CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.
M&A activism campaigns hit five-year high in 2025
Activist investor push-to-sell demands reached a five-year high in 2025, rising 29% from 2024 and nearly doubling from 2021, with more than 70 US-based companies facing pressure to pursue strategic transactions, according to a new report from Diligent.
Shareholder resistance to M&A also peaked, with more than 30 US-based companies facing investor pushback against deals, up from 19 in 2024, according to Diligent’s 2026 report on shareholder activism. Beyond M&A, activists targeted executive pay misalignment as an entry point for broader governance reforms — of Russell 3000 companies that failed to secure more than 50% support for their say-on-pay plans in 2024, 25% drew activist attention in 2025, with campaigns most commonly demanding the removal of a CEO or board member.
Overall US activist activity eased slightly, with 579 companies facing activist demands, down 3% from 2024. Settlements became the dominant path to the boardroom, accounting for 89% of all board seat gains in 2025, up from 84% in 2024, while proxy contest wins declined 20% year-over-year.
Other key findings:
- Activist short campaigns reached a multi-year high of 166 globally, up more than 55% from 2024, with AI-focused tech stocks a common target.
- Asia hit a five-year high with 246 companies facing public demands, led by Japan at 56% of regional activity.
- European activist activity declined roughly 7.5%, with the UK remaining the regional hotspot accounting for more than half of all European targets.
PE firms average more than $2M per cyber attack
Cyber attacks cause an average financial impact of $2.1 million per incident for private equity firms, with a 53% chance a firm will lose more than $500,000 and a 13% chance losses will exceed $5 million, according to a survey from financial and risk advisory Kroll.
The survey of 325 PE executives found that 94% suffered some financial impact from cybersecurity risk, including increased ongoing compliance or cybersecurity costs (62%), indirect remediation or consultancy costs (46%) and reduced valuation or exit price due to cyber incidents (26%). Some 80% of PE firms experienced disruption due to cyberattacks during the hold period, with 27% suffering outright business disruption or downtime and 68% reporting cyber incidents are increasing.
A significant divide exists between larger and smaller firms. Among firms with more than $25 billion in assets under management, 81% include cybersecurity due diligence as a standard part of the transaction process, compared with 29% of smaller firms. Some 55% of larger firms govern cybersecurity risk through a formal mandate to portfolio company managers, versus 12% of smaller firms, and 52% have a dedicated cyber risk leader versus 15% of smaller firms.
Other key findings:
- Some 96% of PE firms expect the importance of portfolio cybersecurity to increase over the next 12 months.
- Over half (53%) believe the financial impact of cyberattacks will grow in the coming year.
- Smaller firms rely heavily on manual monitoring (50%) and managed service providers (53%) rather than dedicated platforms.
Half of logistics professionals unprepared for UAE cargo security enforcement
Many logistics professionals do not fully understand the UAE’s maritime preload cargo information (MPCI) regulation despite the filing requirement having been in effect since Aug. 1, 2025, according to a survey from Trade Tech, a logistics technology platform.
The survey of nearly 400 logistics professionals found that 67% have no system to track MPCI filing statuses, 50% do not know who in their organization is responsible for MPCI filings and 56% have not briefed partners or origin agents on requirements. Enforcement is expected to begin after a grace period ends in March 2026.
The MPCI program requires electronic submission of containerized cargo information at least 24 hours before loading for house bills of lading and six hours for master bills of lading and applies to all containerized shipments to or transiting through the UAE.
