When you buy software, you don't actually own it; rather, you purchase “the right to use” it according to the terms and conditions outlined in the Software License Agreement. One of the common conditions that you will find in any Software License Agreement is the audit clause, which allows the Software Provider to verify that you are using the licensed software in compliance with the contractual terms. This clause is a standard provision that most Software Providers include in their agreements to protect their intellectual property - the software that you're using. While you can understand their rationale for this (basically protecting the Software Provider’s Intellectual Property Rights) it's essential to negotiate firmly to avoid unreasonable audit conditions that could result in you being unfairly penalized.

The audit process involves identifying the installed software applications, verifying the number of purchased licenses in use, and identifying any instances of misuse of licenses. Non-compliance with license terms and conditions is a significant risk associated with software audits. This can result in unforeseen expenses, as well as financial penalties and legal complications.

Here is a list of what to look out for while negotiating a software audit clause:

Prior Notice

Although, it is generally acceptable for a software provider to include a provision in the agreement that grants them the unilateral right to conduct a software audit, in order to ensure fairness and transparency, such audit should never occur without you being given a prior written notice.

Different audit clauses use different terminology when it comes to prior notice periods. The language used may vary from being exact i.e. 15-day notice, to wording such as “reasonable” notice, and you should never go for the latter. Such “open to interpretation” language is rarely a good indicator since there is no actual definition of what would be considered as “reasonable”. Maybe for your provider “reasonable” means 5 days, and to you is means more like two weeks, so in order to avoid potential conflict it is better that both of you agree to a specific time period regarding such prior notices. Furthermore, while negotiating this part of your audit clause, always do so while considering worst case scenarios, such as national holidays, or yearly summer vacations, etc., so that your required staff is present at the time of the audit.

Software auditing after the termination of the agreement

It may come as a surprise to some of you, but yes, there are some software providers that will try to “reserve” their right to audit you even after your agreement with them has terminated. Such clauses will typically go as follows: “At any time during the Term and for a period of three (3) years thereafter, Xxx may audit Customer’s use of the Software on ten (10) days’ advance written notice……”.

Usually, I advise against such provision since multiple complications may arise when such audits are conducted after the termination of the agreement. It’s only logical that you wouldn’t want a company with which you no longer have a standing agreement with to snoop around your systems, but if for some reason you choose to agree to such terms, you need to make sure you have at least a binding Confidentiality and Non-Disclosure Agreement in place to protect you from such audits after the termination of your original agreement.

Frequency

As you may have noticed in the example clause given above, sometimes, in the audit provisions you might read that the software provider may request an audit at any given time during the term of the agreement, which basically means that you can get audited as many times as the software provider sees fit, which might not be ideal for you. Under such circumstances, I advise you to negotiate a better timeframe on how many audits you may be subjected to during the term of your agreement. It can be from 1 audit every six months to 1 audit a year, anyhow, be careful to settle for an auditing frequency that suits your business model and also that the language used regarding such frequency is clear.

Auditing Process

The manner in which an audit is going to be conducted is of the foremost importance, and the more clarity you have on the auditing process, the better for you. So, before you rush to sign your agreement, you need to make sure what your software provider means by “software audit”. This is the part that you need to ask as many questions as possible so you get a more in-depth understanding of how to prepare and what to expect from the auditing process. You need to gain clarity on every step of the process and who is conducting such audit, since a lot of software providers opt for external software auditing firms. The key components you need to clarify regarding the process are:

• Who is conducting the audit; is it the software provider or an independent third-party, since this sole piece of information changes the way you negotiate your auditing clause;

• Are there any published metrics you can use to be able to also self-measure your own level of compliance, if not, request to be made available a set of the required metrics so that you can know beforehand what the auditing process revolves around, but also to limit the possibility of the audit findings being abusive;

• What kind of access is needed in order to perform the audit; during what time is such audit to take place; will it interfere with usual day to day business and so on.

You know your business better than anyone, so get as much clarity as possible on all the bureaucratic aspects of the auditing process so that your business can continue its activity unaffected.

Failing an Audit

In the event that an audit fails to meet expectations, it is important to understand the potential consequences. Some software providers may impose an audit cost fee if the discrepancy is over a predefined percentage and the terms of this fee can vary.

Let’s say that the auditing concludes that you have been using more licenses than you have originally purchased. Typically, software providers require you to rectify any discrepancies by purchasing additional licenses. It is crucial to note that, in the absence of fraudulent activity, you should not be subjected to exorbitant fees or required to relinquish previously negotiated pricing concessions, regardless of the audit outcome. However, for you to avoid potential price gouging, it is recommended to include explicit language that limits license purchase prices to your normal, discounted price list with the software provider. Furthermore, more often than not, software providers opt for you having to cover the cost of the audit, a point which you need to negotiate, especially if such audit is conducted by third-party.

External Auditor

Sometimes, software providers do not conduct the audit themselves but outsource it to a third-party. Even though you may not be able to negotiate this out of the agreement, you need to be prepared. Although it may not seem as a big deal, keep in mind that usually the more discrepancies external auditors find, the more they get paid, so in their case, their goal is not to protect the business relationship between you and the software provider, but their own profit. Furthermore, you need to make sure that you audit is sealed and confidential for you do not want your auditing results made public. Also, you need to make sure that the external auditors are legally responsible for any breach of confidentiality and disclosure of your non-public business information.

Knowing who is conducting the audit changes the way you negotiate your audit clause.

Internal Safeguards

Surely you have come across these words before when reading or negotiating a software agreement. Initially you may not think much of it and intuitively understand what these words would refer to, however, I don’t particularly like open to interpretation phrases, especially when they can be the root cause of many issues. I urge you to seek written clarification on what your software provider considers as adequate internal safeguards in order to ensure compliance with the use of software so that you avoid issues in the future once the audit is conducted.

Finally, to create a balanced and equitable software audit provision, it is essential to establish mutual agreement on the terms and conditions of the audit process. This can be achieved by conducting negotiations and engaging in open communication to address any concerns and potential issues you may face. The clearer the language of the software audit clause, it will help to ensure that the audit provision is reasonable and appropriate for both parties.