Readers of this blog will remember that I previously posted on the shocking case brought by whistleblower Paul Cimino against IBM arising out of a predatory software audit conducted by IBM of the Internal Revenue Service (“IRS”). Although Cimino worked for IBM he was apparently so horrified by IBM’s complete fabrication of non-compliance findings in order to force the IRS into a new and more expensive ($265 million to be exact) license agreement that he blew the whistle and filed a claim under the federal False Claims Act (“FCA”).
The district court dismissed the key fraudulent inducement claim finding that it was not credible that the IRS would enter into a new and more expensive contract with IBM just to get out from under substantial audit penalties. The D.C. Circuit Court of Appeal disagreed and found that Mr. Cimino had plausibly alleged that “but for” the fraudulent audit, the IRS would never had entered into the new license agreement. The court remanded the case back to the trial court for further proceedings. This is a big win for Cimino and although decided under the FCA, can be instructive for all those companies out there who have suffered through predatory audits by major software publishers.
The Court explained the case as follows:
“This qui tam action began when Paul Cimino filed a complaint alleging that IBM violated the FCA. As a former senior sales representative for IBM, Cimino helped sell software to the IRS. Based on knowledge acquired on the job, Cimino alleged that IBM fraudulently induced the IRS to enter a $265 million license agreement for “unwanted, unneeded” software.
Faced with the possibility of losing significant revenue, IBM allegedly devised a scheme to pressure the IRS into another long-term deal. IBM planned to conduct a “friendly” audit, anticipating that the IRS was overusing the software and therefore would owe a significant amount in compliance penalties. IBM would then leverage the penalties by offering to waive them in exchange for a new agreement.
IBM retained Deloitte LLP to perform the audit. Contrary to IBM’s expectations, Deloitte’s initial audit showed the IRS was not significantly overusing the licenses and owed only $500,000 in compliance penalties—a relatively small amount for a contract of this size. IBM never released these audit results to the IRS. Instead, IBM worked with Deloitte to manipulate the results. For example, IBM counted licenses on discontinued servers as in constant use, even though they were never used. Deloitte first presented the number of overused licenses from this manipulated audit to Adam Kravitz at the IRS. Cimino alleged that “Kravitz rejected the audit findings because, in his words, ‘IBM cannot substantiate that the IRS is out of compliance.’” IBM then manipulated the audit again to show an outstanding $292 million in compliance penalties. IBM shared this number with the IRS, despite the fact that one IBM employee considered the number “ridiculous,” and another “was ‘not comfortable representing’ that number to the IRS.”
As we have warned before, avoid “friendly” software audits by software publishers as there is nothing friendly about them. If Oracle or IBM or whatever software company wants to conduct an audit, then they should issue a formal audit notice and do so. These “friendly” audits are often nothing more than fishing expeditions where the sales team hopes to turn non-compliance findings into a big payday and a big contract. Licensees should stand on their contractual rights and not fall into these traps.
Another interesting aspect of the case is how IBM allegedly was attempting to charge the IRS by claiming licensing fees for non-use of the IBM software. The court pointed to allegations that IBM claimed fees for discontinued servers for constant use even though they were never used. We see similar attempts by Oracle and others to charge customers a licensing fee on servers where no Oracle software is being used, such as in the case of Oracle’s expansive VMware assertions, which involve non-contractual and non-binding policies. Customers under audit should carefully review license agreements and challenge during audit resolution negotiations policies that are not expressly incorporated into the contract. Careful attention should be paid to assertions that payment must be made for non-use by the customer of the auditing company’s software, or for potential future use that has not yet occurred.
We were pleased to see that the appellate court reversed the lower court’s dismissal and is allowing this whistleblower suit to proceed past the pleading stage. Only when predatory software vendors are held to account by the courts will such behaviour end. Tactical Law will continue to monitor the case. Please check back here for periodic updates.
Pixabay via Pexels
"*" indicates required fields
Software Asset Management is a business practice that involves managing and optimising the life cycle of software within an organisation.
Software asset management is relevant to many facets of a business - take a look at some of the roles that it can form part of the focus of.
Software vendors come in all shape and sizes - all with their own set of licensing models and rules. We take a look at just a few of them.
As a constantly evolving subject, SAM is not without its challenges. We take a look at some of the most common ones.
Wondering what an investment in SAM could do for your business? Fill out a few details and find out what return you could get!
Answer a few questions about your SAM infrastructure & experience, and we'll put together a personalised recommendation for the future.
A simple health check of what's being used across your Office 365 estate in this FREE, Microsoft backed and easy to setup review.
Just like you would with your vehicle each year, get an annual check up of your software asset management programme.
Overwhelmed by the task of documenting the steps for a successful SAM programme? Get the experts in to help!
Concerned your SAM tools aren't covering your whole estate? Or on the look out for an entirely new tool? Get us in to assist.
Not content with covering all things SAM related, we've teamed up with Capital to provide a comprehensive hardware asset management review.
A simple, one-time reconciliation of the software you have deployed versus the licence entitlement you own.
A regularly scheduled analysis of your organisation's estate, specifically adapted to your needs and budget.
A full appraisal of your Microsoft 365 setup and how best to optimise it through automated recommendations.
An add-on to our SAMplicity One, MOT and Plus offerings, quickly diagnose your ability to migrate your resources to the cloud.
In collaboration with law firm Addleshaw Goddard, ensure the legality of your SAM programme and get assistance with any contract disputes.
Available as standard with SAMplicity Plus, ensure you're compliant if you're unexpectedly audited by a vendor.
We've teamed up with some of the forefront experts in licensing knowledge so you can teach yourself to be an expert too.
Stumped by the continually evolving complexities of SAM? Join us for one of our comprehensive courses, either in-person or online.
It’s chock full of useful advice, exclusive events and interesting articles. Don’t miss out!