Who is this for? Executives and negotiation teams preparing for SAP licence purchases or renewals who want to build "audit defence" into the contract itself.
Audit Rights and Frequency โ Setting Boundaries
Every SAP contract includes an audit rights clause, but the details are what matter. While SAP won't remove its right to audit, you can negotiate how and when audits happen.
Limit Audit Frequency
Ensure the contract states that audits are no more than once per year (or even every two years with leverage). Specify audits must be conducted during normal business hours with reasonable notice โ 30 days is standard; 60 days is acceptable if possible. This prevents surprise audits and gives you breathing room between compliance reviews.
Define Auditor Identity
Add a clause that SAP should preferably conduct audits with its internal team (GLAC) or use only reputable, independent firms. Some customers have negotiated that the auditor must be a "Big 4" firm or a mutually agreed-upon party, which maintains a professional tone and prevents overly aggressive third-party involvement without SAP oversight.
Scope Clarification
Include wording that an audit will cover licences under that agreement and related schedules. The goal is to prevent SAP from fishing into areas beyond what you've deployed. If you have separate contracts or legacy licences, you don't want an audit on one agreement morphing into a full enterprise-wide deep dive without proper notice.
Indirect Access and Definition of "Use"
Perhaps the most critical (and notoriously sensitive) area is ensuring your contract handles indirect usage fairly.
Explicit Indirect Usage Terms
If your contract is older, it may be silent on indirect access, relying on SAP's broad definition of "use." During negotiation, bring it up. Get a clause that defines what constitutes indirect use and what does not. Try to include language exempting read-only scenarios (e.g., data exported from SAP and viewed in a third-party tool with no interaction back into SAP) โ this protects you from being charged for a one-way nightly data dump.
Digital Access Adoption Programme (DAAP) Terms
If you use SAP's Digital Access (document licensing model) for indirect use, negotiate the terms. SAP has offered conversion credits for existing users when moving to digital documents. Ensure your contract captures any conversion deal and lock in the price per document if possible โ e.g., "additional document packs available at $X per 1,000 documents" โ so you're not surprised later by price increases.
Clear Definitions of User Types
Push to include an appendix or reference that clearly defines each user licence type you're buying (Professional, Limited Professional, Employee, etc.) and their allowed activities. Vague definitions favour SAP in audits. If you have it in writing that "Employee User may display and input HR data," then during an audit SAP can't arbitrarily say "that user should be a Professional" โ you can point to the contract definition.
IoT and API Use
As companies connect devices and external apps, clarify if those require user licences or are covered by engine metrics or digital access. If a shop floor tablet updates SAP via an API, is that an indirect use requiring a named user, or is it covered under a manufacturing engine licence? If your contract is silent, SAP will default to "you owe a licence." Discuss these scenarios upfront and include them in the contract.
Licence Scope and Affiliate Use
Who can use the SAP software under your licence? If you don't clarify, audits can catch you on technicalities.
Affiliate and Subsidiary Use
Most SAP contracts limit use to the legal entity (and majority-owned affiliates) that signed the agreement. If your organisation has multiple subsidiaries, ensure they are explicitly covered. If you plan to have a joint venture or minority-owned affiliate use the system, negotiate that permission now. Best practice: include a clause listing allowed affiliates or stating that the client and its direct and indirect subsidiaries (above a certain ownership %) can use the software.
Third-Party / Contractor Access
Clarify if external contractors, partners, or customers can access the system and under what conditions. Many customers negotiate a clause allowing a certain number of external users (like contractors) to use the system under the company's licences, as long as they support the company's operations. If you have a supplier portal or customer portal that interfaces with SAP, add language covering those users explicitly.
Geographic Restrictions
Ensure the contract doesn't bind usage to a specific location if not applicable. Most modern contracts are global, but if any licence is restricted (e.g., "may only be used at site X"), try to remove or widen it. With cloud and flexible work, you don't want an audit saying you violated terms by having a user in a different country use the system.
Cloud vs On-Prem Distinctions
If you sign new contracts that include cloud services (e.g., SuccessFactors, Ariba, or RISE with SAP), understand that those usually have separate terms. Make sure the interplay is clear โ if you have an on-prem licence and later move those users to a cloud service, can you reuse those licences for something else, or are they stuck? Clarify to avoid paying double.
Remedies and True-Up Terms
You can't erase your obligation to true-up, but you can negotiate terms that reduce the financial impact if compliance issues are found.
Discounts on Compliance Purchases
Large customers have negotiated side letters or clauses stating: "Customer will be afforded SAP's standard discount on any additional licences required as a result of an audit, provided the shortfall was unintentional." Even a modest guaranteed discount (10โ20%) can result in significant savings. Another approach is to negotiate a cap on back-maintenance โ e.g., "maintenance fees will be backdated for a maximum of one year."
Opportunity to Cure
Include language that allows the customer to purchase any necessary licences within a specified timeframe under normal commercial terms if a shortfall is identified. Even acknowledging a 30-day cure period means SAP shouldn't immediately escalate legally โ you have time to negotiate a purchase rather than facing a breach claim.
Exclude Penalties
Ensure the contract specifies no additional penalties beyond the purchase of licences. SAP generally doesn't impose fines (just licence fees), but remove or refuse any clause that introduces formal penalties or says SAP can charge audit costs to you. Your obligation should simply be to purchase missing licences and maintenance.
Audit Support Costs
Some contracts say if you fail to cooperate with an audit, the customer pays SAP's audit costs. Clarify that as long as you reasonably participate, you're not on the hook for any audit consultant fees. This is usually not an issue, but explicit clarity is always beneficial.
Leveraging Renewals and New Purchases
The best time to secure audit-friendly terms is when SAP wants something from you โ a big purchase or a renewal.
Bundle Audit Protections into Deals
Negotiating a new S/4HANA contract or expanding your SAP footprint? This is when you request concessions on audit clauses or clarify usage terms as part of the give-and-take. If SAP wants you to move to RISE, ask in return for contract language that absolves certain old indirect use claims or locks pricing for needed conversions.
Upgrade/Migration Windows
If transitioning from legacy SAP ECC to S/4HANA, negotiate an audit grace period during the migration. Migrations can temporarily double licence usage (running old and new in parallel). A clause like "For 18 months during migration, SAP will not assert licence non-compliance provided the combined use does not exceed Y" can save you from an audit hit during that complex period.
Shelfware Buy-Backs
In big renewals, see if SAP will agree to let you terminate and credit some unused licences. This prevents a scenario where you drop licences to save on maintenance, only to later get audited and told "you need those licences back." If you remove shelfware, ensure the contract is clear that you won't be charged for using that software in the future unless re-licensed.
Future Audit Strategy
Request an annual licence review with SAP outside formal audits. Some large customers have "business reviews" where SAP helps identify if more licences are needed in advance. If SAP agrees to that in writing, they're less likely to spring a surprise audit since there's an established collaboration. Use only if you have a trusting relationship.
Getting It in Writing โ Final Tips
No matter what you negotiate, ensure it's captured in the agreement or an addendum. Verbal assurances from sales representatives mean nothing in an audit two years later when that representative is no longer available.
Use Precise Language
Work with the legal team to craft clear and concise clauses. Instead of a vague "SAP will be reasonable in audits," get specific: "SAP will provide at least 30 days written notice for any audit and conduct audits no more than once in any 12 months."
Review Pre-Signature
Before signing, do an internal "audit risk review" of the contract. Bring in whoever handles audits or SAM in your organisation to read it alongside legal. They might spot a missing piece (such as no mention of indirect use or an unusual definition) that could come back to bite later.
Negotiation History
Keep emails or documents from the negotiation that clarify intent. If SAP refuses to put something in the contract but says in an email "For scenario X, we consider Y allowed," save that. Although not legally binding, it can serve as a discussion point during an audit and demonstrate your understanding.
Stay Firm on Must-Haves
SAP salespeople might say "We can't change that clause." Often, that's a starting pushback. You might escalate or insist harder โ they can in many cases if the deal is big enough. Know which battles to pick and tie your asks to your willingness to sign.
Treat the contract as your first line of defence in an audit. The more ambiguity you eliminate now, the less wiggle room auditors have later. It's worth a bit of tough negotiating upfront to save massive headaches and costs.
Recommendations
Start with the Audit Clause
Always review and discuss the audit terms in any SAP contract negotiation. Don't gloss over it โ clarify frequency, notice, and procedure to prevent overly broad or frequent audits.
Address Indirect Use Head-On
Proactively bring up indirect/digital access in negotiations. It's better to hash it out now than to fight in an audit. Get SAP to agree on how those scenarios will be licensed and document it.
Include Your Affiliates and Partners
If multiple entities or external users will access SAP, list them or include them in the usage rights. Obtaining permission upfront is easier than justifying it during an audit.
Aim for Flexibility in True-Ups
While SAP has policies, consider inserting leniency โ discounts or caps on back fees if compliance gaps are identified. Even a small concession can save a lot later.
Leverage Big Deals
Utilise major purchases or renewals to negotiate improved terms. SAP is more flexible when closing a sale. Spending millions on S/4HANA gives you a good shot at tightening contract language as part of that deal.
Document Special Situations
If you foresee unusual use cases (mergers, divestitures, cloud migrations), discuss and document how licences will work in those events. Anything relevant to your business plans should be captured in writing.
Involve Experienced Negotiators
SAP contracts can be dense. Use internal or external experts who know the common pitfalls. They can help craft language that protects you and identify which clauses SAP is most likely to flex on.
Think Long-Term
Don't only focus on the immediate deal size. Consider how terms will play out in 3โ5 years. A clause that seems minor today (like indirect access) could mean millions later. Future-proof as much as possible.
Keep Notes on What Was Agreed
If SAP says "we typically do X," request that it be included in the contract. If not, email back a summary of your understanding. This helps prevent "he said, she said" scenarios later.
Review and Update at Renewals
Revisit these protections each time you renegotiate or renew your contract. Business and SAP's policies evolve โ use each negotiation cycle to refine your contract armour.
๐ค Need help negotiating your next SAP contract?
SAP Contract Negotiation Service โFrequently Asked Questions
It depends on your leverage (size of deal, strategic importance). SAP will not remove its right to audit โ that's non-negotiable. However, many customers have had success tweaking the clause. A 30-day notice period and limiting frequency to annual at most is quite common. If the initial draft is too open-ended ("SAP may audit at any time"), absolutely push back. You can often get language like "no more than once per calendar year, upon 30 days' notice, and in a manner not to unreasonably interfere with operations." Some have gotten 45- or 60-day notices or multi-year gaps between audits in special cases. It's about asking firmly and tying it to your willingness to sign.
"Indirect Static Read" refers to a scenario where data is exported from SAP to another system and used without ongoing SAP system queries โ essentially read-only usage of SAP data outside SAP. Under customer pressure, SAP announced it would not require additional licences for certain pure read-only scenarios (partly driven by the Diageo case fallout). If your use of SAP involves sending data to a data warehouse or BI tool for reports, you want to ensure it's not counted as indirect usage requiring separate licences. Insist on explicitly allowing "indirect static read" access in your contract โ having it spelled out removes ambiguity and guides your IT teams on what's safe.
You can sometimes negotiate flexibility to exchange licence types or adjust counts. If you're unsure how many Professional vs Limited Professional users you'll need, ask for the right to reallocate some portion (say 10โ15%) of one type to another annually. In large enterprise agreements, there are occasionally provisions for licence type conversion at predefined ratios or prices. If flexibility is important, bake it into the deal โ some contracts permit a one-time reclassification of a specified number of users after a year to reflect actual usage patterns. Include any swap rights explicitly; otherwise, expect pushback later.
Transitioning to SAP's cloud offerings (like RISE with SAP) is essentially a new contract and an opportunity to negotiate anew. Many companies moving to RISE have addressed audit concerns by ensuring existing indirect access issues are resolved or that their new subscription metric (Full Usage Equivalent, or FUE) is well-defined and locked in. If converting existing licences, negotiate the conversion so you're not paying for both simultaneously. Cloud contracts don't have the traditional audit in the same way (SAP runs the cloud and monitors usage), but clarify what happens if you exceed subscription limits. Treat a cloud migration as an entirely new deal negotiation โ past clauses won't carry over unless you include them in the new contract.
You can certainly try. SAP's default stance: if you were using software unlicensed for the past 2 years, you owe maintenance for those 2 years. Some clients have successfully negotiated caps such as "no more than 1 year of back maintenance" or "no back maintenance if licence shortfall is purchased within 30 days of notice." It's not a standard concession but not unheard of for strategic customers. Even having a note in meeting minutes or an email from SAP stating "in good faith, SAP will limit back maintenance to 1 year" could be beneficial later. Any reduction on paper is a win.
Yes โ the contract for cloud should specify how usage is measured and enforced. These aren't "audits" in the classic sense because SAP has the data, but ensure the contract defines allowed usage (number of users, storage, transactions) and outlines what happens if you exceed limits. Ideally, negotiate that small overages are forgiven until renewal, or that you can true-up at the same discount as the initial purchase. If you have both cloud and on-prem, clarify that the traditional audit clause applies only to on-prem โ you don't want double-dipping.
For big deals, absolutely. SAP's contracts are written by their lawyers, and reps negotiate deals all day โ they have the advantage. A consultant who's seen many SAP contracts can identify which clauses you can push on and the realistic terms others have gotten. They can save you from accepting a clause that could be changed with a little pressure. If you're signing a $10 million deal, spending a small fraction on expert help can save you multiples in the long run. Many organisations use them like an insurance policy โ even with a strong procurement team, a second set of eyes with SAP-specific knowledge is valuable.
You generally can't change a signed contract until a renewal or new purchase triggers an amendment. However, you could attempt to get a written clarification from SAP (a letter or email from your account executive) about how they interpret your contract. If your renewal is next year, start discussing these points early to incorporate them. In the meantime, manage compliance carefully under current terms. If you think something is a ticking time bomb (like indirect access), approach SAP proactively to discuss licensing options now rather than gambling through another audit.
Yes โ the contract is the ultimate authority in an audit. Auditors must operate within the bounds of what's been agreed. A well-worded clause is your shield. For example, if your contract explicitly allows third-party read-only use, an auditor cannot count that as non-compliance โ you show them the clause. We've seen cases where a client had a clause covering affiliate employees, and during an audit SAP questioned its use by a subsidiary โ the client pointed to the contract and that issue vanished from the report. Ensure your internal team is aware of these clauses so they can invoke them when dealing with auditors.
๐ฏ Expert Insight: Independent SAP Contract Negotiation Support
SAP contract negotiations are where audit protection is won or lost. Every clause you secure now saves multiples of its value when an audit arrives. An independent SAP advisory engagement brings deep experience across hundreds of SAP negotiations, knowledge of what other enterprises have achieved, and the ability to craft language SAP's legal team is more likely to accept.
๐ Related Reading
๐ Case Studies
๐ง SAP Advisory Services
Need SAP Contract Negotiation or Audit Defence Support?
Whether you're preparing for an SAP renewal, negotiating a new S/4HANA or RISE deal, or need audit protection clauses reviewed โ our SAP licensing specialists deliver measurable results and protect your interests as a fully independent advisor with deep expertise across hundreds of SAP engagements.
๐ Download our SAP licensing white papers and guides
View White Papers โ