Buying a SaaS Company

SaaS acquisitions center on recurring revenue, intellectual property, and customer contracts. The codebase, customer data, and subscription relationships are the assets. But what makes SaaS attractive - predictable recurring revenue - also creates unique risks: technology debt, customer churn dynamics, data privacy obligations, and hosting dependencies all require careful legal review.

Typical deal: $100K - $50M+ Structure: Asset Purchase or Stock Purchase

Request Engagement Assessment Key Legal Issues

Selective M&A Practice

Personal Attention

Managing Partner on Every Deal

The SaaS Company Acquisition Landscape

The U.S. SaaS market exceeds $200 billion in annual revenue. Micro-SaaS and SMB SaaS acquisitions have become a distinct asset class, with dedicated marketplaces and brokers facilitating transactions from five-figure tools to nine-figure platforms. Valuations are heavily driven by monthly recurring revenue (MRR), growth rate, churn, and net revenue retention.

Key Legal Considerations

SaaS Company acquisitions involve industry-specific legal issues that general business attorneys often miss:

IP ownership: codebase, patents, and open-source license compliance

Customer subscription agreements: terms, cancellation provisions, and assignability

Data privacy compliance: GDPR, CCPA, SOC 2, and data processing agreements

Technology stack: hosting contracts, third-party API dependencies, and vendor lock-in

Employee/contractor IP assignments: ensuring the company owns what was built

MRR/ARR verification methodology and churn calculation accuracy

Due Diligence Checklist: SaaS Company Acquisition

Before closing on a saas company purchase, verify each of these items:

Verify MRR/ARR through payment processor records (Stripe, PayPal, etc.)
Review codebase for open-source license compliance (GPL, MIT, Apache)
Confirm all developer IP assignments are properly documented
Assess customer churn rates: logo churn and revenue churn separately
Review data privacy compliance program and any breach history
Evaluate hosting and infrastructure costs as percentage of revenue
Analyze customer concentration and top 10 customer contract terms

Common Deal Killers

These issues kill more saas company acquisitions than bad economics:

IP ownership unclear: founders or contractors may have claims to the code

Open-source license violations that could force code to be released publicly

MRR calculations include non-recurring revenue or inflate expansion revenue

Why Legal Counsel Matters

SaaS acquisitions require both business M&A expertise and technology law understanding. IP ownership issues that surface post-closing can undermine the entire investment. Your attorney should conduct a thorough IP audit and ensure all developer contributions are properly assigned before closing.

Our Process: SaaS Company Acquisitions

A structured approach to saas company acquisition counsel

LOI and Preliminary Verification

We review the letter of intent, request access to financial and technical data, and conduct preliminary MRR verification.

IP and Technology Due Diligence

Codebase IP audit, open-source license review, developer assignment verification, and technology stack assessment.

Financial and Customer Due Diligence

MRR/ARR verification, churn analysis, customer contract review, concentration assessment, and data privacy compliance audit.

Purchase Agreement Negotiation

We negotiate the purchase agreement with SaaS-specific provisions: IP representations and warranties, MRR holdback, churn protection, and data privacy indemnification.

Closing and Transition

Code repository transfers, hosting account migrations, payment processor account transfers, customer notifications, and operational handoff.

Request Engagement Assessment

Valuation Benchmarks: SaaS Company Acquisitions

Understanding how saas company businesses are valued helps you determine whether a deal makes financial sense before engaging counsel.

ARR Multiple Multiple

3.0x - 8.0x ARR (annual recurring revenue)

Premium Drivers

Net revenue retention above 110% indicating expansion within existing accounts
Low customer churn (under 5% annual logo churn)
Scalable technology architecture with low marginal cost per customer
Diversified customer base with no single customer exceeding 10% of ARR

Discount Drivers

High customer churn or declining net revenue retention
Technical debt requiring significant engineering investment
Customer concentration with enterprise dependency
Founder-dependent sales process with no repeatable pipeline

Revenue Verification Methods

Independently verifying revenue is critical in any saas company acquisition. These methods help confirm reported financials before closing.

Subscription billing platform (Stripe, Chargebee) data reconciled with reported ARR and bank deposits

Cohort analysis of customer retention and expansion revenue over trailing 12-24 months

Contracted ARR verified through signed subscription agreements and usage-based billing records

Red Flags to Watch For

Beyond standard deal killers, these warning signs require investigation during due diligence on any saas company acquisition.

Technical debt or platform stability issues requiring significant engineering investment post-close

Customer concentration where losing one enterprise account materially impacts ARR

Key engineer or CTO departure risk with no documentation of architecture or codebase

Open-source or licensing dependencies that create intellectual property risk

Data privacy and security compliance gaps (SOC 2, GDPR, HIPAA) requiring remediation

Inflated ARR metrics from annual prepayments that mask monthly churn patterns

Pending contract renewals with major customers at risk of downsizing or cancellation

Request Engagement Assessment

Frequently Asked Questions

Common questions about buying a saas company

How are SaaS companies valued?

SaaS companies are typically valued as a multiple of annual recurring revenue (ARR), ranging from 2x to 10x+ depending on growth rate, churn, margins, and market position. Key metrics include net revenue retention, gross margins, customer acquisition cost, and lifetime value. Fast-growing SaaS with low churn commands premium multiples.

How do I verify MRR for a SaaS acquisition?

MRR verification requires access to payment processor data (Stripe dashboard, PayPal records), subscription management platform data, and bank statements. Cross-reference reported MRR against actual cash received. Watch for inflated metrics: one-time payments counted as recurring, annual prepayments spread monthly, or trial revenue included.

What IP risks exist in a SaaS acquisition?

Common IP risks include: contractors who never signed IP assignment agreements, open-source components with copyleft licenses (GPL) that could require code disclosure, and co-founders who left without proper IP transfer. A code audit and IP chain-of-title review are essential due diligence steps.

What data privacy obligations come with buying a SaaS company?

You inherit all data privacy obligations: GDPR (if EU users), CCPA (if California users), and any contractual commitments in data processing agreements. Verify the company's privacy policy, data processing agreements with customers, and any history of data breaches or privacy complaints.

Should I buy a SaaS company as an asset or stock purchase?

Both are common. Asset purchases let you avoid unknown liabilities but may complicate customer contract transfers and require individual customer consent. Stock purchases keep contracts intact but include all liabilities. The right structure depends on the customer contract terms, IP ownership clarity, and risk profile.

Need Specific Guidance?

Submit your transaction details for a preliminary assessment by our managing partner

Submit Transaction Details