Why Contract Clauses Matter More Than Technology Solutions
The instinct when facing indirect access risk is often to focus on technology: deploy a licence management tool, instrument your integration layer, monitor DDLC consumption. These technical measures are valuable and necessary. But they are complementary to, not a substitute for, strong contractual protections. A technology solution tells you how much your exposure is; a well-negotiated contract clause limits what SAP can do with that information.
SAP's standard contract framework — the Software Use Rights, the General Terms and Conditions, and the specific Order Form — is written to maximise SAP's audit rights and minimise constraint on how SAP can assert indirect access claims. The standard framework gives SAP broad discretion to define indirect access, conduct measurements, present claims retroactively, and use the audit process as leverage in commercial negotiations. Buyers who sign the standard terms without modification accept this framework by default.
Every clause we describe in this article represents a departure from SAP's default position — a contractual protection that SAP does not offer voluntarily, but which experienced buyers can negotiate when they engage with sufficient preparation and commercial leverage.
Clause 1: Indirect Access Definition and Scope Limitation
The most important protective clause is one that defines precisely what constitutes indirect access in the context of your specific SAP deployment — and explicitly excludes scenarios that should not trigger a licence obligation.
The parties agree that indirect access for the purposes of this Agreement means the creation of one or more of the nine Digital Access document types listed in Schedule [X] by an external system operating outside the SAP application interface. Read-only access to SAP data — including data retrieval via RFC, API query, OData service, or database query that does not result in the creation of a new SAP document — shall not constitute indirect access and shall not require any additional licence under this Agreement. The scope of this clause extends to all versions of the Software licensed under this Agreement and shall survive any updates to SAP's General Terms and Conditions.
This clause does three things: pins the definition of indirect access to Digital Access document creation rather than SAP's broader named-user interpretation; explicitly excludes read-only scenarios, which SAP has at times characterised as indirect; and creates a contractual anchor that survives updates to SAP's standard terms. SAP will push back on the "survives updates" language — it is worth negotiating hard for because SAP periodically updates its standard terms in ways that expand indirect access scope.
Clause 2: Read-Only and Indirect Static Read Exclusion
SAP's Digital Access model excludes read-only scenarios — but this exclusion is not always as clearly articulated in the contract language as buyers need it to be. A specific read-only exclusion clause provides documentary protection against an SAP auditor who characterises read-only integration activity as indirect access.
Any access to the Software by an external system, application, or automated process that retrieves, reads, exports, or queries data from the Software without creating, updating, or materially modifying a record within the Software shall constitute Indirect Static Read and shall not require any digital access licence, named user licence, or any other additional licence under this Agreement. For the avoidance of doubt, data replication, reporting extracts, analytics platform connections, and BI tool queries to the Software database constitute Indirect Static Read and are not subject to indirect access or digital access licence obligations.
This clause is particularly important for organisations with extensive BI and analytics environments that query SAP data. Without it, an auditor could characterise a data warehouse extract from HANA as indirect access. The explicit inclusion of "data replication, reporting extracts, analytics platform connections, and BI tool queries" shuts that avenue down.
Clause 3: Audit Scope and Cure Period
SAP's standard audit rights are broad and the dispute escalation timeline is short. Buyers need to negotiate a structured audit dispute process with a meaningful cure period before SAP can escalate to legal proceedings or use audit findings as leverage in commercial negotiations.
In the event that an SAP measurement or audit identifies a potential licence shortfall related to indirect or digital access, SAP shall provide the Customer with a written audit report detailing the specific finding, the measurement methodology used, the lookback period applied, and the basis for SAP's calculation. The Customer shall have no fewer than ninety (90) days from receipt of the written audit report to review the findings, conduct independent verification, dispute any findings in writing, and if appropriate, licence any shortfall identified under the then-available Digital Access pricing or DAAP pricing (if available). SAP shall not initiate legal proceedings, suspend licence entitlements, or include the disputed amount in any commercial negotiation as a condition of continuation until the expiry of the ninety (90) day cure period or the resolution of the dispute, whichever is later.
The 90-day cure period is the minimum acceptable threshold. Some buyers negotiate 120 days. The key elements are: SAP must provide a written report with methodology (not just a number), the customer has the right to verify independently, and SAP cannot use the audit as commercial leverage during the cure period. This last point is crucial — SAP's standard practice is to present an indirect access finding alongside a renewal proposal, using the audit exposure as leverage to close a broader deal. This clause prevents that approach.
Clause 4: DDLC Volume Cap and Overage Protection
For organisations that have adopted Digital Access licensing, the risk of DDLC volume overages is real — particularly as automation, IoT, and AI-driven processes increase document creation rates. An overage protection clause limits the financial impact of unexpected consumption spikes.
SAP shall provide the Customer with automated notification when Digital Access document consumption reaches 80% of the contracted annual allotment. The Customer shall have sixty (60) days from the date of such notification to either purchase additional document volume at the incremental pricing set out in Schedule [Y] or implement technical measures to reduce consumption within the contracted allotment. During this sixty (60) day window, SAP shall not assert any licence shortfall claim based on DDLC consumption exceeding the contracted allotment. The incremental pricing for additional DDLC volume purchased pursuant to this clause shall not exceed [agreed rate per 1,000 documents] and shall remain fixed for the term of this Agreement regardless of any general price increases to SAP's standard Digital Access pricing.
Two elements of this clause deserve emphasis. First, the 80% notification threshold gives the customer meaningful lead time to respond before becoming non-compliant. Second, the pre-agreed incremental pricing for additional volume prevents SAP from pricing overage top-ups at list price — which can be several multiples of the negotiated rate.
Renewing your SAP contract and want these clauses included?
Redress Compliance has negotiated indirect access protections into hundreds of SAP contracts. We work exclusively for buyers.Clause 5: DAAP Transition Right
Organisations on ECC that have not yet formally adopted Digital Access have DAAP available to them. Contractually locking in DAAP transition rights — including the pricing and trade-in terms — at the time of a broader SAP renewal provides insurance against DAAP being terminated before the customer is ready to adopt it.
SAP grants the Customer a contractual right to adopt the Digital Access Adoption Program (DAAP) at any time during the term of this Agreement on terms no less favourable than those available to new DAAP adopters at the time of adoption, including a minimum discount of seventy-five percent (75%) off list pricing for the initial DAAP document volume and a named-user licence trade-in credit calculated at no less than [agreed percentage] of the net licence value of surrendered licences. This right shall remain available to the Customer regardless of any programme changes to DAAP, any general termination of the DAAP programme, or any updates to SAP's standard terms for Digital Access adoption.
Note that the minimum discount is specified at 75% rather than the full DAAP maximum of 90% — this is a negotiating position rather than the target. The goal is to contractually lock in DAAP terms before SAP could change or terminate the programme. The trade-in credit percentage should be separately negotiated based on the value of your existing perpetual licence portfolio.
Clause 6: Integration Architecture Approval Right
A forward-looking protection clause gives customers the right to seek SAP's written confirmation on how new integration architectures will be treated from a Digital Access perspective before deployment, rather than discovering the licence implications in an audit years later.
The Customer may, at any time during the term, submit a written description of a proposed new integration or interface between the Software and an external system to SAP for a licence classification opinion. SAP shall provide a written response within thirty (30) business days confirming whether the proposed integration would constitute indirect access, digital access document creation, indirect static read, or no licence obligation under the terms of this Agreement. SAP's written classification opinion shall be binding on SAP with respect to the described integration architecture for the term of this Agreement, provided the Customer implements the integration materially in accordance with the described architecture.
This clause is powerful but difficult to negotiate — SAP resists binding written opinions on integration architecture because it limits their audit flexibility. A softer version — requiring SAP to respond in writing but characterising the response as guidance rather than binding — is more achievable and still useful as documentary evidence in any future dispute.
When and How to Negotiate These Clauses
These clauses are most achievable at four specific points in the SAP commercial lifecycle: at the time of an initial ELA (Enterprise Licence Agreement) or large-scale renewal negotiation; when transitioning from on-premise to RISE with SAP or migrating to S/4HANA; when adopting DAAP; and when renewing a contract where SAP has presented an indirect access finding as part of the commercial discussion.
The negotiation leverage for each clause varies. Read-only exclusion and scope limitation clauses are generally achievable because SAP acknowledges the read-only exemption in its own published Digital Access guidance — the negotiation is about getting it into the contract rather than accepting it as an informal position. Audit cure period clauses require more leverage — typically the threat of a competitive evaluation or a delayed renewal decision. DAAP transition right clauses are most achievable when DAAP is still active and SAP has an interest in demonstrating goodwill to a customer with potential audit exposure.
Redress Compliance approaches these negotiations with current intelligence on what SAP is and is not agreeing to at present across our active client engagements. This real-time benchmarking — knowing what other buyers have recently achieved in SAP contract negotiations — is one of the most practical advantages we bring to buyer-side engagements.
Want these indirect access protections in your next SAP contract?
Redress Compliance has defended 80+ indirect access disputes per year and negotiated protections into hundreds of SAP contracts. Buyer-side only.