Home > Results > SAP Audit Defence
Case Study · SAP · Manufacturing

SAP Audit Claim Reduced 89%: From $18.3M to $2.1M

A Fortune 500 manufacturer received an SAP indirect access audit claim for $18.3M — driven by third-party systems connecting to SAP ECC. We contested the claim methodology, challenged SAP's licensing interpretation, and settled for $2.1M — an 89% reduction.

$16.2M
Claim Eliminated
89%
Reduction
7 Months
Defence Timeline
Zero
S/4HANA Migration Forced

Client Context

Industry
Discrete Manufacturing
Annual Revenue
$12.8B
Employees
38,000
SAP Environment
SAP ECC 6.0
Integrated Systems
14 Third-Party
Annual SAP Spend
$6.4M

The client is a Fortune 500 manufacturer with a global operations footprint running SAP ECC 6.0 as its core enterprise resource planning system. SAP represents significant infrastructure spend—$6.4M annually in support and maintenance—and was integrated deeply across manufacturing, supply chain, and finance functions.

Audit Trigger: The LAM (License Audit Management) request arrived following a routine renewal discussion with SAP sales. This is a common tactic: SAP's commercial teams use audit notifications to create urgency around software modernization discussions, particularly S/4HANA migrations.

The Challenge

SAP's Global License Audit & Compliance (GLAC) team sent a formal audit notification citing suspected "indirect access" through API-connected third-party systems. These integrations included a custom dealer management system (DMS), a warehouse management platform, and a procurement automation tool.

SAP's initial position was that any human who ever benefited from data flowing through these integrations required a Named User license—a deeply expansive interpretation that SAP has leveraged since the 2017 Diageo/AB InBev litigation. Under this logic, warehouse staff viewing inventory data, procurement officers reviewing order status, and dealers accessing real-time pricing all required separate SAP user licenses.

SAP's preliminary claim: $18.3M in unlicensed usage plus backdated maintenance at 22%. Simultaneously, SAP was using the audit as leverage to accelerate the client's S/4HANA migration discussion—a classic bundling tactic where audit settlement becomes conditional on modernization commitment.

The scale of the claim reflected SAP's strategy: make the number large enough that migration becomes the cheaper path. The client faced a choice: pay $18M immediately, or commit to a multi-year, $40M+ S/4HANA transformation to "resolve" the audit.

Our Approach: Four-Stage Defence Strategy

1
Audit Scope Contestation

SAP's licence audit rights in the client's master contracts were limited to 30-day notice and specific document categories (transaction logs, user activity reports, integration configurations). We formally disputed the audit scope and methodology under contract, forcing SAP to narrow their data request and disallow fishing expeditions into third-party system logs.

2
Integration Architecture Analysis

We categorized all 14 third-party integrations using SAP's own published document-type framework—the licensing model SAP tried to supersede with new "Digital Access" metrics. We found that 11 of the 14 systems fell into document-type interactions covered under existing licenses. Only 3 systems required incremental licensing.

3
Counter-Claim Analysis

We identified $4.2M in SAP's own maintenance overbilling going back 4 years—unused support services, incorrect license classification codes, and premium support charges for functions the client never used. This counter-lever became crucial in settlement negotiations.

4
Settlement Negotiation

We refused to enter S/4HANA migration discussions during the audit, maintaining separate negotiating tracks. This prevented SAP from conflating two distinct decisions (audit liability vs. strategic technology investment) into a single bundled outcome.

Detailed Methodology

Audit Scope Contestation

SAP's audit rights are defined in master service agreements and typically include clauses on reasonable notice and relevant documentation. The client's MSA required 30 days' notice and limited GLAC access to "transaction logs, user activity reports, configuration documentation, and interface specifications." SAP initially demanded access to all third-party system logs, internal integration mappings, and business process documentation—a scope far beyond contractual rights.

We objected formally in writing, citing the specific contractual limitations. SAP's legal team pushed back briefly, but the audit team eventually complied. This was essential: it prevented SAP from discovering user data in third-party systems that SAP might have misclassified as "indirect access" evidence.

Integration Architecture Analysis

The client's 14 third-party integrations operated in two primary patterns:

  • Document-Type Access (11 systems): These systems received master data (product catalogs, pricing, customer records) and transaction documents (purchase orders, invoices, shipment confirmations) from SAP. Under SAP's licensing framework, document-type access to static content doesn't trigger Named User licenses for users in the third-party system—only for users in SAP itself. The dealer management system, warehouse platform, and two procurement tools fell into this category.
  • Real-Time Query Access (3 systems): These systems made direct API calls to SAP for real-time inventory queries and order status lookups. SAP's argument for Named User licensing was stronger here, but even these cases were defensible under "Document Access" licensing, which allows read-only access for defined business purposes.

We mapped each integration against SAP's published "License Position Papers" and the SAP licensing documentation SAP itself provides to customers. By using SAP's own framework rather than arguing for alternative interpretations, we created an objective standard SAP had endorsed.

Counter-Claim Analysis

We commissioned an independent audit of the client's SAP licenses and maintenance bills over the past 4 years. This revealed systematic overbilling:

  • $1.8M in duplicate support contracts for regions where coverage overlapped
  • $1.2M in premium support charges for modules the client had never implemented (Advanced Demand Planning, Supply Chain Collaboration)
  • $900K in license classification errors that resulted in overpayment for lower-tier modules upgraded to premium pricing
  • $300K in unused maintenance for customization support bundles the client's internal team had handled

In licensing disputes, overbilling claims are more credible than "we shouldn't pay at all" arguments. This $4.2M counter-claim shifted the negotiation from "you owe us $18.3M" to "we both have issues to settle."

Settlement Negotiation

We maintained three core negotiating positions:

  • Separate Tracks: Audit liability would be resolved independently from S/4HANA discussions. SAP wanted to bundle them; we refused.
  • Document Access Licensing: For the 3 systems with real-time API access, we insisted on Document Access Licensing as an alternative to Named User licenses—a lower-cost model SAP must offer but rarely leads with.
  • Future Protection: We demanded a 5-year contractual cap on indirect access claims for any future integrations, preventing SAP from returning to audit the same systems later.

Results & Settlement Terms

Initial SAP Claim: $18.3M

Final Settlement: $2.1M (89% reduction)

Maintenance Credit Applied: $4.2M (offset against settlement)

S/4HANA Commitment: None required

Settlement Breakdown

The final agreement was structured as follows:

  • Indirect Access Liability: $2.1M (cash settlement for 3 real-time API systems, licensed going forward as Document Access)
  • Maintenance Credit: $4.2M applied immediately against the client's next 14 months of support and maintenance costs
  • Licensing Framework: All 14 integrations documented in an appendix with specific licensing models assigned to each. This appendix became part of the master services agreement.
  • Future Audit Protection: 5-year contractual cap on indirect access claims for any future third-party integrations. If SAP discovers new systems after year 5, they can audit those systems only, not the existing 14.
  • Document Access Licensing Rights: The client now has the right to use SAP's Document Access Licensing model for up to 9 integration scenarios going forward—a lower-cost alternative to Named User licenses for read-only access use cases.

In practical terms: the client paid $2.1M in cash, received $4.2M in credit against future SAP costs, and locked in licensing certainty for 5 years. The total economic impact was negative $2.1M (i.e., a net gain).

"When SAP's audit team arrived, we felt completely exposed. We had 14 integrated systems and no clear picture of our licensing position. The Negotiation Experts turned a potential $18 million liability into a $2 million managed settlement. Their knowledge of SAP's own audit methodology was extraordinary. But what impressed us more was the strategy—they refused to let SAP bundle the audit with our S/4HANA decision, and they found $4M in maintenance overbilling we didn't know existed. That saved us millions beyond the audit settlement."
— General Counsel, Fortune 500 Manufacturing Group

Key Lessons for Enterprise Software Licensing

  • SAP's indirect access claim methodology is deliberately expansive. It is a commercial strategy, not an accurate reflection of your licensing obligations. SAP's own published licensing documentation—their License Position Papers, document-type frameworks, and audit guidelines—often contradict the claims auditors make. Use SAP's own standards against them.
  • SAP will always use an audit to push S/4HANA migration. The audit becomes a lever for modernization sales. Keeping these tracks separate is essential. If you agree to a migration to "resolve" an audit, you've accepted a false premise: the two decisions should be independent.
  • SAP overbills on maintenance more often than most clients realise. A maintenance audit—even a counter-audit initiated during settlement discussions—almost always pays. Review 3–5 years of billing history; you'll likely find duplicate contracts, unused services, or misclassifications worth tens of thousands to millions.
  • Integration documentation is your shield. If you have clear records of how third-party systems connect to SAP, what data flows between them, and for what business purpose, you can defend against indirect access claims. If your integration documentation is scattered or absent, you're negotiating from weakness.
  • Document Access Licensing is underutilized and lower-cost. SAP must offer Document Access Licensing for read-only integrations; it's in their licensing policy. Most audit teams will push for Named User licenses because they generate higher settlements. Push back and insist on Document Access pricing.
  • Future audit protection is worth negotiating into your settlement. A 5-year cap on indirect access claims, or a limitation to systems discovered after year 5, prevents SAP from returning to the same systems later and reopening settled disputes.

Related Case Studies

Oracle ULA Restructuring
How we restructured an Oracle Unlimited License Agreement to reduce annual commitments by 47% while maintaining full functionality.
Microsoft EA Optimization
A healthcare organization renegotiated its Microsoft Enterprise Agreement, saving $3.2M over three years through license consolidation.
Multi-Vendor Portfolio Restructuring
We consolidated 17 vendor relationships across software, SaaS, and cloud, achieving 34% cost reduction while improving service levels.

Ready to Defend Your SAP Position?

Whether you're facing an active audit or want to audit-proof your integrations, we can help.

Start Your SAP Audit Defence SAP S/4HANA Guide View SAP Intelligence

Resources & Further Reading

Explore our related services and research on SAP licensing, vendor audit defence, and enterprise software negotiation: