Athens Strategies Ltd.'s CyberArk acquisition requires approval from Israeli, US, and EU antitrust authorities—a triple regulatory hurdle that carries a 70% probability of delayed timelines. Cybersecurity infrastructure receives heightened scrutiny across jurisdictions due to national security implications.
Regulators focus on market concentration in identity security and privileged access management, where CyberArk holds substantial share. Israeli reviews average 4-6 months for complex transactions. US Hart-Scott-Rodino filings trigger 30-day initial reviews, with second requests adding 6-12 months. EU Phase II investigations extend 90-125 working days beyond initial filings.
The Committee on Foreign Investment in the United States (CFIUS) reviews transactions involving cybersecurity assets protecting critical infrastructure. CyberArk's client base includes financial institutions and government contractors, elevating security considerations. Brussels applies strict merger control under the Digital Markets Act, examining whether combined entities could restrict competitor access or reduce innovation.
Extended reviews impose direct costs through legal fees, compliance work, and bridge financing. Athens Strategies must maintain separate operations until clearance, preventing integration synergies that justify acquisition premiums. Breakup fees typically range from 2% to 5% of transaction value if authorities block the deal.
Three outcomes remain possible: unconditional approval, conditional approval requiring asset divestitures, or prohibition. Divestitures reduce strategic value by forcing sales of business units to preserve market competition. Shareholders should monitor regulatory filing dates and authority statements for early approval signals—prolonged silence indicates deeper competitive concerns requiring extensive remedy negotiations.
Sources:
1 Yahoo Finance, "Palo Alto Networks Announces Offer to Purchase Relating to CyberArk Software Ltd.'s 0.00% Convertibl" (February 19, 2026)