← Back to blog
2025-08-15

How to Prepare Your SaaS Company for Due Diligence

Step-by-step guide to preparing your SaaS company for investor due diligence. Data room setup, financial cleanup, and metrics presentation.

Due DiligenceFundraisingSaaS Finance

Due diligence is where deals are won or lost

Most founders focus on the pitch. The deck, the story, the demo. These get you to the term sheet. But due diligence is where the term sheet becomes a wire transfer - or where the deal quietly dies.

Investors use due diligence to validate three things: that your numbers are real, that your business is what you said it is, and that there are no hidden problems. A well-prepared due diligence process takes two to four weeks. A poorly prepared one takes two to four months - if the investor does not walk away first.

This guide covers what investors look for, how to prepare your data room, and how to present your financials so they withstand scrutiny.

What investors check during due diligence

Financial due diligence

This is the most intensive area for SaaS companies. Investors will verify:

Revenue quality. Is your ARR real? Investors will reconcile your reported ARR to your billing system, your bank statements, and your accounting records. They will check for one-off revenue inflating recurring metrics, customers counted as active but not paying, and revenue recognition mismatches.

Cohort analysis. How do customers behave over time? Investors build monthly cohort retention tables from your raw data. They want to see logo retention and revenue retention by cohort vintage, expansion and contraction patterns, and whether recent cohorts perform better or worse than older ones.

Unit economics. What does it cost to acquire and serve a customer? Investors calculate fully loaded CAC (including all sales and marketing salaries, not just ad spend), gross margin per customer, LTV based on observed retention and expansion, and CAC payback period.

Revenue concentration. What percentage of revenue comes from your top 5, top 10, and top 20 customers? If one customer represents more than 15-20% of revenue, that is a concentration risk.

Financial projections. Investors will rebuild your financial model from their assumptions to test whether your projections are achievable. They will compare your growth assumptions to comparable companies and stress-test your cash flow under downside scenarios.

Legal due diligence

Corporate records. Articles of association, board minutes, share certificates, option agreements. Everything must be current, properly executed, and consistent.

IP ownership. Every person who has written code for the company must have signed an IP assignment agreement. This includes founders (pre-incorporation IP assignment), employees, and contractors. Gaps in IP assignment are deal-killers.

Customer contracts. Standard terms of service, enterprise MSAs, any contracts with unusual terms (extended payment terms, performance guarantees, equity provisions). Investors will read your five largest customer contracts in full.

Employment matters. Employment contracts, option scheme rules, any pending or threatened disputes, compliance with employment law in all jurisdictions.

Regulatory. Data protection (GDPR, UK Data Protection Act 2018), sector-specific regulation if applicable, any regulatory correspondence or investigations.

Technical due diligence

Architecture. Is the platform built on a scalable architecture? What is the tech stack? What are the known technical debt items?

Security. Penetration testing results, SOC 2 status, data encryption practices, incident response procedures. Enterprise buyers increasingly require SOC 2 Type II, and investors will ask about your timeline if you do not have it.

Team. Who are the key engineers? What happens if they leave? Is knowledge concentrated or distributed?

Building the data room

Structure

Organise your data room with clear folders. Investors see dozens of data rooms; a well-organised one signals operational maturity.

/01-Corporate
  - Certificate of incorporation
  - Articles of association (current)
  - Board minutes (last 24 months)
  - Shareholder register
  - Share certificates / stock ledger
  - Existing investor agreements

/02-Financial
  - Management accounts (last 24 months, monthly)
  - Annual audited/reviewed accounts (if available)
  - Bank statements (last 12 months)
  - Revenue schedule (monthly ARR/MRR by customer)
  - Financial model and projections
  - Cap table (fully diluted)

/03-Revenue-and-Metrics
  - MRR/ARR waterfall (monthly)
  - Cohort retention tables (monthly)
  - Unit economics summary
  - Customer list with ARR, start date, contract terms
  - Pipeline report
  - Revenue concentration analysis

/04-Legal
  - Template customer MSA / ToS
  - Top 10 customer contracts
  - IP assignment agreements (all team members)
  - Employment contracts (all employees)
  - Option scheme rules and grant schedule
  - Any legal proceedings or disputes

/05-Team
  - Organisation chart
  - Key hire bios
  - Compensation summary (anonymised if preferred)
  - Hiring plan

/06-Product-and-Technology
  - Product roadmap
  - Architecture overview
  - Security practices / SOC 2 status
  - Data processing documentation (GDPR)
  - Key vendor contracts

/07-Tax-and-Compliance
  - Corporation tax returns (last 3 years)
  - VAT returns (last 12 months)
  - R&D tax credit claims
  - Any HMRC correspondence
  - Transfer pricing documentation (if applicable)

Data room platform

Use a proper data room platform (DocSend, Digify, Ansarada, or Notion with access controls). Do not use shared Google Drive folders - they lack audit trails, granular permissions, and the ability to track what investors are reviewing.

Enable view-only access by default. Track which documents each investor views and for how long. This tells you what they care about and where they have concerns.

Financial cleanup checklist

Start this process at least three months before you plan to raise. Retroactive cleanup during due diligence is stressful, expensive, and signals to investors that your financial operations are weak.

Revenue recognition

Ensure your revenue is recognised in accordance with IFRS 15 or FRS 102 Section 23:

  • Annual contracts with upfront payment: revenue recognised monthly over the contract term, not at the point of cash receipt
  • Multi-year contracts: revenue recognised over the total contract term
  • Setup fees: recognised over the expected customer lifetime, not at signing
  • Professional services: recognised as delivered (percentage of completion or on delivery, depending on the engagement)
  • Deferred revenue balance on the balance sheet matches the sum of unrecognised contract value

If your accounting has been on a cash basis or is inconsistent, restate your management accounts on an accruals basis with proper revenue recognition. This may require your accountant to prepare restated financials.

For a detailed guide on SaaS revenue recognition, see Revenue Recognition for SaaS Companies: A Practical Guide.

MRR/ARR reconciliation

Your MRR and ARR numbers must reconcile to your accounting records:

  • MRR schedule shows every customer, their MRR, and their contract start/end dates
  • Total MRR from the schedule matches the annualised run-rate implied by monthly recognised revenue
  • MRR movements (new, expansion, contraction, churn) are calculated consistently and sum to the change in ending MRR
  • Discrepancies between billing MRR and recognised revenue MRR are explained (timing differences, prepayments, etc.)

A broken MRR schedule is one of the most common issues in SaaS due diligence. For the full analysis, see Why a Broken MRR Schedule Can Kill Your Funding or Exit.

Balance sheet cleanup

  • Trade receivables aged and collectible (no significant overdue balances that should be provisioned)
  • Deferred revenue correctly calculated
  • Accrued expenses complete (unpaid invoices, accrued salaries, holiday pay accrual)
  • Intercompany balances (if multi-entity) reconciled and documented
  • Director's loan accounts cleared or documented
  • No personal expenses running through the company

Tax compliance

  • Corporation tax returns filed and up to date
  • VAT returns filed and up to date
  • PAYE/NIC returns filed and up to date
  • R&D tax credit claims prepared (with supporting documentation)
  • No outstanding HMRC disputes or enquiries (or if there are, documented and disclosed)

Presenting your metrics

The metrics summary

Prepare a one-page metrics summary that investors can reference throughout due diligence:

MetricCurrent6 months ago12 months ago
ARR
MRR
Customer count
Net Revenue Retention
Gross Revenue Retention
Logo retention (monthly)
ARPU (monthly)
Gross margin
CAC (fully loaded)
CAC Payback (months)
LTV:CAC ratio
Burn multiple
Monthly burn
Cash balance
Runway (months)

For current market benchmarks to compare against, see B2B SaaS Metrics Benchmarks: How Does Your Company Compare?.

How to calculate these metrics consistently

ARR: Sum of all active customers' annualised contract value. Include only recurring revenue. Exclude one-off fees, professional services, and usage-based revenue that is not contractually committed.

Net Revenue Retention: (Beginning ARR + Expansion - Contraction - Churn) / Beginning ARR, measured over a 12-month period. Use the trailing 12-month calculation, not a single month annualised.

Gross margin: (Revenue - Cost of Sales) / Revenue. Cost of Sales for SaaS includes hosting/infrastructure, customer support salaries, and any third-party costs directly attributable to delivering the service. Do not include sales, marketing, or R&D.

Fully loaded CAC: Total sales and marketing spend (including salaries, commissions, tools, events, content, paid channels) divided by the number of new customers acquired in the period. Use a 3-6 month average to smooth out lumpiness.

LTV: ARPU / Monthly churn rate. Or equivalently: ARPU x Average customer lifetime in months. If your retention improves over time (cohort curves flatten), use the stabilised churn rate, not the blended rate.

Cohort tables

Investors will build these from your raw data if you do not provide them. It is better to provide them yourself, with the methodology explained.

A monthly cohort retention table shows the percentage of revenue retained from each monthly cohort over time. For a typical B2B SaaS company, you want to see:

  • Month 1 retention above 95% (very few immediate churns)
  • Month 6 retention above 85%
  • Month 12 retention above 80%
  • Expansion pushing net retention above 100% after 6-12 months

If your cohorts show declining retention over time (newer cohorts retain worse than older ones), that is a serious concern. Address it proactively - investors will find it regardless.

Common due diligence failures

1. MRR does not reconcile. The number on your slide deck does not match your billing system, which does not match your accounting. This destroys credibility instantly.

2. IP assignment gaps. A contractor who built a critical feature never signed an IP assignment. Or a founder's pre-incorporation code was never formally assigned to the company. These must be fixed before due diligence.

3. Inconsistent revenue recognition. Some months on cash basis, some on accruals. Setup fees recognised upfront in some periods and deferred in others. Inconsistency is worse than a consistently wrong method, because it suggests nobody is paying attention.

4. Missing employment documentation. Employees without written contracts, option grants without board approval, or compensation changes without documentation. These signal operational immaturity.

5. Customer concentration. If one customer is 30% of revenue and their contract is up for renewal in six months, that is a material risk that investors will price into the valuation (or use as a reason to walk away).

6. Unexplained variances. Revenue dropped 15% in month X - why? If you cannot explain it quickly and clearly, investors assume the worst.

7. Cap table errors. The cap table does not foot, option pools are not properly reserved, or there are unresolved convertible notes from prior rounds. Clean this up with your lawyers before opening the data room.

Timeline and preparation

Three months before raise

  • Engage your accountant to prepare or restate management accounts
  • Clean up the balance sheet (provisions, accruals, deferred revenue)
  • Build the cohort analysis and unit economics summary
  • Review all employment contracts and IP assignments
  • Start the data room structure

One month before raise

  • Finalise management accounts through the most recent month
  • Complete the financial model with projections
  • Populate the data room
  • Prepare the metrics summary
  • Have your lawyer review all key contracts and corporate records
  • Brief your finance team on likely DD questions

During the raise

  • Update financial data monthly as new months close
  • Respond to DD questions within 24-48 hours (speed signals competence)
  • Track what investors are reviewing in the data room
  • Prepare detailed responses for any issues you know they will find
  • Have your CTO available for technical DD calls

The CFO's role

Due diligence is fundamentally a CFO workstream. The CEO drives the pitch and the relationship, but the CFO owns the data room, the financial narrative, and the response to investor questions.

A well-run due diligence process that completes in three to four weeks sends a clear signal: this company has its financial house in order, the numbers are real, and the team is operationally competent. That signal is worth more than any slide deck.