Skip to content
SAP Indirect Access Licensing
6 min read

Maintaining Audit Compliance with SAP Indirect Access Licensing

Despite the business community recognizing how complex SAP Indirect Access Licensing is, this topic is one that few understand or are even aware of. Unfortunately, in this case, the lack of understanding often leads companies to a position of non-compliance, which, in an audit situation, can have many unintended consequences. Consider that the failure to address indirect access properly has led to multi-million-dollar financial implications in many cases. This is true of Diageo, a company based out of London that sued SAP and lost in a £54 million lawsuit. However, the alcoholic beverage company was not the only team to serve as an example of what can happen when licensing agreements are not adhered to. In the weeks following the ruling, SAP took Anheuser-Busch InBev to arbitration over a licensing dispute and settled out of court for $600 million in damages. 

These events brought to light the valuable lesson that SAP Indirect Access Licensing is not an area that can be overlooked. As a result, many teams came out of the announcement on the court ruling ready to look at their own contracts in greater depth to ensure that they wouldn’t face similar charges.    

The only caveat is that indirect access and the associated licensing have become a constant source of uncertainty and frustration for users due to its vague positioning. For this reason, we set out to help teams take action by answering, two questions: “how does SAP licensing work?” and “what constitutes indirect access?” With this understanding, teams will be better equipped to reduce risk and help stretch budgets further. 

How Does SAP Licensing Work?

When an SAP license is being purchased, users don’t own the software. Instead, they purchase the right to use the software in certain, specified ways. By definition, “use” in SAP terms comes down to the activation of the processing capability of the software to load, access, employ and display information from the same capabilities. On its own, this definition provides little guidance. However, considering the second factor at play, SAP’s software being built on the “Named User” licensure, which gives only a named individual the license for legal right to access the software, it starts to become clearer. 

Applications are set up to access and write data through a single user license. Therefore, based on SAP requirements, any user who touches SAP-managed data has their own individual license, regardless of whether they’re accessing that data through a third-party application, bespoke application or otherwise. However, since access is indirect, in that it is not occurring directly with SAP, it breaches the traditional terms of a user license. This isn’t to say a customer can never use SAP data for these uses; instead, users will become liable for additional licensing fees when utilizing SAP within third-party applications (outside of read-only implications). Failure to pay these fees is then what results in fines. 

Common Examples 

With an understanding of what licensing compliance is, teams can take the second step, identifying where non-compliance typically occurs. Some examples of where indirect access is common are in mobile applications or IoT devices that automate a team’s data entry into SAP, non-SAP software being utilized for reading or updating SAP data, in cases when more users are accessing SAP through fewer licenses, through a third-party interface or portal intended to make it easier for customers to order products. One example of this is a supplier who might check the stock level of raw material, and automatically send shipments when stock level is low. In this example, if the supplier were to go in and edit this content in the same view, it is considered indirect usage. This activity must also be licensed under the SAP definition of indirect usage.    

Another example is if multiple users are accessing information through a single employee login, which also constitutes indirect access. This is commonly true when there are many infrequent users, whose limited usage does not justify the price of a named license. In both these cases, users can be fined for license violations. Resolving this also holds practical value, since multiplexing users results in an incomplete audit log of who completed what, in turn making SAP invalid as a system of record.  

Although these are just a few examples, the indirect model is common in many cloud environments, where users only pay for what they use in a transaction or consumption-based model.   

Resolving Concerns Around SAP Indirect Access Licensing 

Without a doubt, technologies are becoming increasingly interconnected, making it crucial for teams to regularly review their negotiated contracts and confirm software usage rights. Doing this confirmation will come down to confirming the language as outlined in SAP general terms as well as the definition of Indirect Access within a user’s own signed contract. Together, reviewing both pieces of content will give the user a solution-specific definition of what usage is eligible. In many cases, indirect access is discussed during the negotiation stages of a contract alongside proposed mitigation.  

After reviewing these details, teams may find they need to clarify the lesser-known terms with SAP directly, even renegotiating existing terms to cover their unique needs as a business. If this is the case, teams do well to add more specific and detailed language to highlight how SAP software will be interacting with other applications, such as a supplier portal or other interface. With a clearer definition, teams can negotiate individualized pricing for users who only perform minimal activities via SAP. In this case, many have decided to opt for a transaction or consumption-based model rather than the named user license model entirely, eliminating the confusion at its core. 

With many nuances surrounding SAP Indirect Access Licensing, businesses will often elect a consultant or other external expert to provide definition around licensing and develop a proposed pricing plan.  

Achieving the Benefits of Indirect Licensing Compliance 

As a part of customer due diligence, many have decided to leave pricing negotiation efforts to a professional SAP consultant to help them avoid an audit scandal. ConvergentIS has provided support with its own procurement offering through a transaction-based pricing model that abides with necessary legal implications since licensing is a matter discussed directly with SAP and handled on behalf of each customer. The benefit is that by working with a partner, teams can rest assured that their usage is in compliance with SAP licensing agreements and audits are not to be feared. 

A second benefit to this transaction-based model is that businesses are helped to stretch their budgets further. Consider that with the ConvergentIS Rapid Vendor Portal, the use of SAP Indirect Access Licensing moves costs from a capital expenditures (CAPEX) to operational expenditures (OPEX). This is because transaction-based pricing is closer to a pay-as-you-go model, thereby helping teams to avoid concerns around large upfront purchasing costs as well as buying more licenses than are being used. The result is that by paying for licensing through an OPEX model accounting is less complicated because costs don’t have to be depreciated and depending on where a business is located, these same costs may be eligible for income tax deductions in the same year they are being used. Moreover, “paying as you go” helps to improve cash flow ensuring more money is in the bank than tied in major upfront costs, freeing up money for other expenses like projects and payroll.  

In the case of the ConvergentIS Rapid Vendor Portal, it leverages Evaluated Receipt Settlement (ERS), reduces the number of process steps and transactions, and achieves 20-25% in savings above and beyond invoice automation. 

To learn more about how you can achieve these cost savings, contact our team below: