A practical, industry-specific LOI framework built around RMR valuation, licensing compliance, and deal structures common in security integration acquisitions — from SBA-financed owner-operator deals to PE-backed tuck-ins.
An LOI (Letter of Intent) is the pivotal document that transitions a surveillance and access control acquisition from informal conversation to structured negotiation. In the security integration industry, the LOI must do more than outline price — it must address the unique complexity of recurring monthly revenue (RMR) contracts, state and municipal licensing transferability, technician retention risk, and technology stack assumptions. A poorly drafted LOI that ignores these variables can lead to renegotiation at the closing table, lender delays on SBA financing, or disputes over earnout calculations tied to RMR retention. This guide provides a section-by-section LOI template calibrated specifically for surveillance and access control businesses generating $1M–$5M in revenue, with EBITDA multiples typically ranging from 3.5x to 6x depending on RMR quality, customer diversification, and operator independence.
Find Surveillance & Access Control Businesses to Acquire1. Parties and Business Description
Identifies the buyer entity, the seller (individual owner or selling entity), and the target business by legal name, DBA, primary service jurisdiction, and a brief description of operations. For security integrators, this section should note whether the business holds state contractor licenses under the seller's personal license or the entity's license, as this distinction directly affects transferability.
Example Language
This Letter of Intent is entered into as of [Date] by and between [Buyer Name or Acquisition Entity], a [State] [LLC/Corporation] ('Buyer'), and [Seller Legal Name], owner of [Business Legal Name] d/b/a [DBA Name] ('Company'), a commercial surveillance and access control integration business operating primarily in [State(s)]. The Company provides video surveillance system installation, electronic access control integration, remote monitoring services, and ongoing service/maintenance agreements to commercial, multifamily, and institutional clients throughout [geographic region].
💡 Confirm upfront whether the Company's state contractor license (e.g., C-10 electrical, alarm contractor, or low-voltage license) is held in the entity's name or is tied to the seller as a qualifying party. If the seller's personal license is the qualifying credential, the buyer must plan for a transition period and potentially sponsor a new qualifying technician or obtain a new license before close. Flag any jurisdictions where the Company operates without a current license — this is a material risk and must be resolved before signing an SBA loan application.
2. Transaction Structure
Defines whether the transaction is structured as an asset purchase or stock purchase, which has significant implications for licensing, existing contracts, and liability assumption. Most surveillance and access control acquisitions at this revenue range are structured as asset purchases, allowing the buyer to acquire the installed base, RMR contracts, and vendor agreements while leaving unknown liabilities with the seller entity.
Example Language
Buyer proposes to acquire substantially all of the assets of the Company, including but not limited to all recurring monitoring and service contracts, equipment inventory, installed base customer relationships, trade name, vendor and dealer agreements (including any Avigilon, Genetec, HID, Bosch, or Axis authorized dealer or preferred partner agreements), intellectual property, and goodwill ('Acquired Assets'). The transaction shall be structured as an asset purchase. Excluded assets shall include cash and cash equivalents, accounts receivable older than 90 days, and any personal assets of Seller. Buyer will assume only those liabilities expressly identified in the definitive Asset Purchase Agreement.
💡 Sellers may push for a stock sale to achieve capital gains tax treatment on the full purchase price and avoid the complexity of re-papering contracts. Buyers — especially those using SBA 7(a) financing — almost universally prefer asset purchases to avoid inheriting unknown liabilities such as lapsed technician certifications, warranty claims on older installations, or unlicensed work. If the seller insists on a stock deal, require comprehensive indemnification for pre-closing liabilities related to licensing, cyber incidents, and customer disputes. For PE-backed strategic buyers, a stock purchase may be acceptable if a thorough quality of earnings and legal audit is completed.
3. Purchase Price and Valuation Basis
States the proposed purchase price, the valuation methodology (typically a multiple of EBITDA or a blended multiple weighting RMR separately), and how the price will be adjusted based on due diligence findings. In surveillance and access control deals, buyers often apply a premium multiple to the RMR base (reflecting high switching costs and renewal rates above 90%) and a lower multiple to project-based installation revenue.
Example Language
Buyer proposes a total purchase price of $[X,XXX,XXX] ('Purchase Price'), calculated as follows: (i) [X.Xx] times trailing twelve-month adjusted EBITDA of $[XXX,XXX] as represented by Seller, plus (ii) a separate allocation of $[XXX,XXX] attributable to the Company's recurring monthly revenue base of $[XX,XXX] per month, valued at [X.Xx] times annualized RMR. The Purchase Price is subject to adjustment based on the findings of Buyer's financial, operational, and technical due diligence. Seller represents that at least [XX]% of trailing twelve-month revenue is attributable to recurring monitoring and service contracts with an average remaining term of [XX] months.
💡 The RMR multiple is the most contested valuation variable in security integration deals. Buyers should independently verify RMR by requesting a contract-by-contract schedule listing customer name, monthly contract value, contract start date, term length, auto-renewal clause, and cancellation notice period. Attrition rates above 8–10% annually will compress the RMR multiple significantly. Sellers should be prepared to defend their EBITDA add-backs — common in owner-operated shops — including personal vehicle expenses, owner health insurance, and above-market owner compensation. Lenders scrutinizing an SBA 7(a) application will normalize these add-backs independently, so clean documentation is essential for a smooth process.
4. Payment Terms and Deal Structure
Outlines how the purchase price will be funded, including equity injection, SBA loan proceeds, seller note, and any earnout component. Surveillance and access control acquisitions commonly use a combination of SBA 7(a) debt, a seller note to demonstrate seller confidence, and an RMR-linked earnout when customer relationships are heavily owner-dependent.
Example Language
The Purchase Price shall be funded as follows: (i) Buyer cash equity injection of approximately $[XXX,XXX] ([XX]% of total consideration); (ii) SBA 7(a) loan proceeds of approximately $[X,XXX,XXX] ([XX]% of total consideration), subject to lender approval; (iii) Seller promissory note of $[XXX,XXX] ([X]% of total consideration), bearing interest at [X]% per annum, payable over [24] months, subordinated to SBA lender per SBA guidelines; and (iv) an earnout of up to $[XXX,XXX] payable over [24] months post-close, contingent upon the retention of not less than [90]% of the Company's monthly recurring revenue base as of the closing date, measured at 12-month and 24-month anniversaries of close.
💡 SBA lenders will require the seller note to be on full standby for the first 24 months of the loan term when the note exceeds SBA equity injection thresholds — negotiate this carefully so the seller is aware their note payments may be deferred. Earnout structures in security integration deals most commonly tie milestones to RMR retention, not total revenue, because installation revenue can be lumpy. Define RMR retention precisely: specify whether transferred contracts, renegotiated contracts, and contracts where the underlying customer changed premises but stayed with the Company count toward the retention calculation. Sellers should push for a carve-out protecting the earnout if the buyer's post-close operational changes (e.g., changing monitoring platforms or response protocols) cause contract cancellations.
5. Due Diligence Period and Access
Establishes the length of the due diligence period, the scope of information the buyer will need to review, and access protocols for customer files, technician records, and licensing documentation. Security integration businesses require specialized due diligence covering financial, technical, regulatory, and cybersecurity dimensions.
Example Language
Buyer shall have [45] calendar days from the execution of this LOI ('Due Diligence Period') to complete its investigation of the Company. Seller agrees to provide full and timely access to: (i) three years of financial statements, tax returns, and monthly P&L reports; (ii) a complete RMR contract schedule with individual contract terms, billing history, and attrition records; (iii) copies of all active state and local contractor licenses, technician certifications (ESA Level I/II, NICET), and any correspondence with licensing authorities; (iv) all vendor, dealer, and authorized partner agreements with Avigilon, Genetec, Axis, HID, Bosch, and any other material vendors; (v) customer concentration analysis and top-20 customer profiles; (vi) employee roster, compensation, non-compete agreements, and technician certification status; and (vii) any pending or threatened claims, warranty disputes, or regulatory complaints.
💡 45 days is standard but may be extended to 60 days for businesses with complex multi-state licensing or large installed bases requiring physical site visits. Require the seller to deliver the RMR contract schedule within the first 5 business days of the due diligence period — this is the single most important document in the deal and is frequently incomplete or inconsistently maintained. Buyers should engage a security industry-specific consultant or a qualified technician to assess the technology stack: identify whether the installed base runs on proprietary or open platforms, approximate hardware refresh cycles, and evaluate cybersecurity exposure from IP-connected devices. Sellers should disclose any Avigilon, Genetec, or HID dealer agreement that contains a change-of-control clause requiring manufacturer consent for transfer.
6. Exclusivity and No-Shop
Grants the buyer an exclusive negotiating period during which the seller agrees not to solicit, negotiate, or accept alternative offers. This protects the buyer's investment of time and due diligence costs while incentivizing the seller to cooperate fully.
Example Language
In consideration of Buyer's commitment to conduct due diligence and incur associated costs, Seller agrees that from the date of execution of this LOI through the earlier of (i) the expiration of the Due Diligence Period, (ii) execution of a definitive purchase agreement, or (iii) [75] calendar days from the date hereof, Seller shall not, directly or indirectly, solicit, encourage, negotiate, or accept any offer or inquiry from any third party regarding the sale, merger, recapitalization, or other disposition of the Company or its assets ('Exclusivity Period'). Seller shall promptly notify Buyer of any unsolicited inquiries received during the Exclusivity Period.
💡 Sellers represented by experienced M&A brokers will often resist exclusivity periods longer than 45–60 days or request a break-up fee if the buyer walks without cause. A 60–75 day exclusivity window is reasonable for security integration deals given the complexity of licensing and contract verification. Buyers should tie the exclusivity period to good-faith milestones — for example, requiring delivery of a complete due diligence data room within 10 business days of LOI execution. If the seller is working with multiple interested buyers, they may counteroffer with a shorter exclusivity window but offer a right of first refusal on any competing offer.
7. Conditions to Closing
Lists the material conditions that must be satisfied before the buyer is obligated to close, including satisfactory due diligence, lender approval, license transferability confirmation, and key employee retention agreements.
Example Language
Buyer's obligation to consummate the transaction shall be conditioned upon, among other things: (i) completion of due diligence satisfactory to Buyer in its sole discretion; (ii) receipt of SBA 7(a) loan approval and commitment from Buyer's lender on terms acceptable to Buyer; (iii) confirmation that all material state and local contractor licenses and technician certifications are current, valid, and either transferable to Buyer's entity or capable of being re-issued without material delay; (iv) execution of employment or consulting agreements with [Key Technician Name(s)] and any other identified key employees, on terms mutually agreed; (v) receipt of written confirmation from [Avigilon / Genetec / HID / other key vendor] that dealer and authorized partner agreements will be honored or reissued upon change of ownership; (vi) no material adverse change in the Company's RMR base, business operations, or financial condition prior to closing; and (vii) execution of a mutually acceptable definitive Asset Purchase Agreement.
💡 The licensing condition is often underestimated by first-time buyers. Some states require a new application and a waiting period of 30–90 days when a licensed alarm or low-voltage contractor changes ownership — plan for this in the closing timeline and budget for the cost of sponsoring a new qualifying technician if needed. Vendor agreement transferability is equally critical: Avigilon (Motorola Solutions) and Genetec have change-of-control provisions in their dealer agreements, and failure to notify them can result in loss of preferred dealer status, which directly affects the Company's ability to price competitively. Always include a MAC (material adverse change) clause tied specifically to a quantified RMR decline threshold — for example, a decline of more than 5% in aggregate monthly recurring revenue between LOI signing and closing.
8. Seller Transition and Non-Compete
Defines the seller's post-closing role, transition assistance obligations, and the scope and duration of the non-compete and non-solicitation covenants. In surveillance and access control businesses where the founder holds direct relationships with key commercial accounts, a structured transition period is essential to RMR retention.
Example Language
Seller agrees to provide transition assistance to Buyer for a period of [12] months following the closing date, in the capacity of [Senior Technical Advisor / Transition Consultant], at a monthly consulting fee of $[X,XXX], during which Seller shall introduce Buyer's management team to all key commercial accounts, assist with vendor relationship transitions, and support the transfer of technical and operational knowledge. Seller further agrees that for a period of [3] years following the closing date within [geographic territory / 50-mile radius of primary service area], Seller shall not, directly or indirectly, own, operate, consult for, or be employed by any business engaged in the installation, service, or monitoring of commercial video surveillance, access control, or electronic security systems. Seller shall not, for the same period, solicit or accept business from any customer of the Company as of the closing date.
💡 Non-compete enforceability varies significantly by state — California, for example, will not enforce employee non-competes, and some states impose durational or geographic limits. Work with local counsel to ensure the non-compete is enforceable in the seller's operating jurisdiction. Sellers should negotiate to carve out any pre-existing personal relationships or businesses they wish to continue (e.g., a separate residential security operation, if applicable). Buyers should be cautious about relying solely on a non-compete to protect customer relationships — the transition period and earnout structure are more practically effective tools for ensuring RMR retention. A 12–18 month transition with genuine financial alignment through the earnout structure is worth more than a 3-year non-compete that may be difficult to enforce.
9. Confidentiality
Affirms the parties' mutual obligations to maintain confidentiality regarding the transaction, the Company's financial information, customer lists, and proprietary technical configurations. Most parties will have executed a separate NDA prior to the LOI, but this section reinforces those obligations.
Example Language
The parties acknowledge that this LOI, all due diligence materials, customer and contract information, financial data, and technical system configurations exchanged in connection with the proposed transaction are strictly confidential. Neither party shall disclose the existence or terms of this LOI or the proposed transaction to any third party (including employees, vendors, or customers of the Company) without the prior written consent of the other party, except as required by law or as necessary to obtain SBA lender approval, legal counsel, or accounting support. Buyer agrees that all confidential information obtained during due diligence will be used solely for the purpose of evaluating the proposed acquisition and will be promptly returned or destroyed if the transaction does not close.
💡 Employee and customer confidentiality is particularly sensitive in security integration businesses. Key technicians who learn the business is for sale may proactively seek employment with competitors, taking institutional knowledge and customer relationships with them. Sellers should be explicit in their own internal communications that the sale process is confidential, and buyers should agree not to contact customers or employees directly without the seller's advance knowledge and consent during due diligence. Any interviews with key employees or technicians should be conducted only with the seller's coordination and ideally presented as an operational review rather than an acquisition-related process until the deal is farther along.
10. Non-Binding Nature and Binding Provisions
Clarifies which provisions of the LOI are binding (typically exclusivity, confidentiality, and governing law) and which are non-binding expressions of intent subject to the execution of a definitive agreement.
Example Language
Except for the provisions of Sections 6 (Exclusivity), 9 (Confidentiality), and this Section 10, which shall be legally binding upon the parties, this Letter of Intent is non-binding and constitutes only a statement of the current intentions of the parties with respect to the proposed transaction. Neither party shall have any legal obligation to proceed with the transaction unless and until a definitive Asset Purchase Agreement has been executed by both parties. This LOI shall be governed by the laws of the State of [State]. Either party may terminate this LOI upon written notice to the other party at any time prior to execution of a definitive agreement.
💡 The non-binding nature of the LOI is its most important characteristic — it protects both parties from being locked into a deal before full due diligence is complete. However, the binding exclusivity and confidentiality provisions are real legal obligations. Sellers should be aware that signing an LOI with an exclusivity period takes the business off the market during that window, which represents a real opportunity cost. If the buyer walks without cause after extensive due diligence access, the seller has limited recourse beyond retaining a new buyer — which is why some sellers negotiate a nominal break-up fee (typically $10,000–$25,000) payable if the buyer terminates without material cause after receiving full due diligence access.
RMR Definition and Verification Methodology
The definition of 'recurring monthly revenue' should be precisely written in the LOI to prevent disputes later. Specify whether RMR includes only monitoring contracts, or also service and maintenance agreements, cloud platform subscription fees, and remote management services. Agree on the measurement date (trailing 3-month average vs. most recent month) and the verification process. Buyers should insist on a contract-by-contract RMR schedule with auto-renewal terms, cancellation notice periods, and historical attrition data for the trailing 24 months. This single term will drive the largest component of valuation in most security integration deals.
Earnout Calculation and RMR Retention Threshold
If an earnout is included, define the retention threshold precisely: what percentage of closing-date RMR must be retained at each measurement date to trigger payment? Specify how to handle contract upgrades, downgrades, and customers who cancel and then re-sign. Sellers should negotiate protections against buyer-caused attrition — for example, if the buyer changes the monitoring platform or increases service fees post-close and customers cancel as a result, those cancellations should not count against the seller's earnout. The measurement period (12-month and 24-month are most common) and payment mechanics (lump sum vs. pro-rated) should be explicitly agreed in the LOI.
Licensing Transition Plan and Timeline
Define which party bears the cost and responsibility of obtaining or transferring contractor licenses and alarm permits in each operating jurisdiction. Agree on a licensing timeline with milestone dates — identify jurisdictions where new applications are required vs. jurisdictions where the license transfers automatically with the business entity in a stock deal. If the seller is the qualifying party under a personal low-voltage or alarm contractor license, agree on a transition plan: will the seller remain as qualifying party for a defined period, will the buyer sponsor a technician to obtain a new license, or will a third-party qualifying party be engaged? Delays in licensing are a leading cause of closing timeline slippage in security integration acquisitions.
Vendor and Dealer Agreement Transferability
Require the seller to identify all material vendor, dealer, and authorized partner agreements — particularly with Avigilon (Motorola Solutions), Genetec, Axis, HID Global, Bosch, or Honeywell — and confirm which agreements contain change-of-control provisions requiring manufacturer consent. The LOI should include a condition that the buyer will receive either (i) written confirmation from each material vendor that the agreement will be honored or reissued post-close, or (ii) reasonable assurance that comparable dealer status can be obtained by the buyer on equivalent terms. Loss of a preferred dealer designation can materially affect the Company's ability to price competitively, source equipment on favorable terms, and access manufacturer technical support.
Key Employee Retention and Non-Solicitation
Identify by name the licensed technicians, project managers, and sales staff whose retention is material to business continuity. Agree in the LOI that the closing is conditioned on the execution of employment agreements with these individuals, including compensation terms, retention bonuses (if applicable), and non-solicitation covenants. In a tight labor market for ESA-certified and NICET-credentialed technicians, losing even one or two key people post-close can impair service delivery and RMR retention. Buyers should consider structuring retention bonuses as 12-month contingent payments to create financial incentives for key employees to remain through the transition. The seller should disclose any existing non-competes or prior agreements with employees that could constrain the buyer's flexibility.
Find Surveillance & Access Control Businesses to Acquire
Enough information to write a strong LOI on day one — free to join.
Most surveillance and access control businesses in the $1M–$5M revenue range are valued at 3.5x to 6x adjusted EBITDA, with the multiple heavily influenced by the quality and composition of recurring monthly revenue (RMR). Businesses where RMR represents 30–40% or more of total revenue — through monitoring contracts, service agreements, and cloud platform subscriptions — command multiples at the higher end of the range because recurring revenue carries high switching costs and renewal rates typically exceed 90%. Project-only businesses with no service tail are valued toward the lower end. Some buyers apply a separate valuation to the RMR base (often 24–36x monthly RMR, or 2–3x annualized RMR) and add a lower multiple to installation project revenue, resulting in a blended purchase price. Sellers should document their RMR base meticulously — contract by contract — to maximize perceived quality and support the valuation in lender underwriting.
Five areas require the deepest scrutiny in security integration acquisitions. First, RMR quality: obtain a complete contract schedule and verify attrition rates, contract lengths, and auto-renewal terms — not just the headline monthly number. Second, licensing and certifications: confirm all state contractor licenses, alarm dealer permits, and technician certifications (ESA, NICET) are current, held by the correct entity, and transferable to the buyer. Third, customer concentration: analyze whether any single client exceeds 20% of revenue, as this represents significant post-close risk. Fourth, technology stack: assess whether the installed base runs on open-platform IP systems (Genetec, Avigilon) or proprietary legacy hardware with high refresh costs, and evaluate cybersecurity exposure of IP-connected devices managed by the Company. Fifth, key employee risk: identify which technicians and sales staff are critical to operations and customer retention, and assess their likelihood of staying post-close.
Yes. Surveillance and access control integration businesses are generally SBA-eligible when the target is an operating business with verified revenues, clean financials, and EBITDA sufficient to support debt service coverage. Most SBA lenders require a minimum debt service coverage ratio of 1.25x and will require the buyer to inject 10–15% of the purchase price as equity. The seller note (typically 5–10%) will be placed on standby for the first 24 months per SBA guidelines. SBA lenders will independently normalize the seller's EBITDA — removing add-backs that cannot be substantiated — so sellers should prepare three years of clean, reviewed financial statements well in advance. SBA lenders particularly scrutinize RMR quality in security integration deals because recurring contract revenue is a key driver of projected cash flow used in underwriting. Businesses with heavy customer concentration or unresolved licensing issues may face lender hesitation.
From LOI execution to a signed definitive purchase agreement, most security integration acquisitions take 60–90 days, with total time from first contact to closing typically ranging from 4 to 7 months. The LOI itself is often negotiated over 1–2 weeks once the buyer and seller have agreed on headline price and structure. Due diligence takes 45–60 days and is the most variable phase — delays are most commonly caused by incomplete RMR contract documentation, unresolved licensing questions, and slow responses from vendors on dealer agreement transferability. SBA loan processing adds 30–45 days after the lender receives a complete package. Buyers who engage a security industry-experienced M&A attorney early, request the RMR contract schedule in the first days of due diligence, and proactively contact major vendors (Avigilon, Genetec, HID) about change-of-control requirements will consistently close faster.
This is one of the most common and most underestimated complications in security integration M&A. If the business's state alarm contractor, low-voltage, or electrical contractor license is held under the seller's personal credential as the qualifying party, the license cannot simply be transferred to the buyer's entity — the buyer must either have their own qualifying individual, sponsor a current employee to become a qualifying party, or engage a licensed third-party qualifier. Sellers should disclose this clearly in the LOI stage and work with the buyer to develop a transition plan. Options include: (i) the seller remains as the qualifying party on the license for a defined transition period (typically 6–12 months) while the buyer obtains independent licensure; (ii) a senior technician already on staff applies to become the new qualifying party; or (iii) a licensed qualifier is brought in as an employee. Some states allow an emergency temporary license transfer — check the specific state licensing board requirements at least 90 days before the target closing date.
A well-structured RMR earnout in a security integration acquisition should specify: (1) the baseline RMR amount as of the closing date, verified and agreed by both parties in writing; (2) the retention threshold required to trigger earnout payment — typically 90% retention at 12 months and 24 months post-close; (3) clear rules for counting cancelled, downgraded, upgraded, and new contracts against or toward the baseline; (4) a buyer-caused attrition carve-out protecting the seller if the buyer's post-close decisions (monitoring platform changes, price increases, service quality declines) directly cause cancellations; (5) a measurement and payment timeline — RMR is typically measured at each anniversary date with payment made within 30 days; and (6) a dispute resolution process, ideally using a third-party accountant or industry expert to resolve disagreements over contract categorization. Both parties should resist vague language like 'tied to revenue performance' — precision in the LOI prevents costly disputes 18 months after closing.
More Surveillance & Access Control Guides
More LOI Templates
Get enough diligence data to write a confident LOI from day one.
Create your free accountNo credit card required
For Buyers
For Sellers