| Status | Approved |
| Owner | WENNINGER-ext, Sascha |
| Stakeholders |
Issue
Recommendation
This document recommends continuing the current practice of using the European Union as the primary hosting location for global IT systems serving the Syensqo group as a whole. There are no technical reasons to recommend changing this to the other viable alternative of the United States. Conversely there exist legal and regulatory considerations which could prove to be significant barriers to such a change. Understanding in detail the extent of these considerations, and the mitigations required to address them, would require an in-depth analysis by legal experts, and at a minimum, the creation of internal contractual frameworks to ensure compliance with relevant data protections and export controls.
Background & Context
Assumptions
- The ERP Rebuild program aims to, where possible, deploy a single, global instance of every enterprise system in scope of the program. Separate instances for specific countries (e.g. China) are not being deployed, because a thorough investigation into the relevant legal, regulatory, strategic, and security aspects determined that adequate security controls could be attained in a single-instance system without physical separations.
- There are no technical barriers which limit access of Syensqo staff to the jurisdictions being considered for hosting the enterprise systems. Specifically Syensqo users located in mainland China are able to access business systems, including SaaS systems, via Syensqo-managed VPN tunnels regardless of the physical location of these systems. See also Specific architecture for China.
- The European Union is treated as a single contiguous geopolitical region for the purposes of this document.
- Syensqo does not have a requirement to locate infrastructure inside the borders of Belgium.
Constraints
- Due to the incumbency of the European Union as both the physical location for Syensqo's existing enterprise systems and data processing (e.g. by Shared Services staff in Portugal, management staff in Belgium and France), Syensqo do not have a comprehensive internal contractual framework for the export of various data from the EU to other jurisdictions. Scoping and implementing such a framework is a prerequisite for the implementation of enterprise systems outside of the EU. It may not be possible to fully implement the required contracts and processes within the timeline of the ERP Rebuild program.
Impacts
Business Rules
Options considered
Option A: Build Syensqo's new global business systems in the USA
Option B: Continue to locate global systems in the EU
Evaluation
Option A | Option B Located in EU | |
|---|---|---|
| Legal/regulatory requirements for data localisation |
|
|
| Internal legal support, inc. data export and data processing agreements |
|  The European Union is the global leader in data protection regulation. Many regulatory regimes in other countries broadly permit data transfer into jurisdictions with equivalent or higher degrees of data protection; hence transfer from third countries into the EU is less likely to be problematic or require complicated compliance mechanisms. |
| Availability of SaaS applications | There is no significant difference between the EU and USA when considering the SaaS and PaaS services from SAP and Salesforce in each geography. An analysis of SAP's Data Center listing (see also below) shows that all SAP SaaS and PaaS services relevant for Syensqo are available in the EU and USA. While SAP's region strategy is less well known than the strategies of AWS and Azure, it appears to be clear that both geographies receive new services upon release, and provide an equivalent degree of hosting location and provider diversity as evidenced by major SaaS and PaaS applications being available in multiple locations in each geography. An analysis of Salesforce's public documentation reveals no significant differences in the regional coverage between the EU and USA for their core product. The exception to this is the Data Cloud product whose only EU-based hosting option is Frankfurt, although this is spread across multiple AWS Availability Zones for DR purposes. | |
| Depth and breadth of technology platform components | There is no significant difference between the EU and USA when considering the available depth and breadth of technology solutions and platform components. AWS and Azure operate multiple "hero regions" in both the EU and USA; these are generally the first locations to receive new features and products, offer the largest number of Availability Zones for redundancy, and largest infrastructure footprints to ensure infrastructure is available when needed. This bears greater importance to cutting-edge features such as AI/ML functions than commoditised server and storage services, because delays of a year or more are not uncommon between deployment to hero regions and products reaching smaller locations. | |
| Network latency impact for end users | There is no significant difference between the EU and USA for most of Syensqo's user population. Syensqo's user base is heavily weighted towards Europe (42%) and North America (36%), followed by Asia (18%). Only 3% of the Syensqo user base is located outside these regions. There are over a dozen high-capacity Internet connections between Europe and North America which offer diverse paths and service providers, as well as low latencies (approx. 100ms; very suitable for enterprise application traffic and relatively low compared to server-side processing times). The location of Syensqo's business systems in either Europe or North America will offer excellent latencies for the user populations in these regions. The larger Asian geography is also generally very well connected to both Europe and North America in terms of overall capacity and diversity of supplier and path. However the larger distances to North America from multiple locations significant to Syensqo (China, India, South Korea) result in latencies up to 120ms higher than when compared to Europe. From a latency perspective, a European location is thus marginally more favourable for the Asian user base. Syensqo does not have significant user populations in regions exposed to the choice of either Europe or North America as the hosting location. Almost all internet connections from South America and Australia are routed via North America, and almost all traffic from Africa is routed through Europe. Users in these locations benefit immensely from locating IT systems in the most closely-connected geography, and are expected to incur latency penalties of 100-150ms for systems not located in the most closely-connected location. However only 3% of Syensqo's user population resides in such regions. | |
| Carbon footprint | The electricity grid in major EU data center locations (e.g. Netherlands) tends to be marginally less CO₂-intensive than in major US locations (e.g. Virginia) when judged on an annual basis. For example, in the year 2023, the CO₂ intensity of the Dutch grid on a consumption basis was 301gCO₂eq/kWh vs. 396gCO₂eq/kWh for Virginia. | |
| A caveat to this analysis is that all major IaaS providers purchase electricity directly from power generators via direct purchase agreements that favour renewable energy, rather than obtaining power from the national grid. They also tend to purchase renewable energy offsets for a large part of their operations (e.g. AWS offsets 100% of carbon emissions in most Regions in 2023; Azure will offset 100% of emissions by 2025). Their actual CO₂ footprint is likely much lower to that of the respective national grids. | ||
Merely locating a server in the USA does not by itself ensure compliance with ITAR if non-US Residents are also able to access the data. If personnel who are not US residents must access the system (e.g. IT personnel for administration or maintenance), then mechanisms such as field-level encryption via See also
Maps showing the carbon intensity of the electricity grid by geography
Regional coverage of relevant SAP SaaS and PaaS Solutions
A summary of the List of SAP Data Centres for SAP Cloud Services for products and services relevant for Syensqo is represented below. Numbers indicate the number of physical locations (i.e. data centres or IaaS regions) in which each product or service is available. Availability of a product or service in only a single region in a particular geography may limit the Disaster Recovery options available for that service. This is thus represented as a paler shade of green in the table below. The information for this summary table was retrieved in September 2024, using the then-current version v.9-2024 of the document. The latest-available version can be retrieved at List of SAP Data Centres for SAP Cloud Services.
Product | EU | US | China |
|---|---|---|---|
AI | 2 | 4 | 1 |
Application Development and Automation | 3 | 8 | 1 |
Customer Data Solutions | 2 | 2 | 1 |
Data and Analytics | 3 | 7 | 1 |
Data Custodian KMS | 1 | 2 | 0 |
Foundation / Cross-Services | 4 | 8 | 1 |
Integration | 3 | 8 | 1 |
Miscellaneous | 4 | 8 | 1 |
RISE with S/4HANA, Private Edition | 17 | 18 | 6 |
SAP Advanced Financial Closing | 1 | 1 | 0 |
SAP Ariba | 1 | 1 | 1 |
SAP Ariba Buying | 1 | 1 | 0 |
SAP Asset Performance Management | 2 | 2 | 0 |
SAP Business Network | 2 | 2 | 1 |
SAP Cloud ALM | 2 | 1 | 1 |
SAP Cloud for Customer | 1 | 2 | 0 |
SAP Concur | 1 | 1 | 1 |
SAP CPQ | 1 | 1 | 0 |
SAP Digital Manufacturing | 2 | 2 | 0 |
SAP Sales & Service Cloud v2 | 1 | 1 | 0 |
SAP SuccessFactors | 6 | 6 | 1 |
SAP Sustainability Control Tower | 1 | 1 | 0 |
SAP Test Automation by Tricentis | 1 | 1 | 0 |
Salesforce Locations
Salesforce documentation provides a list of data centre locations from which their application is served. Salesforce maintains 3 separate data centre locations in the USA, and 4 inside the EU (plus one in the UK). Each location provides multiple separate data centres with separate, completely redundant infrastructure. Salesforce additionally leverages AWS locations to deliver the Hyperforce and Data Cloud services. Despite a Dec. 2023 press release announcing the availability of core products on Alibaba Cloud in China, available documentation including those linked below, do not mention hosting locations in China.
| EU | US | China | |
|---|---|---|---|
| Salesforce-managed data centers | 4 | 3 | ? |
| Hyperforce locations (hosted in AWS) | 4 | 3 | ? |
| Data Cloud | 1 | 2 | ? |
See also the Salesforce Security, Privacy, and Architecture documents for Salesforce Services and Hyperforce.
Technical Resources related to Network Latency
WonderNetworks - latency data for many locations around the world
CloudPing - measure latency to various IaaS locations
Submarine Cable map - showing routes of fiberoptic cables carrying internet services
Excerpt from the 2022 Global Internet Map, published by Telegeography, showing aggregate internet bandwidth between major geographies:
Change log
Workflow history
| Title | Last Updated By | Updated | Status | |
|---|---|---|---|---|
| There are no pages at the moment. | ||||