Cut Federal Software Waste: Where AI Fits Next

Federal agencies spend more than $100 billion a year on IT services. That number alone explains why software licensing has become a Congressional target—and why the House’s latest move matters for anyone building, buying, governing, or securing technology in the public sector.

On December 16, 2025, the House passed the Strengthening Agency Management and Oversight of Software Assets (SAMOSA) Act, a bipartisan bill designed to reduce waste in federal software spending by forcing better visibility into what agencies own, what they actually use, and where they’re buying the same thing twice. The law isn’t “about AI,” but if you work in government IT, you know the quiet truth: you don’t get durable savings from policy alone—you get them from operational capability.

This post is part of our AI in Government & Public Sector series, and I’ll take a clear stance: SAMOSA’s transparency requirements are necessary, but they won’t hit their savings potential without AI-assisted software asset management. Inventories and assessments are the floor. Automation, anomaly detection, and smarter procurement analytics are the ceiling.

What the SAMOSA Act actually changes (and why it’s overdue)

The point of the SAMOSA Act is simple: agencies can’t manage what they can’t see. The bill pushes agencies toward a baseline of software asset management that many large enterprises treat as routine—yet government often struggles with due to decentralization, legacy systems, and overlapping procurement channels.

At a high level, SAMOSA would require federal agencies to:

• Create comprehensive software inventories (what software they have, where it is, and how it’s licensed)
• Undergo independent assessments of software management practices
• Direct CIOs to develop enterprise licensing agreements to strengthen negotiating power and reduce duplicative buying

This is the kind of housekeeping that sounds boring until you’re the one paying for:

• 14 different contracts for similar productivity tools
• Licenses assigned to employees who left six months ago
• “Emergency renewals” because no one tracked contract end dates
• Premium tiers purchased by default even when usage never exceeds basic features

The bill has moved before—passing the House last year but stalling in the Senate. This time, it’s back with bipartisan sponsors and stronger political tailwinds, including a renewed focus on spending reduction across the federal government.

The savings claim: realistic, but not automatic

A Senate committee report from 2022 estimated up to $5 billion in annual cost savings over the life of the act. That’s plausible in a system as large and fragmented as the federal enterprise.

But savings like that don’t appear because an inventory exists in a spreadsheet.

They appear when the inventory becomes an operational system that reliably answers:

• What do we own?
• What do we use?
• What can we consolidate?
• What should we negotiate next?
• What creates security exposure if it’s unmanaged?

That’s where AI can do real work.

Transparency is the first step—AI turns it into action

Software asset management fails in government for a predictable reason: the data is messy and distributed. Purchases happen through different contracting vehicles. Installations occur outside central IT. Usage signals live in vendor portals, identity systems, endpoint agents, ticketing tools, and finance systems.

AI doesn’t magically “fix” governance. What it does well is reduce the manual burden of turning fragmented signals into decisions.

Here are the highest-value AI use cases that align directly with SAMOSA’s intent.

AI use case #1: building a living software inventory (not a one-time audit)

A static inventory is outdated the moment it’s published. A living inventory continuously reconciles:

• Procurement data (what was bought)
• Identity data (who it was assigned to)
• Endpoint data (what’s installed)
• Usage data (what’s actually used)

AI helps by matching imperfect records—think vendor naming variations, inconsistent SKUs, and duplicate products across bureaus. That’s not glamorous, but it’s where agencies bleed money.

Snippet-worthy truth: A software inventory is only useful if it’s continuously reconciled against identity, install base, and usage.

AI use case #2: finding “license waste” patterns humans miss

Once you have signals coming in, AI can flag common waste scenarios:

• Dormant licenses (assigned but not used)
• Over-entitled users (premium tiers with basic usage)
• Duplicate tools (two products doing the same job across orgs)
• Department-level hoarding (licenses renewed “just in case”)
• Renewal risk (contracts auto-renewing without validation)

Traditional SAM tools can report some of this. AI improves the prioritization: it can score waste opportunities by cost, scale, renewal timing, and mission impact—so teams don’t spend months chasing small wins.

AI use case #3: stronger enterprise license negotiations

SAMOSA explicitly points CIOs toward enterprise licensing agreements to improve negotiating power. That’s smart policy.

The practical problem: vendors negotiate better when they understand your usage better than you do.

AI-supported procurement analytics can generate negotiation-ready facts such as:

• Adoption curves over time
• Feature utilization by persona
• Cost-per-active-user (not cost-per-license)
• Redundancy mapping across components (for suite vs. point tool decisions)

If you walk into renewal season with that level of clarity, you can push for:

• True-up/true-down flexibility
• Tier right-sizing
• Consolidated terms across components
• Security and audit clauses aligned to federal requirements

Opinionated take: If the vendor has cleaner usage data than the agency, the agency is negotiating with one hand tied behind its back.

SAMOSA isn’t just about dollars—software sprawl is a security problem

One of the strongest arguments for SAMOSA is that waste and risk often share a root cause: unmanaged software.

When agencies can’t reliably answer what software exists in their environment, they also struggle to:

• Patch consistently
• Detect unauthorized software
• Enforce configuration standards
• Identify shadow IT integrations
• Track data flows into SaaS tools

Supporters of the bill have highlighted that better oversight strengthens security. I agree—and I’d go further:

Software asset management is a prerequisite for sane cybersecurity.

AI can help here too, especially by correlating:

• Asset inventory with vulnerability and exposure data
• Identity activity with anomalous SaaS access patterns
• Application discovery with policy enforcement (what’s allowed vs. what’s present)

That matters even more heading into 2026, as agencies continue expanding AI programs that depend on secure, well-governed data platforms. You can’t run responsible AI on top of untracked software sprawl.

A practical playbook for agencies preparing for SAMOSA

If you’re in a CIO shop, acquisition office, finance team, or security organization, you don’t need to wait for final Senate action to get value. The best time to start is before reporting requirements become a scramble.

Step 1: define your “software truth” sources

Pick the systems that will serve as authoritative inputs. Most agencies already have them—they’re just not connected.

Common sources include:

• Contracting/procurement systems (purchase evidence)
• Identity and access management (assignment evidence)
• Endpoint management (installation evidence)
• SaaS admin portals (usage evidence)
• Ticketing/service management (support and dependency evidence)

Your goal is to reduce arguments like: “Finance says we bought it, IT says it’s not installed, and the vendor says we used it.”

Step 2: start with the top 10 vendors by spend

Trying to inventory everything at once is how programs stall.

Start with your highest-spend vendors and highest-risk categories (identity, endpoint, collaboration, data platforms, security tooling). That’s where consolidation and right-sizing show up fastest.

Step 3: measure cost per active user, not cost per license

This one change shifts the conversation from “how many did we buy?” to “how much value do we get?”

Create a simple metric set:

• Active users (30/60/90 days)
• Utilization by tier
• Cost per active user
• Licenses reclaimable within 30 days
• Renewal date and cancellation terms

AI tools can automate the reporting, but the metric choice is the real unlock.

Step 4: design governance that doesn’t slow delivery

SAMOSA pushes oversight, but agencies still need to ship services. The right governance is lightweight and repeatable:

• Standard intake for new software requests
• Approved catalog with pre-negotiated terms
• Usage review baked into renewal cycles
• Clear rules for exceptions (and how long they last)

If governance becomes a blocking function, teams route around it—creating more shadow IT and more waste.

Step 5: use AI for anomaly detection and prioritization

Once you have baseline inventory and usage signals, deploy AI where it earns its keep:

• Flagging abnormal growth in unused licenses
• Identifying duplicate tools by function
• Prioritizing savings opportunities by renewal urgency
• Predicting adoption risk when consolidating products

Think of it as a “spend-and-risk early warning system,” not a fancy dashboard.

What this means for vendors and integrators in the public sector

If you sell into government, SAMOSA should change your posture.

• Expect agencies to ask tougher questions about usage, tiering, and outcomes.
• Be ready to support data exports and admin visibility; opaque vendor portals won’t fly.
• Offer right-sizing support proactively. Agencies remember who helped them save money.

And if you’re a systems integrator or advisory partner, the opportunity is straightforward: agencies will need help building the pipelines, governance, and analytics to operationalize software inventories. AI can reduce the labor, but it won’t eliminate the need for strong process design.

The next question: will agencies treat this as compliance, or capability?

SAMOSA is a strong signal that Congress wants federal software spending to be measurable, defensible, and consolidated where it makes sense. The policy direction is right.

The execution risk is also obvious: agencies can meet the letter of the law with periodic inventories and assessments, yet still miss the bigger prize—continuous optimization.

If you’re leading digital transformation in government, this is the moment to connect the dots: AI-driven procurement analytics and software asset management aren’t “nice-to-haves.” They’re how you turn transparency into savings and security.

So here’s the question worth carrying into 2026 planning: when your next major software renewal hits, will you be negotiating from assumptions—or from evidence?