The risks that still won’t go away

0
60

Last month, SAP released a streamlined Digital Access Adoption Program, intended to clarify (and reduce costs for) its indirect access licensing.

The release followed SAP’s introduction of document-based pricing, first unveiled in April 2018, allowing digital access to SAP ERP counted on the basis of document production (invoices, shipping information, time management etc).  

The new document metric confirmed that SAP would charge only for initial document creation and that viewing, download or access via non-SAP applications did not then require a further charge for those accessing the systems, indirectly, as Named Users.

SAP must be congratulated for (finally) recognising that business systems are often activated, and software executed, by many third-party users (consumers, suppliers, consultants, etc) where named user metrics would, under the contract wording, otherwise need to be applied.

The document metric is intended to work out far cheaper than, for example, acquiring multiple SAP Platform User licenses. Even then, this is difficult to know because of SAP’s determined secrecy around its price lists and offered discounts.

But SAP’s licensing structures, including its SAP Software Use Rights, are impenetrable and remain ambiguous. This document (78 pages long) contains over 130 separate user metrics with multiple restrictions, conditions and carve-outs across SAP’s 345 software products.

Although this document maps usage scenarios to types of licensing, the danger is that constantly changing business practices and types of access mean there still remain pockets of unclear usage. And the risk here – as Diageo found – is that if the customer is uncertain as to their position, SAP itself becomes the arbiter of whether a customer is or is not correctly licensed.

Indeed, the judge in that case said: “In my judgment, there is no applicable Named User category for (Diageo’s) Connect customers in the current version of the schedule… (but that the standard SAP license agreement) is in sufficiently wide terms to entitle SAP to additional fees based on its own price list if there is no relevant price for the category of additional usage identified.”

In other words, if there’s a gap in SAP’s licensing, it can chose what license and what price to impose on the customer. That’s fairly alarming for any business seeking to be compliant.

SAP has sought to plug any gaps in its licensing via document licensing. This means that, for SAP ERP and SAP Enterprise Management (no other SAP products are covered), named user licenses are not required for digital access if the document licensing metric is chosen.

In our view, SAP’s initiative still has a way to go.

As an example, a license is currently required for “business partners” – any person, including individuals, that has any kind of business relationship with the SAP customer. For insurance companies, this includes all its policyholders (SAP calls them “insurants); for banks this includes all its customers, and for government the number count is of all “citizens”.

Document licence metric

The SAP terms state that consumers or constituents do not require Named User licenses but this is then countermanded by an “unless otherwise set forth herein”.

One would expect the document licensing metric to clarify the licensing exposure in a business to consumer-based organisation. But there are a number of types of document not covered by the document licence metric and are therefore not licensable on this basis. This includes:

  • For insurance companies: policy documentation, and claims records;
  • For banks: online correspondence with customers; transfer confirmations; mortgage and loan applications;
  • For government: large numbers of relationships  and details of for instance parking permits, passport applications, driving license details, building regulations consents granted, etc – needing potentially up to (in the UK) 67 million Business Partner Named User licenses for every government department and agency.

It can therefore be seen that any missteps by major corporates or by government to expand digital access usage to customers and the public could still trigger devastating financial claims by SAP. In the words of the judge in the Diageo case: “The plain and obvious meaning of ‘access’ in the context of the (SAP license) agreement is acquiring visibility of, or connection to, the … software.”

Of course, SAP may reassure customers that the idea of it imposing fees for indirect access by third-party users/clients/individuals could never happen. But it did. And that means important financial provisions in accounts for licensing costs rest solely on the willingness and reliability of an overseas-listed corporate, SAP SE, to waive license fees.

SAP has shown that it is willing to listen. However, its hopelessly constricted and opaque licensing terms (and secretive pricing) truly need a substantial rethink if customers, committed to being fully licensed, can know that the right SAP licenses are in place.

Robin Fry is a solicitor and legal director of Cerno Professional Services, which specialises in audit defence and strategic licence optimisation.



The risks that still won’t go away