I want to be direct about something that most enterprise AI evaluations treat as a secondary concern: a significant number of the AI vendors currently selling enterprise software will not exist in their current form in three years. Some will be acquired. Some will pivot to a different market. Some will run out of runway and shut down. The ones that survive will be the ones that have built something that is genuinely difficult to replicate and have found a customer base willing to pay for it at a sustainable price.
Figuring out which category your vendor falls into before you build significant organizational dependency on their product is one of the most practically important things you can do in an enterprise AI evaluation. It is also one of the things most evaluation frameworks spend the least time on.
Here is how I approach this assessment.
The business model test
The first question is whether the vendor has a business model that works at their current scale, not just at the scale they are projecting.
For early-stage AI vendors, this question is genuinely hard to answer from the outside because private companies do not publish financials. But there are proxy signals that are accessible.
Funding history and timing. A vendor that raised a seed round two years ago and a Series A eighteen months ago and has not raised since is either generating meaningful revenue or is running out of runway. The absence of a recent raise is not necessarily concerning, but it requires explanation. Ask the vendor directly about their current runway and their path to sustainability. Vendors who are confident about their financial position will answer this question. Vendors who deflect it are telling you something.
Pricing model sustainability. Many AI vendors entered the market with pricing that was competitive with alternatives but not sustainable given their underlying infrastructure costs. LLM inference is expensive. If the per-seat price you are being offered implies margin that seems impossible given what you know about inference costs, either the vendor has cost structure you are not aware of or the pricing will change at renewal. Ask about the unit economics directly. If the vendor cannot explain why their pricing is sustainable, it probably is not.
The customer base composition. A vendor with 500 SMB customers paying $200 per month is a different financial proposition than a vendor with 20 enterprise customers paying $10,000 per month. Both might have similar ARR but dramatically different risk profiles. Ask about the distribution of their customer base and the concentration of revenue. A vendor where the top five customers represent 60% of revenue is significantly more fragile than one where the top five represent 20%.
The product defensibility test
Survival in the AI market requires building something that is genuinely difficult for well-resourced competitors to replicate. The AI vendor market is attracting significant capital and talent, and differentiation that relies primarily on model quality or a particular prompt engineering approach is fragile against competitors who have access to the same underlying models.
The more defensible positions are:
Proprietary data or fine-tuned models that are not replicable without access to the same data. If a vendor's core advantage is a model trained on a dataset that took years to assemble, that is a meaningful moat. If their advantage is a prompt that wraps a commodity model, it is not.
Deep workflow integration that creates meaningful switching costs. A vendor whose product is deeply embedded in specific enterprise workflows, with data models and integrations that took months to configure, has switching costs that protect their customer relationships even against technically superior competitors. A vendor whose product sits on top of existing systems with minimal integration is easier to replace.
A deployment model that solves problems others cannot. Self-hosted AI platforms, for example, address compliance and data sovereignty requirements that external SaaS vendors cannot address by definition. This creates a customer segment whose requirements are not met by the majority of the market, which is a defensible position.
Network effects or platform effects. Vendors who have built ecosystems, where the value of the product increases as more customers use it or as more third-party integrations are built, have a form of defensibility that is harder to replicate than feature parity alone.
The team continuity test
Enterprise software is built and supported by people. The strength and stability of the team behind the product matters significantly for the long-term reliability of the relationship.
The specific things I look at:
Leadership team tenure and experience. How long has the current leadership been with the company, and do they have relevant experience building and scaling enterprise software? Founders with strong technical credentials but no enterprise software experience often underestimate the operational complexity of supporting enterprise customers at scale. This is not disqualifying but it is a risk factor.
Engineering team depth relative to product complexity. Enterprise AI infrastructure is technically demanding. A six-person engineering team building and maintaining a complex self-hosted AI platform is a different risk profile than a sixty-person engineering team building the same thing. The ratio of product complexity to engineering capacity is a proxy for how much technical debt is accumulating and how well the team can respond to enterprise customer needs.
Key person risk. In early-stage companies, specific individuals sometimes hold critical knowledge or relationships that would be difficult to replace if they left. Understanding whether the vendor has single points of failure in their team is relevant to assessing the risk of the relationship.
The velocity of hiring. A vendor who has been growing their engineering team consistently over the past eighteen months is a vendor who is investing in the product and the customer relationship. A vendor whose team has been flat or shrinking in a period when their revenue should be supporting growth is a vendor where the business may not be performing as presented.
The customer retention test
The most reliable signal of a vendor's long-term viability is whether their customers renew. Renewal rates are a function of whether the product delivers enough value relative to the cost and disruption of switching to retain customers at the end of their contracts.
This information is not always accessible, but there are ways to get at it.
Ask the vendor for their net revenue retention rate. NRR measures what percentage of last year's revenue from existing customers has been retained and expanded in the current year. A healthy SaaS business has NRR above 100%, meaning existing customers are on average paying more than they were a year ago. An NRR below 90% is a warning sign that customers are churning or contracting. Ask for this number and ask for the methodology they use to calculate it.
Talk to customers who are not on the vendor's reference list. Vendors curate their references to show customers who are happy and articulate. The customers who are not on the list may have different experiences. LinkedIn makes it possible to find customers of specific vendors without going through the vendor's sales team. A few conversations with non-curated customers will give you a different picture than the official reference calls.
Ask specifically about customers who churned. Why did they leave? What did they move to? This is uncomfortable to ask, but vendors who have learned from churn can often answer it honestly, and the answer tells you more about the product's real weaknesses than any demo.
The regulatory and geographic stability test
For vendors operating in regulated markets or planning to serve customers across multiple jurisdictions, regulatory compliance is an ongoing operational burden that affects financial stability.
GDPR compliance for European customers, HIPAA compliance for healthcare, financial services regulations for banking and insurance, and data residency requirements that vary by country are all costs that small vendors often underestimate. A vendor who has not fully staffed or budgeted for these compliance obligations may be financially more fragile than their ARR suggests.
Ask specifically: what jurisdictions do you currently have customers in, and what regulatory certifications do you maintain? What is your plan for data residency requirements in markets you are planning to expand to? The answers to these questions reveal whether the compliance posture matches the geographic ambition.
Putting it together
No single indicator from this framework is definitive. A vendor can have a less-than-ideal funding runway and still be a sound long-term partner if the business fundamentals are strong. A vendor can have strong funding and still be a poor choice if the product-market fit is thin.
The assessment requires looking at all of these signals together and making a judgment about the overall risk profile. The specific question to answer is: given what I know about this vendor's financial sustainability, product defensibility, team stability, customer retention, and compliance posture, how confident am I that this relationship will remain stable and this product will remain supported for the full duration of the organizational dependency I am about to create?
For a deployment that will be deeply integrated into workflows over 18 months, that dependency horizon is at least three years. Three years is a long time in the current AI market. The assessment should reflect that timeline.
The vendors who are most likely to still be viable, growing, and invested in their enterprise customer relationships in three years are the ones who have built something genuinely difficult to replicate, have a customer base that values it enough to pay for it sustainably, and have the team depth to support it as it scales. Finding those vendors, before you have already built the dependency, is the work that this evaluation framework is designed to help you do.
Top comments (0)