Tips for Dealing with Software Licence Compliance Audits
4 May 2020
Negative audit findings and non-compliance with software licence requirements can have a detrimental impact on your business and revenue - and these are often unbudgeted expenses.
The crux of complying with usage rights of any software licence is properly tracking authorized use v actual use. This is easier said than done but if you can get this right then you’re halfway to ensuring compliance with the terms of use in your licence agreement. There can be an imbalance on the playing field when it comes to licence compliance for users. This is because the combination of: (i) click-wrap licence terms (a digital prompt to click and accept licence terms); (ii) complicated licence agreement structures; and (iii) dedicated audit teams (who are responsible for monitoring and enforcing your compliance) have given software suppliers the upper hand when it comes to understanding and enforcing licence compliance.
This article provides some practical tips that we at Lighthouse recently found useful when assisting our clients with licence compliance audits.
Tip #1: Understand What You Are Purchasing
Intentional or not, the contract structure of the majority of the licence agreements that we review and negotiate is complicated. There are typically numerous different documents that are linked and incorporated by reference, and which need to be considered holistically when determining what can and cannot be done. The devil is unfortunately in the detail. It’s therefore key that you define and understand your usage requirements before engaging with the software supplier and then, when reviewing the contract documents, ask yourself questions (see Part 1 for more detailed questions) that include: (i) What am I buying? (ii) How long can I use the licence? (iii) What are the usage rights and restrictions for the software? (iv) Will I need different licenses if the software is being accessed and used across borders? (v) Is the licence single use or an enterprise licence? (vi) Do I need a separate licence for production and non-production environments? (vii) Does the licence term auto-renew? (viii) Can I substitute one user in for another?
Tip #2: Negotiation
You’ve now defined your requirements and you understand what you are purchasing. The next step is the contractual and commercial negotiation and ensuring that your requirements are reflected in the licence agreement. This can, however, be tricky when negotiating with the larger software providers who are often reluctant to negotiate their legal terms. It’s therefore important to investigate other mechanisms to mitigate your risk, for example, entering into a shorter licence term that does not auto-renew or purchasing a fixed number of licences and inserting true-up mechanisms (i.e. where you pay for overuse in arrears).
We suggest that you try to push for a ‘true-up’ mechanism in your license agreement which will help to mitigate the instances where you have overused the allocated number of licences. The true-up mechanism will then ensure that what you pay is reflective of the licence overuse alone and is not a penalty for the overuse. Ideally, this true-up mechanism should be the software supplier’s sole and exclusive remedy for overuse.
The legal risks will need to be weighed up with the commercial risks, as the software supplier will likely offer more favourable pricing for a longer term and this will have to be managed carefully within your organisation.
Tip #3: Continually Review Your IT Environment
Many software suppliers have dedicated audit functions that monitor and enforce compliance with their license parameters. By continually reviewing your IT environment, you’re able to better understand how many licenses are actually being used, which licenses are being paid for but not being used, and better understand where you may be exceeding the number of licenses purchased. The cost saving of such an initiative can be significant if you’re able to avoid audits, fines and/or reduce redundant licensing costs. Put in place procedures that track the usage and number of licences that are purchased and being used, and also cross-check your findings with those of the software supplier (Lighthouse has created an online portal Lighthub which can assist with tracking). In your findings try to clearly show the number of users, their locations, the versions that are being used and the licence agreement that governs their usage rights.
Tip #4: Introduce Robust Internal Process for Acquiring a Licence
Introduce robust internal processes that seek to prevent additional licenses from being acquired and which continually reviews the IT environment (this includes manual and tech processes i.e. security controls). You will also be able to map out your software use which helps to identify what products and versions are being licensed and which are no longer in use.
Tip #5: Audit as a Sales Tool
Be wary of a software supplier conducting an audit as a sales tool. Some software suppliers will conduct an aggressive audit in order to determine whether there’s a deficit between the number of licenses paid for and actually being used. If a deficit is found, the software supplier can attempt to blend this with a sales pitch to lock you into long term deals for other products and dropping the audit fines if you accept. Be careful and consider whether this trade-off makes commercial sense as you may have the same problem in a few years’ time.
The information and views contained in this article does not constitute legal advice. If you do require legal advice, please contact us on hello@lighthouse.law.
