The Hidden Balance Sheet: What SaaS Sprawl Actually Costs the Business You Think You’re Running
The short answer
The average organisation runs 831 apps with 36% of licenses unused. Rather than buying more SaaS management platforms, the fix is to own your core infrastructure—turning compounding subscription liabilities into owned equity.
The stack no one approved
Ask a founder how many software tools their company runs, and you’ll get a number that’s wrong by an order of magnitude. Not because they’re hiding anything. Because no one signed off on most of it. The modern organisation now runs an average of 831 applications, and 61.3% of that portfolio is Shadow IT: software discovered through browser activity and expense reports, not procurement. At enterprise scale the average portfolio reaches 2,191 applications. Per employee, the average worker now touches 40 different tools just to get through the day. Nobody built this stack on purpose. It accreted, one free trial and one expensed subscription at a time, until it became rent nobody remembers agreeing to pay.
This isn’t really a story about employees behaving badly. It’s what happens when adopting a tool costs a credit card swipe and tracking what you already own still costs someone’s full attention. That gap, between how cheap it is to add a tool and how expensive it is to notice you don’t need it, is where the waste lives.
What thirty-six percent actually costs
Here’s the number that should appear on every board deck and almost never does. Zylo’s 2026 SaaS Management Index, built on more than 40 million licenses and $75 billion in tracked spend, found that organisations leave an average of 36% of their SaaS licenses unused against industry-recommended utilisation levels. Median SaaS spend per employee now sits at $9,455. Put that through a mid-sized company: 200 employees at the median spend works out to roughly $1.89 million a year in SaaS. Thirty-six percent of that, call it $681,000, has no output attached to it at all. Not a bad tool. Not a failed rollout. Just money leaving the building for licenses nobody opens.
Part of why the waste compounds is that visibility has decentralised faster than governance can keep up. Business units now control 81% of SaaS spend directly, while IT holds direct oversight of just 15%. The department that could actually see the whole stack no longer buys most of it, and the departments doing the buying have no reason to look at the whole picture. Nobody’s lying about their tools. Nobody’s looking at all of them at once.
The invoice that grows on its own
Even the licenses you do use are getting more expensive without you doing anything to deserve it. Vertice’s SaaS Inflation Index, drawn from over $30 billion in processed enterprise spend, put the rate at 13.2% in March 2026, nearly two full percentage points higher than the same month a year earlier, after peaking at 14.7% during the year-end renewal crunch of late 2025. Through early 2026 the rate held between 12.2% and 14.5%. This isn’t inflation in the economy-wide sense. It’s a repricing of your dependency. A vendor that knows switching is expensive will charge accordingly, on a renewal cycle you didn’t choose, for a feature set you might not even need anymore.
Rent, unlike a mortgage, has no principal. The number just resets higher every year, and you own no more of the system than you did on day one.
The security bill hiding inside the convenience
Sprawl isn’t only a finance problem. IBM’s 2025 Cost of a Data Breach Report found that breaches involving shadow AI (tools adopted without IT’s knowledge, now a fast-growing subset of the same shadow stack) account for 20% of all breaches, cost an average of $4.63 million, about $670,000 more than a standard incident, and that 97% of organisations breached this way lacked proper access controls on the tool involved. It’s the same pattern as the license-waste story: a tool nobody vetted, running with access nobody audited, on a bill nobody reconciled. The vendor you never formally approved is also the vendor whose security posture you never formally checked.
Why you can’t manage your way out of it
The instinct, once the number is visible, is to buy a SaaS management platform to track the other SaaS. That helps at the margin (visibility is better than none), but it doesn’t change the underlying economics. You’re still renting. You’ve just added a line item to monitor the rest of the rent, and paid a new vendor to tell you what the old vendors are costing you. The tools that actually define your competitive advantage, the systems that hold your customer data, your commerce logic, your analytics, are still licensed capability you can lose the day you stop paying, audited or not. Better visibility into a bad lease is still a lease.
Ownership changes the equation at the layer that matters. Not every tool needs to be built in-house. A scheduling app or an expense tool is correctly rented, and there’s no shame in that. But the systems your business actually runs on, the storefront, the data model, the dashboard your team lives in, sit in a different category entirely. When Panarch Digital migrated Mithila Enterprises onto a headless, owned Next.js stack, part of the build was a custom owner dashboard: one owned system doing the job that would otherwise have meant licensing several separate tools, each with its own seat count, its own renewal, its own vendor risk. The storefront’s inquiry rate tripled, proof the architecture was a revenue instrument and not a cost centre, and the dashboard came with the same property every owned system has: no seat to leave idle, no renewal to absorb, no vendor to audit after a breach that was never yours to prevent.
A conceptual audit query makes the logic concrete. You don’t need forty tools to find the waste. You need one honest table: SELECT vendor, seats_licensed, seats_active_90d, seats_licensed - seats_active_90d AS idle_seats, (seats_licensed - seats_active_90d) * cost_per_seat AS monthly_waste FROM saas_licenses WHERE seats_active_90d < seats_licensed * 0.7; Run it, and the 36% stops being an industry average. It becomes a list of vendor names.
When renting is still the right call
Fairness requires the counter-case. A tool you’ll use for a single campaign, a function still being validated, or a capability well outside your core differentiation is correctly rented. The convenience is real, and the monthly fee buys genuine speed. The calculus changes for the systems that hold your data, your customer relationship, and your competitive edge. Those are worth owning outright, because renting them means renting your own advantage back from someone else, every month, forever.
Frequently asked
Isn’t a SaaS management platform the fix for this?
It improves visibility, which is genuinely useful. But it manages rented tools rather than turning rent into equity for the systems that define your business. Use it for the long tail. Own the core.
How do we know which tools are 'core' versus safe to rent?
If losing access tomorrow would stop revenue or expose customer data, it’s core. If it would just be an inconvenience you could fix with a different vendor in a week, it’s safe to rent.
Doesn’t owning infrastructure just move the cost, not remove it?
It changes the shape of the cost. Instead of rent that compounds and grants no equity, you get infrastructure you deploy, control, and can hand to any competent developer if your agency disappears.
Sources
- Torii - The SaaS Benchmark Annual Report 2026 (831 average apps, 61.3% Shadow IT)
- Zylo - 2026 SaaS Management Index (36% unused licenses, $9,455 median spend per employee)
- Vertice - SaaS Inflation Index (13.2% inflation rate in March 2026)
- IBM - Cost of a Data Breach Report 2025 (Shadow AI accounts for 20% of breaches)
Related