I'm not sure if it's really anti-trust. I think companies are being stingy with M&A because most companies are no longer worth the acquisition cost. They're looking for more "strategic" buys as money isn't cheap anymore. You're still seeing M&A, it's just occurring with more complimentary companies that actually add value (or hires) to their existing portfolios.
Biggest one IMHO is interest rates. The days of virtually-free credit lines are gone for the near to mid future - at least until the situations in Israel/Palestine and Ukraine/Russia are sorted out, but even then, China may want to take over Taiwan leading to the next global crisis.
Another reason is the AI craze. Everyone and their dog is focusing on being a/the dominant power in that area, so interest in "old tech" is waning.
And the last/smallest factor is that many of those individuals who exited in the last few years are hesitant where to put their money, and there is not much space for multi-billion dollar established companies to make acquisitions when they're all forced to let people go as a result of the post-/mid covid hiring spree and anti-trust authorities worldwide being very critical of more agglomerations at the moment - some because of strategic reasons (Europe in particular isn't looking too friendly to more of their companies being bought out by foreigners), some because they do not want to risk even more companies growing too-big-to-fail.
A combination of interest rates and cap tables being all messed up from 2021.
If you have a company that raised a 100m of preferred at a 500m valuation, are you going to take an offer for 150m? Most founders are just going to keep grinding hope things get better.
Will echo what many have said here already, but with a slight twist:
1. Anti-trust activity takes a HUGE portion of the liquidity that does M&A out of the market. That has a dynamic effect -- other players who are not under direct anti-trust scrutiny think twice about their potential M&A activity. This, in theory, should reduce M&A prices (reduction in supply supply), but this is probably largely offset by point 2.
2. Inflated valuations from 2021 era. Lots of companies raised ridiculous late stage rounds around this period. Then interest rates rose. Now your company that raised on 100x ARR is worth a lot less than it was. But the company still has to grow into and beat it's last valuation. Combined with the M&A dynamics, it's much harder to justify a post-money above what your last raise was if that raise was a post-covid valuation, unless the business is just truly on ripping (e.g. Wiz).
It's not anti-trust in the case of smaller acquisition targets. There are also fewer strategic acquirers in some if not all markets. For example, if you built a good product 10 years ago on top of an open source project, there were a number of companies looking to grow by acquisition, such as RedHat, VMware, Rackspace, and Salesforce. Of those only Salesforce is still a factor.
> interest rates are also hurting LBOs which shouldn't affect startup acquisitions but does affect PE
Reasonable hypothesis, but not quite. LBOs' share of American buyouts has been falling monotonically since at least 2015 [1]. Buyouts have increasingly been smaller add-on acquisitions, with tech dominating activity.
The reason anti-trust action has chilled M&A is because there were only four strategic buyers. Due to decades of failed anti-trust.
The other reason isn't so much weakness as much as pandemic-era valuation madness. Reasonably priced, a lot of start-ups would sell for less than their last valuation. That would seriously cut into the founders' pay-outs, which are usually based on common stock.
I can only really speak to Cybersecurity and other adjacent parts of Enterprise SaaS, and M&A activity is fairly strong in both.
The big issue is a number of startups in that space raised at very favorable terms with Growth Funds in 2019-23, which made them extremely expensive to acquire versus to either build in-house or conduct a tuck-in acquisition.
What's I've noticed is that if it costs greater than $100-150M to acquire, it's difficult to make a case for acqusition versus build in-house unless you are extremely behind and need an internal culture change (eg. Cisco and Robust Intelligence being similar in magnitude to Cisco's previous foray into SDN w/ Meraki)
Series C and below remains fairly robust ime, as we can see with Dig Security, Talon Security, Robust Intelligence, NeoSec, etc.
There have been a decent number of tuck-in acquisitions in 2024. Flow Security (CRWD) and Eureka Security (TNBL) were fairly notable.
The main open question right now is about AI Security and Safety - specifically, whether to build or buy.
Most other segments (DSPM, OT Security, Vulnerability Management, CNAPP, etc) have largely been acquired and consolidated.
The thing is, there aren't that many startups in the space left that garner mutual interest in acquisition.
It's basically bimodal now, whereby
- a number of Series B/C startups have enough cash in hand to potentially do a tuck-in for a Seed or Series A AI Safety/Security startup and as such don't want to get acquired by a larger company because they have a strategic path forward to differentiating themselves from larger players [Acquirers interested, Startups uninterested]
- a number of Series E/F companies that have raised capital at multi-billion valuations but do not have a path forward to generate revenue at those valuations (eg. Lacework valued at $9B but ARR shy of $100M) [Startups interested, Acquirers uninterested]
Most notably, the earlier stage startups are now founded by startup founders who already have a $1M-50M net worth now due to successful cybersecurity exits in the 2019-23 period (IPO or acquisition). You can see this first hand in the Israeli and Bay Area cybersecurity startup scene.
Databricks' acqusition of Tabular was absolutely strategic.
Both Databricks and Snowflake are in the process of integrating Iceberg capabilities into their own lakehouses, because the industry is consolidating towards Iceberg, especially after Clickhouse and Dremio integrated Iceberg support in 2022.
This is why Snowflake preemptively announced the Polaris Catalog right before the acqusition by Databricks was announced.
Databricks, Snowflake, Dremio, and Clickhouse are all competing for the same piece of the pie, and much like Cybersecurity in the late 2010s to early 2020s, there is a drive to "everything" platforms, and RFPs can absolutely get sank due to lack of capabilties in comparison to a vendor.
