The UK’s Competition and Markets Authority has opened a formal investigation into Microsoft’s dominance in cloud infrastructure and enterprise software, a move that could reshape how the world’s second-most-valuable company bundles and sells its products to businesses worldwide. The probe, announced on March 31, 2026, targets Microsoft’s practices in cloud computing, productivity software, and cybersecurity — three pillars that collectively generate the vast majority of the company’s commercial revenue.
This isn’t a preliminary market study. It’s a full-blown antitrust investigation.
The CMA said it has “reasonable grounds for suspecting” that Microsoft holds a dominant position in certain markets and may be abusing that position in ways that harm competition. According to The Register, the regulator is specifically examining whether Microsoft ties its cloud platform Azure to its widely used productivity tools like Microsoft 365 and Teams, creating conditions that make it prohibitively expensive or technically difficult for enterprise customers to choose rival providers. The investigation will also scrutinize Microsoft’s cybersecurity offerings and whether the company uses its entrenched position in operating systems and office software to steer customers toward its own security products at the expense of independent vendors.
Sarah Cardell, the CMA’s chief executive, framed the investigation as essential to protecting innovation. “Digital markets that work well are critical to growth across the UK economy,” she said in a statement accompanying the announcement. The regulator emphasized that no conclusion of wrongdoing has been reached, but the scope and specificity of the probe suggest months — possibly years — of intense regulatory scrutiny ahead.
Microsoft, for its part, responded with measured cooperation. A spokesperson told The Register that the company would “engage constructively” with the CMA. But behind the diplomatic language lies a company increasingly encircled by regulators on multiple continents who share a common concern: that Microsoft’s strategy of bundling cloud, productivity, and security products together is choking off competition in ways that ultimately hurt customers.
The timing matters. Microsoft has spent the past three years aggressively integrating AI capabilities — particularly its Copilot tools powered by OpenAI’s models — into virtually every product it sells. Azure’s growth has been turbocharged by enterprise demand for AI infrastructure, and Microsoft 365 Copilot has become a centerpiece of the company’s pitch to corporate IT departments. Every new integration point between Azure, Microsoft 365, and Windows creates another thread in what competitors describe as an increasingly inescapable web of interdependencies.
And competitors have been vocal about it.
The CMA investigation didn’t materialize from thin air. It follows years of complaints from cloud rivals, most notably Amazon Web Services and Google Cloud, as well as smaller European providers like OVHcloud and CISPE, a trade body representing European cloud infrastructure companies. CISPE filed a formal complaint with the European Commission in 2022 alleging that Microsoft’s licensing practices unfairly penalized customers who ran Microsoft software on non-Azure cloud platforms. That complaint was eventually settled in mid-2024 after Microsoft agreed to modify certain licensing terms for European cloud providers — but critics argued the concessions were cosmetic.
Google, which has been among the most aggressive in pushing regulators to act, has repeatedly argued that Microsoft’s licensing structure creates a “tax” on customers who want to use Google Cloud or AWS to run Windows Server or SQL Server workloads. The economics are stark: running certain Microsoft software on Azure can be dramatically cheaper than running the same software on a competitor’s cloud, not because Azure is inherently more efficient, but because of how Microsoft structures its licensing fees.
The cybersecurity dimension adds another layer. Microsoft’s security business surpassed $20 billion in annual revenue in 2024, making it larger than most standalone cybersecurity companies. Competitors like CrowdStrike, Palo Alto Networks, and SentinelOne have raised concerns — sometimes publicly, sometimes through back channels to regulators — that Microsoft bundles security features into enterprise agreements in ways that make it economically irrational for customers to purchase third-party alternatives. When an organization is already paying for Microsoft 365 E5 licenses that include Defender, Sentinel, and a growing list of security tools, the marginal cost of choosing Microsoft’s security stack is effectively zero. Competing against free is, to put it mildly, difficult.
The Regulatory Pincer Movement
The UK investigation doesn’t exist in isolation. The European Commission has been conducting its own inquiries into Microsoft’s cloud and bundling practices. In October 2025, the Commission opened a formal antitrust case examining Microsoft’s integration of Teams with Microsoft 365 — a case that began after Slack filed a complaint in 2020 alleging that the bundling of Teams with Office 365 violated EU competition law. Microsoft preemptively unbundled Teams from Microsoft 365 in Europe in 2023, but the Commission determined that this step didn’t fully address the competitive harm.
Across the Atlantic, the US Federal Trade Commission under Chair Lina Khan launched a broad investigation into Microsoft’s cloud computing practices before Khan’s departure. The status of that probe under the current FTC leadership remains unclear, but the groundwork — including extensive document requests sent to Microsoft and its competitors — has already been laid.
So Microsoft now faces coordinated, if not formally coordinated, regulatory pressure from three of the world’s most significant antitrust jurisdictions simultaneously. Each investigation has its own procedural timeline and legal standards, but the underlying theory of harm is remarkably consistent: Microsoft allegedly uses its dominance in one market (desktop operating systems, productivity software) to extend and entrench its position in adjacent markets (cloud infrastructure, cybersecurity, collaboration tools).
This is textbook tying and bundling theory, the same framework that underpinned the US government’s landmark antitrust case against Microsoft in the late 1990s over the bundling of Internet Explorer with Windows. The irony is not lost on industry observers. A quarter-century later, the products have changed — Azure instead of IE, Copilot instead of Media Player — but the strategic logic is strikingly similar.
Microsoft’s defense will likely center on consumer benefit. The company has consistently argued that integration is what customers want. Enterprises don’t want to manage a patchwork of disconnected tools from different vendors; they want unified platforms that work together out of the box. There’s truth to this. The complexity of managing multi-vendor IT environments is real, and many CIOs genuinely prefer consolidated stacks that reduce integration headaches. Microsoft’s market share in enterprise productivity — north of 85% by most estimates — reflects genuine product quality and network effects, not just anticompetitive behavior.
But the line between pro-competitive integration and anticompetitive bundling has always been blurry, and regulators are increasingly willing to draw it in places that make Microsoft uncomfortable.
The financial stakes are enormous. Microsoft’s Intelligent Cloud segment, which includes Azure, generated $96.8 billion in revenue in fiscal year 2025. Microsoft 365 Commercial, the backbone of its productivity business, added another $65 billion. If regulators force structural changes to how these products are priced, licensed, or bundled — for instance, requiring Microsoft to offer equivalent licensing terms regardless of which cloud platform a customer uses — the ripple effects would be felt across the entire enterprise technology industry. AWS and Google Cloud would stand to gain. Independent security vendors would breathe easier. European cloud providers, long squeezed by hyperscaler economics, might find new room to compete.
Conversely, if the investigations fizzle or produce only minor behavioral remedies, it would effectively validate Microsoft’s integrated go-to-market strategy and signal to other technology giants that aggressive bundling remains a viable competitive approach.
The CMA has not set a formal timeline for completing its investigation, but significant antitrust cases of this nature typically take 18 to 24 months to reach a provisional findings stage. Appeals can extend the process further. Microsoft’s legal and regulatory affairs teams — already managing the Teams unbundling case in Europe, the Activision Blizzard acquisition’s ongoing compliance requirements, and various AI-related regulatory discussions — will be stretched thin.
Wall Street has so far treated the regulatory risk as manageable. Microsoft’s stock barely moved on the announcement, reflecting a market consensus that even adverse regulatory outcomes are unlikely to fundamentally alter the company’s financial trajectory in the near term. Investors have seen this movie before. The 1998 antitrust case, which at one point threatened to break Microsoft into two separate companies, ultimately resulted in a consent decree that imposed behavioral restrictions but left the company intact. Microsoft not only survived but went on to become the most valuable company in the world.
But the competitive environment in 2026 is different from 2001 in important ways. Cloud computing is still a growth market, and the decisions regulators make now about bundling and interoperability will shape its structure for decades. AI is layered on top of everything, adding new dimensions of lock-in as enterprises build workflows around specific AI models and platforms. And the political appetite for reining in Big Tech, while inconsistent, is meaningfully greater than it was two decades ago — in Europe especially, but also in the UK, which has positioned the CMA as one of the world’s most active and assertive competition authorities since Brexit.
For Microsoft CEO Satya Nadella, who has spent a decade carefully cultivating an image of Microsoft as the friendly, open, partner-first technology company — a stark contrast to the combative Microsoft of the Gates and Ballmer eras — the investigation represents a narrative challenge as much as a legal one. The “new Microsoft” story depends on the perception that the company wins on merit, not through exclusionary practices. Multiple simultaneous antitrust investigations, regardless of their outcomes, complicate that story.
The CMA’s investigation also arrives at a moment when Microsoft’s relationship with OpenAI — in which it has invested over $13 billion and which powers much of its AI product lineup — is itself attracting regulatory attention. The FTC and CMA have both examined whether Microsoft’s investment in OpenAI constitutes a de facto merger that should have been subject to merger review. So far, neither regulator has taken formal action on that front, but the OpenAI relationship adds another variable to an already complex regulatory picture.
What happens next will depend on the evidence the CMA uncovers during its investigation — internal documents, economic analyses of pricing and switching costs, testimony from competitors and customers. Microsoft will mount a vigorous defense, backed by some of the world’s most experienced competition lawyers. The outcome is genuinely uncertain.
But one thing is clear. The era in which Microsoft could bundle its way to dominance across adjacent markets without serious regulatory pushback is over. Whether that changes anything about how the company actually operates remains to be seen.
Pingback: Microsoft’s Cloud Empire Faces Its Biggest Regulatory Threat Yet — And This Time It’s Coming From London - AWNews