Mergers & Acquisitions

Overview

• In Australia, takeovers are regulated by the Corporations Act 2001 (Cth) and associated regulatory policy. Takeover rules apply to acquisitions of companies listed on the Australian Securities Exchange (ASX), ASX-listed managed investment schemes (MISs), and unlisted Australian companies with more than 50 shareholders.
• Cyber security and data governance issues are increasingly central to merger and acquisition (M&A) activity. Acquirers not only assume assets and market opportunities but also inherit the target’s data holdings, systems, vulnerabilities and privacy risks. The integration of information technology (IT) infrastructure and compliance frameworks presents challenges that can affect deal value, regulatory approval, and post-merger performance.
• Privacy and competition law are also closely linked. The consolidation of data through mergers can raise concerns under both competition and privacy frameworks, particularly where large datasets are combined or sensitive personal information is involved.

Background

• As foreshadowed in the overview, cyber security has become a defining consideration in M&A transactions. Acquirers must evaluate not only the commercial and financial aspects of a target but also its cyber resilience, data governance, and history of compliance with privacy and security obligations. Failures in these areas can reduce purchase price, delay completion, or result in significant post-merger liabilities.
• International case studies illustrate these risks. Verizon’s acquisition of Yahoo in 2017 uncovered undisclosed data breaches that led to a USD 350 million reduction in purchase price. Marriott International’s acquisition of Starwood Hotels revealed a compromised reservation database that later attracted regulatory penalties and class actions.
• The Office of the Australian Information Commissioner (OAIC) in 2024 emphasised that merger reforms should take account of privacy impacts, particularly where mergers involve the acquisition of large datasets or sensitive personal information. It recommended that the Australian Competition and Consumer Commission (ACCC) consider privacy as part of its assessment of consumer interests, and that consultation between regulators be required where mergers raise significant privacy issues.

Legal Framework

• The Corporations Act 2001 (Cth) contains the principal rules relating to takeovers in Australia, including acquisitions of more than 20% of a listed entity or MIS:
  • Part 2D.1 – directors’ duties and powers, relevant to target board decision-making.
  • Chapter 5 – schemes of arrangement, used as alternatives to takeover bids.
  • Chapter 6 – regulation of takeover bids and acquisition of substantial interests.
  • Chapter 6A – compulsory acquisition procedures.
  • Chapters 6C and 6CA – shareholding disclosure requirements and continuous disclosure obligations.
  • Part 7.10 – insider trading and securities offences.
  • Chapter 6D – fundraising rules, relevant in the context of scrip bids.
• Other relevant instruments include:
  • ASX Listing Rules and associated operating rules.
  • Competition and Consumer Act 2010 (Cth) – merger control provisions, prohibiting acquisitions that have the effect, or likely effect, of substantially lessening competition. Major reforms were introduced by the Treasury Laws Amendment (Mergers and Acquisitions Reform) Act 2024 (Cth), which established a new mandatory and suspensory clearance regime. Since 1 July 2025, parties have been able to voluntarily notify the Australian Competition and Consumer Commission (ACCC), and from 1 January 2026, clearance by the ACCC will be required for acquisitions meeting statutory control and monetary thresholds. The regime replaces informal clearance and merger authorisation pathways, which will cease on 31 December 2025. The ACCC will apply a revised substantial lessening of competition test, expressly including acquisitions that create, strengthen or entrench substantial market power. The regime also includes a three-year cumulative lookback rule and a new public register of notified acquisitions.
  • Foreign Acquisitions and Takeovers Act 1975 (Cth) – governing foreign investment approvals, as amended by the Protecting20Australia’s20National20Security)20Act20202020(Cth)?topicparent=CyberLaw/AustralianCyberLawMap.MergersAcquisitions" rel="nofollow" title="Create this topic">Foreign Investment Reform (Protecting Australia’s National Security) Act 2020 (Cth). The inclusion of critical infrastructure definitions links this framework to the Security of Critical Infrastructure Act 2018 (Cth), extending notification requirements and review powers of the Foreign Investment Review Board (FIRB).
  • Sector-specific legislation, such as the Banking Act 1959 (Cth), Financial Sector (Shareholdings) Act 1998 (Cth), and Insurance Acquisitions and Takeovers Act 1991 (Cth), which impose additional ownership and prudential restrictions.

Regulatory & Policy Framework

Relevant Organisations

• Australian Competition and Consumer Commission (ACCC) – from 1 January 2026, the ACCC will administer the mandatory and suspensory merger clearance regime under the Competition and Consumer Act 2010 (Cth) as amended by the Treasury Laws Amendment (Mergers and Acquisitions Reform) Act 2024 (Cth). Parties must notify acquisitions that meet statutory control and monetary thresholds, and may not complete until cleared. Acquisitions required to be notified but not cleared are void. The ACCC applies the revised substantial lessening of competition test, including acquisitions that create, strengthen or entrench market power.
• Australian Competition Tribunal – provides limited merits review of ACCC determinations. Appeals must be lodged within 14 days of the ACCC’s decision and are generally confined to the material before the ACCC.
• Australian Securities and Investments Commission (ASIC) – administers the takeover and disclosure provisions of the Corporations Act 2001 (Cth), with broad powers to grant relief and exemptions. ASIC issues regulatory guides interpreting disclosure and conduct requirements in takeover bids and schemes.
• Australian Securities Exchange (ASX) – administers listing rules, disclosure requirements, and market conduct relevant to listed entities. While not a takeover regulator, ASX rules intersect with Corporations Act obligations for listed companies.
• Foreign Investment Review Board (FIRB) – advises the Treasurer on proposals under the Foreign Acquisitions and Takeovers Act 1975 (Cth). FIRB scrutiny has intensified in respect of critical infrastructure, data-rich assets and foreign government investors, often involving consultation with the ACCC and Australian Taxation Office (ATO).
• Takeovers Panel – the primary forum for resolving takeover disputes. The Panel may declare circumstances unacceptable and make remedial orders on a principles-based basis, ensuring acquisitions of control occur in an efficient, competitive and informed market.

• Australian Competition and Consumer Commission (ACCC), Mergers and Acquisitions – Merger Control Regime and Transition Guidance (2025).
• Australian Competition and Consumer Commission (ACCC), Submissions to External Consultations (2023–2024).
• Parliamentary Joint Committee on Corporations and Financial Services, Inquiry into ASIC’s Response to Reports of Alleged Misconduct (July 2024)
• Parliament of Australia, Treasury Laws Amendment (Mergers and Acquisitions Reform) Bill 2024 – Senate Economics Legislation Committee Inquiry and Passage (assented 10 December 2024).
• Treasury, Merger Reform Consultation (20 November 2023 – 19 January 2024)
• Treasury, Merger Reform Resources – Competition Review and Government Response (2023–2025):
  • Australian Government, Merger Reform: A Faster, Stronger and Simpler System for a More Competitive Economy (10 April 2024).
  • Australian Government, Merger Reform for a More Competitive Economy: Government Response to Consultation (10 October 2024).

Industry Materials

• 'Australia – Global Public M&A Guide', Baker McKenzie (Web Page, 1 January 2025).
• Australian Competition and Consumer Commission, Merger Control Regime (Web Page).
• Australian Competition and Consumer Commission, Merger Reform (Web Page).
• David Eliakim et al, King & Wood Mallesons Guide to Takeovers and Schemes in Australia (Report, 2025).
• E Lee Reichert, ‘Mergers and Acquisitions in Cyberspace: Navigating the Black Holes’ (2005) 6 UC Davis Business Law Journal 6.
• Jacqueline Downes et al, ‘New Rules, New Risks: Australia’s New Merger Regime Has Officially Commenced’, Allens (Web Page, 3 July 2025).
• Mark McNamara et al, 'Navigating Australia’s Evolving M&A Regulatory Landscape: A Strategic Playbook for Financial Sponsors’ (Web Page, 15 August 2025).
• Office of the Australian Information Commissioner, Reforming Mergers and Acquisitions – Exposure Draft Submission (Report, 2021).

Related Topics

• Directors' Duties