Know exactly what to verify before acquiring a medical aesthetics practice — from CPOM compliance to injector dependency and deferred revenue risk.
Acquiring a med spa requires more than standard business due diligence. You're buying into a regulated healthcare environment where state-specific corporate practice of medicine laws, medical director licensing, provider dependency, and pre-sold liability on the balance sheet can all materially affect deal value and post-close performance. This checklist covers the five most critical due diligence categories for med spa acquisitions in the lower middle market — helping buyers avoid costly surprises and structure deals that survive regulatory scrutiny.
State laws governing who can own and operate a medical practice vary significantly. Verifying CPOM compliance and medical director structure is non-negotiable before closing.
Confirm the state's CPOM rules and whether an MSA or PC structure is required.
Improper ownership structure can void the business license and expose the buyer to regulatory penalties.
Red flag: No MSA or professional corporation in place despite state CPOM restrictions on lay ownership.
Review the medical director agreement for transferability, scope, and compensation terms.
A non-transferable or informal medical director agreement collapses the deal's legal foundation.
Red flag: Medical director agreement is verbal, expired, or explicitly non-assignable to a new owner.
Verify all provider licenses — MDs, NPs, RNs, aestheticians — are current and in good standing.
A lapsed provider license can shut down revenue-generating services overnight post-close.
Red flag: Any provider operating outside their licensed scope of practice in the target state.
Audit standing orders, treatment protocols, and physician supervision documentation.
Missing or outdated protocols create regulatory liability and malpractice exposure for the buyer.
Red flag: No documented standing orders or supervision logs for injectable and laser services.
Revenue concentration around a single injector or owner-provider is the most common value killer in med spa acquisitions. Quantify it before pricing the deal.
Map revenue by provider to identify what percentage is tied to one individual.
If one injector drives 60%+ of revenue, their departure post-close could devastate the business.
Red flag: Owner-injector accounts for more than 50% of total billable revenue with no succession plan.
Review all provider employment agreements, non-competes, and independent contractor classifications.
Unprotected providers can leave and open competing practices within months of closing.
Red flag: Lead injectors have no non-compete or non-solicitation agreement in place.
Assess provider transition plans and whether key staff have agreed to stay post-acquisition.
Patient loyalty follows the provider — retention letters or earnouts reduce transition risk.
Red flag: Key providers have expressed intent to leave or are already interviewing elsewhere.
Evaluate front-desk and patient coordinator staff stability and tenure.
Experienced coordinators drive rebooking rates and membership retention that directly affects EBITDA.
Red flag: High front-desk turnover in the past 12 months with no documented training systems.
Med spa financials require careful normalization. Pre-sold packages and membership liabilities create real obligations the buyer must honor — and they reduce net deal value.
Review three years of P&L statements and reconcile all owner add-backs to EBITDA.
Accurate adjusted EBITDA is the foundation of your valuation multiple and SBA loan underwriting.
Red flag: Commingled personal expenses, inconsistent bookkeeping, or unexplained revenue spikes in one year.
Quantify the total deferred revenue liability from pre-sold packages and active memberships.
These are real obligations the buyer must fulfill post-close — often $100K–$500K in mid-size practices.
Red flag: No reconciliation of outstanding package balances or membership obligations exists in the financials.
Analyze monthly recurring revenue from memberships — member count, churn rate, and average tenure.
Predictable MRR is a key value driver; high churn signals weak program design or service quality issues.
Red flag: Membership churn exceeding 8–10% monthly or a declining active member count over 12 months.
Confirm revenue mix across injectables, laser, body contouring, and retail skincare.
Diversified revenue reduces dependency on any single service category or reimbursement structure.
Red flag: More than 70% of revenue derived from one service line with no growth in adjacent categories.
Med spa equipment is expensive, depreciates rapidly, and must stay current to remain competitive. Hidden capex requirements can dramatically alter deal economics.
Obtain a full equipment inventory with purchase dates, lease vs. owned status, and maintenance records.
Aging or leased equipment creates near-term capex obligations that reduce buyer returns.
Red flag: Multiple devices over five years old with no maintenance records and no replacement reserve in place.
Assess remaining lease terms on major devices — lasers, body contouring, RF, and IPL platforms.
Assumed equipment leases become the buyer's liability and may include balloon payments or upgrade clauses.
Red flag: Equipment leases with personal guarantees from the seller that cannot be assumed or refinanced.
Benchmark the equipment portfolio against current market standards for competitive service delivery.
Outdated technology forces price discounting and drives patients to competitors with newer platforms.
Red flag: Competitors in the local market offering newer device categories the target practice cannot match.
Estimate capital expenditure requirements for the next 24–36 months to maintain competitive positioning.
Unbudgeted capex of $150K–$400K post-close can eliminate Year 1 and Year 2 cash flow.
Red flag: No capex plan or equipment reserve fund, with multiple devices approaching end-of-life simultaneously.
Healthcare businesses carry regulatory and liability risks not present in standard service businesses. A single unresolved claim or compliance violation can derail financing and close.
Request full malpractice claims history for all providers and the practice entity for the past five years.
Unresolved or repeated claims signal systemic quality control problems and raise insurance costs.
Red flag: Active malpractice litigation or a pattern of patient complaints involving the same provider or treatment.
Verify current malpractice and general liability insurance coverage limits and claims history.
Gaps in coverage or prior cancellations create uninsured successor liability for the buyer.
Red flag: Malpractice coverage lapses, exclusions for specific procedures, or a carrier non-renewal in the past 24 months.
Review any state medical board or health department actions, citations, or investigations.
Regulatory actions can result in license suspension, fines, or forced closure post-acquisition.
Red flag: Any open investigation, consent order, or prior disciplinary action against the practice or its providers.
Confirm HIPAA compliance program, patient data security policies, and breach history.
HIPAA violations carry significant fines and reputational damage that transfer with the business.
Red flag: No documented HIPAA compliance program, staff training records, or prior breach notification history.
Find Med Spa Businesses For Sale
Vetted targets with diligence packages — skip the cold search.
The corporate practice of medicine (CPOM) laws in the target state. Many states prohibit non-physician entities from owning or controlling a medical practice outright. If the current ownership structure doesn't comply — or if the deal isn't structured with a proper Management Services Agreement and professional corporation — the buyer can inherit regulatory liability or be forced to restructure post-close at significant legal cost. Always engage a healthcare attorney familiar with the target state's CPOM rules before signing an LOI.
Request a revenue-by-provider breakdown for the trailing 12 months. If a single injector — including the owner — accounts for more than 40–50% of billable revenue, you're looking at significant transition risk. Evaluate whether that provider has a binding employment agreement and non-compete, whether they've agreed to stay post-close, and whether there's a plan to gradually shift their patient relationships to other staff. Some buyers address this with earnout structures tied to provider retention milestones.
Deferred revenue is cash the business has already collected for services not yet delivered — primarily pre-sold treatment packages and active membership obligations. In a med spa, this liability can easily reach $100K–$500K. When you buy the business, you inherit the obligation to fulfill those treatments at the seller's original price, with no additional cash received. Buyers should quantify this liability during due diligence, request a full package reconciliation, and either negotiate a purchase price reduction or require the seller to escrow funds to cover fulfillment costs.
Yes, med spas are generally SBA 7(a) eligible as operating businesses, provided the deal is structured correctly. The key complication is CPOM compliance — the SBA lender will want to see that the ownership and operating structure is legally sound for the target state. If an MSA and professional corporation structure is required, the loan and entity structure must reflect that arrangement. Buyers should work with an SBA lender experienced in healthcare transactions and a healthcare attorney to ensure the deal structure satisfies both regulatory and underwriting requirements simultaneously.
More Med Spa Guides
More Due Diligence Checklists
Stop cold-searching. Find signal-scored Med Spa targets with seller motivation already identified.
Create your free accountNo credit card required
For Buyers
For Sellers