Why VCs Don't Sign NDAs — And What Founders Should Do Instead
If you have spent any time raising venture capital, you have almost certainly encountered this dynamic: you prepare to share your business plan with a potential investor and ask them to sign a non-disclosure agreement first. The VC politely but firmly declines. You feel a flash of anxiety — are they about to steal your idea? — and the conversation continues anyway.
This is not a rare occurrence. It is a near-universal feature of the early-stage venture capital ecosystem. With very few exceptions, institutional investors — from large multi-stage funds down to small seed-focused firms like Curevstone Capital — do not sign NDAs before initial meetings or during the exploratory phases of deal assessment. Founders who encounter this for the first time often find it puzzling, sometimes alarming. Understanding why this norm exists — and what it actually means for the security of your business — is important context for navigating the fundraising process effectively.
This post offers our perspective on why VCs decline NDAs, why the absence of an NDA is less risky than it might feel, and — most importantly — what practical steps founders can take to protect their proprietary information in a world without signed confidentiality agreements.
Why VCs Don't Sign NDAs: The Structural Reasons
The reluctance of venture capital firms to sign NDAs is not arbitrary. It stems from several structural features of the VC business model that create genuine complications when NDAs are involved.
Deal flow volume. A reasonably active seed fund might review several hundred pitch decks per year and take initial meetings with several dozen companies. The administrative burden of negotiating, reviewing, executing, and tracking hundreds of NDAs annually would be substantial — particularly because NDA terms are rarely standardized and often require back-and-forth on specific provisions. More importantly, each signed NDA creates a legal obligation that the firm must actively manage, tracking what information was shared when and under which restrictions.
Concurrent evaluation of similar companies. Venture funds frequently evaluate multiple companies in the same space at the same time. In any given month, we might be looking at three or four companies building in adjacent parts of the AI infrastructure stack, or two competing approaches to a particular healthcare delivery problem. If we had signed NDAs with each company, we would face genuine legal ambiguity about whether evaluating a competitor — even one we discovered entirely independently — constitutes a breach. The risk of inadvertent violation is real and creates liability exposure that benefits no one.
Downstream investment activity. This is perhaps the most practically important point. If a VC firm signs an NDA with a company it ultimately decides not to invest in, and then later invests in a competitor of that company, the founder might argue that the investment was enabled by confidential information shared during due diligence. These situations rarely lead to actual litigation, but the possibility creates legal risk that most firms prefer to avoid entirely by simply not creating the underlying agreement.
Reputation as a substitute for contract. The venture capital industry runs on reputation to an unusual degree. A fund that became known for misappropriating founders' ideas or leaking confidential information would suffer severe consequences: deal flow would dry up, relationships with co-investors would deteriorate, and the fund's ability to raise subsequent funds from limited partners would be compromised. The reputational stakes are high enough that they function as a de facto confidentiality mechanism, independent of any formal legal obligation.
"The reputation a VC builds with founders — honest, discreet, trustworthy — is one of their most important business assets. No serious firm would risk it by misusing what founders share in confidence."
Does the Absence of an NDA Actually Put You at Risk?
Let's address the underlying concern directly: if you share your pitch deck, your financials, your product roadmap, and your go-to-market strategy with a VC who has not signed an NDA, are you at meaningful risk?
In practice, for most early-stage companies, the honest answer is: not very much. There are several reasons for this.
Ideas are not companies. The most commonly shared concern is that a VC will hear your idea and either take it themselves or share it with a portfolio company that will execute it faster. This fear assumes that the most valuable thing about your company is the idea. In reality, execution — team, speed, customer relationships, technical architecture, accumulated product insights — is almost always more important than the original idea. Facebook was not the first social network. Google was not the first search engine. Uber was not the first company to think about on-demand transportation. What made these companies valuable was not the idea but the execution.
VCs are not operators. Even if a VC firm were inclined to misappropriate a business concept — which, as discussed above, would be profoundly destructive to their business — venture capital firms are not equipped to execute on company-building themselves. Their business model is investing in other people who build companies, not building companies. The concern that a VC will "steal" your idea by going off and building it themselves is largely unfounded by the structure of their business.
NDAs provide less protection than they appear to. Even when an NDA is signed, its enforceability is often limited. Proving that information was misappropriated — rather than independently developed — is extremely difficult. If the information in question is available through public sources, the NDA's protections are severely weakened. And pursuing legal remedies against a well-funded institutional investor is expensive, time-consuming, and distracting for an early-stage company that has far better uses for its resources. In many cases, the NDA provides more psychological comfort than practical protection.
The Hidden Cost of Insisting on NDAs
There is another dimension to this conversation that founders rarely consider: insisting on NDAs before meeting with VCs has real costs that can work against your interests.
It signals inexperience. Founders who insist on NDAs before an initial exploratory meeting are often signaling unfamiliarity with how the venture ecosystem works. This is not fatal — first-time founders don't know what they don't know — but it creates a subtle credibility issue that experienced investors notice.
It slows down fundraising. The fundraising process is a sales process. Speed matters. Every additional friction point in the early stages of investor engagement increases the probability that momentum is lost before it is built. An investor who is mildly interested in a company is less likely to push through the friction of NDA negotiation than a highly convicted investor — which means the friction of NDAs disproportionately filters out marginal interest rather than protecting against genuine threats.
It can constrain the investor's ability to help you. If a VC signs a mutual NDA — which is the standard form, binding both parties — the VC is also constrained in what they can share about you. When they want to make introductions to potential partners, customers, or co-investors, they may be constrained by the terms of the NDA from mentioning key details about your business. The same agreement that was supposed to protect you can limit how actively your investor advocates for you.
It can undermine your fundraising narrative. Part of the art of fundraising is creating competitive tension — the sense that you are a sought-after opportunity that multiple investors want. If mutual NDAs restrict what you and your investors can say about your conversations, building that narrative becomes harder. The ability to say "we have a term sheet from [specific firm]" is more powerful than "we have a commitment from a VC that we cannot name." Confidentiality works against social proof.
What Founders Can Do Instead: Practical Alternatives
None of the above means you should share everything with everyone indiscriminately. There are smart, effective ways to protect your company's sensitive information in a world without signed NDAs. Here is our recommended approach.
Tier your information. Not all information is equally sensitive, and not all investors are equally known quantities. Structure your disclosure in layers. An initial outreach might include a high-level one-pager — enough to generate interest without disclosing your most sensitive proprietary information. A first meeting allows you to share more context and assess the investor's genuine interest and track record. Detailed financials, technical architecture, customer lists, and pipeline data should be reserved for investors who have demonstrated serious intent and whose firm you have already researched.
Know who you're talking to before you share anything. Research the firm and the specific partner before your meeting. Do they have existing portfolio companies that compete directly with you? What do founders who have worked with them say about their conduct? Warm introductions from mutual connections provide not just a better chance of getting a meeting but a better basis for assessing the investor's trustworthiness.
Use document-sharing tools that give you visibility. When sharing sensitive documents, use tools that provide some visibility into access. DocSend (now part of Dropbox) allows you to track when your deck is opened, by whom (when email capture is enabled), how long each slide is viewed, and how many times it has been accessed. You can revoke access at any time. Dynamic watermarking — embedding the recipient's information into the document itself — ensures that if a document leaks, you can trace its origin.
For deep-dive due diligence, use a structured data room. If you reach the stage of serious due diligence with an institutional investor, consider setting up a formal virtual data room with granular access controls. Tools like Intralinks, Firmex, or Merrill Datasite allow you to set permission levels by user, track every access event, and restrict downloading or printing. These tools are more than most seed-stage companies need, but they become relevant when sharing sensitive IP documentation, key customer contracts, or detailed financial records with multiple potential investors.
Build real defensibility that doesn't depend on secrecy. The most durable protection against idea theft is building a moat that cannot easily be replicated even by someone who understands exactly what you're doing. Customer relationships and trust, proprietary data accumulated over time, a team that is deeply expert in a domain, regulatory approvals, and network effects — these are forms of competitive advantage that secrecy cannot replace. A company whose only protection is that competitors don't know what they're doing is vulnerable regardless of how many NDAs are signed.
A Note on Late-Stage Agreements
While NDAs are unusual in the early stages of the VC relationship, formal confidentiality provisions do appear in more advanced stages of the fundraising process. Term sheets typically include an exclusivity period during which the founder agrees to stop shopping the deal; in exchange, it is reasonable to ask for explicit confidentiality commitments around the terms themselves. Once a definitive investment agreement is being negotiated, confidentiality provisions are often embedded in the transaction documents.
The appropriate time to introduce formal confidentiality protections is when both parties have committed to a serious path toward investment — not at the front door of an initial meeting. Framing it this way — as a component of definitive documentation rather than a prerequisite for conversation — is both more practically achievable and more strategically sound.
The Bigger Picture: Building Trust in the Ecosystem
The venture capital ecosystem works, in part, because of a shared set of informal norms around trust, confidentiality, and fair dealing. Investors who violate those norms don't survive long in an industry where reputation is currency. Founders who understand the norms can navigate the ecosystem more effectively — not by abandoning reasonable precautions, but by matching the level of protection to the actual level of risk.
The NDA question is, ultimately, a proxy for a deeper question: how much do you trust the person you're talking to? The answer should come not from a signed piece of paper but from the research you've done on the firm, the references you've gathered from founders they've backed, and the quality of the conversation itself. The investors worth working with are those who earn your trust through their conduct — who ask smart questions, share useful perspective, respect what you share in confidence, and add value regardless of whether they ultimately invest.
At Curevstone Capital, we take our responsibilities to founders seriously. Information shared with us in the context of a fundraising conversation is treated with discretion, full stop. We don't sign NDAs before initial meetings — but we also don't share what founders tell us in confidence with anyone who has no legitimate reason to know.
If you are building a company and want to explore whether we might be the right partner, we welcome the conversation. Reach out at contact@curevstone.com.