Industry Insights - Invictus Partners

Enterprise AI and Software Licensing: The Double-edged Sword Your Vendors Won't Warn You About

Written by Invictus Partners | Jul 3, 2026 2:11:19 AM

 

 

 

 

 

Enterprise AI is the double-edged sword your software vendors are very keen for you to pick up – and considerably less keen to explain properly.

One edge offers genuine benefits: better visibility into your software landscape, faster insights, and real operational leverage. The other edge carries risk most organisations are not yet accounting for: new compliance exposures, reshaped licensing obligations, and AI arriving in renewal proposals whether it has been asked for or not.

Understanding both edges is not optional. It is the difference between wielding a competitive advantage and absorbing an unplanned cost.

SAP, Oracle, Microsoft, ServiceNow, Salesforce and other vendors are embedding AI into their platforms at pace. And in return, enterprise software customers are being asked to make significant commercial commitments to a landscape that is still shifting under their feet.

This blog takes a practical look at what enterprise AI adoption actually means for your software licensing position, on three fronts:

  1. The genuine opportunity AI creates for better software licence management.
  2. The compliance exposure AI introduces through how it accesses enterprise systems.
  3. The commercial risks embedded in how vendors are packaging and selling AI.

These are not theoretical concerns. They are playing out in real contracts, real renewal negotiations, and real compliance conversations right now.

 

What enterprise AI actually looks like right now

Enterprise AI is no longer a roadmap item. It is live across the platforms most large organisations depend on daily, embedded into products and pricing structures whether customers have asked for it or not.

Here’s an overview of where the major vendors currently sit:

Oracle AI (Fusion Apps AI / OCI)

Oracle is embedding AI across its Fusion Cloud application suite. Importantly, AI for Fusion Apps and AI available through OCI are distinct propositions with different licensing structures. Oracle BYOL arrangements taken to hyperscalers do not automatically include new AI services, and active support is mandatory but AI capabilities are frequently excluded from existing support scope.

SAP AI (Joule / BTP AI Platform)

SAP’s Joule generative AI copilot is embedded across S/4HANA Cloud for in-app capabilities. Beyond base Joule, extended AI capabilities require the AI Platform on SAP BTP – a separate consumption model. SAP also published a significant API policy update in April 2026 restricting third-party AI agent access to SAP systems, which carries material compliance implications for customers (covered in more detail later in the blog).

Microsoft AI (Copilot / M365)

Microsoft Copilot is now a permanent fixture across M365, Dynamics and Azure – no longer a promotional add-on. Copilot access is tied to specific licence tiers, and from July 2026 Microsoft is restructuring its bundle pricing to further embed AI. Despite the investment, internal Microsoft data indicates that a significant proportion of M365 licences with Copilot access remain inactive or underutilised – a pattern consistent with organisations that committed before validating their use case.

ServiceNow AI (Now Assist / AI Platform)

ServiceNow offers a broad portfolio of AI capabilities across ITSM, CSM, HRSD, generative AI, AI agents and AI Control Tower – each with different licensing implications depending on which platform tier and modules are in play. ServiceNow customers approaching renewal need to be specific about which AI capabilities they are actually buying, rather than accepting broad AI bundle inclusions.

Salesforce AI (Agentforce)

Salesforce has moved aggressively on AI agents, positioning Agentforce as a flagship commercial offering with its own consumption-based pricing model sitting on top of existing user licences. Consumption credit overage is fast becoming the primary financial risk for Salesforce customers – the cost of AI interactions can escalate quickly, and most organisations do not have a clear picture of what actually constitutes a billable event.

The pattern across these five vendors is consistent: AI is being embedded into pricing structures, bundle inclusions and renewal proposals in ways that require active interrogation rather than passive acceptance.

The two types of enterprise AI – and why the distinction matters

Before getting into the compliance and commercial detail, it helps to understand that not all enterprise AI is the same – and the distinction matters for how licensing risk plays out.

SaaS AI: embedded, governed, vendor-managed

SaaS AI refers to the AI capabilities built directly into the enterprise platforms organisations already subscribe to. Examples include:

  • Copilot inside M365
  • Joule inside S/4HANA
  • Now Assist inside ServiceNow
  • Agentforce within the Salesforce platform

These tools are rule-bound or model-bound: the AI suggests, predicts or assists, but humans (or fixed workflows) remain in the decision loop. The vendor manages the stack. Actions are constrained to what the platform itself can do. The risk profile is relatively contained.

The licensing risk in this category is primarily commercial:

  • What is included in your current tier?
  • What requires a true-up or upgrade to access?
  • What does the consumption model look like once you move beyond base entitlements?

Agentic AI: autonomous, cross-platform, higher stakes

Agentic AI is a different proposition. These are autonomous agents that plan, decide and act toward goals with limited human supervision – “digital employees” capable of running workflows end-to-end across multiple enterprise systems. An agentic AI might orchestrate a process that touches SAP, ServiceNow and Salesforce simultaneously, making decisions and triggering actions at each step.

The capability is real and growing, and the risk profile is much higher, as misconfigured agents can take unintended actions at machine speed.

Adding to this, agents operating across enterprise platforms raise immediate and largely unresolved questions about licensing. If an AI agent is accessing your SAP environment, your Oracle database, or your ServiceNow instance to carry out its work – what licence covers that access?

In most cases, the answer is that existing contracts were not written with this in mind. And vendors are actively moving to close that gap – on their terms.

Most organisations will end up with both types of AI in their environment. The question is not which to choose – it is whether you understand which is operating where, and what each means for your licence position.

The opportunity: AI can give you better visibility into your software licence position

AI tools are increasingly capable of doing things in software licence management that previously required significant manual effort, creating a real opportunity for enterprise organisations.

Here are some examples of where AI is adding meaningful value in this space:

  • Usage anomaly detection: AI can monitor licence usage data at a scale and frequency that no manual process can match, surfacing anomalies (e.g. overuse, underuse, unexpected access patterns) in near real time.
  • Spend optimisation: Automated analysis of licence deployment versus entitlement can identify material savings opportunities (e.g. unused licences, duplicated tools, sub-optimal tiers) faster than traditional software asset management (SAM) approaches.
  • Renewal preparation: AI-assisted analysis of usage patterns ahead of renewal cycles gives organisations a stronger factual foundation for negotiation, rather than relying on vendor-supplied data.
  • Continuous compliance monitoring: Rather than point-in-time audits, AI enables a more continuous picture of compliance position, which is important as software environments become more dynamic.

There is an important caveat that should be addressed here: AI reads data, not contracts. AI tools can tell you what is happening with your software usage, but they can’t tell you what that means under your specific licence agreements.

Enterprise software licensing is not a data problem it is a contract interpretation problem. The nuances that determine whether a usage pattern constitutes a compliance breach, or what the correct metric is for a specific licence type, or how an indirect access clause applies to a particular integration none of that lives in usage data. It lives in contract schedules and the accumulated interpretation of complex licence terms.

AI used well as an efficiency layer on top of genuine licensing expertise is genuinely powerful. AI used as a substitute for that expertise is a risk. The organisations that will get the most value from AI in licence management are those that use it to do more, faster, rather than those that use it to remove the human expertise from the equation.

The compliance risk: AI is quietly creating new licence exposure

The licensing compliance risks that AI is introducing into enterprise software environments are not getting nearly enough attention relative to the noise around AI’s benefits. This is not a future concern – it is already showing up in contracts, renewal negotiations, and audit conversations. At Invictus Partners, we are seeing it play out in real client situations.

When AI systems – particularly external or third-party AI agents – access your enterprise applications to retrieve data or execute actions, they may be triggering licence obligations under your existing agreements. Most organisations have not thought through the implications of this, and most vendors are actively moving to close the gap in their favour.

Is AI a user? The indirect access question

Enterprise software licence agreements have long distinguished between direct users (people who log in and use the system) and indirect users (people or systems that access the application’s data or outputs through another system). Indirect access has historically been one of the most contested and expensive areas of enterprise licence compliance.

That is why it is best to think of AI agents as a new category of indirect access. When an AI agent queries your ERP, pulls records from your CRM, reads data from your ITSM platform, or triggers workflows in your HR system, it is accessing that licensed environment. Whether your current licence agreements require you to licence that access – and how – is a question most organisations have not yet asked.

Vendors are already indicating that this is the direction. In April 2026, Microsoft executive Rajesh Jha proposed that AI agents should be treated as licensed software users in their own right – each agent a potential paid seat, with its own identity, login, and permissions. His framing was direct: “all of those embodied agents are seat opportunities.” It is difficult to read that as anything other than a clear signal of where Microsoft intends to take its commercial model.

The Reddit thread that captured this conversation put it more bluntly:

“You’re switching from a cost you control (employee salaries) to a cost your vendor controls (LLM tokens).”

That is precisely the exposure enterprise organisations need to think through before they deploy AI agents at scale.

Indirect access 2.0: the emerging AI tax

Here's the thing about AI and software licensing that vendors are hoping you won't notice until it's too late. As AI takes over processes that used to require named users, organisations do the logical thing: they look to cut user licences. Fewer people touching the system, fewer seats needed, the bill goes down.

Except the vendors have done the maths too. The response – already visible across SAP, Oracle and Microsoft – is introducing consumption-based AI charges that quietly replace the lost user licence revenue. You're using the platform more than ever, you're just not using people to do it. Vendors are now pricing for the difference.

This is what's being called the AI tax – and in the SAP world specifically, indirect access 2.0. The dynamic is structurally similar to the indirect access reckoning that blindsided SAP customers in 2017, except the contracts are even less prepared for it this time around.

It gets more complicated if you're running perpetual licences or on-premise deployments, which most large organisations still are. Here are a few specific traps worth knowing:

  • Perpetual licences written before AI existed have no AI consumption clauses. There's nothing in the contract that accounts for what an AI agent does inside the system.
  • Named User Plus metrics were never designed to capture AI agent activity, so the metric your compliance position is measured against may be the wrong one entirely.
  • BYOL arrangements taken to cloud hyperscalers often don't include AI feature rights, which means AI use in the cloud can put you in breach of your on-premise contract.

The SAP API policy: a concrete example

SAP has made this dynamic explicit in a way that most vendors have not yet formalised. In April 2026, SAP published an updated API policy that prohibits the use of SAP APIs for interaction or integration with third-party AI agents that plan, select, or execute sequences of API calls.

In practical terms: if your organisation is using a third-party AI agent to access SAP data even data your organisation owns you may now have a compliance problem that SAP’s own customers using Joule do not have. This is more of a commercially convenient move for SAP than the infrastructure-protection framing that was offered as explanation.

SAP is the most explicit and legally binding in how it has drawn this line. Salesforce and ServiceNow have implemented quieter versions of the same logic embedding structural disadvantages for third-party agents without a formal policy document.

The pattern is consistent across the major enterprise platforms: vendors are not blocking AI, they are steering it toward their own AI, through policy, architecture, and licensing.

Shadow AI and the compliance blind spot

Compounding this is the rise of what is now being called shadow AI AI tools being adopted and used by individuals or teams without central IT or procurement visibility. According to the Netskope Cloud and Threat Report 2026, the average enterprise runs 1,200 unofficial AI applications, with 47% of generative AI users accessing tools through personal, unmanaged accounts.

From a software licensing perspective, shadow AI creates a specific exposure: team members using AI tools that access, process or export data from licensed enterprise systems, potentially in ways that trigger indirect access obligations under existing agreements with no organisational awareness that this is happening.

The commercial risks: vendors are embedding AI whether you want it or not

The more immediate question for most enterprise software customers is: what are you already paying for, and what are you being pushed into paying for next?

Bundled in, whether you want it or not

Across SAP, Oracle, Microsoft, ServiceNow and Salesforce, AI capabilities are increasingly being packaged into product tiers, renewals, and upgrade proposals not as optional add-ons the customer evaluates and chooses, but as default inclusions that arrive with the renewal.

Customers who do not actively interrogate what has changed in their commercial proposal may find they have committed to AI capabilities they did not request, have not deployed, and may not need.

The typical commercial playbook looks like this:

  • Tier upgrades: AI features are gated behind higher-tier plans. Accessing them requires moving to a more expensive licence tier often framed as a standard upgrade rather than a material commercial change.
  • Consumption-based overlays: AI interactions (queries, assists, agent actions, tokens) are metered and billed on top of existing subscriptions. Without visibility into how usage translates into billable events, organisations cannot forecast cost or model exposure.
  • Module retirement and repositioning: Vendors retire older modules and migrate customers to AI-enabled equivalents at higher price points a commercial change dressed as a product upgrade.
  • Forced cloud migration: AI features are frequently available only in cloud editions, excluding on-premise deployments from the AI roadmap. For organisations with significant on-premise investments, adopting vendor AI means being steered toward cloud migration – and a new commercial agreement to go with it.

How does vendor AI fit your existing AI roadmap?

This is a question that is not being asked often enough. Many organisations already have AI projects underway custom integrations, Azure OpenAI implementations, third-party platforms, or tools built internally. When vendors embed AI into their platforms, those organisations face the possibility of paying twice: once for what they have already built, and again for the AI now bundled into their enterprise software renewal.

The honest conversation organisations need to have before any AI-inclusive renewal is: does this vendor AI complement what we are already doing, duplicate it, or conflict with it? In many cases, that conversation is not happening until after the commercial commitment has been made.

The seat model is changing – and the implications are significant

The traditional enterprise software pricing model one licence per human user is under structural pressure from AI. IDC predicts that by 2028, pure seat-based pricing will be obsolete, with 70% of software vendors refactoring their pricing strategies around consumption, outcomes, or organisational capability metrics.

For enterprise software customers, this transition period is the most commercially dangerous point. Vendors are simultaneously trying to protect the seat model by extending it to cover AI agents as purchasable seats and introducing consumption models that are harder to forecast and control. Organisations that enter this transition without a clear view of their licensing position, their usage patterns, and their contractual rights will find themselves at a significant disadvantage.

What enterprise organisations should be doing now

None of this requires a defensive or anti-AI position. It requires the same commercial discipline that should apply to any significant change to your enterprise software environment.

Audit what AI is already accessing your licensed systems

Before evaluating what AI to adopt, understand what AI is already operating in your environment, as each of these has potential licence implications that need to be understood. This includes:

  • Vendor-embedded AI that may have arrived with recent upgrades;
  • Internal or third-party AI tools connecting to enterprise systems; and
  • Shadow AI that may be running without central visibility.

Understand your consumption model before you sign

When any vendor presents AI with a consumption credit or token model, we recommend asking for a precise definition on what constitutes a single interaction or billable consumption event. For example, is it the user’s question, or every downstream call the agent makes to answer it? Your expected usage should then be modelled against that definition before you commit.

Invictus Partners has worked with clients where modelling the actual consumption cycle of a single AI-assisted transaction revealed costs that bore no resemblance to the vendor’s headline figures. If the vendor cannot provide this level of detail, that is itself important information.

Pilot before you expand

It is a good idea to pilot AI features with a limited user pool before broader rollout. This gives you real consumption data to validate vendor projections, surfaces integration issues before they become expensive, and provides a defensible factual basis for the commercial conversation that follows.

Interrogate AI inclusions in renewal proposals

Much of the commercial risk arises from organisations accepting renewal proposals without clarifying what has changed. When an AI-inclusive renewal proposal arrives, the questions to ask are:

  • What AI features are being added, and what tier or pricing model change does that require?
  • What is the consumption model, how is a consumption event defined, and how does cost scale with usage?
  • Does this vendor AI complement, duplicate, or conflict with AI investments the organisation has already made?
  • What consumption caps, overage protections, and price controls are available?

Demand regular compliance reporting – more often than you think

AI consumption can escalate quickly. Quarterly reporting will not cut it – by the time an overage surfaces in a quarterly report, the exposure has been accumulating for months and the vendor holds all the leverage. Ask for fortnightly or monthly consumption reporting as a contractual term, and make sure your SAM processes are set up to act on it.

Implement internal chargeback models

When AI consumption is treated as a shared IT cost, business units have little incentive to manage their usage carefully. Chargeback models – where the cost of AI consumption is attributed to the business unit generating it – create accountability and discipline.

An added benefit is that they can help to surface the real use cases: when business units know they are paying, they tend to invest the time to build a proper business case rather than deploying AI speculatively.

Review your contracts before your next renewal

Indirect access clauses, permitted use definitions, and API usage terms in your current enterprise software agreements may already have implications for how AI can access those systems. This is especially important for SAP customers given the explicit policy change, but the question applies across every major platform.

Where possible, seek amendments that explicitly address AI-triggered access – usage rights clauses, AI consumption definitions, data sovereignty guarantees, and exit rights and data portability terms should all be on the table before you are too embedded to negotiate them.

Build AI into your SAM program

Software asset management programs built for the pre-AI era are not equipped to track AI-specific entitlements, consumption-based cost structures, or the compliance exposure that AI agent access creates. AI needs to be built into SAM governance explicitly new metrics, new entitlement categories, new monitoring requirements not retrofitted after a compliance issue surfaces.

Use AI to help – but verify

AI tools can genuinely accelerate licence analysis, usage monitoring and compliance preparation – and organisations should be using them. The key is to verify the findings against the source documents, and make sure someone with genuine expertise in the specific licence terms is interpreting what the data means. AI can surface the picture, but interpreting the contract is still a human job.

The bottom line

Enterprise AI is reshaping what enterprise software is how it’s priced, how it’s accessed, and what compliance obligations it creates. Every major platform your organisation relies on will have a meaningful AI component within the next two to three years, commercially and functionally. That is a reason to be ready.

The organisations that navigate this well will be those that understand their licence position before AI changes it, scrutinise what arrives in renewal proposals, and apply the same commercial rigour to AI terms that they apply to everything else.

The vendor conversation about AI is loud, fast, and commercially motivated. The most valuable thing an enterprise organisation can do right now is make sure it is an informed participant in that conversation not just a recipient of it.