How nonprofit tech became the operational backbone of philanthropy in a generation — and the obligation we think comes with that.
If you’d told the people running the country’s mid-size nonprofits in 2005 that, twenty years later, their organizations would manage their donor relationships, process their recurring gifts, coordinate their grants, and produce most of their regulatory filings on cloud-hosted platforms operated by third-party software vendors, most of them would have been skeptical. Some would have been alarmed. The default in 2005 was on-premise software, lightly customized, owned by the organization, with most data held in environments the organization itself controlled.
That default has been almost completely replaced. The nonprofit-serving software market reached an estimated $4.56 billion in 2025 and is projected to exceed $7.24 billion by 2031, growing at a compound annual rate of 7.9 percent. More than 78 percent of that market is delivered through cloud-based platforms. The data of the overwhelming majority of U.S. nonprofits — including their donors, grantees, and beneficiaries — now lives in vendor-operated environments rather than on organizational premises. We did this. The nonprofit tech industry, collectively, built it.
Superpowers from the cloud
We shouldn’t discount how meaningful that shift is. A small organization with three staff in 2025 can:
- run a multi-channel fundraising program,
- segment a donor list with reasonable sophistication,
- run a recurring giving program at retention rates that would have required a dedicated systems administrator a generation ago,
- file 990s without hand-keying,
- manage a board portal, accept stock and crypto,
- run a peer-to-peer campaign,
- host a virtual gala, and produce funder reports for a portfolio of multi-year grants.
Most of those capabilities are within reach because of cloud-based, nonprofit SaaS. The democratization of operational sophistication in this sector is one of the more under-celebrated technology stories of the last twenty years.
The other side of the same achievement is that we have, in the process, become the sector’s operational backbone. Not its supplier. Its backbone. When a major nonprofit technology vendor goes down on December 30, end-of-year giving across thousands of organizations is materially affected. When a major nonprofit technology vendor changes its data export policy, sector-wide data portability changes with it. When a major nonprofit technology vendor is breached, the breach reaches not one organization but a meaningful slice of the entire ecosystem.
We did not become critical infrastructure on purpose. We became it by being good at our jobs, persistently, for two decades. The obligation that comes with that role is not optional, and it is not symmetrical with our commercial peers.
Why this is different from B2B SaaS
The instinct in our industry is to benchmark against B2B SaaS — the standards, the playbooks, the customer expectations. That instinct is right in many ways. B2B SaaS is, broadly, where our craft comes from. But there are three things about our context that the B2B SaaS frame doesn’t quite capture.
First, our customers are price-constrained in ways enterprise customers aren’t. A nonprofit with a $1.2M annual budget cannot exit a vendor relationship the way a $400M software-as-a-service company can. Switching costs in our market are real, painful, and slow. That asymmetry concentrates more responsibility on us than market discipline would otherwise suggest.
Check out this podcast episode with Tech Impact CEO Patrick Callihan speaking to TechSoup CEO Marnie Webb about the IT operating reality at typical nonprofits.
Second, our donors and recipients are not explicit parties to the agreement between software vendors and nonprofits. Chances are, they haven’t seen, let alone agreed to the SaaS terms of service. The harm model when something goes wrong is not contained between the SaaS vendor and a buyer; it spills outward to people whose only relationship to our software is that a mission they cared about used it.
Third, the data we hold collectively in the nonprofit technology sector is not just personally identifiable; it is intentionally meaningful. The fact that someone gave to a domestic violence shelter is not a marketing data point. The fact that someone gave to a particular advocacy organization is, in some jurisdictions, a politically sensitive disclosure. Wealth screening attaches inferred net worth and family information to people who never asked to be modeled. We are sitting on top of a category of data that is qualitatively different from a typical SaaS customer record.
What we’re advocating for
We are not advocating for a new certification. We have enough of those now. We are advocating for something closer to a vocational shift — a recognition by nonprofit technology vendors, professional service providers, and others in the ecosystem, that the role we play is greater than that of the typical B2B SaaS marketplace. While service agreements say ‘data processor’, the reality is closer to ‘shared custodian of public trust.’ Certifications that state ‘meets industry standard’ overlook the social impact ‘industry’ and its specific risks.
Tomorrow we’ll look at more practical security & compliance matters.
