enterprise-sales6

What an Uncapped Indemnification Clause Actually Costs You in an Enterprise SaaS Deal

An uncapped indemnification clause can spike your E&O premium 35-60%. Here's the cap negotiation and cost math that got a $340K enterprise deal signed.

Legal sent back the redline with one line unchanged: "Vendor shall indemnify and hold harmless Customer from any and all claims, without limitation." No cap. No carve-out. I almost signed it anyway, because the deal was worth $340K and the AE was already forecasting it for the quarter.

I didn't sign it. Here's the math that changed my mind, and the negotiation that got the deal done anyway.

What "uncapped" actually means

Most SaaS founders read an indemnification clause the way they read a EULA: skim it, assume it's boilerplate, move on. It isn't boilerplate. Indemnification decides who pays when something goes wrong, a data breach, an IP infringement claim, a third-party lawsuit triggered by your product, and how much they pay.

A capped clause ties your exposure to something bounded, usually 12 months of fees paid under the contract, sometimes 2x or 3x that. An uncapped clause ties your exposure to the size of the claim itself. On a $340K annual contract, a cap at 2x limits you to $680K. Uncapped, if a customer's customer sues them over an outage your platform caused, your exposure could be whatever a court or settlement decides, with no ceiling tied to what you were actually paid.

Insurance underwriters price this exactly the way you'd expect: unbounded tail risk. I called our tech E&O broker mid-negotiation and asked what an uncapped indemnification obligation would do to our premium at renewal. The estimate came back at a 35-60% increase, and that's before you get into whether the policy would even cover a claim that size without a separate rider.

The math I actually ran

Before the call with the customer's legal team, I put three numbers on a page:

  1. Capped at 2x annual contract value. Worst-case exposure: $680K, covered almost entirely by our existing $1M tech E&O policy. Premium impact: none.
  2. Capped at 2x, with a separate uncapped carve-out for gross negligence and willful misconduct only. Exposure on ordinary claims stays at $680K. Gross negligence is a high bar that's hard to prove and rare in practice, and insurers barely blink at this carve-out because it's standard. Premium impact: negligible.
  3. Fully uncapped. Worst-case exposure: unbounded. Premium impact: 35-60% increase, plus a real chance our carrier declines to renew at our size. This becomes a board conversation, because it's a balance-sheet risk, not a legal formality.

Scenario 3 wasn't a $340K decision. It was a decision that could put the company's insurability at risk for every deal after this one, not just this one.

What I said on the call

I didn't push back with "our standard terms don't allow this," because enterprise legal teams hear that daily and it changes nothing. I pushed back with the actual number.

An uncapped indemnification clause increases our E&O premium by roughly 40%, which we'd need to build into pricing across our entire customer base, not just this contract. We can offer a cap at 3x annual contract value, with an uncapped carve-out for gross negligence, willful misconduct, and confidentiality breaches. That covers the scenarios your legal team is actually worried about without pricing risk into every renewal we do.

That framing did two things. It gave their legal team a number their finance team could actually evaluate instead of a principle to argue about, and it named the specific scenarios, gross negligence, IP infringement, confidentiality breach, that were usually driving the uncapped ask in the first place, so I wasn't refusing protection, I was scoping it.

They agreed to the 3x cap with carve-outs in the same call. The deal closed nine days later.

The three-question test before you agree to anything

If indemnification language comes back uncapped, run it through three questions before you respond:

  1. What's the realistic claim size, not the theoretical one? A data breach affecting a Fortune 500 customer's customers is a different number than a single-tenant SMB outage. Size the actual risk category, not just the contract value.
  2. What does your insurer say your premium does at each cap level? This is a five-minute call to your broker. Get it before you negotiate, not after you've already agreed to something you can't unwind.
  3. Is the customer's actual concern narrower than "uncapped everything"? Almost always, the real worry is IP infringement, data breach, or gross negligence, three specific scenarios, not blanket unlimited liability. A targeted carve-out usually satisfies legal without exposing you to unrelated risk.

What to do this week

  1. Pull your last three enterprise contracts and check what cap, if any, applies to the indemnification section. If it's silent on a cap, treat that as uncapped.
  2. Call your E&O broker before your next negotiation, not during it, and get the premium delta for capped versus uncapped in writing.
  3. Draft a standard fallback position, a cap at 2-3x contract value with carve-outs for gross negligence, willful misconduct, and confidentiality, so you're proposing it in the first draft instead of reacting under deadline pressure.

Frequently asked questions

What's a typical indemnification cap in an enterprise SaaS contract?

Most negotiated enterprise SaaS agreements cap general indemnification at 1-3x the annual fees paid under the contract, with a separate uncapped carve-out for gross negligence, willful misconduct, and confidentiality or IP breaches.

Does an uncapped indemnification clause actually raise your insurance premium?

Yes. Tech E&O underwriters price unbounded contractual liability directly, and founders who've checked with their broker mid-negotiation report premium increases in the 35-60% range for fully uncapped obligations, sometimes alongside renewal difficulty at smaller company sizes.

Should you ever agree to fully uncapped liability?

Rarely, and only for specific, narrow carve-outs like gross negligence or confidentiality breach, not as a blanket term. A general uncapped clause exposes the balance sheet to unbounded risk and typically isn't necessary to satisfy what the customer's legal team is actually worried about.

It's the same discipline behind negotiating auto-renewal terms: you don't win by refusing the market-standard clause on principle. You win by putting a number on the table before the redline forces your hand.

If you want a second read on a specific clause before you sign it, that's a contract review question we help early-stage SaaS founders work through.

Read enough.
Ready to grow?

19 spots in the cohort. Applications open now.