Microsoft’s Services Provider License Agreement (“SPLA”) is a popular licensing framework for businesses delivering hosted or rented software solutions to their customers. However, as with many software license agreements pertaining to resale or other business channel partnership programs, the SPLA typically includes audit rights language giving Microsoft the ability to review a SPLA partner’s records regarding software deployments and entitlements and to demand compensation – usually at a mark-up over standard reseller pricing levels – for any deployments found to be excess of the business’ past monthly SPLA reporting.

Businesses that deploy software under one or more SPLAs should strongly consider working with an attorney experienced in publisher-initiated software audits before disclosing any information to Microsoft in response to a SPLA audit engagement. Many businesses discover during the course of a SPLA audit that in the past they have either under-licensed or over-licensed some or all of their deployments based on an incomplete grasp of Microsoft’s complex distributed software licensing rules. Learning this information before disclosing any audit results to Microsoft can help to avoid a protracted dispute over past licensing discrepancies. In addition, a third-party software audit taking place at a company’s offices may represent a significant disruption to business activities. For others businesses, unprotected access to or disclosure of company information regarding software deployments and entitlements entails confidentiality concerns that are greater in scope and significance than the concerns that all businesses should keep in mind when disclosing information to a party that could, in some cases, end up on the other side of the aisle in a litigated dispute.

Experienced counsel should have a familiarity with both the substantive licensing rules under SPLA and with the audit procedures Microsoft typically uses in these matters. They also should have a good idea of the various alternative procedures to which Microsoft may be willing to agree in order to resolve the audit request in a way that minimizes adverse impacts on a company’s business operations. Especially in light of the financial exposure that SPLA audits can entail and the business-critical nature of the software products often licensed under a SPLA, attorney consultation in these matters often is vital to achieving a mutually agreeable outcome.

IBM has begun a comprehensive program of compliance audits of its software clients. Scott & Scott’s clients have begun receiving letters from IBM Software Compliance demanding cooperation with a “routine assessment” of the client’s deployment of IBM software. According to the letter, IBM employs the services of Deloitte, LLP to conduct these audits and states that it is performing the audits to:

“confirm licensing requirements, determine actual deployment and usage, verify compliance with IBM applicable agreements and enhance IBM’s understandings of the challenges…in managing their IBM software deployments.”

According to IBM, these audits are part of a broad initiative to audit all of its clients. This is one of the most audacious compliance moves we have seen in the software industry. While most major publishers have compliance programs, we are not aware of any software company who plans to audit all of its customers. Here, however, IBM appears to be invoking its right to “conduct a routine assessment” under licensing provisions without prior suspicion of software licensing noncompliance.

These audits can entail significant financial exposure, and the software products at issue often form the lynch pins of whole lines of business. A company targeted by an audit of this type should seek experienced counsel to identify and defend its rights under the software license agreements. There may be significant rights pertaining to the audit contained within licensing agreements that could strengthen the target company’s position throughout the audit process.