UK Financial Services Firm Cuts SAP Named User Costs by 28% Through Role-Based Optimization

The Challenge: Over-Licensed User Base

The financial services firm's SAP estate reflected a common scenario: licensing had been implemented reactively over 15 years as departments spun up and user headcount grew. No systematic audit of actual user activity had been conducted since the initial deployment. Users requesting access were provisioned based on job title, not transaction frequency. Finance users got Professional licences. Reporting teams got Professional licences. Compliance reviewers got Professional licences. The principle was "give them the tier that covers their potential needs" rather than "give them the tier that matches their actual usage."

This approach, while politically safe and administratively simple, created massive over-licensing. In SAP ECC systems (which this firm was running), the licence type hierarchy is clear: Professional User (highest cost), Limited Professional, Employee, Employee Self-Service (ESS), and Developer. The difference between Professional and Limited Professional can be £150 to £250 per user per year. When multiplied across 12,500 users, the cumulative cost impact is substantial.

The firm was facing a dual pressure: their 10-year SAP maintenance contract renewal was looming, and they had begun preliminary planning for an S/4HANA migration. SAP annual support runs at approximately 22% of net licence value. If licence costs were inflated by 28%, support costs were similarly inflated. The firm needed to understand their true licence entitlements before lock-in at renewal time.

Understanding DDLC and SAP's Audit Approach

SAP's Document and Data Licensing Compliance (DDLC) metric is central to how the vendor audits indirect access claims, but many organizations misunderstand what it actually measures. DDLC is not about who is licensed; it is about whether the licensed users are accessing data and functions appropriate to their licence tier.

SAP constructs audit claims by extracting user activity logs from SUIM (System User Information Manager) and analyzing transaction frequency, data access patterns, and functional modules used. If a user assigned a Limited Professional licence is frequently executing transactions reserved for Professional users, or accessing data across 20+ modules, SAP will flag that user as under-licensed. Conversely, if a user assigned Professional is only running three read-only reports per month, SAP may not flag that as an audit exposure, but it represents wasted spend.

The regulatory environment in financial services makes this audit risk acute. Compliance, Risk, and Finance teams reviewing data in SAP are considered "users" and must be licensed appropriately. A Risk Officer running quarterly compliance reports is a legitimate user of SAP, but does she need Professional access? Her activity audit will reveal whether Professional is justified by her transaction profile.

Role-Based Optimization Methodology

The firm implemented a structured three-phase approach:

Phase 1: Data Extraction and Activity Profiling

The engagement began with a full SUIM export capturing 12 months of user activity data. This identified every user with an active session in the past year, their transaction frequency, module access breadth, and last login date. The team extracted granular metrics: how many transactions per user per day, which specific T-codes (transaction codes) were executed, and which functional areas (FI, CO, MM, SD, HR) each user touched.

The data revealed three critical cohorts: active daily users (70%), periodic users (20%), and dormant users (10%). Dormant users could be deactivated entirely, eliminating licence costs. Active daily users accounted for 85% of all transaction volume but only represented 70% of headcount.

Phase 2: Building Role-to-Licence Mapping

Using the activity profile, the firm built a role-to-licence matrix. A Professional User was redefined as someone executing an average of 15+ transactions daily across 8+ functional modules. Limited Professional was defined as 5-15 transactions daily across 4-7 modules. Employee was defined as 2-5 transactions daily in 1-3 modules. This exercise produced objective criteria unambiguous to audit and defensible to users themselves.

SAP's named user licence types in ECC are designed for this purpose. Professional gives unrestricted transaction access. Limited Professional restricts certain complex transaction types and modules. Employee restricts to read-only and simple data entry. When organizations assign tiers based on job title rather than transaction profile, they reverse-engineer unnecessary cost.

Phase 3: Systematic Downgrade and Continuous Monitoring

The team downgraded 3,850 users from Professional to Limited Professional or Employee based on activity profiles. The downgrades were staggered over 12 weeks to allow business users to escalate if downgrade created genuine access blocks. Only 47 users requested re-upgrade, indicating the downgrades reflected actual usage patterns.

Financial Services: The Role-Based Optimization Opportunity

Financial services organizations have a structural over-licensing problem. Large populations of roles exist that generate read-only access: Risk Officers reviewing exposures, Compliance Analysts running regulatory reports, Treasury staff tracking cash positions, Internal Auditors querying transaction trails. In the past decade, regulatory compliance obligations have exploded, and organizations have responded by licensing compliance teams conservatively at Professional tier.

But regulatory access is not the same as operational access. A Compliance Officer running quarterly AML reports does not need to create purchase orders, modify GL accounts, or change customer master data. An Employee licence with read-only access to specific modules can satisfy 90% of compliance use cases. The 10% that requires modification can be handled through segregated batch processes or elevated access on demand.

This firm's Financial Shared Services team—600 users responsible for GL posting, reconciliation, and month-end close—was licensed entirely at Professional. But 400 of them (67%) only executed 8-12 transaction types each, all in FI (Financial Accounting). They were downgraded to Limited Professional with no operational impact. The remaining 200 users handling complex consolidation and inter-company accounting retained Professional access.

S/4HANA Migration: The Hidden Licence Baseline Reset

This case study is particularly relevant for firms planning S/4HANA migration. SAP FY ending December 31 cycles align with many contract renewal schedules, and S/4HANA migration discussions often occur during renewal negotiations. Organizations must understand that S/4HANA changes the licence baseline fundamentally.

ECC licence types (Professional, Limited Professional, Employee, ESS, Developer) do not map one-to-one to S/4HANA types. S/4HANA introduces a new categorization: Developer, Advanced Use, Core Use, and Employee Use. The remapping is not automatic.

A user currently licensed as Professional in ECC does not automatically become Advanced Use in S/4HANA at the same cost. SAP will require re-measurement of your user base during migration. This is the moment to conduct role-based optimization. If you migrate your over-licensed ECC base directly into S/4HANA without downgrading first, you are locking in inflated costs for another 10-year cycle.

This firm recognized the risk. They completed their role-based optimization in Year 1 of a 3-year S/4HANA roadmap, while still on ECC. When they migrate in Year 3, they will map their optimized, right-sized ECC user base to S/4HANA tiers, not their original over-licensed base. This saves the entire 28% reduction across to the new platform.

Continuous Governance: Avoiding Licence True-Up Surprises

The first year of optimization delivered the 28% saving. But the firm recognized that without ongoing governance, the optimization would degrade. New starters would be provisioned at inflated tiers. Departing users would be deactivated slowly. Users would gradually request access upgrades due to role changes. Licence costs would creep back toward the original bloated baseline.

The firm implemented automated licence re-measurement. Using a third-party tool (SAP LicenseControl, Flexera, or Snow Software can all perform this function), a quarterly SUIM extract is automated. Any user whose transaction profile drifts from their assigned licence tier is flagged. Users whose activity drops below their assigned tier are scheduled for downgrade. New joiners are provisioned at Employee tier and automatically escalated only if their activity profile within 90 days warrants it.

This continuous governance approach prevents the optimization from being a one-time exercise that reverts over time. It also creates documented evidence of role-to-licence alignment, which is invaluable during an SAP audit. When SAP's License Audit & Compliance (LAC) team runs their annual measurement, they find a population where licensing is demonstrably aligned to activity. That alignment is the best audit defense available.

SAP Support Cost Alignment

The cost reduction compounds beyond licence fees. SAP annual support is approximately 22% of net licence value. This firm's support contract renewal came 18 months after licence optimization. By downgrading 3,850 users, they had reduced their licence base by 28%, which proportionally reduced their support cost baseline by the same amount. The annual support cost reduction was approximately £600,000 on top of the licence savings.

During renewal negotiations, the firm used their optimized licence base as the new starting point. Previously, SAP would have calculated annual support as 22% of a heavily over-licensed base. Now, it was 22% of the right-sized base. This prevented a significant increase in support costs at renewal time.

RISE with SAP: Understanding What's Actually Included

As the firm refined their S/4HANA strategy, they evaluated RISE with SAP—SAP's consumption-based model. It is critical to understand what RISE with SAP actually includes versus what is often sold as included.

RISE with SAP includes the S/4HANA licence, annual support (22% of net licence value), cloud infrastructure (on SAP's managed service), and a baseline of professional services (implementation and ongoing optimization). What is frequently NOT included but is sold as part of the narrative: BTP (Business Technology Platform) credits beyond a minimal starter allocation, SuccessFactors (Human Capital Management) licensing, advanced analytics tools like Analytics Cloud, or custom development beyond the baseline. These add-ons are consumption-based and can easily double the cost of RISE.

For this firm, understanding the RISE model was essential to correctly compare: (1) continuing with ECC + third-party annual support, (2) migrating to S/4HANA on-premise with managed services, or (3) adopting RISE with SAP. The role-based optimization informed all three scenarios, because each starts with the right-sized user base as the cost anchor.

Key Recommendations for Similar Organizations

1. Commission a Role-Based Activity Audit: Before any renewal negotiation or migration decision, extract 12 months of SUIM data and profile your user base. Identify the cohort mismatch between assigned licence tier and actual transaction profile.

2. Implement Objective Downgrade Criteria: Build a role-to-licence matrix based on transaction frequency, module breadth, and functional area. Make the criteria defensible to your users and auditable by SAP.

3. Schedule Optimization Before S/4HANA Migration: If S/4HANA is on your roadmap, conduct role-based optimization while you are still on ECC. Migrating an over-licensed base into S/4HANA locks in inflated costs for another 10-year cycle.

4. Establish Continuous Governance: Use automated SUIM re-measurement quarterly. Prevent licence cost creep by making re-measurement systematic, not reactive.

5. Align Audit Timing to Optimization: Conduct optimization well in advance of SAP's License Audit & Compliance (LAC) annual measurement. The optimized state becomes your audit baseline.

6. Leverage Optimization in Support Renewal: Use the right-sized licence base to reset the support cost baseline at renewal time. This prevents support cost from growing proportionally when licence base shrinks.

7. Clarify RISE with SAP Economics: If evaluating RISE, understand that standard inclusions do not cover BTP credits, SuccessFactors, or advanced analytics. Model consumption-based add-ons separately from the base RISE cost.