Summarize with ChatGPT
AI continues to reshape technology mergers & acquisitions by expanding diligence, representations & warranties, and contractual risk allocation.
Artificial intelligence (“AI”) M&A has matured rapidly over the past decade. Early transactions centered on software platforms, data analytics engines, and, more recently, the use of generative AI models. The transactional focus in those deals was relatively predictable: intellectual property ownership, open-source exposure, data rights, privacy compliance, and talent retention. A structural shift is now underway. AI is increasingly embedded in physical systems, autonomous drones, robotics platforms, medical devices, industrial automation systems, advanced driver assistance technologies, and defense-adjacent hardware. This emerging category, commonly described as “physical AI” fuses machine learning with hardware, sensor arrays, and real-time actuation systems.
For M&A practitioners, particularly in the US-Israel corridor, where cyber, robotics, med-tech, mobility, and defense technologies are highly active sectors, physical AI materially alters the negotiation and drafting of representations & warranties (“R&Ws”), indemnification structures, and IP risk allocation.
This short article aims to examine how AI is reshaping transactional practice and reframing diligence and documentation. It focuses in particular on emerging AI R&Ws, AI tooling, and the alignment of AI risk allocation with traditional product-liability constructs in physical AI transactions.
Israeli technology M&A in 2025 reflected a market of contrasts: record exit values driven by a small number of concentrated mega-transactions, alongside continued discipline in broader deal pricing and volume. At the same time, AI has shifted from being a product feature to becoming a core enterprise value driver. In AI-centric transactions, value increasingly depends on data rights, training pipelines, governance controls, and where AI is embedded in physical systems, safety validation and product liability posture.
The Israeli M&A market in 2025 was defined not merely by resilience, but by pronounced concentration of value. According to year-end reporting by Startup Nation Central, Israeli high-tech M&A activity in 2025 reached approximately $74.3 billion across 150 transactions. When including follow-on deals and IPOs, the aggregate value of all tech exits and transactions reached approximately $89.8 billion according to PwC Israel, the second-largest total in Israeli tech history, surpassed only by the $100+ billion recorded during the IPO boom of 2021. A substantial portion of this figure was attributable to a limited number of mega-transactions, particularly in the cyber sector, including the $32 billion acquisition of Wiz by Alphabet, the $25 billion acquisition of CyberArk by Palo Alto Networks, and ServiceNow’s $7.75 billion acquisition of Armis.
This concentration matters. In markets where a small number of headline transactions account for a material portion of annual value, valuation signals can become distorted. The “average deal” may look robust, while the “median deal” remains comparatively disciplined. Indeed, excluding Wiz, the average acquisition size fell 40% to approximately $160 million – a reminder that headline statistics can obscure the broader market. For transactional counsel, the practical implication is that buyer scrutiny often intensifies even as aggregate market statistics improve. Where strategic acquirers pay premiums for deep infrastructure capabilities, including cybersecurity architecture, AI platforms, proprietary datasets, and advanced R&D teams, diligence and drafting expand to address the specific failure modes of those assets.
Israeli M&A is structurally shaped by a high proportion of cross-border buyers and by the country’s export-oriented technology sector. According to the Israel Innovation Authority, high-tech activity accounts for approximately 17% of national GDP (NIS 317 billion) and continues to dominate Israeli exports, reaching 56.4% of total exports in 2024 and rising to 57.2% by the first four months of 2025, the highest ratio ever recorded. As a result, the diligence baseline for Israeli targets is often set not by Israeli law alone, but by the expectations of acquirers operating within U.S. and EU regulatory environments. This cross-border importation of risk expectations increasingly influences the content of Israeli acquisition agreements, including AI-related R&Ws and more nuanced indemnification mechanics.
Another factor influencing Israeli M&A activity in recent months is the depreciation of the U.S. dollar against the NIS, which has had a meaningful twofold impact on the market. As most Israeli M&A transactions and investment rounds are denominated in U.S. dollars, while a substantial portion of companies’ operating expenses – particularly salaries and local services – are incurred in NIS, the weakening USD effectively reduces the purchasing power of invested capital when converted into local currency. This dynamic places pressure on companies’ operating budgets and runways, and in some cases prompts parties to revisit valuation assumptions, deal structures, or negotiation dynamics.
Technology acquisitions have historically emphasized revenue multiples, growth rates, and defensible intellectual property. In 2025, however, many AI-driven transactions appear to anchor value in what might be described as technological infrastructure: assets that may not be fully reflected in current revenue but are central to future scalability.
Such infrastructure includes proprietary datasets, curated and continuously refreshed training pipelines, integration layers between AI models and enterprise systems, and engineering teams capable of sustained iteration post-closing. In AI-centric targets, the legal durability of these components directly affects enterprise value. A model’s performance depends, inter alia, on the legality and usability of its data pipeline. A platform’s defensibility depends on enforceable toolchain terms, open-source compliance discipline, and robust assignment and confidentiality frameworks.
For transactional counsel, the key insight is that governance and value are no longer separable. Where the core asset is an AI system, its long-term utility is contingent on documented compliance with data rights, tool licenses, and information security controls. This linkage becomes even more pronounced when AI is embedded in physical systems.
According to Jensen Huang, founder and CEO of NVIDIA, “The ChatGPT moment for robotics is here. Breakthroughs in physical AI-models that understand the real world, reason, and plan actions are unlocking entirely new applications”. There is a growing consensus that AI is now entering the era of physical AI: creating systems that understand the real world, interact with it, and perform physical tasks, not merely generate text or images. Much of the public discourse surrounding AI has focused on software-only applications. Yet an increasing proportion of deep-tech innovation, within Israel and globally, is deployed into physical environments: robotics, medical devices, industrial automation, autonomous mobility, and other cyber-physical systems.
From an M&A perspective, physical AI materially alters the risk profile of target companies. While failures in software-based AI typically give rise to contractual disputes, data protection exposure, or regulatory scrutiny relating to data use, failures in physical AI systems such as robotics, autonomous devices, or AI-enabled hardware may lead to bodily injury, property damage, regulatory investigations, and multi-jurisdictional product liability claims. Because physical AI systems interact directly with the physical environment, their potential failure modes are broader and the magnitude of potential harm is significantly greater, fundamentally altering the risk calculus in M&A transactions.
As a result, diligence and risk allocation must assess not only model performance and data governance, but also real-world validation, system safety, and operational reliability. Buyers are increasingly requesting expanded and tailored R&Ws and covenants addressing product safety, regulatory compliance, and incident management. These requests are typically paired with more detailed disclosure obligations, including engineering documentation, safety validation and testing evidence, change-management or model-release procedures, and records of prior incidents or near-misses. The diligence exercise is therefore both retrospective and forward-looking: assessing whether systems have been tested under diverse operating conditions, whether model updates follow documented release and quality-assurance processes, and whether monitoring, incident response, and remediation practices are embedded within the organization. Where material gaps or uncertainties are identified, parties increasingly allocate lifecycle and product-risk exposure through targeted indemnities, enhanced warranty frameworks, and structured escrows or holdbacks.
Although Israel did not enact a standalone AI statute, regulatory developments materially affect AI transactions. Amendment No. 13 to the Protection of Privacy Law, entered into force on August 14, 2025, strengthening enforcement authority and modernizing compliance obligations relating to personally identifiable information (“PII“) processing.
More traditional AI diligence is often, in practice, data diligence. Training datasets may contain PII, proprietary information, regulated categories of data, or enterprise data subject to contractual confidentiality constraints. The transactional question is operational: whether the buyer can continue to use, refresh, and scale the dataset pipeline post-closing without violating legal or contractual restrictions.
In physical AI systems, these questions intensify. Sensor and telemetry data may be central both to model improvement and to safety monitoring. Data governance, therefore, intersects with product liability risk, reinforcing the need for integrated legal and technical diligence.
Looking ahead, the EU AI Act’s phased implementation through 2026 and 2027 will impose new compliance obligations on high-risk AI systems, many of which are developed by Israeli companies for European markets. Practitioners should expect AI diligence to become as routine and rigorous as cybersecurity or environmental review.
AI transactions consistently present a core allocation question: which party bears the risk that the AI asset is not legally durable, not operationally maintainable, or not safely deployable at scale?
From a seller’s perspective, documentation readiness becomes critical. AI businesses often evolve iteratively, with datasets, tools, and workflows changing rapidly. Yet acquisition agreements increasingly require detailed disclosure of AI tools, products, and training datasets. Sellers must therefore treat AI exit readiness as governance readiness, ensuring that tool terms are reviewed, internal policies are adopted, and datasets are mapped in advance of a transaction.
Sellers also face pressure to provide R&Ws regarding ownership of models and outputs, and to confirm, inter alia, that AI tool providers retain no residual rights. These commitments depend not on abstract doctrine but on the granular terms of platform licenses and the structure of training workflows.
Buyers, for their part, increasingly treat dataset usability as the new analogue to IP ownership. A model trained on data that cannot lawfully be refreshed or integrated into the buyer’s global R&D environment may degrade in value. Third-party AI tools and hosted model providers can also become hidden operational dependencies, affecting integration and scalability.
In physical AI transactions, buyers frequently extend this analysis into safety governance – the objective is not only to confirm performance at signing, but to understand the durability of that performance post-closing.
Transaction documentation increasingly reflects these diligence themes. Two categories of AI R&Ws have become particularly salient in Israeli M&A practice: AI tooling and generative AI usage R&Ws, and broader AI development and training representations.
In some acquisition agreements, sellers have provided stand-alone AI R&Ws addressing compliance with internal AI policies and third-party AI tool terms. Such provisions often include confirmations that sensitive PII, trade secrets, or other confidential information have not been included in prompts or inputs to external AI tools, subject to carefully drafted carve-outs for tools that do not train on user inputs. They may also address ownership of outputs and require disclosure of dependencies on AI technologies in the disclosure schedules.
Other agreements have gone further, requiring a complete and accurate inventory of AI tools, products, and training datasets used in the development, operation, or improvement of AI systems. Sellers have represented that required licenses and permissions have been obtained for each training dataset and that controls have been implemented to mitigate risks of regurgitation, copyright infringement, trade secret misappropriation, or harmful outputs. In some instances, sellers have also represented ownership of models created, trained, or fine-tuned using the company’s proprietary data.
These R&Ws serve a practical function: they translate evolving legal uncertainty into contractual risk allocation. Even where the legal status of AI outputs and training inputs continues to develop across jurisdictions, acquisition agreements allocate risk between the parties. Where AI is embedded in products, AI R&Ws increasingly appear alongside traditional product-liability R&Ws. Sellers may represent the absence of product recalls, governmental notices of violation, or material safety claims. In physical AI transactions, such provisions function as disclosure-forcing mechanisms and create pathways for targeted indemnities or separate liability caps where safety exposure is identified.
While AI-related diligence and R&W packages have become increasingly common across Israeli technology transactions, the negotiating center of gravity varies depending on the role AI plays in the target’s business. In some cases, AI is merely adjacent to the core product or activity – for example, through the use of generative AI tools – whereas in others it is the primary value driver, whether deployed as software or embedded in physical products. From an M&A perspective, the distinction is therefore less about sector and more about the nature of the risks a buyer assumes at closing and the contractual mechanisms available to allocate those risks.
In pure software AI transactions, the central risk categories typically include:
By contrast, in physical AI transactions, the buyer is not only acquiring code and data rights but also inheriting a system that interacts with real-world conditions. The legal and economic risk therefore, tends to expand to include:
Across both software and physical AI transactions, buyers increasingly treat training data as a core value driver whose legal usability must survive closing. Acquisition agreements therefore often require disclosure of training datasets and representations that all necessary licenses, permissions, and consents have been obtained.
These provisions address more than backward-looking compliance. Their central purpose is forward-looking: ensuring the buyer can continue operating and improving the model, refresh datasets, and integrate the AI stack into its broader R&D and product environment.
The issue becomes more acute in physical AI systems, where telemetry and sensor data frequently support both model improvement and safety monitoring. The key transactional question is whether those data streams remain usable post-closing without contractual or regulatory restrictions that could undermine system maintainability or performance.
More broadly, these R&Ws reflect a growing contractual allocation of AI-specific risks, including regurgitation and misappropriation. In practice, they both force disclosure of governance controls and create a remedy path for claims linked to pre-closing training practices or tool use.
Post-closing integration is another area where physical AI diverges from software AI. Post-closing changes, such as retraining, fine-tuning, and dataset refresh can materially alter system performance and risk profile. In software AI, this typically presents an output reliability risk. In physical AI, a model update can alter device behavior in safety-critical ways. Buyers increasingly evaluate whether the target has documented post-closing change control and validation governance. Where gaps exist, parties may respond through post-closing covenants, conditions precedent, or price protection mechanisms such as escrows tied to remediation milestones.
Finally, the remedy structure differs. In software AI transactions, breaches of AI, IP, or data R&Ws are often present as financial harm manageable via caps, baskets, and survival periods. In physical AI, harm may be non-linear: a single incident can cascade into claims, regulatory inquiries, corrective actions, and recall programs. This is why product-oriented R&Ws and targeted indemnity packages, often with separate liability caps and extended survival periods, become more prominent in physical AI acquisitions.
Israeli M&A in 2025 illustrates both the scale of strategic appetite for deep-tech innovation and the growing complexity of acquiring AI-intensive businesses. As AI becomes an enterprise-defining asset, and as physical AI expands the liability surface into the real world, diligence and documentation are adapting accordingly.
AI diligence is increasingly distilled into the R&W package, with provisions focused on training datasets and non-infringement, tool dependencies, model and output ownership, and controls aimed at AI-specific failure modes. In physical AI transactions, these provisions sit alongside product-liability representations addressing claims history, regulatory compliance, and recalls. Together, these trends reflect a broader shift: in modern AI M&A, enterprise value is determined not solely by what the company owns at signing, but by whether the buyer can lawfully, safely, and sustainably operate and evolve the acquired system over time.
For practitioners, these developments carry concrete implications. Sellers contemplating exits should conduct AI governance audits well before a transaction process begins, ensuring that training data provenance, tool licenses, and internal AI policies are documented and defensible. Buyers should integrate AI-specific diligence into their standard playbooks rather than treating it as a separate workstream, recognizing that AI risk cuts across IP, data, product, and regulatory inquiries. Deal timelines may extend as diligence becomes more technical, and valuation negotiations increasingly turn on the durability of AI assets rather than merely their current performance.
The next decade of AI-driven M&A will not be defined solely by data and code. It will be shaped by machines that move, act, and decide in the physical world, and by the legal architectures built to manage the risks they create.
