You need a web app or website built. You have a budget. You've found 10 agencies with glossy websites and confident promises. But which one actually delivers?

Choosing the wrong agency costs you time, money, and credibility. I've seen startups spend $150K with an agency that over-promised and under-delivered. I've also seen companies hire a $30K contractor who shipped production-ready code in 8 weeks. The difference isn't price; it's vetting.

This guide teaches you how to evaluate agencies like an insider—what to look for, what to avoid, how to ask the right questions, and how to structure contracts so you're protected. I've been on both sides (building products and hiring agencies), and I'll share what separates the good from the mediocre.

TL;DR Summary

Don't hire based on website quality, portfolio flash, or promises. Hire based on: 1) Reference calls with past clients (non-cherry-picked). 2) Technical depth (show you their architecture, code examples). 3) Process clarity (how do they handle scope creep, timelines, risks?). 4) Contract terms (milestone-based, not fixed-price; clear scope; escalation path). Red flags: They won't provide references. They promise unrealistic timelines/budgets. Their process is vague. They use low-seniority developers then hand off to you. They don't understand your business problem. Vetting checklist: Ask for 3 references from similar projects → Call each reference unannounced → Ask about delays, budget overruns, support post-launch → Check GitHub/open-source work (assess code quality) → Do a technical deep-dive (see their architecture thinking) → Get a written proposal with clear acceptance criteria → Use milestone-based contracts (not fixed-price) → Build a 2-week trial project before committing long-term. Cost: $80K–$200K for a 3–6 month project. Success metric: On-time delivery (within 10%), on-budget (within 10%), zero critical bugs at launch.

Table of Contents

  1. The Hiring Mistake Most Companies Make
  2. Types of Development Partners
  3. How to Vet an Agency (8-Step Process)
  4. Questions to Ask (The Insider's List)
  5. Red Flags & How to Avoid Them
  6. Technical Evaluation
  7. Contract Negotiation
  8. Post-Hire: Setting Up for Success
  9. FAQ
  10. Conclusion & Next Steps

The Hiring Mistake Most Companies Make

You receive 5 proposals. They all look professional. You pick the cheapest or the one with the prettiest portfolio. This is a trap.

Why? Agency websites are marketing. They're not representative of process, communication, code quality, or post-launch support. You're judging on the 5% of work visible (the website) and ignoring the 95% that determines success (architecture, testing, monitoring, handoff).

Real hiring looks like:

  1. Find agencies that fit your scope (not just price)
  2. Call 3 past clients (who aren't cherry-picked references)
  3. Do a technical deep-dive with their engineers
  4. Negotiate clear milestones and scope
  5. Start with a small trial project
  6. Only after success, commit to larger builds

It takes 4–6 weeks. It's worth it because hiring the wrong agency costs 10x that time in rework.

Types of Development Partners

Freelancers & Freelance Teams

What they are: 1–3 self-employed developers, often working remote.

Cost: $40–$120/hour or $10K–$80K for fixed projects

Best for: MVPs, proof-of-concepts, simple features, non-critical systems

Pros:

  • Lowest cost
  • Flexible (can scale up/down)
  • Direct communication
  • Often highly skilled

Cons:

  • High bus factor risk (person gets sick, leaves, or dies)
  • No process (depends on individual)
  • Quality and reliability vary wildly
  • No backup support
  • Hard to enforce accountability

Red flag: They won't provide references or want half payment upfront.

Small Agencies (3–10 developers)

What they are: Lean teams with a project manager + developers + designer.

Cost: $80K–$150K for projects, $50K–$100K/month for retainers

Best for: Mid-scale projects, some urgency, reasonable quality expectations

Pros:

  • More structure than freelancers
  • Team redundancy (if one person leaves, project continues)
  • Process-driven (sprints, reviews, testing)
  • Reasonable cost

Cons:

  • Can be disorganized under pressure
  • Might outsource parts (QA, design) to contractors
  • Less mentorship for junior developers
  • Customer support can be uneven

Red flag: They don't have a written process or sprint structure.

Mid-Size Agencies (10–30 developers)

What they are: Professional organizations with project managers, QA, ops, account managers.

Cost: $120K–$300K for projects, $80K–$150K/month for retainers

Best for: Complex projects, mission-critical systems, premium support needed

Pros:

  • Mature process (sprints, code reviews, QA)
  • Specialization (frontend, backend, DevOps separate)
  • Dedicated account management
  • Post-launch support included
  • Can compress timelines by staffing aggressively

Cons:

  • Premium cost
  • Slower decision-making (more layers)
  • Less flexibility on scope
  • Might overkill simple projects

Red flag: They can't articulate their process or give you a clear project manager.

Enterprise Agencies (30+ developers)

What they are: Fortune 500-serving firms with certifications (AWS, Google, Salesforce), industry expertise, compliance (HIPAA, SOC2).

Cost: $200K–$1M+ for projects, $150K–$500K+/month for retainers

Best for: Enterprise-scale, compliance-heavy, business-critical systems

Pros:

  • Proven at scale
  • Insurance and liability coverage
  • Industry expertise (fintech, healthcare, etc.)
  • Compliance built in
  • Premium support and SLAs

Cons:

  • Very expensive
  • Overkill for startups
  • Slow (bureaucracy, process)
  • Less startup mentality (they optimize for low risk, not speed)

Red flag: Long sales cycle (6+ weeks) or rigid processes.

Hybrid: In-House + Agency

What it is: You hire a small in-house team (1–2 engineers) and augment with agency for capacity.

Cost: $80K–$120K/year per in-house engineer + $50K–$150K/month for agency

Best for: Long-term products, high control + external expertise

Pros:

  • Deep product knowledge (in-house team)
  • Flexibility (agency handles overflow)
  • Cost-effective long-term
  • Your team owns the roadmap

Cons:

  • Hiring in-house takes 2+ months
  • Coordination complexity
  • Fixed costs (salaries) even in slow periods
  • Onboarding new in-house hires is slow

How to Vet an Agency (8-Step Process)

Step 1: Define Your Scope (Week 1)

Before you pitch to agencies, be crystal clear on what you need.

Write down:

  • Project overview: What are you building? (e.g., "SaaS inventory management app")
  • Core features: List 5–7 core features
  • Timeline: When do you need it? (e.g., "8 weeks")
  • Budget: What's your range? (e.g., "$80K–$120K")
  • Team structure: Do you want in-house + agency? Just agency?
  • Tech preferences: Any tech stack must-haves? (e.g., "React + Node")

Why? Agencies can't quote accurately without clear scope. If you're vague, they'll either overprice (to cover unknown risk) or underprice (then ask for more later).

Step 2: Shortlist Agencies (Week 1–2)

You'll find agencies through:

  • Google search ("web development agency [your city]")
  • Referrals from friends/advisors
  • Directories (Clutch, Upwork, Toptal, Gun.io)
  • Industry networks

Initial filter:

  • Do they have experience with your type of project? (SaaS, e-commerce, marketplace, etc.)
  • Do their case studies resonate? (size, complexity, industry)
  • Do they have the tech stack you want?
  • Is their website professional and well-designed? (If they can't design their own site, that's a signal)

Narrow to 3–5 agencies. More than that, you'll spend weeks vetting.

Step 3: Request Proposal & References (Week 2)

Send each agency:

  • Your scope document (from Step 1)
  • Request for proposal with:
    • Project timeline and phases
    • Estimated cost and payment terms
    • Team composition (who will work on your project?)
    • Process overview (how do they handle sprints, communication, changes?)
    • 3 reference contacts from similar projects (not cherry-picked—ask for "your last 3 projects of this scope")

Red flag: They won't provide references or want payment before you've talked.

Step 4: Call References (Week 3)

This is the single most important step. Reference calls reveal what agencies don't want you to know.

Ask each reference:

  1. Scope: "Did the project stay in scope or did it balloon?"

    • Look for: Honest answers about scope creep. If they say "zero scope creep," they're lying.
    • Red flag: "It went way over scope and cost $200K instead of $100K."

  2. Timeline: "Was it on time?"

    • Look for: Did they meet dates? Did they communicate delays early?
    • Red flag: "It was 3 months late and they didn't tell us until week 1."

  3. Communication: "How was communication?"

    • Look for: Regular updates? Responsive to questions? Honest about problems?
    • Red flag: "We never heard from them. Then suddenly they said the project would take 6 more months."

  4. Quality: "Was the code quality good? Did you need to rework things after launch?"

    • Look for: Working code you could maintain. Good documentation.
    • Red flag: "The code was a mess. We had to hire another developer to clean it up."

  5. Support post-launch: "What happened after launch?"

    • Look for: Did they help with bugs? Monitoring? Handoff documentation?
    • Red flag: "They disappeared after launch. We were on our own."

  6. Team stability: "Did key people stay on the project?"

    • Look for: Did the same people you negotiated with stay, or did they swap in juniors?
    • Red flag: "Our lead developer left week 3 and we got a junior who didn't know the codebase."

  7. **Would you hire them again?" (Yes/no, simple question)

    • Red flag: Hesitation or "it depends."

Tip: Call references you weren't given. If the agency has a GitHub org, look at contributors and reach out. People who weren't pre-selected are more honest.

Step 5: Technical Deep-Dive (Week 3)

After references, invite finalists to a technical discussion.

What you want to see:

  • Architecture thinking: Ask them to explain the tech stack they'd use and why. Do they understand tradeoffs (React vs. Vue, PostgreSQL vs. MongoDB)?
  • Code examples: Ask to see code they've written (open-source or past project). Is it clean? Well-documented? Can you follow it?
  • Scalability concerns: Ask about performance. How do they think about databases at scale? Caching? Load balancing?
  • Security thinking: Ask how they approach security (input validation, XSS prevention, data encryption). Do they have a security checklist?
  • Testing philosophy: How much testing do they do? Unit tests? Integration tests? Automated or manual?

Red flag: They can't articulate their tech choices or architecture thinking. They say "we just code and see what works."

Step 6: Evaluate Proposals (Week 4)

Compare proposals on:

Criteria Weight What to Look For
Cost 20% Clear breakdown (backend, frontend, infrastructure). Reasonable for scope.
Timeline 20% Broken into phases with milestones. Realistic (not too aggressive).
Team 20% Who's the lead? How many seniors vs. juniors? Will they stay the whole project?
Process 20% Sprint-based? Code reviews? Testing? Communication cadence?
Scope Definition 20% Do they clearly articulate acceptance criteria? What happens if scope changes?

Red flag: Vague proposals. No team names. Unrealistic timelines. No mention of testing or code review.

Step 7: Trial Project (Week 5–8)

Before committing to a $150K, 6-month build, do a 2-week trial:

  • Scope: 1–2 core features (not the whole project)
  • Cost: $5K–$15K
  • Timeline: 2 weeks
  • Goal: Assess communication, code quality, ability to iterate

Use trial to evaluate:

  1. Do they communicate daily? (You should hear from them every day, even if briefly)
  2. Is code production-ready? (Clean, tested, documented)
  3. Do they respond to feedback? (You request changes; they iterate)
  4. Are they on time? (Features done by end of week)

Red flag: Slow communication. Low-quality code. Defensive about feedback.

Green flag: Ship working features in 1 week. Clear communication. Eager to iterate.

If trial goes well, move to full project. If it's mediocre, keep looking.

Step 8: Sign Contract (Week 9)

Once you've decided, formalize the agreement. (See "Contract Negotiation" section below.)

Questions to Ask (The Insider's List)

About Their Process

  • "Walk me through your sprint process. How long are sprints? What's the cadence?"
  • "How do you handle scope creep? What's your process if the client wants to add features?"
  • "Do you do code reviews? Automated testing?"
  • "How do you handle risks and unknowns? What's your escalation process?"
  • "How do you measure progress? Can I see metrics weekly?"

About Your Project Specifically

  • "Have you built something like this before? Can you show me examples?"
  • "What are the technical risks with this project? How would you mitigate them?"
  • "How would you approach the tech stack for this? Why?"
  • "What dependencies are external? (e.g., third-party APIs, integrations.) What happens if they break?"

About Their Team

  • "Who's the project lead? How much time do they allocate to my project?"
  • "Who are the senior developers? Will they be hands-on or supervising?"
  • "What's your policy if key people leave mid-project?"
  • "How do you ensure continuity if the lead developer gets sick?"

About Communication

  • "How often will I hear from you? Daily? Weekly?"
  • "Who's my primary contact?"
  • "Will you provide weekly demos so I can see progress?"
  • "How do you handle feedback? How long does iteration take?"

About Support Post-Launch

  • "What happens after launch? Do you provide support?"
  • "For how long? What's included (bug fixes, monitoring, scaling)?"
  • "If bugs are found post-launch, how quickly do you fix them?"
  • "Do you provide documentation or training?"

About Cost & Timeline

  • "How do you estimate? Can you show me your estimation methodology?"
  • "What happens if the project runs over timeline? Who pays for overruns?"
  • "What's included in your estimate? What costs extra (hosting, third-party services)?"
  • "How do you handle changes in scope? Do they cost more?"

Red Flag Questions (Ask These)

  • "Have any of your projects exceeded timeline or budget? What happened?"
  • "Tell me about a project that didn't go well. What did you learn?"
  • "What percentage of your projects ship on time?"
  • "Have clients ever complained about code quality or lack of communication? How did you handle it?"

Why these questions? Companies that are honest about failures are more trustworthy than ones claiming perfection.

Red Flags & How to Avoid Them

Red Flag 1: They Won't Provide References

What it means: They have something to hide (unhappy clients, late projects, quality issues).

What to do: Move on. There are plenty of transparent agencies.

Red Flag 2: Unrealistic Timeline or Budget

"We can build your $150K project in 4 weeks for $25K."

What it means: Either they're lying or they'll cut corners (no testing, junior devs, poor code).

What to do: Ask detailed questions. How many developers? What's included? If they won't detail, don't hire.

Red Flag 3: Vague Process

"We have an agile process" but can't explain sprints, code reviews, testing, or communication cadence.

What it means: They don't have a real process. You'll manage them, not the other way around.

What to do: Ask specific process questions. If they stumble, next.

Red Flag 4: They Want 50% Upfront

Paying half before work starts puts you at risk.

What to do: Use milestone-based payments (20% at kickoff, 30% at Phase 1 completion, 30% at Phase 2 completion, 20% at launch). Never more than 30% upfront.

Red Flag 5: No Code Review or Testing Mentioned

"We code and ship. Testing is your job."

What it means: You'll inherit buggy code that's expensive to fix.

What to do: Require code review and automated testing. It's non-negotiable.

Red Flag 6: Team Churn

"Your project lead is X, but X is ramping down so Y will take over after 4 weeks."

What it means: Handoff overhead. New person learning the project.

What to do: Insist the lead stays for the full project. If they can't guarantee it, don't hire.

Red Flag 7: "Trust Us, We'll Figure It Out"

You've asked detailed questions about architecture, scalability, tech choices. They wave it off: "Don't worry, we'll figure it out as we go."

What it means: No planning = chaos.

What to do: Next. A good team can articulate their thinking upfront.

Red Flag 8: No Written Spec or Acceptance Criteria

"We'll just build what you want. You'll like it."

What it means: Disputes later about whether features are "done."

What to do: Require a written spec with clear acceptance criteria for each feature.

Technical Evaluation

Code Quality Assessment

Ask to see past code. Evaluate on:

Readability:

  • Variable names are descriptive (not x, temp)
  • Functions are small and do one thing
  • Comments explain why, not what

Structure:

  • Code follows a pattern (MVC, dependency injection, etc.)
  • No repeated code (DRY principle)
  • Clear separation of concerns

Testing:

  • Unit tests present
  • Test coverage >60%
  • Tests are maintained (not outdated)

Documentation:

  • README explains how to set up and run
  • API documentation present
  • Architecture decisions documented

Error Handling:

  • Errors are caught and logged
  • User-facing errors are clear
  • No silent failures

Red flag: Code you can't understand. No tests. Comments that explain obvious things ("increment x by 1"). Repeated logic copy-pasted.

Architecture Review

Ask them to draw their architecture for your project:

Good architecture shows:

  • Frontend, backend, database clearly separated
  • API between frontend and backend (not tightly coupled)
  • Database schema makes sense
  • Third-party integrations planned
  • Scalability thought through (how does it grow?)
  • Monitoring and logging included
  • Security considerations visible

Red flag: Architecture that's a black box. No mention of testing or monitoring. Oversimplified (suggests they haven't thought it through).

Tech Stack Validation

Ask about their tech stack:

Good reasoning:

  • "We use React because [reason: large community, state management, reusability]"
  • "We chose PostgreSQL because [reason: ACID compliance, scalability, SQL standard]"
  • "We deploy to AWS because [reason: reliability, scaling, AWS ecosystem]"

Red flag:

  • "We always use [tech] for everything" (inflexible)
  • "It's trendy/new" (not a good reason)
  • "We haven't used [tech] before but we're confident we can learn" (too risky for your timeline)

Contract Negotiation

Key Contract Elements

1. Scope Definition

Must clearly list every feature with acceptance criteria.

Feature: User signup
Acceptance criteria:
- User can enter email, password, confirm password
- Validation: email valid format, password min 8 chars
- On submit, create user account and send confirmation email
- User redirected to email verification page
- If email already exists, show error "Email already registered"

Why? Prevents "is this feature done?" disputes.

2. Milestone Payments

Use milestone-based contracts, not fixed-price.

Bad: "Complete project for $100K. Payment on completion."

  • Agency has no incentive to ship early.
  • You have no leverage if they slip.

Good:

  • 20% at kickoff: $20K
  • 30% at backend completion: $30K
  • 30% at frontend completion: $30K
  • 20% at launch: $20K

Why? Aligns incentives. They want to ship each phase on schedule to get paid.

3. Timeline & Milestones

Specify dates for each phase and acceptance criteria for completion.

Phase 1: Backend APIs (Week 1-3)
Deliverable: All user/listing/messaging APIs functional
Testing: Unit tests >60% coverage, can hit APIs via Postman
Acceptance: PM approves all endpoints work as spec'd
Due date: [DATE]
Payment: 30% ($30K)

Why? Holds both sides accountable.

4. Scope Change Process

What happens if you want to add/change features mid-project?

Good clause:

  • Client can request changes
  • Agency estimates effort
  • If effort <10 hours, absorbed (included)
  • If effort >10 hours, documented as Change Order with timeline and cost
  • Client approves Change Order before work starts

Why? Prevents scope creep from spiraling budget/timeline.

5. Warranty & Bug Fixes

What happens if bugs are found?

Good clause:

  • Agency provides 30 days of bug fix support post-launch (no charge)
  • Critical bugs (site down, data loss) fixed within 24 hours
  • High-priority bugs (feature broken) fixed within 5 business days
  • Low-priority bugs (UI glitch) fixed within 2 weeks
  • After 30 days, bugs are billable ($X/hour for fixes)

Why? You're protected from launch-day disasters. Agency is incentivized to ship clean code.

6. Intellectual Property

Who owns the code?

Standard clause:

  • You own the code delivered.
  • Agency can use it as portfolio example (with your permission).
  • Agency can use general techniques/patterns in future projects (but not your code).

Why? You own what you pay for.

7. Confidentiality

Agency agrees not to disclose your business details, tech stack, etc.

Why? Protects your competitive advantage.

8. Termination Clause

What if things go badly?

Good clause:

  • Either party can terminate with 2 weeks notice
  • You pay for work completed up to that point
  • Agency delivers code in working state and documentation
  • 30% termination fee if you terminate (covers their losses)

Why? Exit clause if it's not working. But incentivizes you to give fair notice (30% penalty is real).

Negotiating the Contract

Tips:

  1. Use a template. Don't write from scratch. Use a template (search "software development contract template").
  2. Be explicit about scope. Vague contracts lead to disputes.
  3. Use milestone payments. Don't pay everything upfront.
  4. Get it in writing. Email confirmations aren't enough. Sign a contract.
  5. Have a lawyer review it. Cost: $500–$1K. Worth it to avoid $50K disputes later.

Red flag: Agency refuses to sign a contract or wants you to use their contract with no modifications (especially if it heavily favors them).

Post-Hire: Setting Up for Success

Week 1: Kickoff

  • Meet the team: Get to know developers, designer, PM
  • Align on success: What does success look like? (On-time, on-budget, zero critical bugs at launch)
  • Communication plan: Daily standups? Weekly demos? Slack or email?
  • Set expectations: What should you expect from them? What do they expect from you?

Weeks 1–12: Weekly Check-ins

  • View progress: Ask for weekly demos of working features
  • Ask questions: Clarify anything unclear
  • Provide feedback: Early feedback prevents rework
  • Escalate issues fast: If something's wrong, say it immediately
  • Respect their time: Don't ask for daily updates; weekly is enough

Launch Week: Be Available

  • Monitor with them: Watch for bugs and errors
  • Be ready to make decisions: If critical issue comes up, you decide: fix it or ship with known issue?
  • Support the team: Launch week is stressful. They're working hard.

Post-Launch: Handoff & Support

  • Get documentation: Code walkthrough, deployment process, how to scale, how to add features
  • Understand the architecture: You or your team should be able to maintain it
  • Get monitoring: Sentry (error tracking), DataDog (performance monitoring)
  • Plan Phase 2: What features come next? Timeline? Budget?

FAQ

Q: Should I hire a local agency or remote?

A: Remote is fine. Time zone differences are manageable with async communication. Cost difference is usually 20–30% (US $150K vs. Eastern Europe $110K for same quality). Hire based on capability and communication, not location.

Q: How much should I expect to pay?

A: Depends on scope. Simple website: $15K–$50K. Custom MVP: $50K–$150K. Mid-scale app: $150K–$300K. Enterprise: $300K+. These are for 2–6 month projects with 3–10 developers. Expect to pay 20–30% premium for fast timelines (8 weeks vs. 4 months).

Q: Fixed-price vs. time-and-materials—which is better?

A: Time-and-materials (T&M) is better for you. Fixed-price puts risk on the agency, which they price in (they charge 20–30% premium to cover risk). T&M aligns incentives: ship fast, iterate. Use milestone-based T&M: clear phases, clear scope, pay per phase. Avoids surprises.

Q: What if the agency is late?

A: Depends on contract. If milestone-based, they don't get paid until milestone is done. If important for your business, build in buffer time (if they say 4 months, assume 5). Avoid penalty clauses that are punitive; focus on incentivizing on-time delivery (earlier payment if early).

Q: Can I have my in-house team work with their team?

A: Yes. This is often the best setup. Your team owns the product; agency augments. Make sure roles are clear (who owns architecture? Who decides on tech choices?). Use a tech lead from your team + agency lead to make joint decisions.

Q: How do I know if they're using junior developers I'm not aware of?

A: Ask directly in the contract: "Senior developers (5+ years) for [% of hours, e.g., 60%]." In code review, ask who wrote the code. In weekly demos, ask who's presenting (you should recognize the same names). If they're sneaking in juniors, you'll see it in code quality.

Q: What if the project is taking longer than planned?

A: This is common. Here's how to handle it:

  1. Don't panic. Most projects slip 10–20%. Minor slips are normal.
  2. Understand why. Is scope bigger than expected? Did integrations take longer? Did you add features?
  3. Decide: Extend timeline? Reduce scope? Add budget (hire more developers)? Choose one.
  4. Document: Agree on new timeline in writing.
  5. Monitor: Weekly updates on progress toward new date.

Conclusion & Next Steps

Key Takeaways:

  • Don't hire based on website or portfolio flash. Hire based on references, technical depth, and process clarity.
  • Call references from non-cherry-picked projects. Ask about scope creep, timeline, communication, code quality, post-launch support.
  • Do a technical deep-dive with their engineers. Ask about architecture, code examples, tech choices, scalability.
  • Use milestone-based contracts, not fixed-price. Clear scope definition. Milestone payments (20-30% each phase).
  • Start with a 2-week trial before committing to 6 months and $150K.
  • Red flags: No references. Unrealistic timelines. Vague process. Demanding 50% upfront. Team churn. No testing mentioned.
  • Measure success: On-time delivery (within 10%), on-budget (within 10%), zero critical bugs at launch, code you can maintain.

Next Step: Use the vetting checklist and ask questions.

Download the Agency Vetting Checklist (includes reference call questions, technical evaluation rubric, contract template).

If you're in the early stages and unsure whether to hire an agency or build in-house, schedule a 30-minute consultation. I'll help you think through the decision based on your timeline, budget, and risk tolerance. No sales pitch—just honest guidance on how to structure your team for success.

Author Bio

I'm Adriano Junior, a senior full-stack engineer with 16 years of experience and 250+ projects. I've built products and I've hired agencies (and been hired as one). I've seen the best and worst of vendor relationships. I believe transparency, clear communication, and realistic expectations are table stakes. I help founders and CTOs think through build vs. buy decisions and structure vendor relationships for success. Schedule a call to discuss your project, timeline, and whether agency or in-house is right for you.