Since Anthropic launched Claude Code in February 2025, the BVP Nasdaq Emerging Cloud Index has fallen roughly 32.7% even as average revenue growth across its constituents held at 19.3% and free-cash-flow discipline improved sector-wide.
The market isn’t punishing SaaS for what it’s lost, it’s pricing in what it’s about to give away. The narrative is that OpenAI and Anthropic are set to take over SaaS offerings as AI companies release industry-focused skills and go direct to enterprise.
The end for SaaS will be more nuanced than that. SaaS spent two decades outsourcing its most defensible value industry expertise in order to scale fast and capture market share. Now the market is signaling that the moment is coming when SaaS stops being the product and becomes the plumbing.
The leaders who read this moment correctly will be the ones who separate the structural shifts from the hype cycle noise. This isn’t a product threat. It’s a value-chain threat.
The Recipe That Scaled
At its core, large SaaS companies are platform and scale plays. They built software functionality that every organization could use as a base and relied on the customer to configure and customize to meet their unique goals.
The approach worked as organizations needed to scale quickly across the global, they valued (1) known annual costs (2) time to value and (3) ability to outsource talent.
As the complexity of the software and integrations grew, we saw the rise of a thriving partner and consulting ecosystem in professional services to help support the implementations and maintenance of the SaaS.
Keying on the values of time to value and the importance of scaling advantage, the ecosystem for both partners and SaaS dove headfirst into creating industry offerings.
The partners and consultants who understood specific industries, who knew the unspoken rules and language and did that well won during the last decade. They bridged from software functionality to the customer’s value in their industry network.
SaaS is vanilla. By itself, not remarkable but it has been the key ingredient in everything else. SaaS companies chose scale over depth. They built the 80% and outsourced the remaining 20% of the industry expertise, the last-mile configuration, the domain knowledge to partners who could move faster in vertical markets. That strategic choice powered two decades of growth. It’s also the vulnerability AI is now targeting.
Now enter Anthropic and OpenAI who are going directly to the enterprise with cross industry offerings focused on a department. They’re seeking to further reduce the time to value and in doing so are cutting out the middleman entirely and disrupting many SaaS offerings and delivery channels. The SaaS model worked for two decades. The question is which parts of it survive when the cost of customization drops to near zero. And which parts quietly become infrastructure no one thinks about anymore.
What AI Still Can’t Shortcut
The first moat is consistent value at scale. This is where SaaS leveraged a partner channel. To get individual organizations onto new platforms and change processes, you need change management. You need onboarding capabilities. You need data migration, you need training, you need support through the process transitions. SaaS scaled that through partners around the world.
The largest moat to AI adoption and acceleration is existing data in legacy systems (SaaS or otherwise). Whether you’re moving fully to a new AI-native tool or simply looking to take advantage of AI, every organization has transactional, operational, and reference data that they rely on. For organizations that are looking to simply take advantage of the AI capabilities inside of their current processes and SaaS, they are having to confirm (1) existing security of the data estate, (2) AI’s ability to access the data and (3) the organization’s ability to adapt to process changes. While organizations that are looking fully to a new AI system will have the additional work of (1) a data migration and (2) creating, enforcing and managing a new security framework.
Data isn’t a moat. Governed data is.
The last moat SaaS companies have is their history of regulatory compliance. Think about FedRAMP. Think about industries like food where you have specific traceability requirements. Those certifications that an organization is required to have, the ability to say “our systems are vetted, they are audited, our data practices have been reviewed”, that’s not something a new software company can replicate overnight.
There’s a lot of noise right now about AI making everything obsolete overnight. The moats say otherwise. However, moats erode over time. The question leaders need to sit with is the rate of erosion and what they need to do to reinforce their organizational moats.
Your Data Is Your Exposure Map
The pace at which an organization can adopt AI tools is dictated by the type of data it handles: transactional, operational, or reference. And how tightly those data sets are governed.
Think about the spectrum from CRM to ERP. A CRM system’s value is in how it improves the customer experience. How are you engaging with customers, are they showing buying signals, what does their journey look like? While the value is high for the organization to leverage this data, the governance of this data is relatively lower.
CRM data is a suggestion. ERP data is a contract.
An ERP system is different. It’s relied upon for financials. It’s relied upon for inventory that’s directly tied to fulfillment. At the end of the day, a debit still needs to equal a credit and follow government regulations and accounting principles. That’s not a constraint you can handwave away with better AI. Security models, data governance, multi-entity support, multi-jurisdiction compliance are all potential moats, but more importantly, they’re actual requirements that real businesses have.
With the push away from Access and local spreadsheets as relational databases, many organizations turned their CRM systems into what we used to call xRM. People weren’t just tracking customers; they were tracking any data types that needed tracking. Case management, operations data, anything they used to keep in an Access database.
They did this because it was “safe” and could take advantage of the scale and security of the SaaS offerings. The CRM platform had the same protections around security and data governance as more critical systems, but with lower stakes for experimentation. You could try new things without risking your financials.
The closer your data gets to a regulated transaction, the slower AI adoption can occur and the more it costs to get it wrong.
On one end, ERP with hard constraints. On the other, CRM focused on experience. In between sits this middle zone where people use relational databases for experimentation. That’s where the battle between SaaS and AI is going to be fought. The question is which companies have moats that are regulatory, governance-based, or depend on internal data that’s hard to replicate.
Leaders who understand where their data sits on this spectrum will know exactly how exposed they are and how much time they have before the ground shifts under them.
From Forms to Agents: The Next 18 Months
The next 18 months will be about which layer of the stack the AI disruption hits first.
Yes, software as a service is getting cut into. We’re already seeing it with the low-hanging fruit. But we’re also seeing Jevons paradox happening in real time as well. People are starting to build software and use AI for themselves that they wouldn’t have paid for before as the price has dropped for building tailored-made software.
But here’s what the vibe coded everything crowd isn’t talking about yet: someone has to maintain those libraries. Someone has to patch security vulnerabilities. Someone has to manage uptime, enforce data loss policies, and handle the compliance burden. SaaS was never just software, it was the outsourcing of all the unglamorous work that keeps software safe and running. Organizations moving quickly to cut their monthly SaaS bill will rediscover those costs the hard way.
The last SaaS organizations to be standing will be those that offer their customers (1) guaranteed uptimes, (2) hardened security compliant systems and (3) secure AI data integration abilities. The time to value and scale will still be a struggle as SaaS companies rely on external organizations to build and maintain industry and roles specific offerings.
You’re going to see SaaS companies lean into guaranteed uptimes of 99.99%. You’re going to see them emphasize governance, auditability, and their industry focus. They’re going to double down on what they’ve been approved for and audited against.
The deeper question is whether SaaS transforms entirely from forms over data to AI over data. Does the interface layer disappear, replaced by agents that read and write to the same governed data stores? If it does, SaaS doesn’t die. It just becomes invisible. And invisible infrastructure gets priced like infrastructure, not like a product.
AI doesn’t need to kill SaaS. It just needs to kill the reason you’d pay for it.
One interesting play is what I’m seeing from Microsoft’s Dynamics 365 SaaS offering: the headless ERP. The ERP becomes your data foundation, but it’s agent-friendly. You can bring any AI agent and put it over top of your ERP. Your ERP remains, Microsoft gets revenue from that, but the agent layer is interchangeable. Decoupling the agent layer from the data layer is the play. The data layer keeps its time tested compliance and accounting principles management. That’s a moat no vibe-coded accounting system can match.
We will start seeing Agent-as-a-Service (AaaS) offerings. You subscribe to a role specific AI agent, it leverages a hardened ERP and data access is managed at the agent level. The agents become modular. And now you’re getting granular at the agent level, saying this agent can only do certain things in the system. This approach allows for AI companies to take advantage of the existing install base of SaaS while capturing the value of (1) known annual costs (2) time to value and (3) ability to outsource talent.
The real question isn’t whether your ERP survives. It’s whether anyone will know it’s there.
What Leaders Should Do Now
The signal from the market is clear even if the P&L hasn’t caught up yet. Three moves to make before your next renewal cycle:
1. Map your data estate before you sign another AI contract.
Categorize your data by type (transactional, operational, reference) and by governance requirements. Your data topology is your AI readiness score. If you don’t know where your regulated data lives, you don’t know where you’re exposed.
2. Stop treating your SaaS vendor’s roadmap as your strategy.
Your SaaS provider is optimizing for their survival, not yours. Evaluate what value your current stack delivers versus what an agent layer could deliver independently. Your renewal cycle is your decision window, use it.
3. Move with intent, not panic.
The Kodak risk isn’t failing to adopt AI. It’s adopting it without understanding what you’re standing on. The organizations that stumble will be the ones who rip out SaaS for AI before they account for the hidden costs they were outsourcing of security patches, uptime, DLP, library maintenance. Speed matters, but so does knowing what you’re walking away from.
The companies that win will be the ones who understand that the hard part was never the software. It was the industry knowledge, the change management, and the constraints that real businesses have to live within. Technology changes fast. The human systems it has to serve don’t.