What SAP Indirect Access Actually Means
SAP indirect access — which SAP now formally calls "digital access" — refers to any interaction with the SAP system that does not happen through a direct SAP user interface. When a third-party application queries an SAP database, when an IoT device triggers a production order in SAP, when an e-commerce platform creates a sales order that flows into SAP, or when a data analytics platform reads SAP transactional records — SAP's position is that a licence is required for these interactions.
The commercial logic SAP advances is that value is being extracted from SAP regardless of whether a human SAP user is clicking through the SAP GUI. This argument has some merit in principle, but SAP's pricing of indirect access — and its methodology for calculating how many interactions occur — has been repeatedly challenged in court and in commercial negotiations as systematically overstated.
The critical distinction is between document creation and data access. SAP's digital access model is built around "document pricing" — a charge per document type created in SAP by a third-party system. But SAP also asserts indirect access rights for data read operations, query access, and other interactions that do not create documents. The scope of this assertion, and the basis for pricing it, is far less clear in SAP's standard licence agreements.
"We have never seen an SAP indirect access initial claim that was not significantly overstated. The technical complexity of counting third-party interactions creates systematic errors that SAP's audit team consistently makes — and rarely acknowledges without challenge."
The 2018 Digital Access Model
Before 2018, SAP's approach to indirect access was based on its existing named user licence model, which had no defined mechanism for pricing third-party system interactions. SAP's position was that each indirect user — an individual whose actions in a third-party system triggered an SAP interaction — required a full SAP named user licence. This created an essentially unlimited exposure: any system used by any employee that had any data integration with SAP could theoretically generate an SAP licence requirement for every person using that system.
The Diageo litigation in 2017, which resulted in a UK court finding against SAP's interpretation of indirect access licensing under its standard agreements, prompted SAP to introduce the Digital Access licensing model in 2018. Under this model, SAP provides a defined pricing structure based on document volume rather than user count. Customers are offered five standard document types — Purchase Orders, Sales Orders, Production Orders, Financial Accounting Documents, and others — priced at a per-document rate that declines with volume.
The digital access model was positioned by SAP as bringing "clarity" to indirect access pricing. In practice, many enterprises find themselves caught between their legacy agreements — which do not incorporate digital access pricing — and SAP's assertion of either legacy indirect access rights or digital access requirements. Understanding which framework applies to your situation is the essential first step in any indirect access audit defence.
For a comprehensive overview of SAP's licensing structure, see our Complete Guide to SAP Licensing and our analysis of SAP Indirect Access Licensing.
How SAP Calculates Claims
SAP's audit methodology for indirect access involves analysing your system landscape — typically through SAP's Software Asset Management (SAM) tools or through manual analysis of your SAP system logs and interface configurations — to identify all third-party systems that interact with SAP.
For each interface identified, SAP's team will attempt to count the volume of documents or interactions generated over a retrospective period. The retrospective calculation is one of the most commercially significant aspects of SAP indirect access audits: SAP typically claims licence fees for the full historical period during which undocumented indirect access occurred, which can be five or more years. When document volumes are multiplied by historical list prices and then by the retrospective period, initial claims rapidly escalate into tens or hundreds of millions of pounds.
SAP also factors in the RISE with SAP conversion incentive — if the indirect access claim is being used as leverage to drive a cloud migration, SAP may offer to offset the claim against a RISE commitment. Understanding this commercial dynamic is important context for the negotiation.
Why Initial Claims Are Always Overstated
In our experience across more than 30 SAP indirect access engagements, SAP's initial claims overstate genuine licence exposure by an average of 65%. The sources of overstatement follow predictable patterns that specialists can identify rapidly.
Double-counting of SAP-to-SAP interfaces. SAP's counting methodology frequently includes interactions between SAP systems — for example, data flowing between an SAP S/4HANA ERP system and an SAP BW/4HANA data warehouse. These SAP-to-SAP interactions are not subject to digital access charges under most licence agreements, but they appear in interface analyses and are sometimes included in initial claims.
Inclusion of test and development system transactions. SAP's analysis should exclude transactions from non-productive systems — development, testing, and QA environments. In practice, initial claims frequently include transactions from these environments, inflating volume counts significantly.
Historical list pricing instead of contracted pricing. When calculating retrospective claims, SAP sometimes applies list prices that are significantly higher than the discounted prices the customer has historically paid for SAP licences. Ensuring that any retrospective claim uses commercially appropriate pricing benchmarks is a significant source of claim reduction.
Failure to credit existing entitlements. Many SAP customers already hold entitlements — Engine licences, platform licences, or third-party interface licences — that provide coverage for some or all of the indirect access interactions being claimed. SAP's initial analysis does not always credit these entitlements correctly.
Counting automated batch processes as document creation events. SAP's document counting methodology can conflate automated reconciliation processes, error correction runs, and reversal postings with genuine document creation. Each reversal posting generates a separate document count entry in SAP's logs, effectively doubling the apparent document volume for any corrected transaction.
Your Defence Strategy
Map your integration landscape independently
Before engaging with SAP's analysis, conduct your own inventory of all third-party systems connected to SAP. This independent baseline enables you to challenge the completeness and accuracy of SAP's interface analysis rather than accepting their mapping as the starting point.
Review all existing SAP licence entitlements
Compile every SAP ordering document and licence schedule to identify all entitlements that may provide indirect access coverage. Include Engine licences, platform licences, and any existing Third Party Access licences or Indirect Access licences from prior audits.
Challenge SAP's document counting methodology
Request SAP's detailed counting methodology — the specific log tables and selection criteria used — before accepting any document volume figure. Apply the corrections for test systems, SAP-to-SAP traffic, batch processes, and reversal postings to produce a defensible counter-analysis.
Establish the contractual basis for the claim
SAP's ability to claim indirect access fees depends on the specific language in your licence agreement. Agreements signed before 2018 often lack clear digital access provisions. Have your legal team review the precise contractual language before conceding any commercial obligation.
Engage independent specialist advisers
SAP indirect access audits are among the most technically complex in enterprise software. The commercial stakes are high and the technical analysis requires specialist expertise in SAP licensing, integration architecture, and audit negotiation. See our Vendor Audit Defence service.
Negotiating a Commercial Resolution
SAP indirect access audits almost always resolve through commercial negotiation rather than litigation. The Diageo case remains the most prominent court case in this area, and its outcome — while technically a finding for SAP on the interpretation of the legacy licence agreement — ultimately resulted in a settlement and a recognition by SAP that its legacy indirect access model needed to be replaced.
The commercial levers in an SAP indirect access negotiation are significant. SAP's desire to migrate customers to RISE with SAP and S/4HANA cloud creates a pathway to resolving indirect access claims as part of a broader commercial deal. Our experience is that customers who are willing to make migration commitments — or who can credibly present the possibility of moving away from SAP — achieve significantly better indirect access settlements than those who negotiate purely on technical compliance grounds.
The timeline of an SAP indirect access audit also provides negotiating leverage. SAP's audit teams have commercial targets, and extended audit timelines create pressure. Using your rights to challenge methodology, scope, and contractual basis — each of which adds weeks or months to the process — is a commercially valuable strategy when managed correctly.
For the complete framework on managing SAP audits from notification to settlement, see our SAP Audit Defence Preparation Guide and Complete Vendor Audit Defence Guide. Access the full SAP licensing playbook at SAP S/4HANA Negotiation Guide.