How dependent is India on foreign enterprise software?

A modelled ~59% of India’s software-operating formal-sector value-added depends, at the ERP, database and cloud layer, on software controlled by foreign-headquartered vendors. The dependency is deepest in public cloud and ERP.

What is the 2027 SAP deadline?

SAP ECC mainstream support ends on 31 December 2027, forcing thousands of Indian enterprises to a migration decision — a moment that coincides with the AI reset and the emergence of credible Indian products.

Can India build sovereign enterprise software?

India has already built sovereign software at population scale through its digital public infrastructure (Aadhaar, UPI, MOSIP). The report sizes a ~USD 51 billion sovereign-software opportunity by 2035; the question is whether India extends that proven capability from its citizen rails to its enterprise core.

The SAP Question

Q: Which Indian companies and institutions run on SAP?

More than 5,000 Indian enterprises run SAP, including the operational core of ONGC, Indian Oil, NTPC, BHEL, SAIL, Bharat Electronics and the public-sector banks. The Indian Army runs one of the largest SAP ERP deployments in the Government of India.

India built the world's software workforce and imports the software that runs its own economy. This report measures that dependency — layer by layer and sector by sector — assesses the strategic and economic risk it creates, and argues that a narrow window has, for the first time in two decades, made it possible to change. This online edition carries the argument, the three frameworks and the headline findings in full; the complete ~170-page edition carries the evidence the way a board or a finance ministry needs it.

The Russia warning

In late February 2022, a category of risk strategists had treated as theoretical became real. Within days of the invasion of Ukraine, the world's largest enterprise-software companies — SAP, Oracle, Microsoft, IBM — suspended operations in Russia. The machines did not stop that day; existing installations kept running. But the country discovered, in real time, that the software at the core of its economy was not its own, and that in banking and much of industry there was no domestic system to fall back on. Russia's largest banks asked their own government to delay a mandated switch to home-grown technology until 2027, because nothing else existed.

That is the question this report makes unavoidable: not whether foreign enterprise software is good — it is often excellent — but who controls it, what depends on it, and what happens to a national economy if the relationship that supplies it changes. It is a question about software as a form of national power.

Enterprise, not consumer

India has had a digital-sovereignty debate, but it has been about the wrong layer. The public conversation has concerned data localisation, social media and the governance of consumer platforms — the visible, citizen-facing surface. The enterprise layer underneath, where the strategic dependency is deepest and the consequences of failure gravest, has gone almost undiscussed. Consumer software is visible, switchable and individually low-stakes; if one app is banned, another is installed by dinnertime. Enterprise software is the opposite on every count — invisible, extraordinarily hard to switch, and collectively high-stakes, because a single system can sit beneath the operations of an entire industry. The consumer layer is a marketplace; the enterprise layer is infrastructure.

The eleven-layer stack

The report's organising instrument is the digital dependency stack: an eleven-layer model of the software a modern economy runs on, from operating systems and databases through ERP, productivity and the public cloud, up to cybersecurity, identity, AI and the agent layer. For each layer the report asks the same five questions — who leads it, what share is foreign-controlled, what domestic alternative exists, how hard it is to switch, and how strategically critical it is — and scores it on the Enterprise Dependency Index from 0 to 100.

Figure — The Enterprise Dependency Index across India's eleven software layers. The layers the economy most depends on to operate — public cloud and ERP — are the most captured; the layers India built itself are the most sovereign. Higher means a deeper, more dangerous dependency.

The shape of the result is the thesis. At the top, in the Captured band, sit public cloud and ERP — the layers the physical economy most depends on to operate, the hardest to switch, with no domestic alternative at scale. At the bottom, in the Managed band, sit the three layers India built or adopted as open infrastructure for itself — server-side open source, identity and payment rails. The single most important pattern is that strategic criticality and switching difficulty rise together toward the top: India's dependency is concentrated precisely in the layers it can least afford to lose and least easily leave.

Three frameworks

The report measures the dependency with three proprietary instruments, each operating at a different scale. The Enterprise Dependency Index (EDI) scores each of the eleven layers. The Software Sovereignty Score (SSS) scores each sector of the economy. And the Digital Infrastructure Exposure Matrix (DIEM) rolls the picture up into a single, GVA-weighted national exposure figure. They compose: layers aggregate into sectors, sectors aggregate into the nation. Every score is published with its inputs, its weights and a sensitivity table, so the numbers are arguments made in the open rather than assertions.

Where SAP runs India

SAP — the German enterprise-software company — sits closer to the operational core of Indian industry than almost any Indian firm. More than five thousand Indian enterprises run it, including the operational core of ONGC, Indian Oil, NTPC, BHEL, SAIL, Bharat Electronics and the public-sector banks. Its India revenue reached roughly ₹8,870 crore in FY25. It runs the joint-venture accounting of offshore oil fields, the materials management of refineries, the plant maintenance of the national power fleet, and the procurement of a defence-electronics manufacturer. A modelled estimate places enterprises running SAP at twelve to eighteen per cent of India's GDP at the system-of-record layer.

5,000+

Indian enterprises running SAP, including the energy, power, metals and defence-production core

31 Dec 2027

SAP ECC end-of-support — the forced-migration deadline pushing thousands of enterprises to a decision

$16.3bn

India's 2024 payments for foreign intellectual property — nearly doubled since 2020

The build-versus-buy finding

The report's central finding is counter-intuitive: sovereignty is a function of whether the thing was built domestically, not of how strategic the sector is. Banking scores higher on the Software Sovereignty Score than manufacturing — despite being at least as strategic — for one reason: India built its own core-banking products (Infosys's Finacle, the India-originated FLEXCUBE), and manufacturing imported its system of record from SAP and Oracle. Where India built the product, sovereignty followed; where it imported, sovereignty was lost. The same mechanism runs from the layer level, through the sector level, to the nation — one idea at three scales, and it is the intellectual spine of the report.

The national exposure

Rolled up to the national scale, the Digital Infrastructure Exposure Matrix puts a single modelled number on the dependency.

Figure — The Digital Infrastructure Exposure Matrix (DIEM). A modelled 50–65 per cent — central case ~59 per cent — of India's software-operating formal-sector value-added depends, at the ERP, database and cloud layer, on foreign-headquartered software. Modelled; sensitivity-tested in the full report.

The exposure is concentrated in manufacturing, energy and large financial-services firms, and it is rising as cloud migration continues. The economic cost is visible in the external accounts, where India's payments for foreign intellectual property and software have nearly doubled in four years — growing far faster than the economy and more than ten times what the country earns back.

The AI fork

The AI reset is the first real opening in two decades, and it cuts both ways. Agentic AI lets the incumbents embed agents trained on the enterprise's own data and deepen the lock-in — but it also collapses the cost of building a greenfield, AI-native alternative, attacking the switching cost that was SAP's deepest moat. The same technology is simultaneously the incumbents' strongest defence and the challengers' best weapon. Which force prevails decides India's 2035 outcome, and the two are racing each other in time.

Five scenarios to 2035

Run forward under five scenarios, the national exposure figure spreads dramatically — and the spread is the strategic stake of the decade.

Figure — India's national software exposure (DIEM) projected to 2035 under five scenarios. The same country reaches 71 per cent captured or 38 per cent sovereign depending on the choices made before the 2027 window closes. The spread is the strategic stake of the decade.

Under Business as Usual, in which India acts deliberately on nothing, the dependency deepens to around 71 per cent as cloud migration and the incumbents' AI advantage compound. Under an AI Leapfrog, in which India uses the build-cost collapse and its own advantages to assemble a sovereign AI-native stack, it falls to around 38 per cent. The same country, over the same decade, reaches either outcome depending on choices made before the window closes — and a Strategic Software Crisis, in which a geopolitical shock forces sovereignty by emergency at far higher cost, waits as the warning against delay.

The sovereign opportunity

Against that exposure sits an opportunity the report sizes at roughly USD 51 billion — the central estimate of the sovereign-software market India could capture by 2035, within a total addressable enterprise-software-and-cloud market reaching around USD 169 billion. Of India's current foreign-software spending, an estimated USD 4.6–10.2 billion a year (central ~USD 7.4 billion) is realistically replaceable. And the report sizes the public cost of acting: a modelled ₹68,000 crore (~USD 8 billion) Sovereign Software Mission over five years — cheaper than a single year of the foreign-IP outflow it would reduce, and paying for itself within about a year of operation. India has already proved it can build sovereign software at billion-user scale: Aadhaar, UPI and the MOSIP identity platform now exported abroad are the existence proof. The opportunity is not the creation of a capability from nothing; it is the extension of a proven one from India's citizen rails to its enterprise core.

What the full report adds

This online edition gives you the argument and the headline numbers. The complete ~170-page flagship edition gives you the proof a decision-maker needs: the full EDI, SSS and DIEM methodologies with every input, weight and sensitivity table; the sector-by-sector map of where SAP runs India, with the PSU deployments documented and labelled by source strength; the quantified strategic-risk simulations including the Russia-2022 withdrawal modelled against India; the cybersecurity and software-supply-chain exposure; the Indian-SaaS and open-source landscape in depth, including whether Zoho can become India's SAP; the AI-native enterprise-stack thesis; the sovereign-software TAM, import-replacement and Sovereign Software Mission cost models in full; the five DIEM scenarios with their causal chains and leading indicators; the four-actor strategic roadmap with moves sequenced around the 2027 deadline; and eight data appendices, including a top-vendor database. Twenty-two figures, twenty-one data tables, eight appendices.