The HSR Pulse: Navigating the 2026 M&A Data Surge

The latest HSR filing data signals a new baseline for deal teams. While February’s 188 filings are lower than the December surge, the rise in the jurisdictional threshold to $133.9 million means every qualifying transaction now carries a larger data footprint. eDiscovery units must shift from reactive fire‑drills to proactive data mapping, ensuring custodians and repositories are catalogued before a filing triggers the statutory clock. This operational discipline reduces over‑collection, curtails costs, and preserves defensibility in the face of aggressive Second Request investigations.

Cybersecurity has moved from a post‑close checkbox to a deal‑making lever. Buyers increasingly demand escrow holdbacks tied to a target’s network segmentation, patch management, and supply‑chain visibility. Early‑stage security diligence—conducted during the Letter of Intent—allows acquirers to flag persistent threat actors or legacy vulnerabilities before integration, protecting valuation and avoiding costly breach remediation. As digital risk becomes a valuation metric, security leaders must embed compromise assessments into the M&A workflow, treating cyber health as a core component of transaction economics.

Regulatory volatility adds another layer of complexity. A federal court vacated the FTC’s expanded HSR form in February, only for the Fifth Circuit to issue a stay, leaving both the old and new forms potentially operative. This uncertainty forces organizations to maintain parallel compliance playbooks, automate classification of dark data, and establish clean‑room environments for sensitive information exchange. Firms that can pivot quickly between filing regimes while keeping data governance tight will not only meet legal obligations but also gain a competitive edge in a market where agility is as valuable as capital.