Publishers have increasingly relied on compliance revenue, with compliance teams and sales incentives focused on identifying non-compliant software usage. Audits typically involve data collection, findings presentation, entitlement comparison, and negotiation toward resolution. Publishers use techniques like extrapolation and standard pricing to maximize revenue from audits. Companies can reduce audit risks through proactive license management and compliance to minimize wasteful spending and eliminate financial exposure from audits.
9. Statistics
• The majority of respondents said the use of unlicensed software impacts their companies’ revenue by
at least 10 %
• 90% said their software license compliance program is a source of revenue and nearly 50%
indicated compliance-related recoveries provide 4 % or more of their annual revenue
• 52% said sales or sales operations lead their compliance programs (up from 33% in its 2007 survey)
• 70% said sales receives commissions for compliance revenue
• The vast majority of executives say their company is more interested in addressing customer
noncompliance in a forward looking sales process than in trying to assess penalties or interest for over-
deployment
In October 2013 KPMG surveyed 31 software companies representing more than 50% of
the revenue of the software industry from February to April 2013.
10. Publishers use various techniques to
reap the most revenue from
compliance engagements
• Product release dates
• Extrapolation
• Standard List Pricing
• High pre-judgment
interest rates
• Maintenance programs
11. The Audit Cycle
Trigger
Letter requesting audit
Response
Initial kick off call
NDA’s signed
Data gathering by you or 3rd party
Presentation of findings
Extrapolation of data based on coverage
Review of applicable SLA’s / EULA’s
Comparison of findings vs. Entitlement
Negotiation to resolution
Agreement on resolution
Conclusion / Order issue
12. The Audit Cycle
Trigger
Letter requesting audit
Response
Initial kick off call
NDA’s signed
Data gathering by you or 3rd party
Presentation of findings
Extrapolation of data based on coverage
Review of applicable SLA’s / EULA’s
Comparison of findings vs. Entitlement
Negotiation to resolution
Agreement on resolution
Conclusion / Order issue
• Audits last 3 months on average
• End result of failure: financial loss, disruption, reputational damage, and
(ironically) more frequent future audits
13. What can go wrong?
Trigger
Publishers have geared themselves to capture triggers.
They have tools that track suspicious activity
Reports are generated for phrases such as:
How do I uninstall XXY?
How do I set up XYZ on a server?
How do I set up XXZ in a virtual environment?
Their technical support engineers are also trained to listen for triggers:
We have this installed as part of our desktop image
You’d better respond quickly because our whole dept. uses this product
We are rolling this out to …
We’ve been using this product for 10 years
14. What can go wrong?
Response
• Delayed responses garner attention.
• Engage quickly and professionally.
• Bitterness about an audit tends to attract attention.
• Demonstrate a willingness to co-operate.
Know your rights but don’t lead the effort with legal. This results in
the publisher being forced to take the legal route too.
Assign resources and ask your publisher sales person to help you.
Involve your legal team early on in the process and cc them on
internal communication to keep it privileged.
15. What can go wrong?
Extrapolation of data based on coverage
Publishers tend to use extrapolation techniques to account for
the lack of 100% coverage of your audited environment.
The better the coverage, the less you need to worry about
extrapolation.
Work now to ensure your coverage is as high as possible.
If you have holes, fix them or define techniques to cover the
unaudited holes.
Example:
A license shortfall of 2,000 in and environment with only 80%
coverage will add an additional 400 to the shortfall. This WILL
cost you.
Advice:
Ensure your coverage is as high as possible
16. What can go wrong –
Misinterpretation of SLA
Review of applicable SLA’s / EULA’s
• Ensure that you have the right license agreements in place and that you are
working from them. Multiple license agreements with varying terms can muddy
the waters. You will likely be working with multiple license agreements. Keep the
license shortfalls in silos where you can.
• Ensure that you understand alternate rights usage of all your licenses.
• Publishers will lean towards license agreements that work in their favour.
LicenseA
LicenseB
LicenseC
17. Entitlement
Comparison of findings vs. Entitlement
• Publishers will strive to have you settle on data before they start talking about
pricing.
• Publishers will try to keep these exercises as data driven as possible for potential
legal remedies.
• Publishers will endeavor to keep their practices as consistent as possible for the
same reason.
• Implement tools that track entitlement.
• Work with your publisher sales people to
understand entitlement.
• Ask your resellers to help with
entitlement data.
18. Software License Management
Reduces Risk
• Companies that implement SLM tools are 32% less likely to get audited
• Among companies that do get audited, those with SLM tools report:
• Fewer (if any) financial penalties; fewer unanticipated true-up
costs
• Nearly 50% less time spent on audit
19. Why most companies fail audits
Decision-makers underestimate the exposure;
view SLM as an expense vs. investment
You are forced into reactionary mode;
when it comes to license compliance, this means failure