Robin Fry, director, Cerno Professional Services
There is an increasingly prevalent threat facing large corporates around the world:the use by major software vendors of contractual audit rights to search out inadvertent under-licensing, triggering substantial and unexpected liabilities against their customers.
The exercise of ‘software license reviews’ or ‘software audits’, most notably by Oracle, SAP, IBM, Informatica and Microsoft, has increasingly become a revenue-generation mechanism for these vendors. Against the backdrop of a huge number of IT systems being moved to the cloud, with Amazon and Google establishing themselves as market leaders, the historically-dominant software vendors are urgently seeking additional revenue from elsewhere: their existing base of on-premise software customers.
The amounts sought – aggregating license fee shortfalls, back-support, penalties and audit costs – can be eye-watering: Diageo was found liable in the High Court last year for under-licensing when it opened up its ordering to customers by allowing the use of iPads rather than, as previously, utilising only a call center. The ‘indirect access’ claim by SAP totalled more than £58million.
ABN-InBev, the world’s largest brewer, was also impaled in another under-licensing claim by SAP for US$600m. The matter was settled in a New York arbitration late last year for an undisclosed amount.
These two claims represent only a tiny visible fraction of a new battleground, with hundreds of corporates receiving notification letters that have been ‘selected’ for such a license review by one of these major vendors. The customer is directed to the audit provision in the license terms and often, at least at this stage, content for the review to be carried out.
The process of the audit
Following the notification that a review is to be conducted, the process then follows a sequence under which an appointed auditor – usually a major accountancy firm such as EY, KPMG, Deloitte or PwC, or, for Oracle, often its own license management services division – carries out the technical analysis.
The analysis examines the actual usage of the software and compares this to license grant, initiating an ‘Effective License Position’; inevitably shortfalls are exposed. The process can take in excess of three months, with the auditor running scripts on the customer’s IT infrastructure and then searching out all recorded usage or installation of their proprietary software. There is only one aim: to identify any shortfalls on which invoices can be issued.
The vendor will then issue an executable quote, with payment required within 30 days. The shortfalls often derive from:
- Installation of programs without use: generally, still licensable;
- Use of virtualisation (typically VMware) where any processors that might run the programs also all need to be fully licensed;
- Inadvertent triggering of management packs and options by the customer included (but not ordered) from when base technology is delivered by the vendor to the customer;
- New remote usage – for example, by customers, suppliers or partners using new channels or APIs;
- Robotic usage;
- Older software being shelved but still technically subject to support and maintenance charges (generally 22% of purchase cost per year).
It is almost impossible for any successful corporate with constantly-shifting business needs – and therefore ever changing IT systems– to remain fully and at all times in compliance with license terms. Vendors often point to white papers, policies and website downloads to shore up opaque and ambiguous wording within contracts, invariably to the customer’s detriment. Oracle, for instance, derives very substantial revenues from insistence on compliance with its ‘Partitioning Policy’ despite it being declared to be ‘for educational purposes only’.
The result: a crippling and potentially embarrassing bill at full list prices, with multiple other penalties and costs. This claim will not have been provisioned for and can, on occasion, have a severe impact on the financial statements.
Seven key lessons:
- Never assume that a long-standing relationship has any weight: this process is driven outside your account director and is simply a substantial revenue-generation opportunity mandated at the highest level within the vendor;
- Unless you have completed such an audit within the last two years, do not assume any complacency: under-licensing (and over-licensing) is largely unavoidable even for the best-managed corporates;
- Confront these issues in advance: commission your own audit using specialists and then ameliorate any under-licensing that is exposed;
- If you receive an audit notification letter, delay and prepare;
- Choose to fight every demand: often there are contractual, technical and commercial arguments that together can destabilise and substantially reduce any settlement payments that are demanded;
- In any M&A situation, if acquiring, immediately commission your own audit to crystallise the (latent) liability and then lay off to the sellers under their warranties;
- If selling a business or company, confront the possible hidden exposure: far better to remediate early and, if necessary, negotiate with the vendor on your terms in advance rather than receive an indemnity claim for an uncontrolled amount after the sale.
The risks around under-licensing are significant but rarely publicised – often falling between IT, legal, procurement and finance teams. The latency is dangerous given the potential for very high claims that could have been addressed earlier.
Never raised by the statutory auditors, this is a board issue where the risk(s) are often overlooked by both the audit committee and any separate board risk committee. This is wrong: software under-licensing is not an incidental administrative issue but one that properly falls to be managed by the audit committee under the FRC’s UK Corporate Governance Code (July 2018).
Corporates are highly dependent on database technology and applications to run their businesses. But this dependence means that, if the installed software cannot readily be shed, then neither can any corresponding financial liability to the software vendor.
Robin Fry is a software licensing lawyer and director at Cerno Professional Services, a firm specialised in challenging licensing demands.
Global Banking & Finance Award Winner – BPC
In this exclusive interview we spoke with Jane Loginova, BPC about the ways BPC helps financial institutions create relevant digital experiences for customers.
FE CREDIT and The Journey To Customer Experience Enhancement
As a leading enterprise in the consumer finance industry, FE CREDIT is being on the mission of constantly enhancing digitalization and adopting advanced technological platform in order to bring customers optimum experiences when they use the company’s products or services. With the endeavour of shortening the distance with customers, Genesys is considered a strategic platform applied by FE CREDIT to serve customers the bests as soon as they concern or are in need of financial services.
Global Banking & Finance Award Winner -PT Sucorinvest Asset Management
Exclusive interview with Mr. Jemmy Paul Wawointana,Chief Executive Officer of PT. Sucorinvest Asset Management
The Beaconsoft story and introducing its one-of-a-kind digital campaign intelligence platform
By Nigel Bridges, founding CEO of Beaconsoft Limited What were you doing prior to setting up Beaconsoft? Before setting up...
Top 8 Tax Scams to Watch Out For
It is tax time and that means finding the best way to file your taxes and to get a refund...
Hisham Itani and Resource Group Recognized in the 2020 Global Banking & Finance Awards®
Global Banking & Finance Review has awarded Hisham Itani the Chairman and CEO of Resource Group, Technology CEO of the...
Euro zone business activity shrank in January as lockdowns hit services
By Jonathan Cable LONDON (Reuters) – Economic activity in the euro zone shrank markedly in January as lockdown restrictions to...
Volkswagen’s profit halves, but deliveries recovering
BERLIN (Reuters) – Volkswagen reported a nearly 50% drop in its 2020 adjusted operating profit on Friday but said car...
Global chip shortage hits China’s bitcoin mining sector
By Samuel Shen and Alun John SHANGHAI/HONG KONG (Reuters) – A global chip shortage is choking the production of machines...
Iran’s oil exports rise ‘significantly’ despite sanctions, minister says
DUBAI/LONDON (Reuters) – Iran’s oil exports have climbed in recent months and its sales of petroleum products to foreign buyers...
Nissan to source more UK batteries as part of Brexit deal ‘opportunity’
By Costas Pitas LONDON (Reuters) – Nissan will source more batteries from Britain to avoid tariffs on electric cars after...
Muted recovery for UK retailers in December ends worst year on record
By David Milliken and Andy Bruce LONDON (Reuters) – British retailers struggled to recover in December from a partial coronavirus...
Chinese phone maker Honor partners with key chip suppliers after Huawei split
By David Kirton SHENZHEN, China (Reuters) – Chinese budget phone maker Honor said on Friday it had signed partnerships with...