CCI employees share latest surveys, studies and evaluation on threat, compliance, governance, infosec and management points. Share particulars of your survey with us: editor@corporatecomplianceinsights.com.
M&A activism campaigns hit five-year excessive in 2025
Activist investor push-to-sell calls for reached a five-year excessive in 2025, rising 29% from 2024 and almost doubling from 2021, with greater than 70 US-based firms going through strain to pursue strategic transactions, in line with a brand new report from Diligent.
Shareholder resistance to M&A additionally peaked, with greater than 30 US-based firms going through investor pushback in opposition to offers, up from 19 in 2024, in line with Diligent’s 2026 report on shareholder activism. Past M&A, activists focused government pay misalignment as an entry level for broader governance reforms — of Russell 3000 firms that did not safe greater than 50% assist for his or her say-on-pay plans in 2024, 25% drew activist consideration in 2025, with campaigns mostly demanding the removing of a CEO or board member.
Total US activist exercise eased barely, with 579 firms going through activist calls for, down 3% from 2024. Settlements turned the dominant path to the boardroom, accounting for 89% of all board seat positive factors in 2025, up from 84% in 2024, whereas proxy contest wins declined 20% year-over-year.
Different key findings:
- Activist quick campaigns reached a multi-year excessive of 166 globally, up greater than 55% from 2024, with AI-focused tech shares a standard goal.
- Asia hit a five-year excessive with 246 firms going through public calls for, led by Japan at 56% of regional exercise.
- European activist exercise declined roughly 7.5%, with the UK remaining the regional hotspot accounting for greater than half of all European targets.
PE companies common greater than $2M per cyber assault
Cyber assaults trigger a median monetary impression of $2.1 million per incident for personal fairness companies, with a 53% probability a agency will lose greater than $500,000 and a 13% probability losses will exceed $5 million, in line with a survey from monetary and threat advisory Kroll.
The survey of 325 PE executives discovered that 94% suffered some monetary impression from cybersecurity threat, together with elevated ongoing compliance or cybersecurity prices (62%), oblique remediation or consultancy prices (46%) and lowered valuation or exit worth resulting from cyber incidents (26%). Some 80% of PE companies skilled disruption resulting from cyberattacks through the maintain interval, with 27% struggling outright enterprise disruption or downtime and 68% reporting cyber incidents are growing.
A major divide exists between bigger and smaller companies. Amongst companies with greater than $25 billion in belongings underneath administration, 81% embody cybersecurity due diligence as a typical a part of the transaction course of, in contrast with 29% of smaller companies. Some 55% of bigger companies govern cybersecurity threat by a proper mandate to portfolio firm managers, versus 12% of smaller companies, and 52% have a devoted cyber threat chief versus 15% of smaller companies.
Different key findings:
- Some 96% of PE companies anticipate the significance of portfolio cybersecurity to extend over the following 12 months.
- Over half (53%) imagine the monetary impression of cyberattacks will develop within the coming 12 months.
- Smaller companies rely closely on handbook monitoring (50%) and managed service suppliers (53%) moderately than devoted platforms.
Half of logistics professionals unprepared for UAE cargo safety enforcement
Many logistics professionals don’t absolutely perceive the UAE’s maritime preload cargo data (MPCI) regulation regardless of the submitting requirement having been in impact since Aug. 1, 2025, in line with a survey from Commerce Tech, a logistics expertise platform.
The survey of almost 400 logistics professionals discovered that 67% don’t have any system to trace MPCI submitting statuses, 50% have no idea who of their group is answerable for MPCI filings and 56% haven’t briefed companions or origin brokers on necessities. Enforcement is predicted to start after a grace interval ends in March 2026.
The MPCI program requires digital submission of containerized cargo data at the least 24 hours earlier than loading for home payments of lading and 6 hours for grasp payments of lading and applies to all containerized shipments to or transiting by the UAE.
CCI employees share latest surveys, studies and evaluation on threat, compliance, governance, infosec and management points. Share particulars of your survey with us: editor@corporatecomplianceinsights.com.
M&A activism campaigns hit five-year excessive in 2025
Activist investor push-to-sell calls for reached a five-year excessive in 2025, rising 29% from 2024 and almost doubling from 2021, with greater than 70 US-based firms going through strain to pursue strategic transactions, in line with a brand new report from Diligent.
Shareholder resistance to M&A additionally peaked, with greater than 30 US-based firms going through investor pushback in opposition to offers, up from 19 in 2024, in line with Diligent’s 2026 report on shareholder activism. Past M&A, activists focused government pay misalignment as an entry level for broader governance reforms — of Russell 3000 firms that did not safe greater than 50% assist for his or her say-on-pay plans in 2024, 25% drew activist consideration in 2025, with campaigns mostly demanding the removing of a CEO or board member.
Total US activist exercise eased barely, with 579 firms going through activist calls for, down 3% from 2024. Settlements turned the dominant path to the boardroom, accounting for 89% of all board seat positive factors in 2025, up from 84% in 2024, whereas proxy contest wins declined 20% year-over-year.
Different key findings:
- Activist quick campaigns reached a multi-year excessive of 166 globally, up greater than 55% from 2024, with AI-focused tech shares a standard goal.
- Asia hit a five-year excessive with 246 firms going through public calls for, led by Japan at 56% of regional exercise.
- European activist exercise declined roughly 7.5%, with the UK remaining the regional hotspot accounting for greater than half of all European targets.
PE companies common greater than $2M per cyber assault
Cyber assaults trigger a median monetary impression of $2.1 million per incident for personal fairness companies, with a 53% probability a agency will lose greater than $500,000 and a 13% probability losses will exceed $5 million, in line with a survey from monetary and threat advisory Kroll.
The survey of 325 PE executives discovered that 94% suffered some monetary impression from cybersecurity threat, together with elevated ongoing compliance or cybersecurity prices (62%), oblique remediation or consultancy prices (46%) and lowered valuation or exit worth resulting from cyber incidents (26%). Some 80% of PE companies skilled disruption resulting from cyberattacks through the maintain interval, with 27% struggling outright enterprise disruption or downtime and 68% reporting cyber incidents are growing.
A major divide exists between bigger and smaller companies. Amongst companies with greater than $25 billion in belongings underneath administration, 81% embody cybersecurity due diligence as a typical a part of the transaction course of, in contrast with 29% of smaller companies. Some 55% of bigger companies govern cybersecurity threat by a proper mandate to portfolio firm managers, versus 12% of smaller companies, and 52% have a devoted cyber threat chief versus 15% of smaller companies.
Different key findings:
- Some 96% of PE companies anticipate the significance of portfolio cybersecurity to extend over the following 12 months.
- Over half (53%) imagine the monetary impression of cyberattacks will develop within the coming 12 months.
- Smaller companies rely closely on handbook monitoring (50%) and managed service suppliers (53%) moderately than devoted platforms.
Half of logistics professionals unprepared for UAE cargo safety enforcement
Many logistics professionals don’t absolutely perceive the UAE’s maritime preload cargo data (MPCI) regulation regardless of the submitting requirement having been in impact since Aug. 1, 2025, in line with a survey from Commerce Tech, a logistics expertise platform.
The survey of almost 400 logistics professionals discovered that 67% don’t have any system to trace MPCI submitting statuses, 50% have no idea who of their group is answerable for MPCI filings and 56% haven’t briefed companions or origin brokers on necessities. Enforcement is predicted to start after a grace interval ends in March 2026.
The MPCI program requires digital submission of containerized cargo data at the least 24 hours earlier than loading for home payments of lading and 6 hours for grasp payments of lading and applies to all containerized shipments to or transiting by the UAE.
