Multi-Tenant Capability (Mandantenfähigkeit)

Multi-tenant capability (Mandantenfähigkeit) describes an ERP's ability to operate multiple isolated clients (mandants, tenants) within a single installation. Each mandant has its own master data, transactions, charts of accounts and users, with strict logical isolation from other mandants. The term overlaps with multi-tenant SaaS architecture (one application instance serving many customers) but is broader: it includes single-installation multi-entity operation common in DACH group structures.

Typical use cases

Three categories of multi-tenant ERP deployment dominate. (1) Group structures: a parent company plus subsidiaries each operate as separate mandants within one ERP installation. Common in DACH GmbH-with-Beteiligungen structures, where 3-15 entities share infrastructure while maintaining separate books. (2) Shared-service operations: a service company operates ERP on behalf of multiple client organisations, with each client as a separate mandant. Common in tax-advisor practices, contract-logistics 3PLs, outsourced finance providers. (3) Cloud SaaS: the vendor operates one application instance, with each customer as a tenant. Standard for modern cloud ERPs (NetSuite, Business Central Cloud, SAP S/4HANA Cloud Public Edition).

Multi-tenancy architectures

Three architectural patterns. (1) Separate database per tenant: each tenant has its own database; the application code is shared. Strongest isolation, highest infrastructure cost. Common in private-cloud ERP deployments. (2) Shared database, separate schema per tenant: one database with separate schemas per tenant. Balance between isolation and efficiency. (3) Shared database, shared schema with tenant-id partitioning: one database, one schema; tenant isolation enforced through row-level security and tenant-id filtering. Most efficient, used by modern cloud ERPs. Different architectures suit different requirements: regulated industries often demand separate databases for data-sovereignty assurance; high-volume SaaS prefers shared infrastructure for cost efficiency.

DACH group-structure practice

For DACH group structures (3-20 GmbHs or AGs operating under a holding), the typical multi-tenant ERP configuration uses one mandant per legal entity. This keeps statutory accounts (HGB, Swiss CO, Austrian UGB) cleanly separated while allowing centralised master data (customers, suppliers, materials) where appropriate. Cross-entity operations (intercompany sales, shared services, group consolidation) use the ERP's native multi-mandant features. Modern cloud ERPs (Microsoft Dynamics 365 Business Central, NetSuite OneWorld, SAP S/4HANA) handle this elegantly. Older on-premises ERPs sometimes struggled with deep cross-mandant operations; cloud era has largely solved these issues.

Security and isolation

Multi-tenant ERP must guarantee strict data isolation between tenants. Key controls. (1) Application-level isolation: every query carries a tenant filter; cross-tenant data access requires explicit privileged operations. (2) Authentication scoping: users are scoped to one or more mandants; mandant choice is part of the login flow. (3) Audit trail: cross-tenant operations (by privileged users in shared-service scenarios) are explicitly logged. (4) Backup isolation: per-tenant backups allow point-in-time recovery of one tenant without affecting others. (5) Customisation isolation: tenant-specific configuration cannot destabilise other tenants. Cloud ERP vendors (SAP, Microsoft, Oracle, NetSuite) hold ISO 27001 and SOC 2 attestations covering these controls; mid-market vendors increasingly do so as well.

Related Topics

• Multi-tenant ERP (Cloud)
• Two-tier ERP
• Intercompany