Locations

Resources

Careers

Contact

Contact us

sap license audit

Negotiating SAP Audit Settlements

Negotiating SAP Audit 1024x683

Negotiating SAP Audit Settlements

SAP license audits can unexpectedly reveal compliance gaps and incur substantial fees. Proactively preparing and negotiating SAP audit settlements is essential to minimize costs.

This article provides expert strategies for SAP ECC and S/4HANA customers to mitigate potential audit penalties and achieve a fair outcome, from understanding common pitfalls, such as indirect access, to leveraging a future S/4HANA migration for a more favorable outcome.

SAP License Audits

SAP software contracts grant SAP the right to audit your usage periodically (often every 2-3 years).

The SAP Global License Auditing and Compliance (GLAC) team reviews your user counts, engines, and indirect usage to ensure you haven’t exceeded what you purchased.

If an audit finds you’re using more than your licensed entitlements, SAP will demand you correct it – usually by purchasing additional licenses or paying back maintenance fees. The stakes are high: audit findings can result in six- or seven-figure bills if not properly managed.

For example, if you purchased 100 SAP ECC user licenses but 120 employees are actively using the system, those extra 20 users could cost hundreds of thousands of dollars at the list price. In extreme cases, “indirect access” (where third-party systems access SAP) has led SAP to claim tens of millions of dollars in fees.

Notably, a 2017 UK court case revealed one SAP customer (using Salesforce to access SAP data) was on the hook for over £50 million ($70M) in licensing penalties – a wake-up call to many. The key message: an SAP audit is serious, but it is negotiable.

Treat it as a normal part of enterprise software management, not as a non-negotiable fine. With the right approach, you can contain the cost and even align the outcome with your future IT plans.

Common Compliance Challenges (ECC vs. S/4HANA)

Complex licensing models make SAP audits challenging. In SAP ECC (ERP Central Component), licenses are categorized by multiple user types (e.g., Professional, Limited, Employee Self-Service) and engine metrics (for SAP modules or databases).

Misunderstanding these can lead to over-deployment. SAP S/4HANA introduced changes, including a Digital Access model for indirect usage, but core licensing complexity remains. Indirect access is the biggest audit risk. This refers to scenarios where non-SAP applications or even devices indirectly interact with SAP data.

For instance, if your CRM or e-commerce system pulls data from SAP without a proper interface license, SAP may classify it as unlicensed use.

Indirect use was historically a gray area: many ECC customers were surprised by huge claims for interactions they didn’t realize needed licensing. (SAP’s high-profile claims against Diageo and AB InBev for indirect use, seeking £54M and $600M, respectively, illustrate the potential exposure.)

In response, SAP now offers Digital Access in S/4HANA, charging by documents (such as sales orders and invoices) created via external systems to provide more predictable costs. Still, customers must opt into that model; otherwise, traditional rules apply.

User classification issues are another common compliance gap. Companies often assign lower-cost license types to users who perform activities that require a higher-level license. Over the years on ECC, these misclassifications accumulate.

In S/4HANA, SAP has simplified some user definitions; however, if you converted from ECC, your legacy classifications carry over and could still be audited.

Engine license overuse is also frequent – for example, running SAP’s ERP on more HANA database cores than licensed or using a SAP module that hasn’t been purchased (such as enabling SAP Payroll without owning it). Both ECC and S/4HANA customers face this if usage isn’t closely tracked.

The takeaway is that licensing pitfalls span both ECC and S/4HANA. S/4HANA’s newer contracts (especially cloud subscriptions like RISE with SAP) bundle certain elements and may reduce specific audit scopes (for example, in RISE cloud, user counts are included in the subscription); however, on-premise S/4HANA is audited much like ECC.

Whether you’re on legacy ECC or the latest S/4, understanding SAP’s complex license metrics and identifying potential areas of unintentional non-compliance is the first step in negotiating any audit findings.

Read Preparing for an SAP Licensing Audit.

Preparing Before the Audit

It’s far better to identify compliance issues yourself than to have SAP find them. Preparation should start well before any official audit notice:

  • Inventory your licenses and usage: Gather a detailed list of all SAP licenses you’ve purchased (for ECC or S/4HANA) and compare it to current usage. Verify the number of named users in each system. Look for obvious discrepancies – e.g., more active user IDs than licenses or engine metrics (such as SAP HANA usage and employee counts in SAP HR) that exceed purchased levels.
  • Clean up and optimize: Remove or deactivate inactive users. Many companies find that 10-20% of their named users are former employees or duplicates. For example, a logistics firm discovered that 20% of its SAP user IDs were for former employees – by eliminating them, they dramatically reduced their compliance gap before an audit was conducted. Also, reassign users to appropriate license types: if someone is licensed as a Professional user but only needs ESS (Employee Self-Service) rights, downgrade them and free up an expensive license. Conversely, ensure high-privilege users aren’t on a low-level license improperly.
  • Simulate an internal audit: Run SAP’s measurement tools (like USMM/Law – License Audit Workbench) internally. This generates the same report SAP would see. Analyze the results to spot issues in advance. If available, use third-party SAM tools (e.g., Snow, Flexera) to get an independent view of SAP usage. Address any red flags proactively – it’s much easier to fix a license assignment or reduce usage before SAP’s official audit clock starts.
  • Build a cross-functional team: Treat license compliance as a team sport. Involve IT (for usage data), procurement/asset management (for entitlements), finance (budget impact), and legal (contract terms). Assign a point person to coordinate the audit response. This team should be ready to engage once an audit notice arrives, ensuring you control the process and messaging.
  • Know your contract’s audit clause: Review the audit provisions in your SAP license agreement. Key points include the amount of advance notice SAP must provide, the data you’re required to provide, and any grace period for resolving findings. Some contracts stipulate you must purchase shortfall licenses at the list price immediately, but even then, understanding these terms equips you to negotiate around them. You may, for instance, insist on the full notice period to prepare the data or push back if SAP requests information beyond the contractual scope. In one instance, SAP auditors requested a detailed list of third-party systems that interface with SAP. The customer wisely consulted their legal team, as the contract didn’t obligate them to share that information – volunteering it could have opened them up to new scrutiny. Bottom line: be cordial but stick to what you’re required to provide.

Illustration: An internal SAP license compliance checklist. Thorough preparation – from cleaning up user lists to running internal audits – can significantly reduce exposure before SAP’s official audit.

Assessing and Challenging Audit Findings

When SAP delivers the audit report, it can be daunting – a spreadsheet of users and engines with a large dollar amount at the end.

Don’t panic, and don’t accept it at face value. Treat the audit report as a starting point for dialogue, not the final verdict.

Here’s how to approach it:

  • Scrutinize the details: Cross-check SAP’s findings against your records. Are the user counts accurate and current? Often, discrepancies arise – for example, SAP’s report might count users in multiple systems separately, thereby inflating the total or include users who no longer require access. Verify each line item. If SAP claims you’re 50 Professional users over, identify who those are – you might find 10 are contractors who left last year or test accounts that can be removed. Document these corrections.
  • Challenge indirect usage claims: If the audit flags “indirect access” licenses (for third-party connections), examine the basis. SAP may have detected interfaces (such as a cloud CRM, warehouse system, or e-commerce site) interacting with SAP data. Ask SAP to clarify how they calculated the license requirement. Not all data integrations trigger a license obligation – for example, read-only queries or updates via a properly licensed interface might be permissible. Prepare a technical explanation of how external systems use SAP. If, say, your Salesforce CRM only pulls a limited dataset from SAP, argue why that should not count as full user access. You can also negotiate to address it differently (more on that in the next section). The key is not to concede indirect fees without a discussion; SAP’s executives have admitted their past audit practices here shook customer trust, so that they may be open to compromise.
  • Prioritize the big-ticket items: Focus your challenge on findings that carry the largest financial impact. Indirect usage and engine overuse can significantly outweigh a minor user count discrepancy. Zero in on these first – a reduction or waiver here saves far more money. For example, if the audit states that you owe $1M for indirect access, resolving that issue (through negotiation or a different licensing approach) is more critical than arguing over 5 extra user licenses.
  • Engage SAP’s account team: Audit teams can be rigid (“we just report the numbers”). If you hit a wall with the auditor on a contested point, involve your SAP account executive or even escalate to SAP management. Remember, SAP wants to maintain a long-term relationship. If a compliance demand seems unreasonable in light of your history as a customer, politely make that case. For instance, remind SAP of your future plans: “We are evaluating S/4HANA migration, but a disproportionate compliance bill would strain our ability to continue investing in SAP.” This reframes the issue from adversarial to collaborative – you both want a solution that maintains a healthy partnership. Often, the sales side of SAP will internally advocate to soften an excessive audit position if they believe it may jeopardize future business.
  • Control the narrative and timeline: You are entitled to review and fully understand the audit results. Don’t let SAP rush you into a quick settlement before you’ve done your homework. If SAP’s report arrives with a request to “resolve in 2 weeks,” push back and set a reasonable timeline for analysis and meetings. Use the time to gather data and form your negotiation plan (and yes, they will be negotiating – see next section). Also, keep all communication professional and fact-based. Document questions or disputes in writing. By controlling the pace and being methodical, you take away SAP’s favorite pressure tactic – urgency.

Negotiation Strategies for SAP Audit Settlements

Negotiating an SAP audit settlement is similar to negotiating a new software purchase, as it involves acquiring additional rights or licenses.

Approach it as a business deal rather than paying a “fine.”

Here are proven strategies to drive the settlement cost down and get favorable terms:

  • Establish your baseline: Before engaging in settlement talks, determine internally what you need to resolve the compliance gap. Perhaps the audit says you’re 100 users short, but after clean-up, you only need 60. Alternatively, it flags an engine overuse issue that you plan to resolve by archiving data rather than purchasing additional licenses. Know what licenses (and roughly how many) you truly require post-audit. This is your target – you want to negotiate for those and nothing extra. Be cautious if SAP’s first proposal bundles items you didn’t request (e.g., an “Enterprise” package that includes modules or cloud services beyond the audit scope). Focus on cost-effectively addressing compliance issues.
  • Don’t pay sticker price: Just because the audit report values your shortfall at $X (often using full list prices) doesn’t mean you must pay that. Everything is negotiable. SAP sales often view an audit as an opportunity to sell you something, which means discounting is on the table. Treat the required licenses as a purchase: push for standard discounts or better. Benchmark if you can – what discount do similar customers get? It’s not unusual to achieve 30-50% off the list value of an audit settlement, especially if you use other tactics below. And ensure that any “back maintenance” (support fees for past years of unlicensed use) is minimized or waived. SAP may initially include, for example, two years of maintenance in the claim, but this too can be negotiated out as part of the deal.
  • Bundle with future needs: One of the most effective negotiation tactics is converting a compliance purchase into a strategic one. If you know you’ll need additional SAP licenses or products shortly, bring that into the negotiation. Example: SAP’s audit demand is $200,000 – you might counter that you’re willing to sign a $200,000 deal, but it will include licenses to cover the audit shortfall plus an investment in a new SAP module or a S/4HANA migration. Essentially, you commit to spending the budget on SAP in a way that also delivers new value to you rather than purely paying for past overuse. SAP sales reps often respond well to this approach because they can justify a bigger discount or even write off the compliance part if you’re buying new products. For instance, a company facing a $1M indirect access claim negotiated it down by agreeing to purchase $1M in S/4HANA licenses they were planning to buy eventually – SAP then waived the audit fee entirely. Both sides walked away satisfied: the customer’s $1 million went into future growth, and SAP still secured the sale (instead of incurring a contentious penalty).
  • Leverage timing – SAP’s quarter and year-end: SAP, like most software vendors, have strong incentives to close deals by quarter-end (especially Q4/year-end). If your audit is scheduled for Q3, consider stretching negotiations into Q4 when possible. As December approaches, you may find SAP more eager to “make a deal” on the settlement to hit their targets. This can translate into steeper discounts or more freebies (like extra licenses or longer payment terms). Use this to your advantage: express that you have internal approval processes and budget considerations that take time. By aligning your negotiation with SAP’s fiscal urgency, you shift the pressure onto them to accommodate your terms. Important: While using timing, also signal that you’re prepared to resolve by then – you don’t want SAP to think you’re just stalling without intent to buy, or they might escalate the issue. It’s a fine balance: be cooperative about closing, but only on a customer-favorable deal.
  • Tackle indirect access creatively: If indirect usage is a major part of the audit, consider negotiating a special resolution. SAP’s Digital Access model (document-based licensing) is one option – perhaps you can negotiate a certain number of document licenses at a discount, which covers your third-party integrations in the future, instead of paying a one-time arbitrary fee. Another approach is a flat fee for indirect use. Some customers have successfully negotiated a one-time charge or an add-on license that grants blanket, enterprise-wide indirect access rights. This can eliminate uncertainty and future audits on that topic. The key is not to simply agree to a per-user or per-system fee that SAP initially calculates; instead, propose an alternative that provides cost certainty. Ensure that any such deal is future-proof – obtain written confirmation that if you pay this fee or adopt digital access, it settles all indirect usage claims for the agreed scope. You don’t want SAP coming back next year asking for more money for the same issue.
  • Secure favorable terms (not just price): Negotiation isn’t only about the dollar amount. Pay attention to contract terms in the settlement paperwork or the new license order form. Some items to consider: a payment plan if the sum is large (splitting over a year or more), a clause that the settlement addresses all past compliance issues (no double-dipping on the same shortfall), and maybe a grace period in the future (e.g., SAP agrees not to audit you on the same metrics for a year or two after you true up – essentially an informal “get well” period). Additionally, if you’re purchasing new licenses as part of a settlement, negotiate the maintenance start date wisely: you may be able to get SAP to align it with your normal renewal or even defer maintenance charges for a specified period. Every concession can save money or future hassle. Don’t hesitate to ask for things SAP hasn’t offered; the worst they say is no, but often, they’ll find a middle ground to close the deal.
  • Maintain a single negotiating voice: Internally, ensure all communication with SAP during settlement is coordinated. Present a united front with clear decision-makers. If SAP senses internal disagreement or conflicting messages from different stakeholders (“IT is pushing back on cost, but the CFO just wants it over”), they may exploit that to pressure a quick close at a higher price. Ideally, funnel discussions through a single point person or negotiating team who is aligned on goals and limits. It’s perfectly fine to say, “We will discuss your proposal internally and get back to you,” rather than reacting in meetings. This prevents on-the-spot decisions under pressure. It also allows you to sanity-check any offer thoroughly before responding.
  • Bring in experts if needed: For particularly large or complex audits, consider engaging an SAP licensing expert or third-party negotiator. These specialists (often former SAP professionals or independent consultants) know SAP’s playbook and can advise on what others have achieved in similar situations. They might help you find errors in the audit, craft counter-proposals, or simply bolster your negotiating team with added credibility. Yes, there is a cost to consultants, but when an audit exposure is in the millions, their insight can save far more. At a minimum, do some peer benchmarking – many user groups and forums share experiences of SAP audit settlements that can give you ideas for your negotiation strategy.

Leveraging S/4HANA Transition in Your Settlement

Many SAP ECC customers are in the process of migrating to SAP S/4HANA or are planning to do so before ECC support ends (mainstream support ends in 2027, with extended support until 2030).

If you’re one of them, an audit can be a timely opportunity to facilitate that transition. SAP is highly motivated to get customers onto S/4HANA (especially via cloud subscriptions like RISE with SAP).

You can use this to turn a painful audit into a strategic win:

  • Convert compliance into a migration deal: Rather than spending money solely on true-up licenses for ECC, explore converting that spend into S/4HANA licensing. SAP has offered conversion programs – for example, crediting the value of your ECC licenses when moving to S/4. In negotiation, you could propose: “Instead of paying $300k for missing ECC licenses, let’s put that toward S/4HANA licenses or a RISE subscription, and we’ll migrate.” This way, your money goes into the future platform (which you likely need to invest in any way), and SAP still resolves the compliance issue by essentially absorbing it into the new deal. Make sure SAP gives you fair credit for what you’ve already paid historically (your ECC investment) – they have done “trade-in” credits in the past. The outcome might be a contract that simultaneously settles the audit and kicks off your S/4 program with little to no net penalty.
  • Negotiate S/4HANA incentives: Even if you aren’t ready to sign an S/4 project now, let SAP know it’s on the horizon. SAP often dangles incentives, such as discounted S/4HANA user licenses, free migration services, or flexible payment terms, to entice customers. You could ask as part of the settlement: “We’ll commit to evaluating/deploying S/4HANA in X timeframe – in exchange, we need this audit settlement at a heavy discount or with some S/4HANA migration assistance.” Essentially, SAP might cut you a break on the audit if they see a bigger S/4 sale coming. Ensure any such incentive is concrete (e.g., a guaranteed discount percentage on a future S/4 purchase or a year of free S/4HANA cloud subscription) and documented. Don’t settle for vague promises of “we’ll remember this later” – get the terms included in writing.
  • Address new licensing in the conversion: If you do move to S/4HANA as part of the settlement, clarify how new licensing models apply so you don’t walk into another compliance trap. For example, S/4HANA’s digital access (document licensing) – will your settlement include a certain number of document licenses to cover current indirect use? If you choose RISE (cloud), understand how user counts and consumption will be monitored to avoid any surprises. Has SAP included in the contract that the agreed-upon package covers your current usage scenarios? Essentially, use the fresh start to eliminate the old compliance issues. If done right, transitioning to S/4HANA with SAP’s help can resolve today’s audit and reduce audit risk in the future (since you’ll have a modern, clearer contract). But it requires careful negotiation to ensure you’re not just punting the problem.
  • Know your options: While leveraging S/4 migration is powerful, don’t feel obligated to shift platforms purely because of an audit. If S/4HANA isn’t in your near-term plans or doesn’t make business sense yet, you can still negotiate a straightforward settlement for ECC. SAP might push the idea of “why not just move to S/4 now,” but it must align with your IT roadmap, not just SAP’s sales agenda. Use the prospect of S/4 as leverage, but commit only if it truly benefits your organization. Remember, the goal is to resolve compliance on the best terms for you – sometimes, that’s a quick ECC true-up; other times, it’s part of a bigger evolutionary step.

Avoiding Pitfalls and Ensuring Ongoing Compliance

Negotiating a settlement is only half the battle; you also want to avoid common missteps during the process and prevent future audits from causing further issues.

Keep these points in mind:

  • Don’t settle on day one: A frequent pitfall is feeling intimidated and agreeing to SAP’s first offer just to close the issue. Resist that urge. SAP’s initial settlement proposal is usually inflated – they expect pushback. Take time to analyze and counter. Rushing often leads to overpaying or buying unnecessary products. No matter how urgent SAP makes it seem, you have the right to a reasonable negotiation period.
  • Avoid unnecessary purchases: Audit time is when SAP might suggest “solutions” that conveniently involve you buying more software. Be skeptical. For example, an IT services company under audit was instructed to upgrade all its users to a more expensive license tier to resolve a compliance issue; in reality, only a handful of users required reclassification and a few additional licenses, resulting in savings of hundreds of thousands. Don’t let SAP upsell you modules or cloud services you don’t truly need as part of a settlement. Stay focused on the compliance gaps. If something is not required to remediate the audit, push it off to a separate discussion later.
  • Watch out for shelfware traps: Even in a negotiated deal, ensure you’re not acquiring a large chunk of “shelfware” (licenses you won’t use). SAP might propose a bundle that covers your audit shortfall and “comes with” extra users or an additional software component. It might look like a good deal (“50 free user licenses included!”), but if you won’t use them, you’ll still pay maintenance on them annually – an ongoing cost for zero value. It’s usually better to buy exactly what you need now, with the right to buy more later at a locked-in discount if possible.
  • Stick to contractual boundaries: During audit resolution, only share what you must. Oversharing data or system info can inadvertently raise new questions. If SAP requests information outside the audit clause (such as details of your non-SAP systems or custom use cases), consult with your legal team. Ensure any meeting with SAP’s audit team has your designated leads present to control information flow. By managing communication effectively, you prevent misunderstandings and maintain focus on known issues.
  • Everything in writing: If SAP representatives make any promises (e.g., “If you purchase this, we’ll consider the matter closed” or “We won’t audit this area for another year”), get it documented in the settlement agreement or an official email. Verbal assurances mean nothing once the audit is over and people move roles. The final paperwork should clearly state that the licenses purchased or fees paid are in full settlement of the identified compliance issues and note any related commitments (like credits or future discounts). This protects you if questions arise later.
  • Plan for continuous compliance: After the dust settles, institute a more robust compliance regimen to ensure you’re not caught off guard again. Schedule internal license audits at least once a year. Utilize automation tools to track SAP usage in real-time, if possible. Establish a policy that any new integration with SAP (such as a new third-party app) triggers a licensing review to assess the impact on indirect use. Maintain a “least privilege” approach to SAP access – provision users only the license type they need and regularly remove dormant accounts. Also, consider negotiating proactive clauses in your SAP contract, such as an annual true-up arrangement (where you agree to true-up license counts each year at a predetermined discount rather than undergoing surprise audits) or audit conduct clauses (including advance notice periods, defined methodologies, and other provisions that favor you). These can be pursued in your next contract renewal or S/4HANA migration agreement.
  • Educate and involve stakeholders: Finally, ensure that the lessons learned from this audit are applied consistently across the organization. Train your IT administrators on proper user licensing procedures. Brief procurement and finance on the cost impact of non-compliance so they support governance efforts. Often, non-compliance creeps in when business units add users or interfaces without involving IT asset management. By raising awareness, you foster a culture of compliance that makes future audits less eventful. Remember, SAP audits aren’t going away – but if you manage licenses actively and negotiate assertively, they’ll go from being feared events to just another checklist item in your IT management practice.

Recommendations

  • Conduct regular self-audits: Don’t wait for SAP to initiate them. Periodically run SAP’s license measurement tools and reconcile user counts to catch issues early.
  • Clean up unused licenses: Proactively remove or reassign SAP accounts for former employees or redundant users to minimize the risk of overuse.
  • Know your contract and stick to it: Understand audit clauses and refrain from providing more data or access than required during an audit. Use the full response time allowed to prepare.
  • Negotiate, don’t just pay: Treat any audit shortfall as the starting point for a negotiation. Push for discounts, package deals, and terms that turn a penalty into a planned investment.
  • Leverage SAP’s incentives: If you’re considering new SAP products or S/4HANA, use that as bargaining power. SAP may reduce compliance fees if it leads to a new sale or migration.
  • Engage the right people: Involve your procurement, legal, and executive sponsors in settlement discussions. A united front with executive backing can compel SAP to be more reasonable.
  • Document the settlement: Ensure the final agreement covers all issues and includes any promises (like credit for future purchases or a halt on certain audit claims).
  • Invest in license management: After settling, implement tools and processes (and possibly training) to continuously monitor SAP usage and optimize licenses, preventing repeat findings.
  • Consider third-party support carefully: In some cases, switching to third-party support (instead of SAP support) can be beneficial, but weigh the risks. Use it only if you’re prepared for that route.
  • Stay informed: Keep up with SAP licensing updates (for example, changes in indirect access policy or new license types). The rules can change, and staying current helps you avoid surprises.

Read Best Practices for SAP Audit Defense.

FAQ

Q1: How often does SAP conduct license audits?
A: Most SAP customers face an audit roughly every 2-3 years, but it can vary. Your contract likely allows SAP to conduct annual audits, although in practice, they target audits based on factors such as contract size, the time since the last audit, or if you’ve made significant SAP purchases (or declined offers). Sometimes, simply saying “no” to an upsell can trigger an audit. Always assume an audit could occur at any time and maintain a state of readiness.

Q2: What triggers a surprise SAP audit – can we anticipate it?
A: Apart from the regular cycle, certain situations can prompt an audit. Major changes, such as a sudden increase in user count or switching to a third-party support provider, are red flags. Additionally, as the year draws to a close, SAP may conduct audits of customers who haven’t made a recent purchase as a means to generate sales opportunities. If SAP sales representatives mention “license optimization reviews,” take it as a sign that an audit may be forthcoming. Internally track your usage; if you notice rapid growth in SAP system use, consider preemptively reaching out to SAP or adjusting licenses before they contact you.

Q3: What exactly is indirect access, and why is SAP charging for it?
A: Indirect access refers to the use of SAP software by people or systems via non-SAP interfaces rather than logging in directly. For example, if your sales team accesses SAP data through a Salesforce app, those Salesforce users might be considered “indirect” users of SAP. Traditionally, SAP required a license for any individual or system that triggers SAP processing. This was often unclear, and some customers were surprised by the high fees associated with it. Now, SAP offers a Digital Access model, where you pay for documents (such as invoices or sales orders) created indirectly rather than per user. The goal is to make indirect usage costs more predictable. If you’re audited, SAP might claim you need X number of licenses for indirect use – but you can negotiate this by clarifying how your systems interact or by adopting the digital document model. It’s essential to only pay for indirect use that genuinely imposes SAP workload and to ensure you’re not double-counted (e.g., don’t pay for both an external user and a document license for the same activity).

Q4: The audit report says we owe the list price for missing licenses. Can we get a discount on those?
A: Yes – negotiate the price. The audit report often calculates compliance fees at the full list price because that’s the theoretical maximum per your contract. But in practice, SAP almost always negotiates. Treat it like buying more licenses (because it is). You can secure the same kind of discounts you would when purchasing licenses normally – often substantial discounts, depending on your size and leverage. For instance, if the list price for a Professional User is $3,000, and SAP requires 50 units ($150,000), it’s not unusual to negotiate that down to $75,000 or even less as a new purchase. Use benchmarking from peers or consultancies, if possible, to argue for a fair price. As mentioned, bundle future projects or align with quarter-end to strengthen your case for a discount. SAP’s goal is to get you compliant and retain you as a customer so they have some flexibility in pricing.

Q5: Can we refuse to pay certain audit findings if we disagree?
A: You should challenge findings you believe are wrong, but outright refusing to address a valid compliance gap can escalate things badly. If you have a legitimate dispute (for example, you believe SAP’s tool counted duplicate users or a certain indirect usage claim isn’t contractually supported), present your evidence. SAP may reconsider or at least come to a compromise. However, if you simply say, “We won’t pay,” and it constitutes a breach of contract, SAP has legal remedies – including termination of licenses or legal action – although these are a last resort. It rarely gets there because both parties prefer a negotiated fix. The best course is to keep dialogue open, involve executives, and work toward a resolution both sides can accept. If talks break down, you might bring in mediators or, as a last step, prepare for litigation, but that’s extremely rare. 99% of the time, an agreement is reached once the right people and incentives are in play.

Q6: Should we involve a third-party advisor or lawyer in the audit settlement process?
A: For most routine audits with small gaps, your internal team can manage following the best practices outlined. But if the stakes are high – say SAP’s report suggests a seven-figure compliance bill – bringing in help is wise. Third-party SAP licensing advisors can analyze the audit for errors, identify negotiation opportunities, and even directly negotiate with SAP to secure a better deal. They know how far SAP might bend on certain terms because they’ve seen it with other clients. Legal counsel should review any settlement agreement before you sign to ensure your company’s rights are protected (and to potentially negotiate legal terms, such as a liability release for past usage). Additionally, if issues become contentious, having a lawyer involved earlier can be beneficial. In short, for a large or complex audit, outside expertise usually pays for itself in the savings and protections it achieves. For smaller audits, you may not need full external support, but it never hurts to consult an expert informally.

Q7: We’re planning to move to S/4HANA soon – can that help resolve an ECC audit?
A: Yes, it can. SAP would much rather see you invest in S/4HANA than spend money patching up ECC compliance. If you’re already close to migration, you can negotiate a deal where the audit settlement is rolled into the S/4HANA conversion. For example, instead of purchasing additional ECC licenses now, you can sign a S/4HANA contract (perhaps via RISE cloud or on-premises license conversion), and SAP provides credits or discounts that cover the compliance shortfall. Essentially, your money goes toward the new platform, and SAP forgives or includes the old usage in that new contract. Even if you’re not ready this instant, signaling to SAP that you’re evaluating S/4HANA will make them more flexible during audit talks – they don’t want to sour your enthusiasm to upgrade. Just be sure that in any such arrangement, the compliance issues are truly resolved (get confirmation that moving to S/4HANA means the ECC audit is closed with no further fees). It’s a win-win if done right: you avoid a sunk cost on legacy software and propel your organization forward technologically.

Q8: What if we just reduce usage and avoid buying anything – will that solve the audit?
A: Simply reducing usage in the future (such as deleting users or stopping an interface) can prevent future liability, but it doesn’t erase past usage that the audit has captured. If the audit found you were overusing licenses for the last year, SAP’s position is you needed to have those licenses during that time. You can certainly argue that some usage was a mistake and has now stopped, and this might help negotiate the numbers down (“We removed 15 users immediately, so we only need licenses for the remaining 30 extra users”). However, SAP will still expect a purchase to cover the period during which you were out of compliance unless you negotiate a waiver. In some cases, if the overuse was brief or inadvertent and you rectified it, SAP might agree to a minimal purchase as a goodwill gesture but don’t count on it. After settlement, though, absolutely reduce or eliminate any excess usage you find. That will ensure you don’t get hit again in the next audit. And if you’ve permanently ceased using a certain product or interface that caused trouble, document this with SAP so they are aware that the risk has been eliminated. Preventative action is great – just remember it doesn’t usually nullify the current audit’s findings by itself; you still need to settle for the past period.

Q9: Can SAP shut down our software or support if we’re in an audit dispute?
A: Not overnight, no. Audits can be stressful, but SAP cannot simply flip a switch and turn off your systems without due process – that would be a drastic and detrimental option, particularly for customer relations. What can happen if you completely stonewall is that SAP may escalate the issue to their legal department. In extreme cases (which are very rare), they may terminate your license agreement for breach; however, typically, there would be numerous warnings and attempts to resolve the issue before termination. During an ongoing audit negotiation, SAP will continue to provide support, and your systems will remain operational. You might feel subtle pressure – e.g., your account exec might say renewal of your maintenance could be “affected” if you don’t resolve the audit – but outright suspension is unlikely unless talks have irreparably broken down. Maintain a professional tone and demonstrate a willingness to address genuine issues. That greatly reduces the chance of any hostile action. If anyone from SAP threatens immediate penalties or removal of system access, involve your legal team and respond formally. In virtually all cases, a mutually acceptable settlement is reached without approaching that drastic endgame.

Q10: How can we avoid nasty surprises in future SAP audits?
A: The best cure is a strong ongoing license management practice. Make license compliance a routine part of IT operations. For starters, perform an annual “true-up review” internally: check user counts against licenses and make adjustments where possible (e.g., remove unused accounts). Keep a careful log of all third-party systems interfacing with SAP; when new ones are introduced, assess if they require additional licensing (and if so, address it proactively with SAP – possibly via the modern digital access license to cover it). Additionally, keep your SAP contract up to date. If you negotiate any special terms (such as an indirect usage allowance or a specific metric definition), ensure that they are added to the contract or an addendum so that it’s crystal clear next time. Training is also important: ensure administrators know how to classify users correctly and that project teams understand the licensing implications of what they deploy. Some companies establish a governance board that must approve any new SAP integration or a significant increase in users. Finally, maintain an open dialogue with SAP outside of audits – for example, during yearly account reviews, ask if they foresee any compliance concerns and demonstrate your active management of these concerns. If SAP knows you’re on top of your licenses, they often approach audits in a more cooperative tone. In short, vigilance and communication are your best tools to make the next audit a non-event.

Read more about our SAP License Audit Defense Service.

🎥 How We Help If You’re Being Audited by SAP | SAP Audit Defense, Risk Mitigation & License Strategy

Schedule a meeting with us to discuss our SAP Advisory Services.

Name
Author
  • Fredrik Filipsson

    Fredrik Filipsson is a seasoned IT leader and recognized expert in enterprise software licensing and negotiation. With over 15 years of experience in SAP licensing, he has held senior roles at IBM, Oracle, and SAP. Fredrik brings deep expertise in optimizing complex licensing agreements, cost reduction, and vendor negotiations for global enterprises navigating digital transformation.

    View all posts