Notorious SAP Indirect Access Cases and Key Lessons
Modern integrations have exposed a costly licensing trap known as SAP indirect access. In simple terms, this is when people or systems use SAP’s software indirectly – for example, through a third-party application or web portal – without logging into SAP directly.
Several high-profile disputes in recent years show how SAP has leveraged ambiguous contract terms to demand massive fees for such usage.
These cases sent shockwaves through CIOs and licensing teams, but they also provide valuable lessons. Read our ultimate guide, SAP Indirect Access: Understanding and Managing Indirect Usage Risks.
Below, we dissect the most notorious cases and highlight what every SAP customer should learn to avoid the same fate.
SAP vs. Diageo (2017) – The Landmark Case
Diageo, the global drinks company, became the poster child for SAP’s indirect access crackdown. In 2017, SAP sued Diageo in the UK High Court, claiming roughly £55 million in backdated license fees. Why? Years earlier, Diageo had connected its core SAP ERP system (originally licensed for internal users only) to two Salesforce-based applications:
- “Connect” – an online portal for Diageo’s customers and distributors to place orders directly (bypassing call center staff).
- “Gen2” – a mobile app for Diageo’s field sales reps to manage customer visits and capture orders on their iPads.
Neither the customers using Connect nor the sales reps using Gen2 ever logged into SAP.
They interacted with SAP data via a middleware (SAP Process Integration) that synced information between the Salesforce apps and SAP ERP. Diageo believed it was compliant since all its employees had SAP user licenses and it had even licensed SAP’s integration tool (SAP PI).
SAP, however, argued that every one of those customer portal users and mobile app interactions constituted unlicensed “indirect use” of SAP.
In SAP’s view, only named users could legally use the ERP – directly or indirectly – and Diageo’s contract hadn’t accounted for these additional users.
A UK court agreed with SAP’s interpretation. The judge found that under the contract’s “plain meaning,” any use of SAP’s software (even indirect manipulation or viewing of SAP-held data) required a named-user license.
The absence of explicit definitions for “use” or “access” in the 2004 contract meant SAP’s broad interpretation prevailed. Crucially, the court rejected Diageo’s “gatekeeper” defense – the argument that having an SAP PI license covered these integrations.
Instead, SAP PI was deemed an add-on component, not a substitute for user licenses.
In short, Diageo’s customers and reps were “using” SAP by indirectly triggering SAP transactions and viewing SAP-generated data, so Diageo was liable for additional fees.
Only the liability was decided in court (in SAP’s favor). The case never reached the damages phase – Diageo, having lost on principle, quietly settled rather than appeal. The settlement amount wasn’t disclosed, but it was presumably hefty.
This outcome rocked the SAP customer community. Diageo had already spent tens of millions on SAP licenses, yet SAP still demanded £54+ million more for usage that Diageo considered routine business innovation.
The case signaled that SAP would enforce license terms to the letter, even against a major customer, and even when the usage involved modern technology not envisioned when the contract was signed.
Lesson Learned: Licensing middleware (like SAP PI) does not immunize you from indirect access fees. Every user or device accessing SAP data through third-party systems still needs to be licensed.
SAP vs. AB InBev (2017–2018) – A $600M Warning Shot
Not long after Diageo, another brewing giant, Anheuser-Busch InBev, found itself in SAP’s crosshairs. In 2017, AB InBev disclosed that SAP was seeking an astonishing $600 million in license fees for alleged indirect use.
This dispute did not play out in open court; SAP filed its claim through a private arbitration process, and AB InBev vowed to fight vigorously.
The crux was similar: SAP accused the company of multiple breaches of a software license agreement, specifically alleging that employees and systems at AB InBev were accessing SAP data indirectly without proper licenses.
Industry insiders noted that AB InBev, like Diageo, had been integrating SAP with third-party platforms (reportedly Salesforce and others) to share data across its enterprise.
The $600M claim sent a clear message that SAP was doubling down on indirect access enforcement. However, unlike Diageo, AB InBev’s saga ended quietly. By early 2018, the brewer’s SEC filings revealed an out-of-court settlement with SAP on undisclosed terms.
In all likelihood, AB InBev negotiated a significantly lower payment or a new licensing arrangement, but the exact outcome remains confidential.
What the public saw, however, was enough to raise alarm: if a company of AB InBev’s size could be hit with such an enormous claim over license interpretations, no SAP customer felt safe.
SAP carefully chose these back-to-back cases (Diageo and AB InBev) for maximum visibility. Both involved global firms in the beverage industry and high-dollar claims that would grab any CIO’s attention. The backlash was fierce.
Customers accused SAP of using “hidden” license rules as a revenue weapon, leveraging decades-old contract language against modern usage patterns. Even SAP’s own leadership acknowledged the fallout – trust had been shaken.
Under pressure from its user community, SAP announced it would revise its licensing policies to be more transparent (more on that later).
Still, the AB InBev case remains a cautionary tale: it proved that SAP’s indirect access claims weren’t a one-off and that even without a court judgment, the financial risk and distraction of a licensing fight could be immense.
Case Summary: SAP’s indirect access enforcement hit two breweries hard – Diageo (£54.5M claim) and AB InBev ($600M claim). Both cases involved third-party front-end systems (Salesforce platforms) interacting with SAP. Diageo’s case went to court (SAP won on principle), and AB InBev’s was settled privately. The shock from these disputes forced SAP to rethink its pricing model.
| Company & Year | Indirect Usage Scenario | SAP’s Claim | Outcome & Impact |
|---|---|---|---|
| Diageo (2017) | Salesforce-based customer ordering portal and sales rep mobile app connected to SAP via SAP PI. | ~£54.5M in license fees for “unnamed” users. | Court ruled in SAP’s favor on liability. Case settled out of court; highlighted huge exposure from portal users. |
| AB InBev (2018) | Unlicensed use of SAP via third-party systems (e.g. Salesforce integration) by employees and possibly partners. | ~$600M in alleged under-license fees. | Dispute settled out of court (confidential). Sparked industry backlash; pushed SAP to introduce new licensing model. |
Common Patterns in SAP Indirect Access Disputes
These cases reveal a pattern of how indirect access issues arise and why customers often feel blindsided:
- Ambiguous Contract Language: In both cases, the software license agreements did not clearly define terms like “user,” “use,” or “indirect access.” This vagueness allowed SAP to apply an extremely broad definition – essentially, any way in which SAP’s software is utilized (even via an external system) counts as use that must be licensed. Customers who signed these contracts years ago didn’t anticipate today’s integrations, leaving a loophole that SAP’s auditors can exploit.
- “Old Licensing in a New Environment”: A recurring theme is the collision of legacy contracts with modern architectures. Diageo’s license dates back to 2004, long before cloud portals or mobile apps were common. When Diageo later deployed Salesforce apps in 2012, those new usage scenarios weren’t covered in the old license terms. SAP and AB InBev fell into the same trap – using new technology under old agreements. In general, whenever a company extends its SAP data to new digital channels (customer portals, IoT devices, RPA bots, etc.) without updating the contract, it’s a red flag.
- External Users and Third-Party Systems: Indirect access disputes often involve external parties or non-SAP front-ends interacting with SAP. Common examples include customers placing orders on a website that feeds into SAP, suppliers updating info via a portal, or salespeople using a third-party mobile app that syncs with SAP in the back-end. From the customer’s perspective, these users aren’t “SAP users” at all – they never log into SAP. But SAP’s view (as upheld in court) is that the software is still being accessed and delivering value to those users, so they count. This means even a consumer browsing product data (if that data came from SAP) could technically be considered indirect usage that requires licensing.
- The “Gatekeeper” Fallacy: Many customers assume that if they’ve paid for integration software or middleware, they’re covered. This is a fallacy. Diageo learned the hard way that licensing SAP Process Integration did not license the users on the other side of that interface. Similarly, having an API or an interface doesn’t exempt you from SAP’s user or package licenses. In SAP’s licensing logic, middleware is in addition to named users, not a replacement. Relying on this assumption is a major pitfall.
- Retroactive Compliance Audits: SAP typically uncovers indirect use issues through audits or license reviews, often after years of such usage. This means the financial exposure is retrospective, covering all the years you’ve been unknowingly “under-licensed.” The Diageo claim, for instance, covered several years of Connect and Gen2 usage. Because SAP calculated fees at full list price for hundreds or thousands of external users, the back-bill ballooned into the tens of millions. The lack of early warning is what makes indirect access so notorious – companies often don’t realize they’re out of compliance until the audit report arrives with a staggering bill.
- Vendor Enforcement Tactics: Another pattern is how SAP has used these situations as leverage. In the past, SAP account teams and auditors have been known to raise indirect usage findings right around contract renewals or when pitching an S/4HANA migration, implicitly pressuring customers to “settle” by buying more products or cloud subscriptions. The strategic timing suggests that indirect access claims can be as much a sales tactic as a compliance issue. Customers should be mindful that what starts as a license audit could become a negotiation for a broader deal.
Overall, the indirect access saga highlights a core issue: trust and transparency. Customers felt SAP’s stance was an ambush – a way to generate revenue from existing customers by reinterpretation of terms. SAP, for its part, maintained it was simply enforcing agreements.
The truth lies in a grey area of contract law and evolving technology. What’s clear is that vigilance and proactivity must be the customer’s response.
The next section distills how you can defend your organization from similar surprises.
Strategies for managing SAP Indirect Access, SAP Indirect Access Compliance Strategies: How to Stay Audit-Proof.
Defensive Strategies for SAP Customers Facing Indirect Use Risk
How can SAP customers avoid the Diageo or AB InBev scenario? The key is to be proactive and strategic about license management.
Here are practical defensive steps inspired by these cases:
- Map Your SAP Footprint and Integrations: Don’t wait for an audit – conduct your own internal review. Inventory all the systems, apps, and interfaces that connect to your SAP environment. Who (or what) is using SAP data? This includes third-party SaaS apps, web portals, mobile apps, robotic process automations, APIs, and even devices (like IoT sensors) that feed into SAP. By maintaining an up-to-date architecture map and usage log, you can identify indirect use cases before SAP does. This technical audit should be partnered with a legal/licensing audit of your SAP contracts to pinpoint any areas of non-compliance.
- Review and Update Your Contracts: If your SAP license agreement is old or has gone through many amendments, it’s likely not keeping pace with how you use the software today. Pull out the contract and read the fine print on usage rights. Are critical terms like “use,” “user,” “indirect access,” or “third-party interface” defined? If not, assume the broadest interpretation. Where possible, negotiate contract adjustments or clarifications with SAP before you deploy new integrations. For example, if you plan to launch a customer portal that touches SAP, negotiate an appropriate license (perhaps a special user category or a fixed fee for external users) and get it in writing. Ensure any new agreement clearly covers the specific scenario so you don’t pay unexpected fees later. In short, close the ambiguity gaps: define what counts as licensed use vs. indirect use, and agree on metrics for any new kinds of usage.
- Engage SAP Early (and Get It in Writing): It may feel counterintuitive, but bringing SAP into the loop early on major integration projects can save pain later. Discuss your plans with SAP and seek written confirmation of how licenses will be handled. For instance, if integrating a non-SAP CRM with SAP ERP, formally ask SAP whether the external users will require licenses or if there’s a licensing program to accommodate them. SAP might propose its Digital Access licensing in such cases (introduced after the Diageo saga, this model charges based on documents or transactions instead of users – more on this below). Early engagement can also give you leverage to negotiate carve-outs or discounts rather than facing a full-price compliance claim post-implementation.
- Leverage the New “Digital Access” Model (Carefully): In 2018, following customer backlash, SAP rolled out a new Digital Access licensing model as an alternative to traditional named-user licensing. This model charges for outcomes (e.g., number of sales orders, invoices, etc., created by indirect systems) rather than for each user. It also explicitly exempts read-only access – meaning if third-party systems are just viewing data, SAP doesn’t charge for that. SAP even launched a Digital Access Adoption Program (DAAP) offering steep discounts (up to 90%) to encourage customers to transition. Evaluate this option: for some organizations, it can eliminate ambiguity and cap the cost of indirect use. But beware: switching to document-based licensing requires analyzing your document volumes and projecting future growth. It’s not automatically cheaper. Do a side-by-side comparison of your costs under current user licensing versus digital access. If you can lock in a good deal under DAAP, it might dramatically reduce your audit risk in the future. Make sure to negotiate protections (e.g. how document counts are measured and capped) as part of the move.
- Prepare Your Own Usage Metrics: One lesson from the big cases is that SAP calculated fees using its price list and assumptions (often maximalist). To avoid being at the mercy of SAP’s numbers, gather your own data. Monitor how many external users actually touch SAP (and how), or how many documents your integrations generate. Having hard numbers lets you challenge exaggerated claims and propose a more reasonable resolution. For example, if SAP alleges 5,000 unlicensed users but you know only 500 customers actively use the portal, you can push back. Consider implementing tools or logs that can track indirect access calls to SAP. Being armed with data transforms an audit discussion: it replaces guesswork with facts, often leading to a more negotiated settlement rather than a one-sided demand.
- Negotiate During Renewals and Projects: The best time to resolve or avoid indirect access problems is when you have negotiating leverage. Renewal time is critical – SAP wants you to renew support or purchase the next product, and you can use this opportunity to address indirect use. Some strategies include: securing an amnesty (SAP forgives past indirect use if you commit to a future licensing arrangement), getting a contract addendum that explicitly permits certain indirect use scenarios in the future, or rolling needed licenses into a discounted package. Similarly, if you’re considering an S/4HANA migration or big expansion, make the resolution of any indirect access ambiguities part of that deal. Essentially, make it SAP’s problem too – if they want your continued business, they should help eliminate the uncertainty.
- Involve Legal and Industry Peers: Indirect access is as much a legal issue as a technical one. Engage your legal counsel (or a licensing specialist firm) to interpret your agreements and advise on strategies. They can help craft language for new terms or push back on unfair audit findings. Also, tap into the SAP user community (user groups, forums). Many companies have faced similar issues; peer insight can be invaluable. There’s strength in numbers – collectively, SAP customers have influenced SAP to evolve its policies. By staying informed through these networks, you can anticipate SAP’s moves and learn how others negotiated solutions.
In summary, an active defense is required. Indirect access risk won’t disappear on its own. SAP customers must actively manage their licenses like the strategic assets they are.
It’s about staying one step ahead: know your usage, know your contracts, and never assume “no news is good news” when it comes to software compliance.
With the right precautions, you can avoid nasty surprises and maintain control of your IT roadmap instead of diverting budget to unplanned license fees.
5 Defensive Takeaways from Indirect Access Cases
- Audit Your Usage Now, Not Later: Regularly review how SAP data is accessed across your organization (including by third-party systems, portals, and bots). Early detection of indirect use can prevent multi-year compliance surprises.
- Eliminate Ambiguity in Contracts: Insist on clear definitions of “use” and “user” in your SAP agreements. If you integrate SAP with other platforms, get the licensing terms for those integrations in writing to avoid grey areas.
- Track and Limit External Access: Keep logs and counts of external users and transactions hitting your SAP system. Control who/what can pull data from SAP. This not only helps in negotiations but also deters overuse that could inflate licensing costs.
- Use Negotiations to Your Advantage: During contract renewals or new SAP projects, negotiate resolutions for indirect use. Seek amnesty for past usage or predefined terms for future use (e.g. a fixed fee for a customer portal) as part of the deal.
- Consider SAP’s Digital Access License: Evaluate SAP’s document-based licensing as an alternative. It can simplify compliance for indirect scenarios (and remove per-user charges), but analyze it carefully. Leverage SAP’s adoption programs or discounts, and ensure any transition locks in cost predictability.
By learning from the Diageo and AB InBev cases, SAP customers can turn a notorious risk into a manageable one.
The overarching lesson is to be proactive and skeptical of licensing assumptions. Don’t wait for SAP to define your usage (and send a bill) – define it yourself, contractually and technically.
In doing so, you reclaim the initiative and ensure that innovative use of your systems doesn’t become an unexpected liability. Protect your organization with clarity, diligence, and smart negotiation, and you can enjoy the benefits of SAP’s software without the nasty indirect-access surprises.
Read about our SAP Advisory Services
