Enterprise AI is the double-edged sword your software vendors are very keen for you to pick up – and considerably less keen to explain properly.
One edge offers genuine benefits: better visibility into your software landscape, faster insights, and real operational leverage. The other edge carries risk most organisations are not yet accounting for: new compliance exposures, reshaped licensing obligations, and AI arriving in renewal proposals whether it has been asked for or not.
Understanding both edges is not optional. It is the difference between wielding a competitive advantage and absorbing an unplanned cost.
SAP, Oracle, Microsoft, ServiceNow, Salesforce and other vendors are embedding AI into their platforms at pace. And in return, enterprise software customers are being asked to make significant commercial commitments to a landscape that is still shifting under their feet.
This blog takes a practical look at what enterprise AI adoption actually means for your software licensing position, on three fronts:
These are not theoretical concerns. They are playing out in real contracts, real renewal negotiations, and real compliance conversations right now.
Enterprise AI is no longer a roadmap item. It is live across the platforms most large organisations depend on daily, embedded into products and pricing structures whether customers have asked for it or not.
Here’s an overview of where the major vendors currently sit:
Oracle is embedding AI across its Fusion Cloud application suite. Importantly, AI for Fusion Apps and AI available through OCI are distinct propositions with different licensing structures. Oracle BYOL arrangements taken to hyperscalers do not automatically include new AI services, and active support is mandatory but AI capabilities are frequently excluded from existing support scope.
SAP’s Joule generative AI copilot is embedded across S/4HANA Cloud for in-app capabilities. Beyond base Joule, extended AI capabilities require the AI Platform on SAP BTP – a separate consumption model. SAP also published a significant API policy update in April 2026 restricting third-party AI agent access to SAP systems, which carries material compliance implications for customers (covered in more detail later in the blog).
Microsoft Copilot is now a permanent fixture across M365, Dynamics and Azure – no longer a promotional add-on. Copilot access is tied to specific licence tiers, and from July 2026 Microsoft is restructuring its bundle pricing to further embed AI. Despite the investment, internal Microsoft data indicates that a significant proportion of M365 licences with Copilot access remain inactive or underutilised – a pattern consistent with organisations that committed before validating their use case.
ServiceNow offers a broad portfolio of AI capabilities across ITSM, CSM, HRSD, generative AI, AI agents and AI Control Tower – each with different licensing implications depending on which platform tier and modules are in play. ServiceNow customers approaching renewal need to be specific about which AI capabilities they are actually buying, rather than accepting broad AI bundle inclusions.
Salesforce has moved aggressively on AI agents, positioning Agentforce as a flagship commercial offering with its own consumption-based pricing model sitting on top of existing user licences. Consumption credit overage is fast becoming the primary financial risk for Salesforce customers – the cost of AI interactions can escalate quickly, and most organisations do not have a clear picture of what actually constitutes a billable event.
The pattern across these five vendors is consistent: AI is being embedded into pricing structures, bundle inclusions and renewal proposals in ways that require active interrogation rather than passive acceptance.
Before getting into the compliance and commercial detail, it helps to understand that not all enterprise AI is the same – and the distinction matters for how licensing risk plays out.
SaaS AI refers to the AI capabilities built directly into the enterprise platforms organisations already subscribe to. Examples include:
These tools are rule-bound or model-bound: the AI suggests, predicts or assists, but humans (or fixed workflows) remain in the decision loop. The vendor manages the stack. Actions are constrained to what the platform itself can do. The risk profile is relatively contained.
The licensing risk in this category is primarily commercial:
Agentic AI is a different proposition. These are autonomous agents that plan, decide and act toward goals with limited human supervision – “digital employees” capable of running workflows end-to-end across multiple enterprise systems. An agentic AI might orchestrate a process that touches SAP, ServiceNow and Salesforce simultaneously, making decisions and triggering actions at each step.
The capability is real and growing, and the risk profile is much higher, as misconfigured agents can take unintended actions at machine speed.
Adding to this, agents operating across enterprise platforms raise immediate and largely unresolved questions about licensing. If an AI agent is accessing your SAP environment, your Oracle database, or your ServiceNow instance to carry out its work – what licence covers that access?
In most cases, the answer is that existing contracts were not written with this in mind. And vendors are actively moving to close that gap – on their terms.
Most organisations will end up with both types of AI in their environment. The question is not which to choose – it is whether you understand which is operating where, and what each means for your licence position.
AI tools are increasingly capable of doing things in software licence management that previously required significant manual effort, creating a real opportunity for enterprise organisations.
Here are some examples of where AI is adding meaningful value in this space:
There is an important caveat that should be addressed here: AI reads data, not contracts. AI tools can tell you what is happening with your software usage, but they can’t tell you what that means under your specific licence agreements.
Enterprise software licensing is not a data problem – it is a contract interpretation problem. The nuances that determine whether a usage pattern constitutes a compliance breach, or what the correct metric is for a specific licence type, or how an indirect access clause applies to a particular integration – none of that lives in usage data. It lives in contract schedules and the accumulated interpretation of complex licence terms.
AI used well – as an efficiency layer on top of genuine licensing expertise – is genuinely powerful. AI used as a substitute for that expertise is a risk. The organisations that will get the most value from AI in licence management are those that use it to do more, faster, rather than those that use it to remove the human expertise from the equation.
The licensing compliance risks that AI is introducing into enterprise software environments are not getting nearly enough attention relative to the noise around AI’s benefits. This is not a future concern – it is already showing up in contracts, renewal negotiations, and audit conversations. At Invictus Partners, we are seeing it play out in real client situations.
When AI systems – particularly external or third-party AI agents – access your enterprise applications to retrieve data or execute actions, they may be triggering licence obligations under your existing agreements. Most organisations have not thought through the implications of this, and most vendors are actively moving to close the gap in their favour.
Enterprise software licence agreements have long distinguished between direct users (people who log in and use the system) and indirect users (people or systems that access the application’s data or outputs through another system). Indirect access has historically been one of the most contested and expensive areas of enterprise licence compliance.
That is why it is best to think of AI agents as a new category of indirect access. When an AI agent queries your ERP, pulls records from your CRM, reads data from your ITSM platform, or triggers workflows in your HR system, it is accessing that licensed environment. Whether your current licence agreements require you to licence that access – and how – is a question most organisations have not yet asked.
Vendors are already indicating that this is the direction. In April 2026, Microsoft executive Rajesh Jha proposed that AI agents should be treated as licensed software users in their own right – each agent a potential paid seat, with its own identity, login, and permissions. His framing was direct: “all of those embodied agents are seat opportunities.” It is difficult to read that as anything other than a clear signal of where Microsoft intends to take its commercial model.
The Reddit thread that captured this conversation put it more bluntly:
“You’re switching from a cost you control (employee salaries) to a cost your vendor controls (LLM tokens).”
That is precisely the exposure enterprise organisations need to think through before they deploy AI agents at scale.
Here's the thing about AI and software licensing that vendors are hoping you won't notice until it's too late. As AI takes over processes that used to require named users, organisations do the logical thing: they look to cut user licences. Fewer people touching the system, fewer seats needed, the bill goes down.
Except the vendors have done the maths too. The response – already visible across SAP, Oracle and Microsoft – is introducing consumption-based AI charges that quietly replace the lost user licence revenue. You're using the platform more than ever, you're just not using people to do it. Vendors are now pricing for the difference.
This is what's being called the AI tax – and in the SAP world specifically, indirect access 2.0. The dynamic is structurally similar to the indirect access reckoning that blindsided SAP customers in 2017, except the contracts are even less prepared for it this time around.
It gets more complicated if you're running perpetual licences or on-premise deployments, which most large organisations still are. Here are a few specific traps worth knowing:
SAP has made this dynamic explicit in a way that most vendors have not yet formalised. In April 2026, SAP published an updated API policy that prohibits the use of SAP APIs for interaction or integration with third-party AI agents that plan, select, or execute sequences of API calls.
In practical terms: if your organisation is using a third-party AI agent to access SAP data – even data your organisation owns – you may now have a compliance problem that SAP’s own customers using Joule do not have. This is more of a commercially convenient move for SAP than the infrastructure-protection framing that was offered as explanation.
SAP is the most explicit and legally binding in how it has drawn this line. Salesforce and ServiceNow have implemented quieter versions of the same logic – embedding structural disadvantages for third-party agents without a formal policy document.
The pattern is consistent across the major enterprise platforms: vendors are not blocking AI, they are steering it toward their own AI, through policy, architecture, and licensing.
Compounding this is the rise of what is now being called shadow AI – AI tools being adopted and used by individuals or teams without central IT or procurement visibility. According to the Netskope Cloud and Threat Report 2026, the average enterprise runs 1,200 unofficial AI applications, with 47% of generative AI users accessing tools through personal, unmanaged accounts.
From a software licensing perspective, shadow AI creates a specific exposure: team members using AI tools that access, process or export data from licensed enterprise systems, potentially in ways that trigger indirect access obligations under existing agreements – with no organisational awareness that this is happening.
The more immediate question for most enterprise software customers is: what are you already paying for, and what are you being pushed into paying for next?
Across SAP, Oracle, Microsoft, ServiceNow and Salesforce, AI capabilities are increasingly being packaged into product tiers, renewals, and upgrade proposals – not as optional add-ons the customer evaluates and chooses, but as default inclusions that arrive with the renewal.
Customers who do not actively interrogate what has changed in their commercial proposal may find they have committed to AI capabilities they did not request, have not deployed, and may not need.
The typical commercial playbook looks like this:
This is a question that is not being asked often enough. Many organisations already have AI projects underway – custom integrations, Azure OpenAI implementations, third-party platforms, or tools built internally. When vendors embed AI into their platforms, those organisations face the possibility of paying twice: once for what they have already built, and again for the AI now bundled into their enterprise software renewal.
The honest conversation organisations need to have before any AI-inclusive renewal is: does this vendor AI complement what we are already doing, duplicate it, or conflict with it? In many cases, that conversation is not happening until after the commercial commitment has been made.
The traditional enterprise software pricing model – one licence per human user – is under structural pressure from AI. IDC predicts that by 2028, pure seat-based pricing will be obsolete, with 70% of software vendors refactoring their pricing strategies around consumption, outcomes, or organisational capability metrics.
For enterprise software customers, this transition period is the most commercially dangerous point. Vendors are simultaneously trying to protect the seat model – by extending it to cover AI agents as purchasable seats – and introducing consumption models that are harder to forecast and control. Organisations that enter this transition without a clear view of their licensing position, their usage patterns, and their contractual rights will find themselves at a significant disadvantage.
None of this requires a defensive or anti-AI position. It requires the same commercial discipline that should apply to any significant change to your enterprise software environment.
Before evaluating what AI to adopt, understand what AI is already operating in your environment, as each of these has potential licence implications that need to be understood. This includes:
When any vendor presents AI with a consumption credit or token model, we recommend asking for a precise definition on what constitutes a single interaction or billable consumption event. For example, is it the user’s question, or every downstream call the agent makes to answer it? Your expected usage should then be modelled against that definition before you commit.
Invictus Partners has worked with clients where modelling the actual consumption cycle of a single AI-assisted transaction revealed costs that bore no resemblance to the vendor’s headline figures. If the vendor cannot provide this level of detail, that is itself important information.
It is a good idea to pilot AI features with a limited user pool before broader rollout. This gives you real consumption data to validate vendor projections, surfaces integration issues before they become expensive, and provides a defensible factual basis for the commercial conversation that follows.
Much of the commercial risk arises from organisations accepting renewal proposals without clarifying what has changed. When an AI-inclusive renewal proposal arrives, the questions to ask are:
AI consumption can escalate quickly. Quarterly reporting will not cut it – by the time an overage surfaces in a quarterly report, the exposure has been accumulating for months and the vendor holds all the leverage. Ask for fortnightly or monthly consumption reporting as a contractual term, and make sure your SAM processes are set up to act on it.
When AI consumption is treated as a shared IT cost, business units have little incentive to manage their usage carefully. Chargeback models – where the cost of AI consumption is attributed to the business unit generating it – create accountability and discipline.
An added benefit is that they can help to surface the real use cases: when business units know they are paying, they tend to invest the time to build a proper business case rather than deploying AI speculatively.
Indirect access clauses, permitted use definitions, and API usage terms in your current enterprise software agreements may already have implications for how AI can access those systems. This is especially important for SAP customers given the explicit policy change, but the question applies across every major platform.
Where possible, seek amendments that explicitly address AI-triggered access – usage rights clauses, AI consumption definitions, data sovereignty guarantees, and exit rights and data portability terms should all be on the table before you are too embedded to negotiate them.
Software asset management programs built for the pre-AI era are not equipped to track AI-specific entitlements, consumption-based cost structures, or the compliance exposure that AI agent access creates. AI needs to be built into SAM governance explicitly – new metrics, new entitlement categories, new monitoring requirements – not retrofitted after a compliance issue surfaces.
AI tools can genuinely accelerate licence analysis, usage monitoring and compliance preparation – and organisations should be using them. The key is to verify the findings against the source documents, and make sure someone with genuine expertise in the specific licence terms is interpreting what the data means. AI can surface the picture, but interpreting the contract is still a human job.
Enterprise AI is reshaping what enterprise software is – how it’s priced, how it’s accessed, and what compliance obligations it creates. Every major platform your organisation relies on will have a meaningful AI component within the next two to three years, commercially and functionally. That is a reason to be ready.
The organisations that navigate this well will be those that understand their licence position before AI changes it, scrutinise what arrives in renewal proposals, and apply the same commercial rigour to AI terms that they apply to everything else.
The vendor conversation about AI is loud, fast, and commercially motivated. The most valuable thing an enterprise organisation can do right now is make sure it is an informed participant in that conversation – not just a recipient of it.