Private Equity
Regulatory due diligence for telecoms and payments acquisitions
Private equity investment in regulated sectors requires specialist regulatory due diligence from day one. Telecoms and payments assets carry regulatory conditions that constrain valuation, growth plans and exit strategies. Generic regulated-sector DD frameworks applied to these sectors risk underestimating the impact of Ofcom and FCA oversight on returns.
Why PE regulatory due diligence matters now
Telecoms and payments regulation have increased in complexity. Ofcom conducts periodic market reviews across fixed access, mobile, business connectivity and other markets, setting SMP conditions that directly constrain wholesale pricing, access and product terms. The current Telecoms Access Review 2026-31 is one of several reviews with direct implications for acquisitions of network operators. The FCA’s operational resilience regime and critical third-parties rules under FSMA 2023 add operational cost and capital lock-up to payments acquirers. The Telecommunications (Security) Act 2021 requires designated operators to notify Ofcom of security incidents and comply with ongoing security assessments.
PE fund models assume scalability, margin expansion and debt capacity. Regulated sectors constrain all three. A consolidation plan in a telecoms market may be blocked or conditioned by CMA merger review, with Ofcom providing input on competition and spectrum issues. A plan to migrate customer data may trigger a DPIA and require new processor agreements. A plan to reduce capex by deferring network investment may conflict with General Condition obligations or spectrum licence coverage requirements.
Where PE investors get it wrong
PE regulatory DD typically falls into three patterns of underestimation.
First, investors apply generic “regulated sector” frameworks that miss telecoms-specific issues. A standard regulated-sector checklist covers licence compliance and enforcement history. For telecoms, this misses General Condition obligations (which apply to all providers), spectrum licence conditions (determining coverage obligations and service scope), numbering allocation constraints, Code Powers status and, where the target has significant market power, SMP conditions that constrain wholesale pricing and access terms. Not every telecoms acquisition involves SMP, but where it does, the impact on valuation is material.
Second, valuation models rarely account for regulatory downside. If the target is subject to SMP cost orientation obligations, that caps the upside from wholesale margin expansion. General Condition compliance, spectrum coverage obligations and TSA 2021 security requirements all carry ongoing cost. For payments targets, FCA safeguarding rules under Regulation 23 PSRs 2017 require client funds to be held in segregated accounts, reducing working capital availability by the full safeguarded amount. The new FCA safeguarding regime (PS25/12) adds further compliance cost through mandatory monthly returns and annual safeguarding audits.
Third, SHA provisions for regulated businesses do not adequately reflect regulatory carve-outs. Standard SHA reserved matters cover board appointments, new debt, major capex and M&A. For regulated businesses, reserved matters should also cover FCA change of control thresholds, CMA merger thresholds, NSIA mandatory notification triggers, and material changes to compliance frameworks. Management warranties should explicitly confirm regulatory compliance. Drag and tag provisions should address any regulatory constraints on changes in ownership structure.
| Common issue | Better approach |
|---|---|
| Generic DD frameworks missing telecoms-specific issues | Regulatory perimeter analysis covering General Conditions, spectrum and Code Powers |
| Valuation models ignoring regulatory downside | Scenario analysis modelling cost orientation caps and safeguarding capital lock-up |
| SHA provisions without regulatory carve-outs | Reserved matters reflecting regulatory approval thresholds |
| Management warranties not covering regulatory status | Warranties addressing General Condition compliance and authorisation scope |
| FCA authorisation scope not audited for payments targets | Safeguarding assessment and authorisation scope review completed pre-offer |
What good PE due diligence looks like
Bratby Law’s approach combines regulatory deep-dive, operator-side experience and transaction structuring.
We conduct a regulatory perimeter analysis identifying all material obligations affecting the investment thesis: Ofcom General Conditions, spectrum assignments and coverage conditions, Code Powers status, numbering constraints, TSA 2021 compliance and, where applicable, SMP conditions and their market review schedule. We produce a regulatory report mapping each obligation to the acquisition model and identifying valuation impact.
For payments targets, we audit FCA authorisation scope, safeguarding requirements, working capital lock-up impact, and operational resilience requirements. We assess the working capital impact and timeline for any outstanding FCA notifications.
We produce regulatory scenario analysis assessing upside and downside assumptions to feed into the fund’s financial modelling: base case assuming current regulatory conditions; upside if conditions are relaxed in the next Ofcom market review; downside if conditions are tightened or new obligations imposed. For payments targets, we assess FCA safeguarding and operational resilience cost assumptions.
We draft SHA reserved matters reflecting regulatory approval thresholds and management warranties confirming regulatory compliance status at signature.
How Bratby Law helps
PE transactions in telecoms and payments are typically led by a City or US corporate firm acting for the sponsor. We work as Specialist Co-counsel alongside the corporate lead, responsible for the regulatory due diligence workstream and regulatory input into deal structuring. The corporate team retains control of the SPA, financial modelling and fund documentation. We provide the regulatory depth: perimeter analysis, scenario assessment, SHA reserved matters drafting on regulatory thresholds, NSIA notification assessment, and post-acquisition integration planning that accounts for Ofcom and FCA constraints.
For smaller PE acquisitions where the sponsor does not require a full corporate team, we act as lead Advisor through our Direct Legal Advice model.
Our PE due diligence distinguishes between generic regulated-sector risk and sector-specific constraints that directly affect fund returns. We conduct regulatory perimeter analysis as a day-one investment decision point. We assess FCA compliance impact on working capital for payments targets. We produce regulatory scenario analysis assessing upside and downside assumptions for the fund’s financial model.
Frequently asked questions about private equity in regulated sectors
How does SMP regulation affect acquisition upside?
SMP conditions typically include cost orientation on wholesale pricing. Cost orientation caps wholesale revenue at underlying cost plus reasonable margin (typically 10-15%, set by Ofcom). An acquisition plan assuming aggressive wholesale margin expansion will be constrained. We assess the impact on EBITDA and identify when the next Ofcom market review offers the opportunity to have conditions removed.
What is the timeline for FCA change of control notification?
The FCA has 60 working days to assess a qualifying holdings notification under the PSRs 2017 (which can be extended by up to 30 working days if additional information is required). If the acquirer is not already FCA-authorised, a full authorisation application may be needed (3-6 months). We coordinate FCA pre-notification on day one and build approval into conditions precedent.
How much working capital is locked up in FCA safeguarding?
FCA safeguarding rules (Regulation 23 PSRs 2017) require safeguarded funds in segregated accounts or insurance-backed arrangements. For a GBP 100m payment services business with average customer fund balances of GBP 30m, safeguarding locks up at least GBP 30m. Working capital models should reduce available cash by the total safeguarded amount.
What compliance burden does the TSA 2021 impose?
The TSA 2021 applies to operators with critical network functions. Obligations include security measures, incident notification to Ofcom, and certification of compliance. The operational burden is typically 1-2 FTE for reporting and documentation.
How long does regulatory DD on a telecoms acquisition take?
Regulatory DD runs 4-8 weeks in parallel with financial DD. Critical path: Ofcom General Conditions review (1-2 weeks), SMP condition analysis (2-3 weeks), spectrum and numbering audit (2-3 weeks), Code Powers confirmation (2-3 weeks). FCA assessment adds 1-2 weeks.
Related transactions pages
See also our other transactions pages:
- Mergers and Acquisitions
- SaaS and Cloud Services
- Subsea Cables
- MVNOs and MVNEs
- Interconnection, Peering and Access Agreements
- Network Sharing and Co-location Agreements
- Digital Infrastructure Projects
- Data Commercialisation and Licensing
- NSIA Clearances
Independent directory rankings
Our specialist expertise is recognised in major independent legal directories:
- Chambers & Partners: Rob Bratby is ranked as a band 2 lawyer in the UK Guide 2026 in the “Telecommunications” category: Chambers
- The Legal 500: Rob Bratby is listed as a “Leading Partner – Telecoms” in London (TMT – IT & Telecoms): The Legal 500
- Lexology: Rob Bratby is featured on Lexology’s expert profiles as a Global Elite Thought Leader for data: Lexology
