Corporate M and A 2026

PORTUGAL Trends and Developments Contributed by: Martim Morgado and Joana Geada dos Santos, CS’Associados

ed risks, but also in other areas, such as litigation and intellectual property, albeit still at a relatively high-cost level when compared to traditional W&I coverage. Foreign direct investment and the Foreign Subsidies Regulation Notwithstanding the absence of significant amend - ments to the national screening regime, investors and advisers increasingly assess potential governmental scrutiny at an early stage of transaction planning, par - ticularly where strategic assets or sensitive infrastruc - ture are involved. This reflects broader European developments rather than domestic enforcement trends. The EU focus on economic security has encouraged a more precau - tionary approach, making FDI analysis a standard component of regulatory due diligence in cross-bor - der transactions. In parallel, the EU Foreign Subsidies Regulation (FSR) began to play a more visible role in transactions involving non-EU investors benefiting from potential state-backed financing. Although its practical appli - cation in Portugal remains limited, the regulation has introduced an additional layer of analysis in larger transactions, particularly those involving infrastruc - ture, energy and telecommunications assets. As a result, FSR clearance is progressively being incorpo - rated into transaction documentation as an important condition precedent, alongside merger control and foreign investment approvals, contributing to longer timetables and reinforcing the need for early regula - tory planning in complex M&A deals. Governance Challenges The growing interaction between regulatory frame - works – including cybersecurity, ESG and digital regu - lation – is likely to further shape transaction structuring and due diligence practices. As a result, successful transactions increasingly depend on early risk identi - fication, multidisciplinary advisory co-ordination and careful execution planning. ESG In 2025, ESG due diligence continued to be regarded as an integral component of transaction assessment, rather than merely an ancillary exercise.

Across all phases – from due diligence and valuation to post-merger integration and regulatory compliance – ESG factors significantly influence the structuring and execution of deals. Standard M&A due diligence now involves a thorough review of environmental regulations, labour rights, workplace safety and anti- corruption requirements, which can materially impact deal valuation and terms, potentially influencing the decision to proceed. Transaction documents specifically incorporate spe - cific warranties and indemnities addressing ESG mat - ters; in certain transactions, deferred payments or earn-out provisions are linked to the achievement of defined ESG objectives following acquisition. Despite ongoing challenges related to inconsistent ESG data and metrics, companies demonstrating robust governance and sustainability are typically viewed more favourably by investors. Cybersecurity Portugal has adopted a new Legal Framework for Cybersecurity through Decree-Law 125/2025 of 4 December, which transposes the EU NIS2 Directive into national law, and entered into force on 3 April 2026. The new framework considerably expands the scope of entities subject to cybersecurity obligations, clas - sifying them mainly as essential entities, important entities and certain relevant public entities. Covered organisations must implement robust risk manage - ment systems, adopt technical and organisational security measures, and comply with stricter incident- reporting requirements. Governance responsibilities are reinforced, requiring senior management involve - ment and structured decision-making processes, while the supervisory powers of the National Cyber - security Centre and sector regulators are increased. The new regime represents a paradigm shift in Portu - guese cybersecurity regulation, combining prevention, accountability and enforcement. Organisations must invest in planning, monitoring and internal cyberse - curity governance to meet the new standards. The reform therefore marks a transition from reactive com - pliance toward proactive cyber-risk management.

1055 CHAMBERS.COM

Powered by