Adventures in Audits: how software licence terms drive audit resolution

Adventures in Audits: how software licence terms drive audit resolution

Be sure to check the T's and C's of your licence agreements, you'll discover what rights each vendor has for conducting an audit.

Published on 21st June 2023

If your company uses software under a license agreement that gives audit rights to the software vendor—and your company probably does—you may well have an adventure in your future. Vendors do, in fact, conduct software audits on a regular basis and, unfortunately, it’s quite common for them to find that a user is out of compliance.

First, it’s important to note that non-compliant users often aren’t villainous software pirates. Indeed, many noncompliant users haven’t engaged in any intentional wrongdoing at all. For example, some users simply fail to maintain records or reports required by the license agreement. Others inadvertently configure their servers incorrectly, allowing more persons to access the software than the license actually permits. Sometimes, users believe they are properly operating under a license granted to a predecessor company, only to discover that the license wasn’t actually transferable to their new corporate entity. There are, in fact, any number of ways a well-meaning company can end up on the wrong end of an audit.

At the same time, however, vendors have a legitimate interest in protecting their proprietary rights, even when those rights have been infringed unintentionally. Accordingly, when a vendor discovers noncompliance—sometimes as the result of a routine audit procedure or perhaps because the licensed software has “phoned home” to the vendor, revealing questionable usage—the vendor will likely expect compensation.

But how much? What will it take to resolve an audit dispute? Obviously, the answer will depend on the circumstances of each case. But it is possible to identify some of the key factors that will likely drive the resolution of a software audit. In our experience, the most important factors include (1) the requirements and terms of the relevant license agreement(s), (2) the business context in which the dispute has arisen and (3) the extent to which the parties ultimately conceptualize the resolution as a sale or as a settlement. In this article, the first in a three-part series, we will address and explore these three factors and their impact on the audit’s bottom line.

The Terms of the Software Licence

We turn first to the provisions of the relevant license agreement(s), which often are contained in boilerplate paragraphs that software users ignore at their peril.

It is, of course, axiomatic that a dispute over licensing obligations requires an analysis of the license agreement(s) at issue. After all, the license terms establish the vendor’s rights to conduct an audit in the first place, the procedures for doing so and, often, the remedies for any noncompliance that may be discovered. But many software users will find, perhaps to their surprise, that the threshold task of identifying and understanding the relevant terms is itself a challenge.

To begin with, we refer to relevant license “agreement(s)” because, quite often, more than one contract will be involved. The vendor and user may have signed various relevant documents, perhaps dealing with different software components or with later upgrades. Indeed, it is not uncommon for numerous relevant license agreements to have been negotiated over a long period of time—perhaps between the vendor’s and the user’s corporate predecessors and perhaps by persons no longer employed by either of the current parties. Especially if the software is old, critical license terms may even be buried in paper “shrinkwrap” licenses or in text files that have never before received any attention. Further, some vendors’ agreements will refer to still more documents (that, on their face, are not part of any agreement or contract) to determine how use and noncompliance will be evaluated.

If the vendor’s audit and remedy rights do turn out to be a mishmash of contradictory terms contained in different agreements, the vendor’s leverage in an audit dispute will decrease accordingly. After all, the biggest settlement payments happen in cases where one party can throw the other off a cliff, not where both parties will be jumping into an unpredictable swamp. On the other hand, the most sophisticated software vendors will have put in place audit and remedy rights that are both clear and powerful and that are set forth in license terms that have been carefully constructed by an experienced counsel who knows how to turn up the heat.

Increasingly, software vendors will include in their standard license agreements what purports to be a contractual right to charge a noncompliant user an amount determined by the vendor. This language can take several different forms and often uses the passive voice to obscure the fact that the vendor claims a unilateral right to determine the cost of non-compliance. For example, one well-known software vendor provides a standard license agreement that reads: “Licensee will promptly order and pay charges at [the vendor’s] then-current rates associated with i) any deployments in excess of authorizations indicated on or by any annual report or verification; ii) applicable subscription & support services (S&S) for such excess deployments for the lesser of the duration of such excess use or two years; and iii) any additional charges and other liabilities determined as a result of such verification, including but not limited to taxes, duties, and regulatory fees.”

Similarly, another vendor’s agreement provides that “[i]n the event your Use of the Software exceeds your licensed amount, you agree to license from Licensor the necessary amounts and pay any fee associated with such increase.” Finally, some vendors create an arrangement where the parties agree that the fee for any noncompliance—with both noncompliance and the fee determined solely by the vendor — will simply be “invoiced” to the licensee and that failure to pay that amount within 30 days will constitute a breach of the entire licensing regime.

A licensor armed with these or similar provisions might use its purported discretion to declare its “then-current rates,” “any additional charges and other liabilities” and “any fee” to justify a truly stratospheric demand as compensation for alleged noncompliance. In our experience, vendors do not lowball their initial demand for compensation associated with an audit. The numbers can be exorbitant.


The latest updates straight to your inbox

We just need a few details to get you subscribed

Health Checks

Inventory & Compliance

Cloud Readiness & Optimisation

Agreement & Audit Support


Looking for something specific?

Let's see what we can find - just type in what you're after

Wait! Before you go

Have you signed up to our newsletter yet?

It’s chock full of useful advice, exclusive events and interesting articles. Don’t miss out!

Cookie Notice

Our website uses cookies to ensure you have the best experience while you're here.