Software Due Diligence

Software Due Diligence for SaaS Heavy Targets

In a SaaS heavy target the risk does not sit in a contract binder. It sits in expense reports, admin consoles, and renewals nobody is watching. Software due diligence for SaaS heavy targets means rebuilding the real estate, then pricing the true up, renewal, and duplication exposure the buyer is about to inherit.

Software due diligence for SaaS heavy targets is a different exercise from the on premises work most deal teams know. A subscription estate does not sit in a contract binder. It sits in expense reports, corporate cards, and dozens of admin consoles that no single person in the target can see end to end. When the primary keyword of a diligence is software due diligence for SaaS heavy targets, the buyer is not chasing a perpetual license breach. The buyer is chasing renewal exposure, seat true up risk, and a spend base that grows quietly every quarter.

This guide sets out how to scope and run that work so the deal team gets a defensible number rather than a list of logos. It sits under the wider software due diligence method and feeds directly into post close license reconciliation. If the target runs a mixed estate, pair it with software due diligence for on premises estates.

What software due diligence for SaaS heavy targets has to find

The exposure in a subscription estate is rarely a single headline breach. It is the sum of many small leaks plus a few contractual traps. The leaks are overprovisioned seats, duplicate tools doing the same job, premium tiers nobody uses, and shadow purchases on personal cards. The traps are auto renewal clauses with short cancellation windows, minimum commit floors, and pricing that resets on a change of control. A buyer that maps only the named, contracted vendors misses the half of the estate that lives outside procurement.

The first job is therefore reconstruction. You build the real inventory from finance data, single sign on logs, and expense systems, then reconcile it against the contracts the target hands over. The gap between the two is where the risk lives.

Where SaaS spend leaks in a typical targetBar chart estimating the share of recoverable annual SaaS waste by source, with overprovisioned seats and duplicate tools as the largest contributors.Where SaaS spend leaks in a typical target32%Overprovisionedseats24%Duplicate oroverlappingtools18%Unused premiumtiers15%Auto renewedand forgotten11%Shadowpurchases

Reconstruct the estate before you trust the contract list

Ask the target for its vendor master and contract register, then treat both as incomplete. The authoritative picture comes from three feeds: the general ledger and accounts payable for anything paid by invoice, the corporate card and expense platform for anything paid by card, and the identity provider for anything users actually log in to. Cross referencing these three exposes tools that finance never coded as software and that the CIO has never seen. In a SaaS heavy target the difference between the declared list and the reconstructed list is routinely 30 percent or more by vendor count.

SaaS diligence data requests and what each one reveals
Data sourceWhat you requestWhat it exposes
General ledger and AP12 to 24 months of software coded spendContracted vendors, true annual run rate, price increases
Corporate card and expenseLine level card and reimbursement dataShadow IT and team level purchases outside procurement
Identity providerSingle sign on application list and login countsActive tools, dormant seats, apps with no contract on file
Admin consolesSeat counts and tier per applicationOverprovisioning, unused premium features, true utilisation
Contract registerOrder forms, MSAs, renewal datesAuto renewal traps, minimum commits, change of control terms

Quantify seat true up and renewal exposure

Once the inventory is real, the exposure splits into two numbers the deal team can act on. The first is seat true up: where deployed or active users exceed the contracted entitlement, the vendor can bill the difference, often at list rather than the negotiated rate. The second is renewal exposure: the uplift the target will face at the next renewal because of usage growth, expiring discounts, or commitments that no longer match headcount. Both belong in the model, and both are easy to miss if you read only the current invoice.

Key takeaways

  • In a SaaS heavy target the contracted vendor list is usually incomplete. Rebuild the estate from finance, expense, and identity data before trusting it.
  • The exposure is the sum of seat true up, renewal uplift, duplicate spend, and auto renewal traps, not a single headline breach.
  • Change of control and anti assignment terms in subscription agreements can reprice or terminate on signing. Read them before the deal structure is fixed.
  • Dormant seats and unused premium tiers are recoverable synergy. Size them in diligence so the buyer can underwrite the saving.

Read the subscription contracts for change of control terms

Subscription agreements carry the same structural risks as perpetual licenses, in different clothing. A change of control or anti assignment clause can let a vendor reprice or refuse to novate the agreement to the new owner, which matters in a carve out or asset purchase more than a straight stock deal. Multi year prepaid commits can become stranded cost if the combined entity rationalises tools. The point is to read these terms while the structure is still negotiable, because a clause that bites after close is far more expensive than one priced in before signing. The contract reading discipline applies here as much as it does on premises.

Turn duplication into underwritable synergy

A SaaS heavy target almost always carries overlap that the combined entity will not keep. Two video tools, three project trackers, overlapping security suites. This is not only risk, it is synergy the buyer can bank if it is sized properly in diligence. The discipline is to tag every tool by function, flag the overlaps, and estimate the run rate that survives rationalisation. That number supports the investment case and gives the integration team a target on day one. Carry it straight into post close reconciliation so the saving is owned, not just hoped for.

Connect the findings to the deal model

None of this matters unless it reaches the people pricing the deal. Express the SaaS findings as three lines the model can absorb: the true up exposure that should be priced or escrowed, the renewal uplift that raises the forward run rate, and the rationalisation saving that supports synergy. Anchor the credibility of the work with dated proof points where relevant, and present the exposure as a range rather than a false single figure, in the same way you would for quantifying software audit exposure before you sign.

Recommendations for buyers

  1. Request finance, expense, and identity data on day one and rebuild the estate independently rather than accepting the target vendor list.
  2. Separate the number into true up exposure, renewal uplift, duplicate spend, and contractual traps so each can be priced or negotiated on its own.
  3. Flag every change of control and minimum commit clause for counsel before the deal structure is locked.
  4. Hand the rationalisation target and the owner straight to the integration team so the synergy survives into reconciliation.

Build a renewal calendar the buyer can act on

One practical output of SaaS diligence is a renewal calendar: every material subscription, its renewal date, its notice period, and its auto renewal terms, laid out on a single timeline. A subscription estate punishes the buyer that loses track of dates, because a missed cancellation window can lock the combined entity into a tool it intends to drop, at a price set before the deal. The calendar turns a scattered set of contracts into a manageable schedule, and it tells the integration team which renewals fall inside the first hundred days, where a decision to keep, drop, or renegotiate has to be made quickly. A buyer that walks into the first major renewal already knowing the notice period and the alternatives negotiates from strength rather than scrambling to avoid an automatic rollover.

Test the data the target gives you

A SaaS heavy target often presents a clean spend summary that hides as much as it shows. Treat any single source as a claim to be tested, not a fact to be accepted. A finance export may net out card spend; an admin console may show licensed seats without showing how many are dormant; a vendor portal may report contracted users rather than active ones. The discipline is triangulation: every material number should be confirmed from at least two independent feeds before it goes into the model. Where the feeds disagree, the disagreement is itself a finding, because it usually points to spend or usage that no one in the target is managing. A number confirmed from one source is a starting point, not a conclusion.

Why an independent buyer side advisor changes the result

The target has no incentive to surface its own subscription waste, and a reseller has no incentive to shrink the spend it earns on. An independent, buyer side advisor reconstructs the estate without those conflicts and presents the deal team a number it can defend. That is the difference between a diligence that lists vendors and one that protects value, both before signing and into the first reconciliation after close.

Independent and buyer side. We act only for the acquirer. We hold no affiliation with any software publisher or reseller and are paid solely by you. This page is commercial and licensing guidance, not legal advice. Confirm any contractual interpretation with your own counsel.

Frequently asked questions

What makes software due diligence for SaaS heavy targets different?

A subscription estate is not in one contract binder. It lives across finance, expense, and identity systems, so the work is reconstruction first. You rebuild the real inventory, then price seat true up, renewal uplift, duplicate spend, and auto renewal traps rather than chasing a single perpetual license breach.

How do you find shadow SaaS in a target?

Cross reference three feeds: the general ledger and accounts payable, the corporate card and expense platform, and the identity provider login list. Tools that appear in one feed but not the contract register are the shadow purchases that standard diligence misses.

What is seat true up risk in a SaaS deal?

It is the gap between deployed or active users and contracted entitlement. Where usage exceeds the entitlement, the vendor can bill the difference, often at list price rather than the negotiated rate. It belongs in the deal model as a priced exposure.

Do change of control clauses apply to SaaS contracts?

Yes. Subscription agreements can carry change of control and anti assignment terms that let a vendor reprice or refuse to novate to the new owner, especially in a carve out or asset purchase. Read them before the deal structure is fixed.

Can SaaS overlap become a synergy?

Yes. A SaaS heavy target usually runs duplicate tools the combined entity will not keep. Sized properly in diligence, the rationalisation run rate is underwritable synergy that supports the investment case and gives the integration team a day one target.

Who should run SaaS diligence on a target?

An independent, buyer side advisor with no affiliation to any publisher or reseller. The target will not surface its own waste and a reseller earns on the spend, so only an independent party reconstructs the estate without a conflict.

See the SaaS exposure before you sign.

We rebuild the target subscription estate from finance, expense, and identity data, then price the true up, renewal, and duplication exposure your deal model needs.

Request a software due diligence