Shadow IT is any software, app, or cloud service that employees use for work without the knowledge or approval of finance or IT. At an SMB, it typically shows up as a Slack bot a developer added to the workspace, an AI writing tool on a personal card charged under "miscellaneous," or a file-sharing service the sales team started using because shared drives felt too slow.
The defining characteristic is invisibility: the tool exists, is being paid for, and creates a renewal obligation — none of which appear in any official software register.
Why Shadow IT Is a Finance Problem, Not Just an IT Problem
Security teams worry about shadow IT because unapproved tools bypass data governance policies. Finance teams should worry about it for a different reason: you're paying for it.
Shadow IT creates two financial risks:
| Risk | Description |
|---|---|
| Hidden spend | Charges on personal or team cards that don't appear in any software budget |
| Untracked renewals | Annual contracts auto-renewing without anyone reviewing whether the tool is still needed |
A tool charged to a personal card and expensed monthly may look like a $29 line item. But if it's an annual contract billed upfront, the employee may not even remember approving the renewal.
A Concrete Example
A 45-person company asks finance to reconcile SaaS spend. The controller reviews three months of expense reports and finds:
- An engineer has been expensing $199/month for a code review tool — annual contract, auto-renews in 6 weeks, no one in engineering management knows about it.
- A sales rep signed up for a prospecting database with a company email address. The account is on a "free trial" that converted to $400/month six months ago.
- A designer approved a $1,200/year Figma add-on under their own expense limit. Finance has no record of the contract terms or renewal date.
Total hidden spend: $1,178/month. Total renewal obligations the company didn't know about: $4,400 in the next 90 days.
How to Surface Shadow IT at an SMB
You don't need enterprise software to find shadow IT. Three sources cover most of it:
- Expense reports — search for recurring charges from software vendors by category or keyword.
- Corporate card transaction feeds — Brex, Ramp, and similar platforms let you filter by MCC code or keyword; look for monthly recurring amounts from unfamiliar vendors.
- Google Workspace app installs — the Admin Console shows which third-party apps have been granted OAuth access; each one is a potential SaaS subscription.
Satellite ingests expense data via CSV and connects to Google Workspace to surface both visible and shadow subscriptions automatically. Try it free at /free.
Shadow IT vs. SaaS Sprawl
Shadow IT is about visibility: tools finance doesn't know exist. SaaS sprawl is about volume: too many tools, even when you know about them. In practice, a sprawl audit often uncovers shadow IT — but clearing shadow IT doesn't automatically reduce sprawl.