SaaS Due Diligence Checklist: Practical Guide for Buyers
SaaS Due Diligence Checklist: Practical Guide for Buyers
Buying a SaaS business requires thorough due diligence to verify metrics, assess risks, and ensure you're making a sound investment. This practical checklist covers everything you need to review before closing a SaaS acquisition.
Why Due Diligence Matters
SaaS businesses are valued based on recurring revenue, growth, and customer metrics. Without proper due diligence, you might:
- Overpay for inflated metrics
- Miss hidden churn problems
- Discover technical debt too late
- Face legal or compliance issues
- Inherit customer concentration risks
This checklist helps you systematically verify every aspect of a SaaS business before committing to a purchase.
Financial Due Diligence
Revenue Verification
Monthly Recurring Revenue (MRR)
- [ ] Verify MRR through payment processor statements (Stripe, PayPal, etc.)
- [ ] Request 12-24 months of historical MRR data
- [ ] Check for one-time revenue mixed with recurring (inflates MRR)
- [ ] Verify revenue recognition timing (monthly vs. annual prepayments)
- [ ] Review revenue by plan tier and customer segment
Annual Recurring Revenue (ARR)
- [ ] Calculate ARR = MRR × 12
- [ ] Verify ARR growth trends (month-over-month, year-over-year)
- [ ] Check for seasonal patterns or anomalies
- [ ] Compare claimed ARR to actual payment processor data
Revenue Sources
- [ ] Subscription revenue (primary source)
- [ ] One-time setup fees or implementation revenue
- [ ] Professional services revenue
- [ ] Marketplace or transaction fees
- [ ] Affiliate or partnership revenue
Example: A SaaS claiming $10k MRR should show $10k in monthly Stripe deposits. If Stripe shows $8k, investigate the $2k difference.
Profitability Analysis
Gross Margin
- [ ] Calculate gross margin = (Revenue - Cost of Goods Sold) / Revenue
- [ ] SaaS target: 70-90% gross margin
- [ ] Review cost of goods sold (hosting, payment processing, support tools)
- [ ] Check for hidden costs in COGS
Operating Expenses
- [ ] Review all operating expenses (salaries, marketing, tools, office)
- [ ] Calculate operating margin = (Revenue - Operating Expenses) / Revenue
- [ ] Assess path to profitability if currently unprofitable
- [ ] Review burn rate and cash runway
Cash Flow
- [ ] Review cash flow statements for last 12-24 months
- [ ] Verify cash position and runway
- [ ] Check for outstanding debts or liabilities
- [ ] Review accounts receivable and payable
Customer Metrics
Customer Count
- [ ] Verify total active paying customers
- [ ] Check customer count trends (growing, stable, declining)
- [ ] Review customer segmentation (enterprise, SMB, individual)
- [ ] Verify customer data in CRM or database
Churn Rate
- [ ] Calculate monthly churn rate = (Lost Customers / Starting Customers) × 100
- [ ] Calculate annual churn rate
- [ ] Review churn by customer segment and plan tier
- [ ] Identify reasons for churn (product, pricing, competition)
- [ ] Target: <5% monthly churn for healthy SaaS
Customer Acquisition Cost (CAC)
- [ ] Calculate CAC = Total Sales & Marketing Costs / New Customers
- [ ] Review CAC trends over time
- [ ] Compare CAC by acquisition channel
- [ ] Assess CAC payback period (months to recover acquisition cost)
Lifetime Value (LTV)
- [ ] Calculate LTV = Average Revenue Per User (ARPU) × Gross Margin % / Churn Rate
- [ ] Review LTV:CAC ratio (target: 3:1 or higher)
- [ ] Assess LTV trends and customer retention
Net Revenue Retention (NRR)
- [ ] Calculate NRR = (Starting MRR + Expansion - Contraction - Churn) / Starting MRR
- [ ] Target: >100% NRR (growing within existing customers)
- [ ] Review expansion revenue (upsells, cross-sells)
- [ ] Check contraction revenue (downgrades)
Customer Concentration
- [ ] Identify top 10 customers by revenue
- [ ] Calculate revenue concentration (% from top customer, top 5, top 10)
- [ ] Red flag: >20% revenue from single customer
- [ ] Review customer contracts and renewal dates
Growth Metrics
Month-over-Month Growth
- [ ] Calculate MoM growth rate = (Current MRR - Previous MRR) / Previous MRR
- [ ] Review growth consistency (sustained vs. volatile)
- [ ] Identify growth drivers (marketing, sales, product improvements)
Year-over-Year Growth
- [ ] Calculate YoY growth rate
- [ ] Compare to industry benchmarks
- [ ] Assess growth sustainability
Sales Efficiency
- [ ] Review sales team size and productivity
- [ ] Calculate revenue per sales rep
- [ ] Assess sales cycle length
- [ ] Review sales pipeline and conversion rates
Product and Technical Due Diligence
Technology Stack
Core Platform
- [ ] Identify programming languages and frameworks
- [ ] Review hosting infrastructure (AWS, Google Cloud, etc.)
- [ ] Assess scalability and performance
- [ ] Check for technical debt and code quality
Third-Party Dependencies
- [ ] List all third-party services and APIs
- [ ] Review dependency risks (single points of failure)
- [ ] Check API rate limits and costs
- [ ] Assess migration difficulty if dependencies change
Data and Security
- [ ] Review data storage and backup procedures
- [ ] Verify security measures (encryption, access controls)
- [ ] Check compliance (GDPR, SOC 2, etc.)
- [ ] Review security incident history
Product Quality
User Experience
- [ ] Test the product as a user
- [ ] Review user feedback and reviews
- [ ] Check app store ratings (if applicable)
- [ ] Assess product-market fit
Feature Set
- [ ] Review feature list and roadmap
- [ ] Check for planned vs. delivered features
- [ ] Assess competitive differentiation
- [ ] Review technical documentation
Support and Operations
- [ ] Review customer support processes
- [ ] Check support ticket volume and response times
- [ ] Assess operational efficiency
- [ ] Review downtime and uptime statistics
Legal and Compliance Due Diligence
Corporate Structure
Entity Type
- [ ] Verify business entity (LLC, Corp, etc.)
- [ ] Review incorporation documents
- [ ] Check for any pending legal issues
- [ ] Verify ownership structure
Intellectual Property
- [ ] Review trademarks and patents
- [ ] Check for IP disputes or claims
- [ ] Verify ownership of code and assets
- [ ] Review open-source license compliance
Contracts and Agreements
Customer Contracts
- [ ] Review standard customer agreement terms
- [ ] Check for unusual clauses or liabilities
- [ ] Verify contract renewal terms
- [ ] Review enterprise customer contracts
Vendor Contracts
- [ ] List all vendor and supplier contracts
- [ ] Review contract terms and renewal dates
- [ ] Check for auto-renewal clauses
- [ ] Assess vendor dependency risks
Employment Agreements
- [ ] Review key employee contracts
- [ ] Check for non-compete and non-disclosure agreements
- [ ] Verify employment status and roles
- [ ] Assess key person dependency
Compliance
Regulatory Compliance
- [ ] Review industry-specific regulations
- [ ] Check for compliance certifications
- [ ] Verify data protection compliance (GDPR, CCPA)
- [ ] Review privacy policy and terms of service
Tax and Accounting
- [ ] Review tax filings and compliance
- [ ] Check for outstanding tax liabilities
- [ ] Verify accounting practices and standards
- [ ] Review financial audit history
Market and Competitive Analysis
Market Position
- [ ] Identify main competitors
- [ ] Assess competitive advantages
- [ ] Review market size and growth
- [ ] Check for market saturation risks
Brand and Reputation
- [ ] Review online reviews and ratings
- [ ] Check social media presence and sentiment
- [ ] Assess brand strength and recognition
- [ ] Review press coverage and mentions
Operational Due Diligence
Team Structure
- [ ] Review organizational chart
- [ ] Identify key employees and roles
- [ ] Assess team size and productivity
- [ ] Check for key person dependencies
Processes and Systems
- [ ] Review operational processes
- [ ] Assess automation and efficiency
- [ ] Check for documented procedures
- [ ] Review tool and software usage
Customer Success
- [ ] Review customer onboarding process
- [ ] Check customer success metrics
- [ ] Assess customer satisfaction scores
- [ ] Review customer retention strategies
Red Flags to Watch For
🚩 Inflated MRR: Revenue claims don't match payment processor data 🚩 High churn hidden: Declining customer counts not disclosed 🚩 Customer concentration: >20% revenue from single customer 🚩 Technical debt: Poor code quality or outdated technology 🚩 Legal issues: Pending lawsuits or compliance problems 🚩 Key person dependency: Business relies heavily on founder 🚩 Declining growth: Negative growth trends not disclosed 🚩 Refusal to provide access: Seller won't grant verification access
Using Automated Due Diligence Tools
Platforms like CounterX provide automated due diligence:
- Automated metric verification: Cross-check MRR, churn, and growth
- Trust Score: 0-100 score based on 8 verification pillars
- Due diligence reports: Comprehensive verification documentation
- Risk assessment: Automated flagging of potential issues
These tools save time and reduce human error, but should complement (not replace) manual review.
Post-Due Diligence: Decision Framework
After completing due diligence, assess:
- Valuation accuracy: Does the asking price match verified metrics?
- Risk level: Are identified risks acceptable?
- Growth potential: Can you improve the business post-acquisition?
- Strategic fit: Does this align with your goals?
If risks are acceptable and valuation is fair, proceed to negotiation. If not, walk away or renegotiate.
Conclusion
Thorough SaaS due diligence protects you from overpaying, hidden problems, and bad investments. Use this checklist systematically, verify everything independently, and don't rush the process.
The goal isn't to find perfection—it's to understand the business fully and make an informed decision.
Need help with SaaS due diligence? Use CounterX automated verification tools or browse verified SaaS listings. Learn more about how to buy newsletters safely or how newsletter marketplaces work.
Ready to value or buy a digital asset?
Use CounterX to find investment opportunities or list your asset for sale. Automated valuation, verified buyers, secure transactions.