Due diligence in tech Mergers and Acquisitions: How should sellers protect their business to ensure confident and risk-free deals?

Last Updated 03/08/2023

Most mergers and acquisitions (so-called “M&A”) transactions, when correctly practiced, follow a well-established and polished process. Its steps are quite standardized, which will often tempt the counsels involved – both strategic and legal – to apply their usual templates and follow the procedure they know, notwithstanding the industry or specific characteristics of the target and parties involved.

One of the main steps of such M&A processes is due diligence, in which the seller shows the purchaser all that makes up the target. This involves legal, financial, HR, tax, as well as operational analyses. In the case of tech companies, the purchaser will, in particular, need to convince itself that the target’s technology is worth going through with the deal.

The seller’s transparency is crucial in building the purchaser’s confidence, thus laying the ground for a successful deal. However, the seller also needs to ensure that it is not jeopardizing its business by sharing secrets, which could have dire consequences should the deal fall through.

We would like to share some often overlooked precautions that you can easily take as the prospective seller of a business. Of course, the list is not exhaustive (1), but we believe that it will help you gain confidence when entering negotiations. We also hope that it will avoid needless worries about the due diligence process, which often cause wariness from the prospective purchaser, making the negotiations tenser.

Evaluate the Purchaser

First and foremost, you should get to know the potential purchaser interested in your business. This includes getting a feel for the persons you will be dealing with, but, most of all, it means understanding their position with respect to that of the target.

You have most likely spent years developing a product, rolling out a strategy, and scaling a business. In that process, you will have found a sweet spot where your offering fulfills a need of your clients that is difficult for competitors to serve. The same is likely true for the purchaser that you are dealing with. Purchasing your business somehow fits their long-term strategy, which means that complementarity exists one way or another.

When entering discussions, we advise you to evaluate objectively whether there is a chance that the prospective purchaser could replicate your business without purchasing it, should the deal fail. To be clear, this is not a judgment of the purchaser’s intentions but one of its technical, operational, and financial capabilities.

Should you conclude that the purchaser could replicate your business without purchasing the target (thanks to information disclosed in the deal process), you will need to be more prudent in the way you go about the due diligence process. This is not to say that you should be suspicious of the purchaser, voice your suspicions or even abort the deal: You will simply need to take adequate technical or legal steps to ensure the safety of your business. On the contrary, if you believe that your business is in no way put at risk by the due diligence process, then you can allow yourself to be more forthcoming. Where it is reasonable, such transparency will often bear fruit by increasing the purchaser’s confidence and facilitating a successful and fair negotiation.

Non-Disclosure Agreements

Non-disclosure agreements (or “NDA”) are often basic templates that are signed on the edge of a table “out of principle, but you know we trust you” so that the real discussions can start.

Of course, you couldn’t begin a good faith discussion by asking your counterpart to sign a lengthy legalese non-disclosure agreement. But without going to that extreme, it is of paramount importance that a sturdy enough NDA be signed before your secrets are confided.

The solidity and some other NDA parameters can vary namely based on the degree of trust between the parties, the risk evaluation (see the previous paragraph), and the content to be shared. In any event, it is essential to sign an adequate NDA for the specific negotiation to be handled, not just a template.

To this end, you are welcome to use our free NDA generator, for example, which will allow you to tailor our template to your specific needs.

Commercial Due Diligence

During the due diligence process, you will show the purchaser what makes your technology commercially successful as well as how it’s sourced and distributed.

This process can be a challenging exercise of limbo. You will need to be transparent for the deal to succeed, yet you will also want to be as conservative as possible in case it doesn’t. So how should you position yourself?

Here are a couple of pointers to help you navigate this often painful step:

  • Your transparency level should depend on the risk evaluation that you will have conducted about the purchaser (see above).
  • In general, answer the purchaser’s questions and requests fully and swiftly, without volunteering more information than requested.
  • If the purchaser formulates a risky or surprising request, ask why this information is needed instead of refusing point-blank. More often than not, there is a way to procure the confidence that the purchaser seeks by providing other, less sensitive, data.
  • Avoid giving the keys to your sourcing and distribution if this is critical to your success. Instead, limit due diligence to facts and figures that prove the soundness of your processes and their scalability.
  • If you are not comfortable with a specific due diligence request, discuss this with your advisors (legal or otherwise, depending on the case at hand). In many instances, specific steps can be taken to ensure that you are not jeopardizing your business while giving the necessary information for the purchaser to forge its opinion. For example, a new and more robust NDA could be signed to cover specific highly sensitive data.

Technological Due Diligence

Due diligence will also always include the core of the technology that made your success. Our practice has led us to encounter recurring types of tech businesses that require specific protection in the technical due diligence process. The two main cases include technology that is not or cannot be patented and proprietary software.

Non-Patented Technology

Patenting a technology gives legal certainty that third parties will not exploit it without the owner’s authorization. All patents are published, including the very core of the patented invention. This means that holders of patents can share what makes up their proprietary technology with confidence, even (or especially) in an M&A due diligence.

However, patents are very restrictive and excruciatingly expensive to establish, and many companies have no choice but to exploit unprotected technologies. The entire value of these ventures relies on the confidentiality of their technology.

The risk that the sellers of such companies will need to take is at the measure of the opportunity: Confidentiality is material to their organic success, yet transparency is necessary for any M&A deal to succeed.

The ideal scenario is one where the purchaser could not reasonably exploit the technology without some characteristic of the target that it couldn’t develop itself. For example, a food and beverage company looking to purchase a revolutionary packaging business would need to start the whole R&D and business setup from scratch if the deal doesn’t go through. In such a case, it is probably safe to share what makes up the technology based on the faith of an adequate NDA.

But the purchaser could, in some cases, be a competing packaging company, which would be easily capable of replicating the target’s business if the deal goes wrong. In such a case, even an iron-clad NDA could be insufficient for the seller to feel safe enough to disclose the information.

Specific strategies can allow the purchaser to gain sufficient confidence in the soundness of the target’s technology, yet still exclude risks enough to reassure the seller:

  • An independent expert can be hired to run the technological due diligence and give the purchaser all necessary assurances without disclosing the underlying data. Such assurances are often based on key performance indicators and technological criteria defined by the purchaser or agreed upon by both parties.
  • Studies, formulas, and descriptions can be redacted minimally by the seller so that the purchaser can still forge its opinion, yet in a way that it could not replicate the technology. For example, the key variables of a recipe or formula can be redacted.

Proprietary Software

When running due diligence on a company whose core business is to market a specific proprietary software, most purchasers will want to check that the software runs smoothly and truly achieves its purpose. The logical way to go about this would be to grant the purchaser access to the entire source code. If you have evaluated that the purchaser could exploit this source code on its own, this is a hugely risky move.

Third-party due diligence, as described above, can be used here as well. However, other strategies can include running demonstrations or sharing screens of the source code and how it runs, ensuring that the purchaser has no way of copying its content.

Such demonstrations often happen by video conferences whereby the sellers share a screen showing the source code as they run the program. The purchaser (or its CTO) is then free to ask any technical questions for the sellers to answer and demonstrate.

This strategy may seem trivial, but our experience has shown that such tech DD calls (which can last a very long time, let us be honest) are often enough for the purchaser to gain confidence in the software’s functionality and soundness.


We hope that these empirical nuggets will help you enter your M&A negotiations with more confidence.

You know better than us that the tech industry is moving at a lightning pace and we are convinced that the way in which M&A deals are led should match this constant evolution. Making sure that your M&A process is state-of-the-art is relatively easy and will ensure that your exit is as successful as your entire business venture.


(1) For example, specific due diligence software can be used to ensure varying levels of protection of the data subject to due diligence.

By Elie Bourdilloud

Head of M&A, Legal Expert


Let’s Go!

Book a free, non-binding discovery call to discuss how we can help you achieve your business goals.

Or feel free to reach us directly via email at [email protected].

Book a free call