The Challenge
🚨 Multi-Million Dollar Indirect Usage Claim
The automotive supplier was hit with an unexpected SAP licence audit focused squarely on indirect usage. SAP alleged that several internal systems and third-party platforms accessed SAP data without appropriate licensing, issuing a preliminary non-compliance claim totalling millions of dollars.
The claim was based on automated data flows between the company's SAP ERP and external applications — manufacturing execution systems (MES), logistics platforms, and customer ordering portals. SAP's audit team classified these interactions as unlicensed digital access, arguing that each external user or system-triggered action should be counted as an indirect access instance.
IT leadership disagreed. They believed the architecture complied with SAP's licensing terms under existing agreements, which included prior discussions about how digital interfaces would be handled. However, the documentation wasn't consolidated, and without a strong defence, the claim posed a real financial threat.
The Solution
The company brought Redress Compliance in to assess the audit findings and build a fact-based defence.
Interface Mapping & Transaction Review
Every non-SAP system connected to the ERP environment was mapped. Redress analysed how data flowed between systems and exactly what transactions were being executed — building a complete picture of the integration architecture.
Usage Categorisation
The team separated automated system actions (status updates, material postings from machines) from actual human-driven processes. Many transactions SAP flagged as indirect use were part of pre-approved system integrations — not unlicensed digital access.
Documenting Prior Agreements & Intent
Historical communications and architectural approvals were gathered to demonstrate that SAP had been informed of the interfaces during previous licensing discussions — supporting the position that these scenarios were already accounted for.
Applying Indirect Access Rules Appropriately
SAP's methodology had counted entire user populations and transaction sets as indirect usage — even when access was batch-processed, middleware-based, or subject to user-level authentication outside SAP. Redress used SAP's own guidance to demonstrate why this approach was fundamentally flawed.
Engaging SAP with a Formal Rebuttal
A detailed response was submitted, backed by usage logs, architectural diagrams, and legal licence interpretations. Redress also facilitated direct discussions with SAP's audit and legal teams to review the findings point by point.
The Results
SAP Withdrew the Indirect Access Claim
The original multi-million dollar compliance claim was retracted in full after the company proved its architecture did not violate licensing terms.
No Additional Licensing Required
SAP acknowledged that the supplier's digital integrations were covered under existing agreements and proper licensing interpretations. Zero incremental licence spend.
Improved Audit Readiness & Documentation
The company established a formal documentation process for interface reviews, audit logs, and licence-use mapping — minimising future audit risks and creating a compliance framework that now serves as a model internally.
"This was a wake-up call. We were confident in our design, but without Redress's help in organising the evidence and pushing back on SAP's assumptions, we could have paid millions unnecessarily."— Director of Enterprise Applications
"This isn't just about the money we saved — it's about defending our architecture and protecting how we run our business."— Chief Information Officer
Why It Worked
Data-driven rebuttal: Every claim was countered with concrete evidence — interface maps, transaction logs, and architectural diagrams that proved compliance rather than relying on assertions alone.
Licensing expertise: Redress Compliance applied deep knowledge of SAP's indirect access rules and digital access policies to demonstrate that SAP's own methodology was flawed in how it counted user populations and automated transactions.
Historical documentation: Prior communications and architectural approvals showed that SAP had been informed of the integration design during earlier licensing discussions — undermining SAP's claim that the usage was unlicensed.
Proactive engagement: Rather than negotiating from a position of weakness, the formal rebuttal with direct audit and legal team discussions forced SAP to evaluate the evidence objectively — resulting in full withdrawal.
🛡️ Facing an SAP audit or indirect usage claim?
SAP Audit Defence Service →📚 Related Reading
📂 SAP Case Studies
🔧 SAP Advisory Services
Need SAP Audit Defence or Indirect Access Advisory?
Whether you're facing an active SAP audit, preparing for indirect usage scrutiny, or need help with digital access licensing — our SAP licensing specialists deliver measurable results and protect your interests as a fully independent advisor.