Red Flags When Hiring a Software Agency in 2026
The TL;DR: Watch for 11 warning signs before signing any agency contract: they skip business discovery, only show decks not live products, say yes to everything, quote fixed prices without a scope document, go dark after signing, have no QA process, refuse to transfer IP, rotate senior staff after the contract, charge for every small change, cannot speak to your industry domain, and have no verifiable client references. Catching these early prevents budget overruns, project failures, and legal disputes that cost more than the original project.
If you are a revenue-stage company evaluating a $50,000 to $100,000 software investment, Staff augmentation is an alternative to agency risk. one bad agency choice can burn six months and a third of your budget. Most of those failures follow a recognisable pattern. Here is what to look for before you sign.
1. They Skip Business Discovery Entirely
A agency that starts a conversation by immediately talking about technology stacks, architecture options, or development timelines before understanding your business problem is optimising for pitching, not solving. Discovery is where a good agency separates what you think you need from what will actually move the business forward.
If an agency representative asks fewer than five questions about your current process, your users, your competitive situation, or what success looks like in three months, they are treating your engagement as a feature factory, not a partnership. Walk away or at minimum slow down and ask them to walk through their discovery process before you share any budget figures.
Red flag in plain terms: the first meeting is a demo of their portfolio and a proposal template already filled in with your company name.
2. They Show Pitch Decks, Not Live Products
Ask any agency you are evaluating to walk you through two or three live products they have built for clients in the past 12 months. Not screenshots. Not a case study PDF. A live product, or at minimum a staging environment you can interact with.
Agencies that consistently deliver working software are not embarrassed to show it. Agencies that survive on beautiful decks and storytelling will find reasons to delay or redirect this request. One common deflection: "We cannot show that due to NDA." That is sometimes true, but it should come with alternative proof: a live demo of a comparable product, a GitHub repository they control, or a client who is willing to take a reference call.
The follow-up question that separates real from fake: "Can I speak to the client engineering lead who worked on that project?" If they hesitate or deflect, that is your answer.
3. They Say Yes to Everything
It feels good when an agency agrees with every idea you bring to the table. It should feel alarming. An agency with real experience will push back on scope that does not serve the business outcome, flag features that are overengineered for the current stage, and challenge timelines that are unrealistic before they have done discovery.
The word "yes" agency is optimising for closing the deal. The word "let us think about that" or "have you considered" agency is actually thinking about your project. Experienced agencies have turned down projects because the client had the wrong brief. That is a sign of quality, not a lack of willingness.
4. Fixed-Price Proposals Without a Detailed Scope of Work
A proposal that says "Full-stack web application development: $75,000" with no line-item breakdown, no milestone definitions, no acceptance criteria, and no definition of what is explicitly out of scope is not a fixed-price proposal. It is a guess that will cost you more money and goodwill before the project ends.
A legitimate fixed-price proposal should include: a functional specification document, a technical architecture outline, a milestone payment schedule tied to deliverables, and explicit definitions of out-of-scope items. If the agency cannot produce this within two to three weeks of starting discovery, that is itself a red flag. It means they have not done enough homework to price the work accurately.
For a $50K to $100K engagement, expect discovery to take two to four weeks and cost $3,000 to $8,000 as a separate paid phase before the main build begins. Agencies that fold discovery into the proposal and promise to figure it out later are deferring a hard conversation you will pay for either way.
5. They Go Quiet After Signing the Contract
Communication decay is one of the most common failure modes in agency engagements. The team that was responsive and enthusiastic in the sales process starts taking three to five days to reply within two weeks of the contract being signed. Status updates disappear or become vague. This is one of the common operations bottlenecks that custom software solves. The project manager who sold you the engagement is not the same person running it day to day.
Ask in the proposal stage: who will be running this project day to day? Will they be the same person I am talking to now? What is the communication cadence you use with clients at this budget level? What project management tool do you use, and will I have access? The answers should be specific and immediate.
A weekly written status report is standard practice for engagements above $30K. If an agency抗拒 providing this, that is not a minor inconvenience. That is a preview of how the project will run.
6. No Formal QA or Testing Process
Ask any agency to describe their QA process from code commit to deployment. The answer you want to hear involves automated testing at the unit and integration level, a staging environment you can access, and a clear definition of what "done" means before a feature ships. The answer you should be wary of: "Our senior developers review everything before it goes live."
That answer means testing is informal and dependent on individual discipline, which breaks down under timeline pressure. When a project is two weeks from a deadline and the client is pushing for delivery, informal QA is the first thing that gets skipped. You ship bugs to your users.
For a mid-size company with real users and revenue, buggy software is not a nuisance. It is a revenue risk and a reputational one.
7. They Refuse to Transfer IP and Source Code
Some agencies structure their contracts so that the software they build is licensed to you rather than owned by you. You pay them to build it, and they retain the rights to the codebase. This means if you part ways with the agency, you cannot take your own code to another team without paying licensing fees that were never disclosed upfront.
Get a clear answer on this before signing: "Who owns the source code and IP for what you build?" The only acceptable answer is "You own it fully, transfer happens upon final payment." Any variant of "we retain a licence" or "it depends on the package" is a red flag worth escalating to your legal counsel.
8. The Senior Team Rotates After the Contract
The proposal was reviewed and approved by the agency's senior architect or principal engineer. The first two weeks of the engagement are run by that person. Then they disappear and are replaced by a junior team. The client finds out three weeks later.
This is a common pattern in agencies that use senior staff to win deals and junior staff to run projects. Ask specifically: who will be the lead developer or architect on this project, and will they be involved for the full engagement? Get it in writing. If an agency is unwilling to commit to named personnel, that is a meaningful signal.
9. Every Change Requires a Change Request and Three Days of Discussion
Agencies that charge for every small change, no matter how minor, are not partners. They are billing departments. For a $50K to $100K engagement, you should expect a defined process for handling change requests, but the first two or three small adjustments within the original scope should not require a line-item invoice.
What you want to see: a reasonable change request process for anything that genuinely expands scope, and a willingness to absorb small course corrections as part of good delivery. What you should avoid: a contract that bills $500 per hour for scope adjustments and a project manager who treats every conversation as a potential chargeable event.
10. They Cannot Speak to Your Industry Domain
An agency that has built fintech platforms should be able to speak to regulatory compliance considerations, transaction handling patterns, and the specific UX expectations of finance users. An agency pitching for healthcare software should understand HIPAA or data residency requirements without being educated by the client in the first week of the engagement.
If your agency's first response to a domain-specific challenge is "we can research that and get back to you," you are paying for their learning curve. The best agencies have worked across enough clients in your vertical to bring relevant patterns to the table from day one. Ask for examples of work in your specific industry before you evaluate their technical approach.
11. No Verifiable Client References
Ask for three client references from comparable engagements in the past 24 months. Not testimonials on their website. Not a case study PDF they wrote themselves. Direct contact with a technical lead or product owner at a client company who can speak to how the engagement actually ran.
Reference calls are the single most effective screening step in agency selection. See how India vs Eastern Europe outsourcing compares on reference quality and delivery transparency. Decision-stage buyers who skip this step almost always regret it. Ask references: would you work with this agency again? What would you do differently in the selection process? Were there moments where the engagement nearly derailed, and how did they handle it?
Red Flags vs Green Flags: A Quick Comparison
The following table summarises the key differences between agencies that are worth your time and those that will cost you more than you planned.
Signal | Red Flag (Avoid) | Green Flag (Look For) |
|---|---|---|
Discovery | No business questions asked before proposing | Asks about users, process, success metrics first |
Portfolio proof | Only decks and PDFs, no live products | Live demos or client reference calls |
Scope and pricing | Fixed price with no SOW or line items | Milestone-based pricing with defined deliverables |
Communication | Three to five day response time after signing | Weekly written updates, shared PM tool access |
IP ownership | Agency retains source code licence | Full IP transfer on final payment |
QA process | Informal "we test before shipping" | Automated testing, staging access, acceptance criteria |
Security | No mention of security review or data handling | Explicit security review and data handling protocol |
ROI and payback | No discussion of business outcome or timeline to value | Scoped to deliver measurable output within your business cycle |
Implementation timeline | "It depends" with no clear phase structure | Phased delivery with milestones, discovery first |
Staff continuity | Senior team used to win, junior team runs project | Named leads committed for engagement duration |
Real Examples: When These Red Flags Caused Problems
A 60-person Series B SaaS company engaged an agency that quoted a fixed price for a platform migration without a scope document. The agency had built three products previously, all shown in their pitch deck. After signing, the client discovered the "fixed price" excluded data migration, third-party API reconnection, and load testing. Each became a change request. The project cost 40 percent more than the original quote and delivered four months late. The client had no IP leverage because the contract did not specify full source code transfer. See how one company handled legacy system migration with full IP protection.
A 25-person e-commerce operations company hired an agency based on a compelling portfolio and a references call that was arranged but never held. The agency used a senior architect in the sales process who was not involved in delivery. The actual team was two junior developers with no e-commerce domain experience. The first code review revealed no automated tests, no staging environment, and no defined acceptance criteria. The client had to rebuild the engagement from scratch with a different partner at significant cost to their operational roadmap.
A 40-person financial services firm selected an agency that said yes to every feature request and had no formal change request process. The relationship felt collaborative for the first six weeks. By week eight, the agency was billing at 30 hours per week for a scope that had expanded to three times the original without a formal amendment. The client terminated the contract and engaged a new agency to rebuild the requirements document, costing six weeks of work that had already been paid for.
What to Do This Week
Before your next agency call, write down the three questions an agency must answer correctly: Who owns the source code? Who will actually build this, not just sell it? What does done look like for this specific project? If they cannot answer all three in the first call, do not send a brief.
Send a written brief to any agency you are seriously evaluating. A good brief includes: what the business problem is, who the users are, what the deadline constraint is, and what the budget range is. If an agency cannot respond to a written brief within 48 hours, deprioritise them.
Ask for a reference call with a technical client contact, not just a business sponsor. Speak to the person who managed the engineers day to day.
If you have already signed with an agency and recognise two or more of these red flags, the best time to address it is now. Document the gap, escalate in writing, and get a remediation plan in writing. Do not wait for the next milestone to "see if it improves."
Frequently Asked Questions
How do I verify an agency actually delivers what they promise?
Request three reference calls from companies of similar size and stage. Ask each reference: would you hire this agency again, and why or why not? A legitimate agency with a strong track record will have references ready. Refusal to provide references is itself a red flag.
What is the single most important contract clause?
Source code and IP transfer upon full payment. Any agency that resists assigning full IP to the client is building leverage for future negotiations. Get this in writing before signing.
How many agencies should I shortlist before deciding?
Three. Fewer than three means you are not comparing enough. More than three means decision fatigue is setting in. Structure the shortlist with: one known-good incumbent, one new discovery, one wildcard that looks different from the others.
What is a realistic timeline before an agency can start?
Four to eight weeks for a reputable agency to assemble a team and begin meaningful delivery. Any agency that can start next week is either overstaffed (billing juniors) or not selective about clients. See our guide to writing a software requirements document that gives agencies a clear brief.
Is a fixed-price contract ever the right choice?
Only when your requirements are fully specified and you have a technical person internally who can validate delivery against spec. For most revenue-stage companies with evolving products, time-and-materials with a clear cap is the better model because it aligns incentives and avoids the change-order trap.
About KumoHQ
KumoHQ is a Bangalore-based custom software and AI development company with 13 years of experience building and launching software for growth-stage companies. KumoHQ specialises in custom AI development, internal tools, and platform builds for companies with $1M+ revenue and teams of 10 to 100 people. With a 4.8 rating on Clutch.co and a 99 percent client retention rate, KumoHQ has delivered projects for clients including Volopay, WeInvest, and its own CampaignHQ platform. Visit kumohq.co or contact the team at kumohq.co/contact-us.
Not Sure Which Hiring Model Eliminates Agency Risk?
Talk to a KumoHQ engineer for 60 minutes. We will map your actual situation to the right hiring model. No pitch, no obligation. 13+ years | Clutch 4.8 | 99% retention