Guarding Against Deal Leaks: Strategies for Confidentiality in M&A

Welcome to the second episode of the first season of The Dealist, focusing on the critical topic of due diligence. Today, we’re turning our attention to mergers and acquisitions (M&A) deal leaks — why they happen, how they can derail transactions and what dealmakers can do to protect confidentiality throughout the M&A process.

Together, we explore the difference between strategic and accidental leaks, the role of cybersecurity and training, the tools and processes that can mitigate risk, and how leaks impact both deal timing and public perception.

Listen in for practical insights and real-world examples that will help you navigate one of the most sensitive aspects of M&A due diligence.

• The difference between intentional and accidental leaks
• Impacts of leaks on private and public M&A markets
• The role of virtual data rooms (VDRs), governance and training in safeguarding sensitive data
• Strategies to address breaches and reinforce confidentiality

Guests:

• Dan Scorpio, Head of M&A and Activism at communications firm H/Advisors Abernathy
• Nitin Kumar, Independent Market Commentator
• Matt Wells, Vice President of Product Marketing at SS&C Intralinks

Host: Catherine Ford

Additional reading: 2024 SS&C Intralinks Deal Leaks Report

Explore our INsights blog for more expert analysis and dealmaking trends. 

Discover how Intralinks DealCentre™ revolutionizes deal management with cutting-edge AI technology and smart solutions here. 

Transcript

Welcome to The Deallist, the insider's guide to M&A. I’m Katherine Ford, your host for today’s episode, where we’ll be discussing deal leaks and how to preserve confidentiality during the M&A process.

I’m delighted to have with me three experts in the field today. Joining me are Matt Wells, vice president of product marketing at SS&C’s Intralinks, Dan Scorpio, head of M&A and activism at H/Advisors Abernathy, and Nitin Kumar, independent marketing commentator. Thank you all for being here today.

[All speakers acknowledge]

Catherine Ford: Let's get straight into the topic. As we know, deal leaks can have a significant impact on both transactions and their overall success. Dan, to start with you, can you help us understand the difference between planned and unplanned leaks? And more importantly, why do leaks even occur during an M&A process?

Dan Scorpio:Thank you, Catherine. That’s a great place to begin. There are various reasons why a leak might happen during an M&A process. I think it’s crucial to differentiate right up front between planned or strategic leaks versus unplanned leaks.

On the planned side, we often see parties intentionally leaking information to gain an advantage. For instance, they might use the media to put pressure on another party, perhaps to accelerate a timeline or take a stronger negotiating position. Sometimes, it’s about shaping the narrative around a deal. For example, working with a trusted journalist to frame the news about the deal in a way that benefits the company. While technically considered a leak, that’s a very controlled and strategic approach.

On the other hand, unplanned leaks tend to happen due to oversight or human error. Often, reporters who specialize in M&A are incredibly skilled at piecing together fragmented information. They ask the right questions, talk to the right people, and build a story—even without official confirmation. These unplanned leaks often catch companies off guard.

Catherine Ford: That’s insightful. Nitin, research from SS&C’s Intralinks showed that the percentage of deals leaked in recent years has remained relatively stable. Does this mean we need to accept that leaks are inevitable in M&A? Or is there hope for eliminating them entirely?

Nitin Kumar: It’s an interesting question, Katherine. Putting things in perspective, deal leaks are primarily an issue with larger, public market deals. Private transactions don’t leak as much because they involve smaller groups of stakeholders, which reduces opportunities for leaks. Unless there’s malintent or sabotage, there isn’t much value in leaking private deals.

That said, completely eliminating leaks may be impossible. A big reason for this is the lack of training and awareness among third-party advisors. For instance, receptionists, social media teams, or even junior staff might unintentionally share sensitive information. What’s more, many M&A practitioners lack proper cybersecurity training. It’s common to see them use unsecured tools or default to unsanctioned platforms, further increasing the risk.

Ultimately, while leaks can be minimized through education and process improvements, achieving a “zero-leak” environment feels like a theoretical singularity.

Katherine Ford: Matt, building on Nitin’s points, can you share your view on the motivations behind planned leaks? What’s the perceived value of intentionally leaking deal information?

Matt Wells: Of course, Katherine. The motivations for planned leaks can vary widely. For example, some parties might leak details to accelerate timelines, putting pressure on other stakeholders to close deals faster. However, our research at SS&C’s Intralinks suggests this tactic often backfires. Leak-driven deals can end up taking longer as parties scramble to address the fallout.

Planned leaks might also happen to draw additional bidders into the process, potentially increasing competition and driving up valuations. Another reason could be to gauge regulatory or public sentiment. If a deal leaks early, the initial reaction can serve as a litmus test for broader acceptance, although this isn’t a primary reason for most leaks.

Ultimately, while planned leaks can offer advantages in certain situations, they come with significant risks that must be carefully weighed.

Catherine Ford: Clearly, confidentiality is critical. Matt, could you outline some practical steps businesses can take to maintain confidentiality during an M&A process?

Matt Wells: Great question. While achieving zero leaks may be unrealistic, there are several measures companies can take to minimize the risk. First, keep the group of deal participants as small as possible for as long as possible. As deals progress, it’s natural for the circle to expand, but early-stage confidentiality is crucial.

Next, implement strict governance processes and ensure the use of secure virtual data rooms (VDRs). Key practices include using unique watermarks, restricting downloads/printing, and eliminating generic logins. Additionally, training stakeholders on how to use these tools properly is essential. Many leaks result from improper usage rather than malicious intent.

Finally, establish clear protocols for onboarding third-party advisors and vendors. Without robust security training and operational compliance, they can inadvertently become weak links in the process.

Catherine Ford: Nitin, would you like to expand on Matt’s points? What tools or processes have you found effective in maintaining confidentiality?

Nitin Kumar: Certainly. For public company deals, we often run “war game” scenarios to plan for leaks ahead of time. This involves mapping out likely sources of leaks, their implications (regulatory, market, or geopolitical), and mitigation strategies.

Using secure VDRs and embedding metadata in email communications are also invaluable approaches. This ensures sensitive documents are only accessible to authorized participants, making it easier to trace violations.