Shadow IT Now Owns 85% of Your SaaS Spend

Zylo's 2026 SaaS Management Index reports that IT directly owns 15% of total SaaS spend across the average enterprise. The remaining 85% is owned by lines of business, individual employees, and discretionary department budgets. Five years ago this number was closer to 50/50.

The shift is not a failure of IT governance. It is a structural change in how software is bought. Product-led growth, free tiers, low-cost personal subscriptions, and the AI tool explosion have made every individual employee a procurement department of one.

Three forces moved the centre of gravity outside IT. The first is product-led growth: vendors deliberately design their products to be adopted by individual users before any procurement conversation happens. The second is the rise of personal-card and expensed software: a $30 monthly subscription does not trigger any approval process.

The third is the AI explosion. Most AI tools are sold at price points designed to bypass procurement. By the time IT notices that 80 engineers are paying for the same AI coding tool individually, the spend has been distributed across two budget cycles.

The instinct is to pull all SaaS procurement back into IT. This rarely works in 2026. The volume of procurement decisions is too high, even a 200-person company makes hundreds of software decisions a year. IT does not have the staff to process them. More importantly, IT does not have the context: only the department head knows whether a specific tool actually fits the workflow.

Companies that have tried hard re-centralisation report two outcomes: either IT becomes a bottleneck and employees route around it (making the shadow problem worse), or IT staff up massively and become a bureaucratic drag that slows the business.

The working model is federated, not centralised. IT does not approve every purchase. IT sees every purchase. The distinction is critical.

In a federated model, departments keep their procurement authority below a threshold (commonly $5,000 to $10,000 annually per vendor). Above the threshold, IT and finance get involved. Below the threshold, the only requirement is that the spend is logged in a single system everyone can query.

IT owns the security and identity layer. SSO, access reviews, offboarding, data-handling reviews for any tool that touches sensitive data. IT does not own renewal decisions for departmental tools.

Finance owns the spend visibility layer. They need a single source of truth showing every active subscription, its cost, its renewal date, and its owner, regardless of which department procured it. Department owners own the renewal decision and the value justification for the tools their team uses.

Start with discovery, not policy. Spend your first two weeks finding every active subscription across all expense categories. Use the audit method from the SaaS stack audit playbook. Do not change anything yet, just see the picture.

In weeks three and four, set the spend threshold and roll out the logging requirement. Resist the urge to require approval. Visibility first, then governance. Once you have the data, you will know which categories actually need tighter policy and which can run themselves.