Partner
Buying a SaaS business? You will need the assistance of lawyers with specific and deep SaaS experience who also have extensive experience with buying and selling businesses. At Revision Legal, we have the staffing, lawyers, and legal solutions to get the Purchase Agreement finalized, assist with the due diligence, and get the deal done. If there ends up being a dispute, we are also top-tier SaaS litigators. Here are a few examples of difficult practical and legal issues that are common in SaaS acquisition transactions:
Key employees — if key employees from the target SaaS business are remaining with the new or merged entity, various solid and enforceable contracts are needed, such as executive employment, compensation, stock options, and other agreements; if the key employees are not remaining, then severance, non-compete, recovery of IP, and strong confidentiality agreements are needed along with, maybe, negotiated terms with respect to post-closing training and support services for new management
Prepared and ready change of passcodes and authorizations — when the acquisition is consummated, all system passcodes and authorizations must be quickly changed to protect the system and servers from unauthorized access; but, at the same time, the change-over must be smooth and unproblematic
Key client authorizations — some larger SaaS clients may have contractual rights with respect to circumstances where ownership of the SaaS provider changes hands; due diligence must uncover this, and requirements must be met
Subscription Service Agreement automatic assignments — aside from some specific larger key clients, generally, it must be confirmed early on that any and all service subscription service contracts are automatically assignable to the acquiring business
Auto-transfer of subscriber confidential data — it must be confirmed that service subscribers have already consented to the transfer of their confidential data (including subscriber systems access data) to the acquiring business
Software platform host confirmations and approvals — like a business with an office lease, SaaS businesses typically use a software platform host to facilitate the provision of service; if those platform hosting services are expected to continue, terms and conditions must be verified, including obtaining any needed authorizations from the hosting platform
Other third-party authorizations and approvals — authorizations and approvals must be obtained, where needed, from other third parties such as financial providers, investors, licensors, and more
Security and status of any websites being transferred — most SaaS businesses manage and operate at least one website for various purposes; these websites must be in compliance with various statutes (including, potentially, web accessibility and consumer data privacy statutes) and must also have state-of-the-art cybersecurity protocols
Intellectual property matters, including verification of ownership and non-infringement — ownership and/or licensure of the code and software being used by the target SaaS business must be confirmed along with verification of non-infringement and investigation of any infringement claims; in this respect, strong indemnification provisions should be in the Purchase Agreement protecting the buyer
In addition, of course, any SaaS acquisition will entail a significant amount of due diligence to confirm various aspects of the transaction and the business operations. Some examples of important areas of due diligence are:
One of the first and most consequential decisions in a SaaS acquisition is whether the deal will be structured as an asset purchase or a stock (equity interest) purchase. In an asset purchase, the buyer acquires specific identified assets — code, IP, customer contracts, data, domain names, and equipment — while the seller’s legal entity remains intact and retains all liabilities not expressly assumed by the buyer. In a stock purchase, the buyer acquires the seller’s company itself, inheriting all assets and all liabilities, known and unknown. For SaaS acquisitions, asset purchases are generally preferred by buyers because they allow the buyer to specifically define what is and is not included, limit exposure to undisclosed historical liabilities, and often provide more favorable tax treatment through a step-up in the basis of acquired assets.
Sellers typically prefer stock purchases because the proceeds may be taxed at capital gains rates rather than ordinary income rates, and because selling the entity rather than individual assets can avoid transfer taxes and the need to re-execute customer contracts in the buyer’s name. The negotiation over deal structure is often significant, and the final structure should account for tax advice from both parties’ CPAs in addition to legal guidance.
Standard M&A purchase agreement representations and warranties must be supplemented with SaaS-specific provisions in any software acquisition. Key SaaS representations should address: (1) ownership and non-infringement of all software code, confirming that no open-source software has been incorporated in a manner that would trigger copyleft license obligations (such as GPL) requiring public disclosure of proprietary code; (2) accuracy of disclosed customer metrics — monthly recurring revenue (MRR), annual recurring revenue (ARR), churn rate, customer acquisition cost, and customer lifetime value; (3) the absence of material bugs, vulnerabilities, or security incidents in the codebase; (4) compliance with all applicable data privacy statutes governing the personal data of SaaS subscribers; and (5) the assignability of all customer subscription agreements and vendor contracts without customer or counterparty consent.
Revenue representations are particularly important in SaaS deals, where sellers may have recognized revenue that is contractually owed but not yet earned, or may have included one-time payments in recurring revenue figures. The purchase agreement should require the seller to provide detailed subscription cohort data, churn analytics, and deferred revenue schedules that have been independently verified.
A critical but frequently underperformed area of SaaS due diligence is open-source license compliance. Most SaaS codebases incorporate open-source libraries and components, each of which is governed by a specific license — MIT, Apache 2.0, BSD, LGPL, GPL, or others. Copyleft licenses like GPL version 3 require that any software incorporating GPL-licensed code be distributed under the same GPL terms, effectively making the entire codebase open-source if GPL code is present in proprietary software distributed to users.
A software composition analysis (SCA) scan of the target’s codebase using tools such as FOSSA, Black Duck, or Snyk should be conducted as part of every SaaS acquisition. The SCA identifies all open-source components, their versions, the licenses governing each component, and any license conflicts. If GPL or other copyleft-licensed code is discovered in proprietary code, the buyer must assess remediation options and factor the remediation cost into the purchase price. The seller’s representations regarding IP ownership and non-infringement should specifically address open-source compliance, and indemnification provisions should cover post-closing claims arising from pre-closing open-source license violations.
The legal work in a SaaS acquisition does not end at closing. Post-closing integration involves a series of legal tasks that must be completed promptly to protect the acquired business’s value. Customer notification letters must be drafted and sent where required by customer agreements or applicable law — particularly for data processing arrangements subject to consumer data privacy statutes, which may require customers to consent to the transfer of their data to the acquiring entity. Domain and trademark registrations must be formally transferred in the names of the acquiring entity. Employment and contractor agreements must be executed with continuing personnel. Tax elections relevant to the acquisition structure must be timely filed. And any required regulatory filings — such as HSR antitrust notifications for larger deals — must be completed.
Buyers who underinvest in post-closing integration legal work often find themselves in disputes with customers who claim their contracts are not assignable, former employees who dispute IP ownership based on inadequate assignment agreements, or regulatory agencies that flag data processing arrangements that were not properly updated to reflect the new ownership structure. Revision Legal provides comprehensive SaaS acquisition legal services from letter of intent through post-closing integration.
Contact the SaaS and Business Acquisition Attorneys at Revision Legal
For more information, contact the experienced SasS and Business Acquisition Lawyers at Revision Legal. You can contact us through the form on this page or call (855) 473-8474.
Artificial intelligence has become part of nearly every business operation. Businesses now use AI tools to write marketing copy, generate product images, compose emails, draft social media posts, and produce video and audio content at a scale that was not possible a few years ago. The efficiency gains are real. But so are the legal […]
Read more about The Risks of Using AI-Generated Content in Your Business
Receiving a cease and desist letter can feel alarming. One minute you are running your business as usual, and the next you are staring at a legal demand accusing you of trademark infringement, copyright violation, breach of contract, or some other wrong. The situation can escalate quickly if not handled properly. But receiving a cease […]
Read more about How to Respond to a Cease and Desist Letter
Learn what counts as deceptive pricing in e-commerce, including false discounts, hidden fees, drip pricing, and fake urgency. Revision Legal’s internet law attorneys help online retailers stay compliant with FTC rules.
Read more about What Counts as Deceptive Pricing in E-Commerce?