merger notification above a financial threshold. US law is also more permissive on anti-assignment: under the Restatement (Second) of Contracts, a term prohibiting assignment of the contract is presumed to bar only delegation of performance, not assignment of rights - and, critically, under the Bankruptcy Code a trustee can - subject to statutory exceptions, notably where applicable law excuses the counterparty from accepting performance from a third party - assign executory contracts despite an anti-assignment clause, an override with no English equivalent.
In the EU, the EU Merger Regulation requires notification where the parties exceed turnover thresholds and confers jurisdiction based on decisive influence over an undertaking, and the EU Foreign Subsidies Regulation adds a parallel notification regime for larger deals involving non-EU financial contributions. The point is general: a transfer enforceable or permitted under English law may face additional, sometimes overriding, requirements abroad.
Managing the regulatory layer
Treat the regulatory approvals as conditions to completion in their own right. Identify early whether the target operates in an NSI sector or is a regulated financial firm, and whether any foreign-investment or merger-control regime applies; build the clearances into the conditions precedent and the timetable, since some (notably NSI) must be obtained before completion on pain of voidness.
And remember the divergence in anti-assignment enforceability: a prohibition that holds in London may be overridden in a US bankruptcy. For cross-border deals, the contractual and regulatory analyses must be run together, jurisdiction by jurisdiction.
Use at the desk
Practical checklist
- Analyse regulatory approvals separately from the contractual change-of-control triggers.
- Check the NSI Act 2021 - notifiable acquisitions in 17 sectors (25/50/75%) are void if completed without clearance.
- For regulated-firm targets, obtain FCA/PRA approval under FSMA (control from 10%) before completion.
- For cross-border deals, check CFIUS and HSR (US) and the EU Merger and Foreign Subsidies Regulations.
- Remember a US bankruptcy trustee can override an anti-assignment clause - a London-enforceable prohibition may fail in New York.
- Build all clearances into the conditions precedent and the completion timetable.
This guide is informational only and is not legal advice. It does not replace advice from licensed counsel on the facts of a specific transaction.
Product demo
Use the guide for context. Use Veqtor for the Word documents.
Watch Claude compare negotiation drafts and create a separate Word document with proposed tracked changes.
See Veqtor work with Word redlines