Timing of tech DD — when do you actually get to do it?

profile

May 07, 2026

by a searcher from Georgia Institute of Technology in San Francisco, California, USA

Acquiring a B2B SaaS healthcare company. Previously an AI Architect, so I sent a thorough tech DD questionnaire to the seller covering stack, HIPAA, SOC 2, Azure inventory, multitenancy (The kind of thing I'd normally send when evaluating enterprise vendors). Broker flagged it immediately. Said the questions are too pointed and employees will figure out something is happening. Their position: announce the acquisition first, then do formal tech DD with the IT lead. The close is two weeks out. We are almost done with APA. For those who've closed SaaS deals: when did you actually get to assess the tech? Any workarounds pre-announcement, or is some of this just trust-and-verify post-close? I understand this might be tricky for software companies
0
5
160
Replies
5
commentor profile
Reply by a searcher
from Howard Payne University in Austin, TX, USA
Having been through multiple software DD processes on both sides, these questions are standard. @redacted‌ is correct - any senior technical employee who's been through an acquisition before will recognize what's happening regardless of how the questions are framed. The NDA-with-retention approach is the cleaner solution. But the more important point is this: the broker is two weeks from close with an APA nearly done. Their incentive is to get to closing, not to protect your interests. "Announce first, then do tech DD" is a broker protecting a commission, not a seller with a legitimate concern. HIPAA compliance, SOC 2 status, and multitenancy architecture are not negotiable items in any SaaS acquisition. If the seller won't answer them before close, you need to ask yourself what they're protecting, whether you want to own it. And stepping back for a moment. Is this the same deal you mentioned in a separate post with a bank appraisal at roughly half the purchase price? If so, this is the second significant red flag on this deal. Two red flags this close to close, with a broker managing access to information, is worth an honest conversation with yourself about whether you're still evaluating this deal clearly or whether you're too far in to walk away cleanly.
commentor profile
Reply by a searcher
from University of Mumbai in Portland, OR, USA
Having been on other side of these DD questions I can confirm they are easy to spot. Specially if employe is a senior person who has been through this before or if DD has dumb questions asking about LOC. One time company tried to disguise it as financial audit activity but it was obvious these are not audit questions. Another company just gave me a NDA to sign with bonus attached to it as I asked COO are we getting acquired after glancing at the question list. If it is a decent sized company then putting key employees under NDA may be the best option. Other options would be to ask for details they submitted to for cyber liability or pose it and limit questions as security audit as it is easier to disguise. If employee still figures it out then be happy you are inheriting a smart and competent employee😀
commentor profile
+3 more replies.
Join the discussion