By Hakan Akcan · Reepa Solutions
The decision between custom software and off-the-shelf software is, in most mid-sized companies, less a technological choice than a strategic one — and it is frequently made too early, without rigorous cost modeling. A company that rolls out a standard ERP without clearly defining its own differentiating processes will spend five years paying for customizations that break with every vendor release. Conversely, a company that kicks off a bespoke development project because a single workshop day dismissed the standard product as "too inflexible" risks building a second accounting system that sits neglected at the edge of the IT landscape three years later. This guide shows how to approach the question in a structured way, which cost and risk factors belong in the evaluation, and which hybrid models have proven themselves in SME practice. For the broader strategic context, see our Software Development Guide for SMEs.
What we are talking about — terms, cost levers, and risk framework
Before comparing custom and standard, a brief clarification of terms is worthwhile — in our experience, executive-level discussions suffer from everyone meaning something different. By off-the-shelf software we mean commercial products that cover a defined application domain in a market-mature form: financial accounting such as DATEV, ERP such as SAP S/4HANA, Microsoft Dynamics 365, or Sage, CRM such as Salesforce or HubSpot, HR suites such as Personio or SAP SuccessFactors. These products are maintained by vendor roadmaps, proven by user communities, and regulatory-compliant through certifications.
Custom software means individually developed applications — either built from scratch or on the basis of frameworks such as Next.js, Spring Boot, Django, or .NET. What matters is not the library selection, but that requirements, data model, and roadmap are controlled by the company itself. In this article we also distinguish custom from low-code — the latter is a separate category with its own trade-off profile; see our comparison Low-Code vs Custom Code.
A third category that is often underestimated is the hybrid architecture — standard software for commodity domains plus custom modules for the differentiating process, cleanly connected via APIs. In the SME reality, this is the correct target architecture in most cases, not an either-or decision.
When off-the-shelf software is clearly the right answer
There are areas where any discussion of in-house development would be a waste of money and time. The rule of thumb: when the process you need to support is not part of your sales promise to customers and a mature market of established solutions exists, off-the-shelf is almost always the right answer. Three domains are particularly clear.
Financial accounting and tax obligations. No company in Germany should be contemplating building its own accounting system in 2026. DATEV, SAP, Sage, and Lexware have invested decades of maintenance in German tax rules, GoBD compliance, interfaces to tax authorities, auditor-accepted audit trails, and automatic adjustments to legislative changes. Building in-house would need to close all of that ground — without delivering any added value to your customers.
Payroll and human resources. Social security contributions, payroll tax tables, ELSTAM, co-determination requirements — the ruleset changes multiple times a year. Vendors such as DATEV LODAS, Personio, or SAP SuccessFactors keep pace with it. An in-house solution would be a full-time job just for regulatory maintenance.
Standard CRM and conventional sales pipelines. Those who need to manage contacts, opportunities, and activities will find mature functionality at HubSpot, Pipedrive, Salesforce, or Microsoft Dynamics, including integrations for email, telephony, and calendar. Building your own solution here only makes sense if the sales model itself is so unusual that no standard product fits without deep customization.
Common denominator across these three domains: high regulatory maintenance burden, broad functional depth, and processes that your customers neither see nor evaluate. Investment in these areas is hygienic — it creates no competitive advantage, it only prevents problems. That is precisely why off-the-shelf is correct here.
When custom software wins
On the other side, there are domains where off-the-shelf software is the wrong choice — even when something comparable exists on the market. The decisive question is not "does a product exist?", but "is this process part of our differentiation promise?". Three constellations clearly favor custom.
The process is your sales argument. When customers cite your order management, your configuration logic, or your customer portal as a reason to work with you, that process does not belong in someone else's roadmap. As soon as you have to wait for features until the standard vendor prioritizes them, you lose responsiveness against competitors who own their own stack.
The business logic is unusual. Some mid-sized companies have processes that cannot be cleanly mapped in any standard product — special tariffs, multi-tenant constructs with proprietary pricing logic, industry-specific certification workflows, regulatory edge cases. Forcing standard software here means spending three years on workarounds that need to be re-validated with every vendor update.
You want data sovereignty and roadmap control. Custom software means the data model, interfaces, and roadmap remain in your hands. You decide when features arrive, how data export works, and in which cloud the application runs. With off-the-shelf software you are tied to the vendor's strategic direction — if the vendor discontinues a platform, forces a migration, or doubles pricing, you have little leverage.
Important: custom does not mean "built entirely from scratch." In modern custom projects, a significant portion consists of open-source libraries, cloud building blocks, and established frameworks. What you build yourself is the business logic and the data model — not the authentication system or the database engine.
Hybrid — the most common middle ground
In SME practice, the most common sensible architecture is neither pure custom nor pure off-the-shelf, but a deliberate combination. Off-the-shelf software handles commodity domains — accounting, payroll, standard CRM, perhaps a base ERP. Custom modules cover the differentiating business process — a configurator, a customer portal, industry-specific order management. Both are connected via open APIs, an iPaaS connector such as Workato or n8n, or a proprietary integration layer.
Three architectural principles determine the success of such hybrid models. First: master data ownership clearly defined — which system is authoritative for customers, which for products, which for employees. Second: asynchronous coupling wherever possible, so that a brief outage of the CRM does not paralyze the configurator. Third: documented data flows with monitoring, so that an accidentally disabled job is not noticed three weeks later when invoices are missing.
The bad variant of this architecture is unfortunately common: a standard ERP, alongside five Excel spreadsheets, an Access tool from 2014, and a home-built PHP portal without documentation. These organically grown hybrids are not a hybrid — they are a shadow monolith, and they are a typical trigger for a legacy modernization project.
Evaluation framework — four dimensions
To keep the decision from ending in gut feeling, a simple four-dimensional scoring grid helps. Each dimension can be assessed for the specific process on a scale of one to five — the total provides an indication of which direction the process belongs.
- Differentiation valueHow strongly does this process contribute to your competitive advantage? One = commodity, five = central sales promise. High scores favor custom.
- Standard market maturityHow well does the mature standard market cover your needs? One = no suitable product on the market, five = established product covers 90 percent without customization. High scores favor off-the-shelf.
- Rate of changeHow often does the process need to change over the next five years? One = stable, five = monthly adjustments. High scores favor custom with its own roadmap.
- Build-vs-buy TCOHow do licensing costs plus customization of a standard solution over five years compare to build costs plus maintenance of a custom solution? When the standard TCO reaches more than 60 percent of the custom TCO, the calculation quickly tips toward custom.
Rule of thumb from our consulting practice: when differentiation value and rate of change together exceed seven AND standard market maturity is below three, the process almost always belongs in a custom solution. When standard market maturity exceeds four and differentiation value is below three, off-the-shelf is almost always right. In the broad middle, hybrid is the typical answer.
Real numbers — licensing vs build over five years
The economics calculation is the point where many decisions waver, because the numbers are not laid out cleanly side by side. The following table shows typical ranges for an SME scenario — a cross-departmental application system with approximately 80 internal users and medium complexity. It is intended as a reference; precise numbers require a brief scope discussion. For a deeper cost model, see our overview of software development costs 2026.
| Cost block | Off-the-shelf software (5 yr) | Custom software (5 yr) |
|---|---|---|
| License or build | 80,000–180,000 € | 180,000–350,000 € |
| Implementation / customization | 60,000–200,000 € | included in build |
| Maintenance / upkeep (5 years) | 70,000–200,000 € | 140,000–280,000 € |
| Training and change management | 20,000–60,000 € | 15,000–40,000 € |
| Migration risk on vendor switch | high (50,000–250,000 €) | low (code owned in-house) |
| Total cost over 5 years | 230,000–640,000 € | 335,000–670,000 € |
The ranges overlap considerably — that is not a coincidence, but reality. Off-the-shelf software appears cheaper initially because licensing costs are transparent and customization effort is underestimated. Custom appears more expensive initially because build costs are visibly reflected in the capital expenditure plan. Over five years the numbers converge. From year six onward, the calculation tips toward custom in many cases, because standard licenses keep running while the custom build is amortized and only maintenance remains.
TCO comparison for your specific case
Facing a build-or-buy decision and want to lay the numbers out clearly? We offer a free 30-minute introductory call — we model a five-year scenario for your specific use case, including license, customization, and maintenance assumptions.
Request a free TCO comparisonVendor lock-in vs code ownership
One cost block that is omitted from most comparison tables is switching risk. With off-the-shelf software, the data model, workflow logic, and often the reporting definitions are tied to the vendor. When that vendor doubles prices, discontinues a platform, or pivots strategically under new ownership, you have two options: pay or migrate. The migration is regularly expensive and multi-year — six- to seven-figure migration projects are not uncommon in the mid-market.
With custom software, you own the code, the data model, and all intellectual property. Vendor changes can affect two dimensions here: the cloud provider and the development team. Both are more manageable than with off-the-shelf software when the architecture is clean — portable containers, documented code, maintained tests, and a build process a new team can understand within four weeks.
With pure off-the-shelf software, lock-in can never be entirely avoided, but three practices significantly reduce it: contractual data-export obligations in a machine-readable format, a dedicated adapter layer in the integration architecture rather than direct vendor coupling, and regular market reviews every three years with a documented switching estimate.
Realistic custom software maintenance effort
A common misconception in custom projects is that costs largely disappear after the first release. The opposite is true. Realistically, 15 to 25 percent of the original build cost per year is needed for maintenance — and that is not a contingency for incidents, but substantive work: library security updates, runtime environment upgrades, adaptations to external API changes, bug fixes from production, and minor improvements from user feedback.
Those who plan with lower figures — many vendors quote 8 to 10 percent — typically experience a modernization backlog after two to three years. Outdated libraries with known security vulnerabilities, neglected build pipelines, missing test coverage, a frozen frontend running on a framework version three releases behind. The "cheap" build then becomes an expensive modernization — see again our legacy modernization strategies.
With off-the-shelf software, ongoing licensing and maintenance costs are usually between 18 and 22 percent of the list price per year — a comparable order of magnitude. The difference lies more in the depth of control than in the absolute effort: with off-the-shelf you pay a fixed rate and receive vendor updates; with custom you decide yourself which topics are prioritized.
Migration paths in both directions
The world does not split into "we decided once and that's final." Mid-sized companies regularly move in both directions — and both paths have characteristic pitfalls. Three typical constellations.
Replacing off-the-shelf. Those switching from a long-used standard product to a custom solution regularly underestimate the data migration effort. What has grown together cleanly in the old system — historical records, edge cases, workflows configured ten years ago — must be transferred to the new world, with validation, acceptance testing, and parallel operation. Rule of thumb: data migration is regularly 20 to 35 percent of total project effort.
Modernizing custom software. Those modernizing an organically grown in-house solution face a choice: incremental strangler-fig pattern with parallel build of new modules, or big-bang rebuild. In SME practice, the incremental approach is almost always right — it delivers first productive improvements after three to six months instead of a two-year black-box project.
Re-scoping a hybrid landscape. Those remediating an organically grown hybrid landscape start with an honest inventory: which process actually runs where, which data is authoritative, which Excel bridges are running unnoticed in the background. Only then can you decide which parts migrate to standard, which go into new custom modules, and which can be decommissioned.
Reepa methodology for the decision
In our consulting engagements, we work through the custom-vs-standard question in a five-step process. The steps can typically be completed in four to eight weeks, depending on the size of the affected application landscape.
Process inventory. We map the affected business processes together with business units and IT, document data flows and interfaces, and flag pain points. The result is a sorted list of processes with differentiation value and current solution status.
Market scan. For each process we review the standard market — which products exist, how mature are they, which references exist in the German mid-market, which typical customization ratios do users report. This yields a standard market maturity score per process.
TCO modeling. For the contested processes we calculate a five-year scenario in both directions — standard plus customization versus custom build plus maintenance. Assumptions are explicitly documented so that management can trace where the calculation is uncertain.
Architecture sketch. We design the target architecture — which domains go into standard, which into custom, how the integration layer looks, where master data ownership lies. Alongside this, a rough migration sequence with risk annotation.
Roadmap and quick wins. From the architecture we derive an implementation roadmap spanning 18 to 36 months, with clearly defined quick wins in the first 90 days so the initiative gains momentum and delivers visible results early.
The methodology is deliberately pragmatic — we deliver a decision document, not a 200-page strategy paper gathering dust in a drawer. In most cases, management is able to make a well-founded build-or-buy decision after step three.
Frequently asked questions
When is off-the-shelf software the better choice?
Off-the-shelf software is the better choice when the process you need to support is not a competitive differentiator for your business and a mature market offers several established solutions. Classic examples are financial accounting, payroll, standard CRM, and standard ERP for retail and manufacturing. In these domains, vendors such as SAP, DATEV, Microsoft Dynamics, or Salesforce hold ten-to-fifteen-year leads in functional depth and regulatory maintenance. Building in-house would need to close that gap first without delivering any added value to the customer.
When does custom software make economic sense?
Custom software makes sense when the supported process is either your market differentiator, or so unusual that no standard product can map it without years of customization acrobatics. Rule of thumb: when the estimated customization costs of a standard solution over five years exceed 60 percent of the build costs of a bespoke solution — and you need to evolve the process regularly — custom software is usually the economically smarter choice. Additionally: if the process is part of your sales promise to customers, you cannot hand its roadmap to a third-party vendor.
What about hybrid models — standard plus custom modules?
Hybrid models are the most common and usually the best approach in SME practice. Off-the-shelf software handles commodity domains such as accounting, HR, and standard CRM, while custom modules cover the differentiating business process — typically via open APIs or an iPaaS connector. A clean integration architecture with master data ownership, asynchronous coupling, and documented data flows is essential; otherwise a shadow monolith of Excel bridges emerges.
What is a realistic maintenance effort for custom software?
Realistically, 15 to 25 percent of the original build cost per year for maintenance, security updates, dependency upgrades, and minor enhancements. Those who plan with lower figures typically experience a modernization backlog after two to three years: outdated libraries, neglected build pipelines, and rising security risks. For off-the-shelf software, ongoing license and maintenance costs are usually between 18 and 22 percent of the list price per year — comparable in magnitude. The difference lies more in the depth of control than in the absolute effort.
How do you minimize vendor lock-in with off-the-shelf software?
Vendor lock-in can be significantly reduced through three practices: first, contractual data-export obligations in a documented, machine-readable format with defined export timelines; second, an integration architecture that does not program directly against the vendor stack but uses a dedicated adapter layer; third, regular market reviews every three years with a documented switching estimate. Lock-in can never be entirely eliminated with off-the-shelf software — those who want to avoid it are better served by custom software or open-source stacks.
Ready to clarify the build-or-buy question properly?
Let us talk for 30 minutes, no commitment. We assess your specific process, model a five-year TCO scenario in both directions, and deliver a well-founded architecture recommendation — including quick wins for the first 90 days.
Schedule a 30-minute call
IT security and cloud architect with over ten years of experience. Advises mid-sized companies on build-or-buy decisions, architecture reviews, and modernization programs. Writes regularly on software development, cloud architecture, and IT strategy.
Reviewed: 22 May 2026 · More about Hakan