Locations

Resources

Careers

Contact

Contact us

SAP S/4HANA Licensing

License Audits in SAP S/4HANA

License Audits in SAP S4HANA

License Audits in SAP S/4HANA

SAP S/4HANA license audits are formal checks by SAP to ensure companies’ software usage aligns with their purchased licenses.

These audits carry high stakes: non-compliance can trigger substantial unplanned fees or contract penalties.

By understanding S/4HANA’s licensing model (including user types, indirect “digital access” rules, and on-premise vs. cloud differences) and preparing proactively, organizations can navigate audits confidently and minimize risk.

S/4HANA License Audits

A license audit in SAP S/4HANA is a periodic compliance review where SAP verifies that your usage of S/4HANA matches what you’ve paid for. Under your contract, SAP can require you to run measurement programs and provide usage data.

The audit checks named user counts, license types, and system metrics to ensure you aren’t using more than you bought.

It’s essentially a “health check” on license compliance. If you have 1,000 users in the system but only 900 licenses, or if users are performing activities beyond their license level, the audit will flag it. SAP license audits typically occur annually or biannually for on-premise customers, serving to protect

SAP’s intellectual property and revenue. For customers, these audits are important because any gap between usage and entitlements may result in a substantial bill for additional licenses, backdated maintenance fees, or even legal action if left unresolved.

Industry surveys show software audits are on the rise (well over half of enterprises were audited by a major vendor in the past year), so SAP customers should expect and prepare for this as a routine part of running S/4HANA.

Figure: License audit overview – SAP S/4HANA usage data is analyzed to verify compliance with contract terms. Audits can uncover gaps, such as unlicensed users or indirect usage, which must then be addressed.

Read Licensing User Types in SAP S/4HANA.

Why License Audits Matter in SAP S/4HANA

Non-compliance costs can be significant. If an audit finds you’re under-licensed, SAP will require you to purchase the shortfall — potentially at list price and with back maintenance fees.

For example, one global company faced an audit claim of over $5 million due to indirect usage that wasn’t licensed.

Another organization’s internal review identified $3 million in unused SAP licenses, highlighting the ease with which entitlements can be mismanaged.

Beyond financial risk, there’s also contract risk: falling out of compliance can violate your agreements with SAP.

On a positive note, audits can reveal opportunities to optimize licenses – for instance, discovering you’ve been paying for 200 professional users when only 150 are needed. In short, license audits matter because they enforce accountability.

They ensure you only use what you’ve paid for, and they encourage you to eliminate any inefficiencies. Failing an audit can result in unbudgeted expenditures that disrupt your IT budget and strain vendor relationships.

Passing an audit, on the other hand, gives CIOs peace of mind and strengthens their negotiating position with SAP for the future.

Read Optimizing SAP S/4HANA Licensing for Cost Savings.

S/4HANA Licensing Models and Audit Differences

SAP S/4HANA licensing comes in several flavors, and understanding these is crucial for audit readiness.

In an on-premise S/4HANA deployment, you typically purchase perpetual licenses for named users (e.g., Professional, Limited, Employee Self-Service) and possibly engine metrics (like SAP HANA database size or specific add-on modules). You pay a significant upfront fee and an annual support fee (~20% of the license cost).

Audits for on-premise systems focus on ensuring that the number of users of each type in your system does not exceed what you own and that any engines or packages (such as additional software components) are within licensed limits.

In SAP S/4HANA Cloud (subscription) or RISE with SAP (a bundled cloud offering), licensing is subscription-based (often a per-user per-year fee or a metric called Full Usage Equivalent for RISE).

Here, the audit works differently: SAP already hosts the system and can monitor usage. Instead of a traditional audit script run by you, compliance is enforced through the subscription terms.

If you have a contract for 500 users and you add more users in the cloud portal, you’ll need to true up by adjusting your subscription (usually at the next renewal or via an overage charge). The good news is you’re less likely to get a surprise compliance bill mid-term; the cost scales with usage.

The trade-off is less flexibility — you must actively manage user counts to avoid overspending. Also, note that even in cloud models, indirect access (third-party applications using SAP) still requires licensing; for example, a RISE contract might not automatically include unlimited digital access rights, so indirect usage is still monitored.

Key Differences: 

On-premise S/4HANA audits are formal and periodic, initiated by SAP, and require your effort to collect data (using tools like SAP’s License Administration Workbench). Non-compliance on-prem is resolved by buying additional licenses retroactively.

In cloud S/4HANA, compliance is more continuous: you generally cannot exceed the licensed users without SAP’s knowledge, and any overuse is handled through subscription adjustments rather than a separate audit process. However, the responsibility to manage licenses remains in both cases.

For example, if you connect a new third-party system to S/4HANA (creating indirect usage) on-prem, you might get caught in an audit if not licensed; in the cloud, SAP could require you to purchase a digital access package.

Understanding your licensing model ensures you prepare correctly – an on-prem customer must be ready for the yearly audit cycle. In contrast, a cloud customer must watch consumption to avoid surprises at renewal.

To illustrate the models and costs, consider the following examples of license types and their costs:

License Type or ScenarioApprox. Cost (List Price)Compliance Considerations
Professional User (On-Premise)~$3,000 per user (perpetual license) + 20% annual supportFull access. Must be assigned to heavy users; if a user performing extensive transactions is misclassified under a cheaper license, audit will flag it.
Employee Self-Service User~$500 per user (perpetual) + supportLimited use (e.g. time entry). Low cost, but if such a user starts using advanced functions, you actually need a higher license.
Digital Access (Indirect Use)~$100 per 1,000 documents (pricing for document licenses)Covers external systems creating SAP documents (sales orders, etc.). If you don’t license this and, say, your e-commerce platform creates orders in S/4HANA, an audit can impose fees per document created.
S/4HANA Cloud Subscription~$1,200 per user per year (varies by edition and volume)Subscription includes core usage. User count and use of additional services (storage, APIs) must stay within contract; exceeding limits requires contract expansion (preventing a “surprise audit bill” but still an extra cost).

Note: Actual prices vary widely based on negotiated discounts, but the above figures illustrate the relative scale.

The key is that S/4HANA introduces a document-based licensing concept for indirect access and offers a cloud subscription model, both of which differ from the classic SAP ECC licensing model.

These differences mean audit focus areas have shifted (for example, counting documents generated via APIs in S/4HANA, which wasn’t a factor in older ECC audits). Ensure you’re familiar with the model you’re using and the specific terms outlined in your contract.

Common Compliance Risks in S/4HANA Audits

SAP S/4HANA’s flexibility comes with several compliance risk areas that auditors hone in on:

  • Indirect Access (Digital Access): This is the top audit challenge today. Indirect access means third-party applications or external users accessing SAP data (for instance, a Salesforce CRM pulling customer info from S/4HANA or an e-commerce site creating sales orders in SAP). In S/4HANA, SAP expects customers to license this via the Digital Access model (document-based licensing) or an equivalent model based on named users. If you haven’t accounted for this, an audit will uncover those external touchpoints and slap on licensing fees. Indirect usage is often hard to track without careful logging, making it a “hidden” risk until the audit occurs. Many high-profile compliance cases (like the Diageo case in 2017) stemmed from indirect use – in that case, the company was found liable for ~$70 million because employees accessed SAP through a non-SAP front end. Action: Catalog all third-party systems interfacing with S/4HANA and ensure you have licenses (either document licenses or appropriately named users) covering that usage.
  • Misclassified Users: Every user in SAP must have the correct license type assigned based on their actual activities. A common mistake is buying only a cheaper license type (say “Employee” or “Limited”) for everyone. Still, some of those users perform advanced functions (like power users in finance or supply chain who should have “Professional” licenses). During an audit, SAP analyzes usage logs and user roles. If a user with an “Employee” license is found to be running transactions that qualify as professional use, an upgrade will be required for that user. The cost difference can be huge (a professional license costs several times more). Action: Regularly review user roles vs. license assignments. It’s wise to run SAP’s user audit reports or use tools that suggest the proper license classification for each user based on actual transaction usage.
  • Exceeding Licensed Counts or Capacity: This is straightforward – if you bought 300 Professional User licenses but have 350 active professional users in the system, you’re 50 over the limit. Similarly, some S/4HANA add-ons or the HANA database itself may be licensed by size or transaction volume. For example, your contract might limit HANA memory to 256 GB; if your database grows beyond that, you’re out of compliance. SAP’s audit will catch such overages. Action: Keep track of license entitlement versus current usage. Deactivate unused accounts (especially former employees or test accounts) so they don’t count toward your license totals. Monitor technical metrics, such as database size, if they’re tied to a license. Essentially, be aware of your license limits and stay within them.
  • Inactive or Duplicate Accounts: Although not a “violation” per se, having numerous inactive users or duplicate user IDs across systems can lead to confusion and inflated counts. SAP’s audit tools (like LAW 2.0) aggregate user counts across systems. If the same person has two accounts in two systems and they aren’t properly linked, the audit might count them twice. This could make you appear over-licensed even if you’re not intentionally abusing terms. Action: Regularly clean up user accounts. Use SAP’s license management tools to consolidate duplicate users (so-called “Central User” or alias management) and remove users who no longer need access. This avoids paying maintenance on licenses that aren’t used and presents a cleaner picture to SAP during an audit.
  • Unforeseen Usage after Go-Live: When companies go live with S/4HANA (especially if migrating from older SAP ECC), new functionality can open the door to new types of usage. For example, activating Fiori apps or new modules could inadvertently increase license requirements (e.g., more users using the system because it’s easier to access via Fiori). Additionally, migrating to S/4HANA often involves a contract conversion. If not negotiated well, you might lose some previous license entitlements or find that the new license metrics cover less than you thought. Action: After going live, do a post-implementation license audit. Verify that the way people are using S/4HANA aligns with the licenses you purchased during the migration. Address any gaps while you’re still in the early stages (SAP might be more flexible then, especially if it was a recent sale, rather than finding out years later in a formal audit).

Preparing for a Successful SAP License Audit

The best way to handle an audit is to not be caught by surprise. Preparation and ongoing license management are critical:

  • Know Your Contract and Entitlements: Start by understanding exactly what you’ve purchased. How many of each user type? What metrics (documents, CPU, etc.) are licensed? Is there any special clause for indirect access or a clubbed package? You can’t stay compliant if you don’t know what compliance means in your case. Maintain a clear inventory of your entitlements and any special terms. For example, if SAP grants you some free “digital access documents” as part of a deal, note the number and the scenarios for which they are applicable so that you can account for usage against them.
  • Use SAP’s License Management Tools: SAP provides tools such as USMM (User Measurement) and LAW (License Administration Workbench) to help collect license data. Regularly run these internally – don’t wait for SAP to ask. LAW 2.0 (accessible via SLAW transaction) helps consolidate user metrics across your landscape (dev, test, prod systems) and prepares the data SAP auditors want. By running these tools yourself (say, twice a year), you can see if any metric is creeping up toward your licensed amount. Treat it like a dress rehearsal for the real audit.
  • Internal Audits and Clean-Up: Conduct license audits at least annually (many organizations conduct them quarterly). This involves reviewing user lists, usage logs, and authorizations. Identify any red flags, such as a user ID with an inappropriate license assignment or a third-party interface that was added without proper licensing. Clean these up proactively: reassign licenses where needed, archive or delete old user accounts, and address indirect access (perhaps by purchasing the necessary licenses or shutting down unauthorized integrations). Document all these actions.
  • Monitor Indirect Usage: Since indirect/digital access is a tricky area, consider using SAP’s Digital Access Evaluation tool (SAP offers a program that can estimate how many documents are created via third-party interfaces). If that’s not available, manually inventory your integrations: for each non-SAP system interfacing with S/4HANA, determine whether data is being read or if it’s creating business objects (such as orders, invoices, etc.) in SAP. Then, consult your license strategy: either ensure that each external user or system is covered by an existing named user license or obtain the digital access document licenses to cover those documents. It’s much cheaper to buy needed licenses on your terms than to have SAP impose them during an audit when you have no negotiation leverage.
  • Keep Evidence and Documentation: Maintain a paper trail of your compliance efforts. If you reclassified 50 users after an internal audit, log that in a spreadsheet or report. If a particular integration was authorized by SAP to not require a license (rare, but sometimes SAP may provide a written exception or confirm that a scenario is covered under existing licenses), save the corresponding documentation. During an audit, being able to show “Here’s how we manage licenses, and here’s proof we stay on top of it” can set a cooperative tone and also help dispute any claims that seem inaccurate.
  • Training and Awareness: Ensure that your IT, procurement, and SAP Basis teams understand the fundamentals of S/4HANA licensing. Often, compliance issues occur simply because someone wasn’t aware – for example, a developer opens a connection between SAP and a new app without informing the license manager. Conduct periodic training or at least informational sessions so that anyone involved in user management or system integration knows the licensing implications of their actions. A culture of license awareness goes a long way in preventing accidental compliance problems.

Recommendations

  • Run Self-Audits Regularly: Schedule internal license audits (at least once a year) using SAP’s tools. Catch and fix compliance issues before SAP does.
  • Optimize User Licensing: Continuously review user roles vs. license type. Downgrade or upgrade licenses based on actual needs (e.g., don’t pay for Professional licenses for users who only need limited functionality, and vice versa).
  • Monitor Indirect Access Points: Identify all third-party systems interfacing with S/4HANA. License these connections appropriately (via named users or digital access documents) and keep logs of external data access.
  • Clean Up and Consolidate Accounts: Remove inactive users and avoid duplicate user IDs across systems. This prevents unnecessary license consumption and audit confusion.
  • Negotiate Proactively: Before an audit hits, negotiate clarity in your SAP contracts. For instance, ensure indirect usage terms are well-defined. If an audit does find shortfalls, work with SAP on a settlement – possibly as part of a future purchase or migration plan – rather than a one-off penalty.
  • Leverage Expert Help: If you lack in-house licensing expertise, engage an independent SAP licensing advisor or use SAM tools. Experts can pinpoint hidden compliance gaps and assist during negotiations with SAP.
  • Stay Informed on Licensing Changes: SAP licensing policies (especially around S/4HANA and digital access) evolve. Keep up with official SAP updates and industry advisories so you can adjust your compliance strategy (e.g., SAP sometimes offers amnesty or conversion programs like the Digital Access Adoption Program – these can be opportunities to reduce risk).
  • Plan for Audit as a Project: Treat the SAP audit as a project when notified. Assemble a cross-functional team (IT, asset management, legal) to gather data, review SAP’s findings, and respond. Having a plan prevents panic and ensures a thorough, unified response to SAP.
  • Budget for True-Ups: Include a contingency in your IT budget for license true-ups. Hopefully, you won’t need it if you manage well; however, setting aside funds for a potential license purchase after the audit can save you from scrambling if SAP identifies a compliance gap.
  • Foster an Open Dialogue with SAP: Maintain regular communication with your SAP account manager regarding your license usage. If you anticipate growth or changes (such as new projects or increased users), informally discussing them can sometimes lead to guidance or more favorable terms before an official audit scenario. Transparency can build trust and reduce the adversarial nature of audits.

Read Optimizing SAP S/4HANA Licensing for Cost Savings.

FAQ

Q1: How often does SAP conduct S/4HANA license audits?
A: For on-premise S/4HANA customers, SAP typically has the right to audit annually (it’s usually written in the contract). In practice, many companies get audited every 1-2 years. If you’re on S/4HANA Cloud (subscription), formal audits are less frequent in the traditional sense – instead, SAP continuously monitors usage. Still, you should perform your yearly internal audit, as SAP may request a compliance check if they suspect issues or at the time of contract renewal.

Q2: What’s different about license audits in S/4HANA versus older SAP ECC?
A: The core process is similar (checking user licenses and usage), but S/4HANA introduced digital access (document licensing) for indirect use, which is a big change. In ECC, indirect usage was a grey area managed via named users; in S/4HANA, SAP explicitly counts documents created via external systems. Also, S/4HANA has new license types (like Enterprise Management licenses), and many customers run S/4HANA in the cloud. In cloud subscriptions, you won’t get a classic audit script; instead, you must ensure your user counts, and consumption stays within your subscription. Essentially, audits in S/4HANA cover new ground (documents, new user classifications) and new models (cloud subscriptions) that weren’t present in ECC days.

Q3: How can we best prepare for an SAP license audit?
A: Preparation is all about housekeeping and knowledge. Maintain an accurate inventory of your licenses and assign each user to the appropriate license. Utilize SAP’s measurement tools to periodically check usage. Address any anomalies (inactive users, incorrect license types, unlicensed interfaces) well in advance of any audit. Additionally, educate your team so they understand that adding 50 contractors into the system without licenses or connecting a new app to SAP has compliance implications. Having a clear internal process for managing licenses and changes is your best defense against potential issues. If an audit notice comes, gather a team to double-check the data you’ll send to SAP – ensure it’s clean and complete.

Q4: What should we do if an audit reveals we are under-licensed?
A: First, don’t panic. Engage with SAP openly but carefully. Verify the findings – sometimes, the raw audit data can be misinterpreted (for example, duplicated users or old accounts might inflate counts). If the shortfall is confirmed, you generally will need to purchase additional licenses to become compliant. This is a point to negotiate: often,n SAP is willing to discuss a deal (especially if you’re also considering buying other SAP products or cloud services). You may be eligible for a volume discount or a waiver of certain back fees if you commit to a new agreement. The key is to demonstrate to SAP that you’re committed to compliance while also advocating for a fair resolution. It can help to involve an experienced license negotiator or legal counsel to navigate this discussion.

Q5: Does moving to S/4HANA Cloud or RISE eliminate license audit worries?
A: Not entirely. While a pure SaaS model means you won’t run the traditional LAW audit tool, you are still responsible for staying within your subscribed usage. SAP will typically keep track of how many users you’ve provisioned and what services you consume. Suppose you consistently pay more than what you paid for. In that case, it’ll come up – likely at contract renewal, you’ll be asked to true up (pay for the overage in the future, possibly even retroactively if it was significant). The good news is that cloud subscriptions make costs more predictable and transparent in real time. But you still need governance: manage user onboarding/offboarding actively and keep an eye on any API calls or integrations (since those could incur extra fees if not covered). In summary, moving to the cloud changes the mechanics of compliance but doesn’t remove the need for license management. Always check your cloud contract for specifics – e.g., some contracts allow a grace period for overage that you must report. In contrast, others may auto-charge for any additional users beyond your licensed count.

Read Licensing User Types in SAP S/4HANA.

🎥 S/4HANA Licensing Strategy & Optimization | SAP Licensing Experts

Do you want to know more about our SAP Advisory Services?

Author
  • Fredrik Filipsson

    Fredrik Filipsson is a seasoned IT leader and recognized expert in enterprise software licensing and negotiation. With over 15 years of experience in SAP licensing, he has held senior roles at IBM, Oracle, and SAP. Fredrik brings deep expertise in optimizing complex licensing agreements, cost reduction, and vendor negotiations for global enterprises navigating digital transformation.

    View all posts