Software-compliance audits initiated by IBM can be extremely burdensome and time-consuming and can force companies to face challenges that are somewhat unique among major-publisher audits. For one example, a significant component of IBM’s business model is the acquisition of other software vendors and the integration of those vendors into IBM’s product portfolio, which can complicate the task of identifying the appropriate license metrics and entitlements owned. For another example, companies seeking to license IBM products based on processor resources in virtualized environments must use IBM’s License Metric Tool (ILMT) in order to avoid licensing the products based on the full capacity of the host infrastructure. The ILMT question can become a significant satellite issue to explore during an audit, and failure to demonstrate compliance can yield substantial licensing exposure.
However, once all of the data-collection and license-reconciliation tasks have been addressed, IBM’s auditors will generate a final audit report, and IBM will prepare a proposal to resolve the audit findings. At this stage, companies will need to turn their attention on structuring an appropriate settlement framework that definitively resolves all calculated license shortfalls as well as all, underlying licensing concerns that may have contributed to an imperfect outcome.
Here are some important subjects to keep in mind when negotiating the resolution with IBM:
- Fair Purchasing Options
IBM’s default audit resolution typically will incorporate a requirement to purchase licenses equal in kind and quantity to any license shortfalls calculated during the audit. Thus, if a company was found to be over-deployed for WebSphere Application Server (WAS) by 1,000 Processor Value Units (PVUs), IBM will require the company to purchase 1,000 PVU license for WAS. In addition, IBM also usually will require the company to purchase two years of retroactive support for the shortfall license quantity. However, there often are a number of opportunities to maximize the value of the audit resolution:
(1) Minimize Retroactive Support.
If the company can demonstrate that product installations associated with license shortfalls were deployed within the two years prior to the audit, then that information should be discussed in order to reduce the amount demanded for retroactive support.
(2) Reduced or Compromise Purchase Quantities.
Audited companies should not hesitate to request compromises associated with inadvertent licensing shortfalls. For example, if a compliance problem resulted from the company’s failure to deploy and use ILMT, then the company should seek to reduce the number of licenses to be purchased for the product in question, provided either that the products are re-deployed or that ILMT is installed following settlement. These arguments sometimes are more compelling when the company can demonstrate unsuccessful attempts to satisfy the licensing requirements prior to the audit. Furthermore, they can be especially compelling when the company can demonstrate that IBM had an opportunity to advise the company regarding the compliance concern prior to the audit – and failed to do so – or that IBM had an affirmative obligation to satisfy the licensing requirement (such as through a statement of work for implementation services).
(3) Substitute Products & Services.
Whenever a quantity of licenses included in an audit settlement demand would address calculated shortfalls without providing prospective value to the company (for example, because the software either can be re-deployed or uninstalled following settlement), the audited company should seek to substitute those purchase quantities with alternative purchases consistent with the company’s go-forward needs. This approach typically is easiest for IBM to accommodate when licenses for one product are to be substituted with licenses for another product that was not found to be a compliance problem during the audit. IBM also has a strong desire to transition business to a cloud-services model, and it also may be willing to substitute those services in place of a perpetual-license demand. However, IBM’s hardware and professional-services offerings usually are not accepted as substitute purchases.
(4) Strategic Pricing Discounts.
Never underestimate the power of direct negotiations between business teams. IBM may be willing to offer further discounts if it perceives an opportunity to become a strategic vendor for the audited company. This can be especially true for companies willing to commit to subscription or other ongoing service-delivery relationships with IBM.
- Post-Settlement Compliance Obligations
Any product-specific compliance problems outside of license shortfalls that were identified during the audit need to be definitively resolved through the audit settlement.
The most obvious item falling within this category would be a prospective need to deploy ILMT. Large organizations especially may be unable to install and configure the tool quickly following settlement of an audit. Therefore, the audit close letter or settlement agreement needs to define the post-settlement ILMT deployment obligation, providing for sufficient time to complete the project. It also may be advisable to seek IBM’s commitment to support the ILMT implementation and to allow for additional time to complete the project, provided that the company has made reasonable progress toward completion.
Another item to keep in mind here would be any compliance concerns that may have resulted from IBM’s acquisition of a vendor from which the audited company previously may have purchased licenses. If there were any licensing allowances granted by that vendor prior to the acquisition, then the audit close letter should address whether and to what extent those allowances will be carried forward, either to facilitate the company’s continued use of pre-acquisition versions of the software in question, or to transition to post-acquisition versions of that software.
- Release, Forbearance and Other Legal Terms
Finally, it is critical to ensure that the audit settlement really is a complete settlement of all issues reviewed through the audit process. This means including a strong release of past liability in the audit close letter or settlement agreement that includes all audited products and business operations. It also means seeking a reasonable period of audit forbearance following the audit, so that the company has time to adjust its software-asset management procedures in preparation of the next licensing review. In addition, if any licenses need to be assigned from one organization to another within the company’s enterprise in order to ensure co-forward compliance, those issues also should be resolved with the audit settlement.