Fundraising6

How much tech E&O insurance coverage does a SaaS startup actually need?

Most SaaS founders buy a flat $1M in tech E&O coverage and hope it's enough. Here's the ratio that actually sets the right limit, and where it breaks.

Tech E&O coverage should scale with your largest single contract's liability exposure, not your revenue and not a round number a broker suggested. A startup with $2M ARR and one enterprise customer whose MSA caps liability at $3M needs a bigger policy than a $10M ARR company selling only to SMBs with $50k contracts. Most founders get this backwards.

Why buying a flat $1m and moving on is the wrong starting point

A $1M tech E&O policy is the default a lot of brokers quote because it's the minimum most enterprise procurement teams will accept in a vendor security questionnaire. That makes it a floor, not a target.

The actual number you need traces back to one question: if your product fails and causes a customer financial harm, how much could they plausibly claim? That's set by your contracts, not by a generic industry average. A company selling a $500 a month tool to small businesses has a very different worst case than one selling a $400k a year platform that touches a customer's billing or compliance workflow.

The three numbers that actually set your coverage limit

Before calling a broker, pull three numbers. This turns the conversation from a guess into a calculation.

  1. Your single largest contract's liability cap. Open the MSA and find the limitation of liability clause. If it caps liability at 12 months of fees, calculate that dollar figure for your biggest customer.
  2. Your worst plausible failure scenario. If your software processes payments, manages inventory, or feeds data into a customer's own product, estimate the downstream cost of an outage or bad output during your busiest period.
  3. Your contractual minimums across all customers. Enterprise and mid-market deals increasingly specify a minimum tech E&O limit in the contract itself, commonly $1M to $5M per occurrence. Your coverage has to clear the highest minimum any live contract requires, not the average.

Take the largest of the three. That's your floor, not the sum of all three.

A coverage benchmark by stage

These are starting ranges pulled from what SaaS startups typically carry at each stage, not a substitute for the calculation above.

  • Pre-seed to seed, under $1M ARR, no enterprise customers: $1M per occurrence is usually enough to clear vendor security reviews.
  • Seed to Series A, $1M-$5M ARR, first enterprise logos: $2M-$3M, especially once any single contract exceeds $150k a year.
  • Series A to B, $5M-$20M ARR, handling regulated or financial data: $3M-$5M, sometimes layered with a separate cyber policy for breach-specific costs.
  • Series B and beyond, large enterprise contracts: $5M-$10M+, often driven entirely by a handful of contract minimums rather than company-wide risk.

What pushes your number up regardless of revenue

Revenue is a weak predictor of the right coverage amount. These factors move the number more than ARR does.

  • Your software makes or influences a financial, medical, or safety decision for the customer, not just stores their data.
  • You have one or two customers that represent a large share of revenue, concentrating your worst-case exposure in a small number of relationships.
  • You've had any prior claim, even a small one, or a near-miss incident that a customer flagged formally.
  • Your contracts include uncapped liability carve-outs for gross negligence or IP infringement, which brokers price separately from the base limit.

The one ratio to check before you sign

Divide your policy limit by your single largest contract's annual value. A ratio under 3x is thin. Enterprise buyers who've seen a vendor incident before will sometimes ask for this ratio directly during procurement, even if they don't call it that. If your biggest deal is $600k a year and your policy caps at $1M, that 1.6x ratio is the first thing a sharp customer's legal team will flag, and the first thing to fix before it costs you the renewal.

What to do this week

Pull your top five contracts, find the liability cap and any tech E&O minimum in each, and calculate the ratio above for your biggest one. Bring that single number to your broker instead of asking what everyone else buys. It reframes the entire quote conversation around your actual exposure instead of a generic tier.

Frequently asked questions

Is $1 million in tech E&O coverage enough for a startup?

Only if no single contract's liability cap or minimum requirement exceeds it. Check your largest MSA before assuming $1M clears you.

Does tech E&O coverage need to scale with ARR?

Not directly. It should scale with your largest contract's liability exposure, which can be high even at low ARR if you have one large enterprise customer.

What happens if a claim exceeds my coverage limit?

You're personally and corporately exposed for the difference. This is the exact scenario the coverage-to-contract ratio check is meant to catch before it happens.

Coverage amounts stop being a guess once you tie them to contract math instead of revenue. Run the ratio on your biggest deal before your next renewal, not after a claim forces the question.

Read enough.
Ready to grow?

19 spots in the cohort. Applications open now.