Selling Your Security Company: A 5-Step Guide

If you’re the owner of a small to mid-sized or family-run security company, the idea of selling your business can feel both exciting and overwhelming. You've likely put years of hard work into building something stable, trusted, and deeply personal. Whether you’re starting to think about retirement, planning your next chapter, or simply exploring what your options might look like, understanding the sale process is key to ensuring the value you’ve created is properly recognized. 

Based on my experience as both a seller and a buyer, the guide below walks through each major phase of a typical acquisition, breaking down each, so you can approach this process with clarity and confidence. 

Step 1: Confidential Information Memorandum (CIM)

For security business owners who are ready to move forward with a sale, preparing a Confidential Information Memorandum (CIM) is a key step in attracting serious buyer interest. This document serves as a high-level introduction to your company and plays a vital role in the acquisition process. 

Often considered the first impression of your business, a CIM is designed to present qualified buyers with essential information while maintaining confidentiality. It outlines the business’s core strengths, performance metrics, and market positioning without disclosing any client or employee names. Typically, potential acquirers receive a short summary or preview of the CIM  first, and if they express interest, they are asked to sign a Non-Disclosure Agreement (NDA) before receiving the full CIM. 

An effective CIM for a security company should include: 

• Key financial highlights (e.g., revenue and profit trends over the past 3–5 years) 

• Market coverage by region and the company’s competitive position 

• Revenue concentration of top clients by service (ie - guard vs. mobile patrol) 

• Client Portfolio diversification by industry  

• Organizational structure and staffing details 

Paladin Tip: Buyers tend to be most attracted to companies with stable, recurring revenue streams and a well-diversified, long-term client base under contract. This represents a lower perceived risk from an acquisition perspective.   

For example: 

• A higher-risk profile might be a business where one client generates 50% of total revenue, leaving the company vulnerable to significant disruption if that client is lost. 

• A lower-risk, more attractive profile would be a company with 25 clients, none of which account for more than 10–15% of revenue.

Step 2: Non- Disclosure Agreement (NDA)

While often considered a formality, a Non-Disclosure Agreement (NDA) is a critical step in the acquisition process. Before sharing any confidential business information beyond what’s included in the initial preview of your CIM, it’s strongly advised that all parties sign an NDA. This agreement doesn’t need to be overly complex, but it must clearly protect sensitive information and uphold the confidentiality of both the buyer and seller throughout the engagement. 

For sellers, it’s a good idea to have a legal professional draft or review a standard NDA to ensure that any proprietary data you share remains secure—both during discussions and after, regardless of whether a deal is ultimately reached. 

In many cases, experienced buyers will have their own standard NDA templates prepared, which can help move the process along more efficiently. 

Whether you're running a competitive sale process involving multiple prospective buyers or engaging in one-on-one discussions with a single interested party, having an executed NDA in place is essential before disclosing any non-public information or allowing access to your CIM. 

Bottom line: Put this protection in place before sharing anything sensitive about your business.

Step 3: Letter of Intent (LOI)

Once a prospective buyer has reviewed all the key preliminary information and had the opportunity to ask follow-up questions, those who remain seriously interested will typically submit a Letter of Intent (LOI). This document outlines the buyer’s intent to acquire your security company and serves as a framework for moving forward. The LOI is an important milestone in the transaction process, providing clarity on the proposed deal terms and setting expectations for both sides. 

The LOI generally includes: 

• Type of acquisition (e.g., share purchase vs. asset purchase) 

• Proposed purchase price (payment structure, and any pricing contingencies or terms) 

• Proposed closing date 

• Conditions of the transaction (including a summary of the due diligence process) 

• Exclusivity provisions, (may prevent the seller from negotiating with other buyers during a defined period) 

After receiving an LOI, there is an opportunity for additional discussions to refine or negotiate certain aspects of the offer before formally accepting the proposal. At this stage, it’s strongly advised for the seller to work closely with legal counsel and an accounting professional to review the LOI and ensure your interests are well protected. 

Once all parties are aligned on the terms and the LOI is signed, the deal progresses to the next phase: Due Diligence.

Did you miss my last blog on Tips for Security Company Acquisitions? Here’s a link to that article: Selling A Security Company: M&A Tips 

Step 4: Due Diligence

Of all stages, Due Diligence is the most demanding from a time perspective for both the seller and the buyer. Due diligence is an in-depth evaluation carried out by a prospective buyer to validate and verify the seller’s representations and to identify any potential risks that might influence the outcome of a transaction. At this stage, the buyer will now request and have access to every aspect of the seller’s business, including customer names. It plays a critical role in enabling buyers to make well-informed acquisition decisions. Due diligence is typically broken out into 4 different categories: 

Financial Diligence - This process typically begins with a detailed financial review, where key documents such as income statements, balance sheets, cash flow reports, A/R reports, and tax filings are analyzed.  

Legal Diligence - Legal compliance is also examined to confirm the business is operating within the boundaries of municipal, provincial, and federal laws, and what, if any, active legal proceedings are associated with the seller’s business. 

Operational Diligence - An operational audit looks at how efficiently the business runs and assesses the soundness of its overall structure and strategy. Simultaneously, a market analysis gauges the company’s standing in the industry, its customer relationships, and its competitive strengths.  

Human Resources Diligence - The human resources component reviews employee agreements, compensation structures, and any associated legal obligations.  

Together, this Diligence helps surface any concerns that might influence the terms of the acquisition, allowing the buyer to proceed with clarity and confidence. In some cases, once Diligence is complete, it may have uncovered some unforeseen factors that can result in adjustments to the valuation and final purchase agreement.  

Once Due Diligence is well underway and things continue to head in a positive direction, the interested buyer typically will begin to construct the definitive purchase agreement. 

Step 5: Purchase Agreement

At this point, attention now turns to finalizing the definitive purchase agreement—the legal contract that formally outlines the terms of the deal. Getting to this stage of the acquisition process is a very positive sign as it relates to consummating a deal. This is where both parties will have legal representation act on their behalf to hash out this agreement together. Key elements of this legally binding document include the final agreed-upon price, as well as detailed mechanisms related to how and when the seller will be paid, buyer and seller assurances, liability protections, closing date, and post-closing commitments. 

Insights uncovered during the due diligence process can influence this Purchase Agreement phase, leading to potential price adjustments (both up or down), the inclusion of risk-mitigation provisions, or renegotiation of terms. This step is essential for establishing transparency and clear definitions around the rules of the overall transaction and is legally detailed in language, which is done to protect the interests of both the buyer and the seller. 

Paladin Tip: Understanding the Measurement Period and Purchase Price Holdback
In most security company transactions, it is common for a significant portion of the purchase price to be paid to the seller at closing, while a smaller portion is withheld and paid at a later date. This deferred payment is typically tied to what’s known as a “measurement period” or “earn-out period,” which usually spans the 12–24 months (in some cases longer) following the closing date. The terms surrounding this period—including performance benchmarks and payment formulas—are negotiated and documented in the definitive purchase agreement.

The purpose of this structure is to ensure the business continues to generate consistent revenue and profit post-transaction. The buyer is essentially seeking assurance that the company will perform in line with expectations during the first year(s) under new ownership. If the business maintains or exceeds agreed-upon revenue targets, the seller will receive the full remaining balance of the purchase price at the end of the measurement period. If performance falls short, the final payment may be reduced accordingly, depending on the formula set out in the agreement.

In essence, the holdback functions as a form of financial protection for the buyer, guarding against sudden drops in revenue or client attrition at no fault of the buyer, that could impact the value of the deal.

As someone who has gone through this process personally, I initially viewed the measurement period as somewhat unfair. It was difficult to accept that a portion of the sale proceeds would be contingent on the company’s future performance—especially once I no longer had control. However, I came to understand that this structure is standard practice in the sale of security companies. Buyers are making a significant financial commitment, often based on a valuation multiple that assumes the business will continue performing at its historical levels for many years to come. If revenues decline shortly after closing—through no fault of the buyer—it can greatly affect their ability to recoup their investment within the expected timeframe.

By aligning the seller’s final payout with the ongoing success of the business, the measurement period helps balance risk between both parties and provides a clearer path to a fair and successful transaction.

Conclusion

Selling your security business is no small step - but with the right information and preparation, it can be a smooth and rewarding process. Whether you're considering, just beginning, or already in discussions with buyers, understanding the process and each phase will help prepare and assist you in making informed decisions. Take your time, ask questions, and don’t be afraid to lean on trusted, informed advisors along the way. You've built something valuable—now it's about making sure that value is realized. 

Thinking about selling? Have any questions about this article or anything else acquisition related? Shoot me an email at dhehn@paladinsecurity.com and I will follow up as soon as possible. I’m happy to be a resource any way I can. 

Going to the GSX Convention in New Orleans this fall? I plan on being there and would love to meet up for a coffee and/or a chat. Just let me know in an email and I’ll do the rest.