NDA fundamentals for M&A advisors
NDAs are treated like boilerplate. In M&A that is a mistake. Seven questions every sell side advisor should answer before signing a buyer NDA.
NDAs are often treated like boilerplate. In M&A, that's a mistake.
A weak NDA can quietly give buyers more leverage than the seller realizes before diligence even starts. The wrong scope of confidential information, the wrong term length, the wrong residuals clause: each one shifts power before the LOI is even on the table.
This piece walks through the seven questions every sell side advisor should answer before signing a buyer NDA. The structure adapts directly from the LockRoom 7 Key Questions guide, expanded with additional context.
What's the real scope of confidential information?
The NDA's definition of "confidential information" determines what's protected and what isn't. Most templates use language so broad it's practically unenforceable.
What you want: confidential information defined as any information disclosed by the seller to the buyer in the context of the potential transaction, marked or identified as confidential at the time of disclosure or reasonably understood to be confidential given the context.
What to exclude:
- Information already public
- Information that becomes public other than through buyer breach
- Information the buyer already had from independent sources
- Information independently developed by the buyer
Don't accept overly narrow definitions ("only documents stamped CONFIDENTIAL") or overly broad ones ("any information ever discussed between the parties").
Can you control who sees the information?
Most NDAs allow the buyer to share confidential information with their "representatives", meaning their lawyers, accountants, advisors, and employees with a need to know.
What to lock down: identify and limit who counts as "representatives." Some sellers require approval before specific representatives get access. Others limit by role (outside counsel and named QofE provider only).
Is the NDA reciprocal?
Sell side processes are usually unilateral (only the seller's information is confidential). Increasingly, sellers want to know information about the buyer (their financial capability, their other portfolio investments, their reasons for interest) and need that information protected too.
Reciprocal NDAs (mutual obligations) almost always favor the seller in sell side deals. Buyers rarely have valuable information they're disclosing, but the symbol of reciprocity changes the negotiation tone.
Default position: push for mutual NDA. The buyer's standard form will be unilateral. Push back.
Who is responsible for insider leaks?
If a buyer's employee, advisor, or affiliate breaches the NDA, who pays?
What you want: the buyer is liable for breaches by all of their representatives, employees, affiliates, advisors, and agents. The buyer indemnifies the seller for damages from any such breach.
Without this language, the buyer can claim "it wasn't us, it was their advisor" and walk away. Standard NDA templates often miss this.
How long does confidentiality last?
Most NDA templates use "indefinite" confidentiality. Avoid this. Indefinite obligations are unenforceable in many jurisdictions and create operational headaches for both parties.
Standard term: 1 to 2 years for general M&A confidentiality. 3 to 5 years for trade secrets and customer information. Specific carve outs for material that should remain confidential longer (proprietary technology, customer relationships).
If the deal closes, the NDA terminates. If the deal doesn't close, the NDA continues for the agreed term.
Are there risky carve outs?
Watch for residuals clauses. A residuals clause says the buyer can use ideas, concepts, and know how that the buyer's employees retain in their memory, even if those came from the seller's confidential information.
Default position: residuals clauses are unacceptable. If the buyer insists on one, narrow it to specific, defined exclusions (general industry knowledge, public domain information).
Other risky carve outs:
- Compelled disclosure (NDA breached only if disclosure was voluntary)
- Government investigation cooperation (broad enough to swallow the rule)
- "Independently developed" exception (without proof requirements)
Should there be standstill or non solicit provisions?
Two clauses sell side advisors increasingly request:
- Standstill provision. The buyer agrees not to acquire seller securities, attempt hostile takeover, or accumulate shares for a defined period (typically 12 to 24 months). Protects against a buyer turning hostile after viewing confidential information.
- Non solicit / non hire. The buyer agrees not to solicit or hire seller employees for a defined period (typically 12 to 18 months). Protects against a buyer using diligence access to identify and recruit key employees.
Both are increasingly standard in lower middle market sell side NDAs. Buyers will negotiate the duration and scope; the question is whether the protection exists, not whether it's perfect.
When the NDA is signed
The NDA is just the gatekeeper. Once it's signed, the real work begins:
- Buyer gets Phase 1 data room access (anonymized financials, market overview)
- Buyer evaluates over 4 to 6 weeks
- Buyer submits indication of interest (IOI)
- Top buyers proceed to LOI negotiation
Where to read next
For the timeline that frames where the NDA lives in the broader sell side process, see The Sell Side M&A Process: 26 Week Timeline. For the LOI terms that follow buyer NDA signature and Phase 1 access, see LOI and Exclusivity in Lower Middle Market M&A. For the data room setup that supports the diligence the NDA is gating, see Setting Up a Virtual Data Room for Due Diligence.
7 Key Questions to Consider with NDAs
The full version of these seven questions with sample language and red flags by clause type. Free, no email gate.