Key takeaways
- The NDA is signed before any substantive financial information is shared, the teaser or blind profile can be distributed without an NDA, but customer names, financial details, and employee information require a signed confidentiality agreement first.
- NDAs in M&A typically include a standstill provision (preventing signatories from acquiring company shares or soliciting customers for a period), not just a confidentiality obligation, read it carefully before signing.
- Staged disclosure, teaser, then CIM after NDA, then full data room after IOI, protects your competitive position by limiting sensitive information to buyers who have demonstrated genuine interest.
- Employee and customer confidentiality is the primary concern in most middle market processes; the NDA alone does not protect you if your banker distributes the CIM to 40 potential buyers who all have employees or customers in common with you.
Teaser vs. blind profile vs. CIM: the three disclosure tiers
Confidential M&A processes use a staged disclosure model that releases progressively more sensitive information as buyers demonstrate interest and commitment. Understanding the three tiers, and what should and should not be in each, prevents accidental disclosure before adequate protections are in place.
Information Disclosure Tiers in M&A
Scroll to see more →
The staged model serves two purposes: protecting competitive information from buyers who will not proceed, and creating an efficient process where buyer effort scales with their level of interest. Buyers who are serious sign the NDA and engage with the CIM; buyers who are not serious self-select out before receiving sensitive materials.
What the NDA actually covers, and what it does not
M&A NDAs are negotiated documents, not boilerplate. The seller's banker will provide a form NDA, but sophisticated buyers will redline it. Understanding the key provisions prevents signing an NDA that provides weaker protections than you expect.
Key NDA provisions to review: the definition of confidential information (should include all information about the business, not just written documents), the permitted use restriction (buyer may only use information for evaluating the transaction, not competitive intelligence), the standstill provision (buyer cannot acquire shares or solicit employees or customers for a period, typically 12-18 months), and the residuals clause (information retained in unaided memory is often excluded, negotiate this out if possible).
The standstill provision is as important as the confidentiality obligation. Without it, a strategic buyer who signs an NDA, reviews your financials, declines to proceed, and then approaches your top three customers has not technically violated confidentiality, but has used your information for competitive advantage. Ensure the standstill covers customer and employee solicitation, not just share acquisition.
Protecting employee and customer confidentiality
The most sensitive information in a middle market M&A process is not the financial statements, it is the employee and customer information. Employees who learn the company is for sale often begin interviewing elsewhere; customers who learn of a potential sale may accelerate renegotiations or seek alternatives.
Best practices for protecting employee and customer confidentiality: do not name employees below the top two or three management levels in the CIM; anonymize customers in the CIM (use "Customer A, Customer B" with industry and size descriptors); brief only the minimum necessary management team until an LOI is in hand; and work with your banker to target buyers who are less likely to have overlapping relationships.
Process confidentiality breaches, defined as material information reaching employees or customers before management was prepared to disclose, occur in approximately 18% of middle market M&A processes, most commonly through buyer contacts rather than banker contacts.
Processes with a buyer universe of fewer than 25 targeted buyers have a 40% lower rate of confidentiality breaches than those targeting 50+ buyers.
18%
M&A processes with a confidentiality breach
40% lower
breach rate with under 25 buyers vs. 50+
4 tiers
staged disclosure model: teaser → CIM → management presentation → data room
12–18 months
standard NDA standstill period for employee/customer non-solicitation
The NDA is not just a confidentiality agreement. It is a standstill agreement. Without a standstill provision, a strategic buyer who signs the NDA, reviews your financials, declines to proceed, and then approaches your top three customers has not violated the NDA, but has used your information for competitive advantage. Always confirm the standstill covers customer and employee solicitation, not just share acquisition.
The teaser exists for one purpose: to get the right buyers to sign an NDA and nothing more. If your teaser contains information that could harm you if it reached a competitor, it has too much in it.
Work with Glacier Lake Partners
Get help structuring your confidentiality and disclosure process
We help founders design the staged disclosure process that protects competitive information while moving buyers efficiently toward an LOI.
Start a Conversation →Research sources
Explore adjacent topics
