SAP Indirect Access Contract Clauses – Why Contracts Are the First Line of Defense
SAP’s indirect access rules can lead to costly surprises if your contract isn’t crystal clear.
Indirect use refers to any scenario where people or systems use SAP software without directly logging in. For example, a customer portal or third-party app that pushes data into SAP in the background is an example of indirect use.
The risk comes from SAP’s vague definitions of “use” and “access” in standard contracts. That ambiguity lets SAP interpret almost any interaction as a licensable use.
Once you’ve signed, those fuzzy terms become SAP’s leverage in an audit. Many of the worst compliance nightmares happen simply because customers never defined “use” tightly in their contracts.
Fortunately, you can prevent indirect access disputes before they start – the contract itself is your first line of defense. By inserting precise, protective language upfront, you cut off SAP’s ability to reinterpret your rights later.
Read our ultimate guide, SAP Indirect Access: Understanding and Managing Indirect Usage Risks.
Key Definitions to Clarify in the Contract
Every strong SAP agreement starts with ironclad definitions. Don’t accept SAP’s default wording for critical terms – redefine them in your favor.
Three terms in particular demand attention:
- “Use” (or “Access”) – Define it as direct human use of SAP via SAP’s standard interface only. If no one is manually logging in, then it’s not “use.” This way, SAP can’t claim background system activities as usage.
- “Indirect Access” – Exclude “indirect access” as a licensable concept. State that using SAP indirectly does not require a license unless it creates or changes SAP data. This prevents SAP from treating normal integrations or read-only exports as compliance issues.
- “External Systems” or “Third-Party Applications” – A third-party app that pulls data from SAP or transmits input on behalf of a licensed user should not need its own SAP license. External systems can interface with SAP without incurring additional fees.
Example Clause – Narrow Definition of “Use”: “Use of SAP software means direct human interaction through SAP’s standard user interface (e.g. SAP GUI). Automated, batch, or system-initiated interactions are not ‘Use’ unless they create or change SAP transactional data.”
By solidifying these definitions, you turn gray areas into black-and-white rules. Also include an appendix of allowed integrations that won’t require extra licenses.
For example, list cases like “data export to BI tool” or “mobile app querying SAP inventory” as non-licensable use. This clarity prevents misunderstandings later on.
Bottom line: Don’t let SAP’s boilerplate define these terms – use customer-friendly wording to eliminate ambiguity.
More details on SAP Indirect Access, SAP Indirect Access 101: Definition and Common Scenarios.
Add a Digital Access or Indirect Use Addendum
Even with tight definitions, go a step further. Add a dedicated Indirect Use or Digital Access addendum to your contract. SAP’s “Digital Access” model (charging per document created by indirect use) complicates licensing.
Whether you adopt that model or not, an addendum lets you set the rules for indirect use on your terms.
- Digital Access Addendum: If you use SAP’s document-based licensing, spell out how it works – list the document types to be counted, how to count them, and ensure no double licensing. Note any conversion credits or special terms you negotiated so they’re honored.
- Indirect Use Addendum: If you stick with traditional licensing, add a clause to pre-approve specific integrations (read-only interfaces, middleware, etc.) and to waive any indirect use before the addendum’s effective date.
Use leverage when negotiating these addenda. For example, if you agree to move to SAP’s Digital Access model, insist that SAP waive any past indirect-use claims as part of the deal.
Likewise, confirm in writing that your existing integrations are fully licensed and won’t trigger future fees. Getting SAP to sign off on these specifics locks in your protection.
Limiting SAP’s Audit & Interpretation Power
Even with ironclad definitions, you need to rein in SAP’s audit rights. SAP’s standard audit clause is too open-ended, giving them a license to dig around and hit you with surprise fees.
Negotiate it into something fair and predictable:
- Audit Frequency/Notice: Limit formal audits (e.g., at most once per year) and require reasonable written notice (30–60 days). This prevents constant or surprise audits.
- Scope & Method: Limit audits to relevant SAP products/data only, and require that any measurement tools or methods be mutually agreed upon (no unauthorized scripts or fishing expeditions).
- Remediation Period: If an audit finds you under-licensed, you get a grace period (say 30 days) to purchase the needed licenses at normal pricing. No immediate back-charges – you have a chance to fix the shortfall.
Example Clause – Audit Restrictions: “SAP shall not deploy any audit software or request indirect-use data without Customer’s prior written consent and an agreed audit scope/methodology.”
Include an interpretation safeguard clause as well. If there’s a dispute on how to interpret any license term or use case, the contract should force a resolution process before SAP can demand fees.
For example, require that such disputes be escalated to both companies’ executives – or to neutral arbitration – before SAP issues any compliance invoice. This ensures SAP can’t act as judge, jury, and executioner on a gray area; the issue must first be resolved jointly.
Overall, tie every compliance obligation to a clear definition and process. The less wiggle room your contract leaves, the less SAP can stretch terms during an audit.
How to detect SAP Indirect Access: Detecting Indirect Access in SAP: How to Find Hidden Licensing Risks.
Excluding Certain Data or Interfaces from Licensing
Not all uses of SAP data should require a license. Ensure your contract excludes certain low-risk scenarios from any licensing requirements.
These carve-outs protect you from SAP trying to charge for innocuous activities:
- Read-Only Access & Analytics: Clarify that pulling SAP data out for viewing or analysis (with no changes back in SAP) does not require an SAP license.
- Non-Transactional APIs & Middleware: If external systems or IoT devices call SAP just to retrieve information (without creating new transactions), those calls do not require an SAP license. Pulling data via a middleware cache should not trigger any license fees.
Listing these exclusions removes ambiguity about what’s license-free.
Example wording: “Data extracted from SAP for reporting, analytics, display, or other read-only consumption shall not constitute indirect use nor require additional SAP licenses.”
Be as specific as needed – you can name particular tools or interfaces to make it ironclad. Apply these exclusions enterprise-wide (across all affiliates) so the rule is global. With such carve-outs, SAP can only charge for true transactional use – nothing else.
Negotiation Levers & Tactics
Getting the right language is one thing; negotiating it with SAP is another. Use these tactics to secure the clauses you need, whether you’re forging a new contract or updating an existing one:
For New Contracts: Raise the indirect access topic early. Don’t wait for SAP to bring it up – proactively ask to review any indirect use or digital access terms at the start. Then push back on anything vague or one-sided.
Sales reps eager to close the deal may yield on terms to get your order. If you’re planning a big purchase or migration, make it clear that no deal will be signed without strong indirect use protections.
For Existing Contracts: Even if you’re already under an SAP agreement, you can still strengthen it. Consider negotiating a contract amendment or side letter specifically about indirect use. Let your SAP account manager know you want to clarify how integrations are licensed.
Use any upcoming renewal or purchase as a chance to add these protections – SAP is often amenable if it keeps your business.
Leverage Points: Use SAP’s need for your business as leverage:
- Make indirect use resolution and protections a condition of any future deal. Don’t sign a new purchase or upgrade unless existing issues are resolved and the contract includes these clauses.
- Hint at alternatives. You might mention considering third-party support or even moving some systems off SAP if the compliance terms aren’t reasonable. You won’t necessarily follow through, but SAP will think twice before pushing too hard.
Your willingness to walk away is the strongest bargaining chip. If you hold firm that these protections are non-negotiable, SAP will usually accommodate rather than risk losing your business. Use that leverage wisely.
5 Must-Have Contract Clauses for Indirect Access Protection
To wrap up, here’s a checklist of five must-have clauses every SAP customer should insist on to guard against indirect access risk:
- Narrow Definition of “Use” – Limit “use” to direct, human SAP use only, so no indirect interactions count as a licensable use.
- Digital Access Addendum – Include a clause or appendix defining the digital access (document-based) licensing model or detailing how indirect use is measured. Make it explicit and ensure no double-charging.
- Exclusion List (Read-Only & Analytics) – Exclude read-only data access and external reporting/analytics scenarios from needing SAP licenses. This policy protects data integrations from being deemed “unlicensed.”
- Audit Procedure Safeguards – Add clauses to limit audit frequency, require notice, and define scope/method (with a grace period to cure). Keeps SAP’s audit process in check and fair.
- No Retroactive Liability – Bar SAP from claiming license fees for indirect use that occurred before a specified date (e.g., before adopting a new model). Prevents surprise back-billing for past behavior.
By including these five elements in your SAP contract, you greatly reduce the chance of indirect access surprises. When the contract clearly spells out what’s allowed – and how audits work – SAP loses the advantage of ambiguity.
You’re free to integrate with SAP without constantly looking over your shoulder. Protect your organization upfront so you can focus on using SAP to drive value, not fighting compliance battles.
Read about our SAP Advisory Services
