IBM Audit Defence for a Leading Italian Retailer: €3.0M Claim Reduction in 14 Weeks

The Challenge

An Audit Letter with No Playbook

The client — a major Italian retail group operating over 420 stores with approximately 18,500 employees and €2.3 billion in annual turnover — received a formal IBM Software Licence Verification notification in Q3 2023. The letter, issued via IBM's preferred audit partner, cited concerns over sub-capacity compliance and requested a full inventory of IBM software deployments across the organisation's virtualised server estate within 60 days.

The IT leadership team had not faced an IBM audit before. Their IBM software estate had grown organically over more than a decade, spanning multiple data centres and a mix of on-premises and co-location infrastructure. The deployment covered IBM DB2, WebSphere Application Server, IBM MQ, Cognos Analytics, and IBM ILOG CPLEX — all running on VMware-based virtual infrastructure across two primary data centres in Northern Italy.

The ILMT Gap

The organisation had deployed IBM's License Metric Tool (ILMT) several years earlier, but the deployment was incomplete. ILMT had been installed on the primary production cluster, but three secondary virtualisation hosts — added during a data centre expansion in 2021 — had never been brought into scope. This meant that for a meaningful portion of the IBM PVU software estate, sub-capacity licensing records either did not exist or could not cover the required two-year rolling period.

Under IBM's Passport Advantage sub-capacity rules, any gap in continuous ILMT measurement triggers a default to full-capacity licensing — meaning IBM calculates licence requirements against the total physical PVU capacity of every server on which the software might conceivably run, not the virtual cores actually assigned. IBM's auditors applied this rule across the entire estate, not just the unmeasured hosts. The resulting full-capacity calculation inflated the apparent licence shortfall dramatically.

IBM's Opening Position

After receiving the client's initial inventory submission — prepared internally without independent advice — IBM's audit team issued a preliminary findings report asserting a licence shortfall of approximately 2,840 PVUs across DB2 and WebSphere, plus additional exposure on IBM MQ channel licences. IBM's demand, including two years of back-maintenance at standard rates, totalled €4.1 million. The client's procurement team, facing their first IBM audit and under pressure to avoid business disruption, had begun discussing how to fund the settlement when a board member recommended engaging Redress.

The Approach

Immediate Audit Suspension and Data Control

Redress was engaged two weeks after the preliminary findings report. The first action was to issue a formal response to IBM's audit team requesting a pause in proceedings to allow the client's new independent adviser time to review the methodology. This is a standard and legitimate step: IBM's audit process allows for adviser engagement, and requesting time to validate findings is not an admission of non-compliance. IBM agreed to a four-week extension.

During that window, our team conducted a full independent review of the client's IBM software deployment. This covered all physical hosts, all VMware clusters, all ILMT scan data available, historical software deployment records, and the original Passport Advantage contract terms.

Forensic ILMT Analysis

The core of IBM's €4.1M claim rested on two methodological errors that our team identified within the first week of analysis.

First, IBM had applied full-capacity charges to the entire estate because of the three unconfigured hosts, rather than limiting the full-capacity calculation only to those hosts and the specific products deployed on them. Of the 14 IBM product instances in scope, 11 ran exclusively on the properly-measured ILMT cluster. IBM had no contractual basis to extend the full-capacity penalty to software that had been continuously and correctly measured throughout the audit period.

Second, IBM's auditors had used peak PVU snapshots rather than the time-weighted average required under Passport Advantage sub-capacity rules. Peak measurement occurred during a planned load test in November 2022 — a one-time event that inflated the apparent maximum capacity by approximately 34% compared to the normal operational baseline. Using the correct time-weighted average across the compliant ILMT data set reduced the measured shortfall on the three unmeasured hosts substantially.

Rebuilding the Sub-Capacity Position

Redress worked with the client's infrastructure team to retrospectively document the three unconfigured hosts, install and configure ILMT correctly, and generate compliant measurement data going forward. We also gathered infrastructure change logs and VMware vCenter snapshots to reconstruct the likely licence consumption on those hosts during the period of non-measurement — providing an evidence-based alternative to IBM's worst-case assumption.

This retrospective reconstruction, while not substituting for continuous ILMT records, gave the negotiation team a credible counter-position grounded in actual deployment history rather than speculation. The documented evidence showed that the three hosts had consistently run IBM software at well below full-capacity utilisation — averaging 28% of physical PVU capacity — and that IBM's demand implicitly assumed 100% utilisation throughout.

IBM Negotiation

Armed with a fully documented counter-position, Redress presented IBM's licensing team with a revised compliance calculation that reduced the legitimate shortfall to approximately 610 PVUs — primarily on the three previously unmeasured hosts — down from IBM's claimed 2,840 PVUs. We also challenged the back-maintenance calculation, noting that IBM had incorrectly applied list-price maintenance rates rather than the client's contracted discount level, which stood at 38%.

Negotiations proceeded over four weeks through IBM's Software Asset Management compliance team. IBM initially countered at €2.4M. After two further rounds and the submission of additional VMware telemetry supporting the 28% average utilisation claim, IBM's final settlement offer stood at €1.1 million — inclusive of all back-maintenance and licence purchase costs for the documented shortfall on the three unmeasured hosts.

The Outcome

Settlement and Remediation

The client signed the settlement agreement in Q4 2023, paying €1.1 million to IBM to remediate the legitimate licence shortfall on the three previously unmeasured hosts. This amount represented the actual cost of the licences and back-maintenance for the real shortfall — not IBM's inflated full-capacity claim. The saving of €3.0 million against IBM's opening position was achieved through forensic methodology challenge, evidence-based counter-calculation, and experienced negotiation.

Alongside the financial settlement, Redress delivered a full ILMT remediation programme: all 14 IBM product instances are now monitored under a correctly scoped and continuously updated ILMT deployment, with quarterly audit snapshots scheduled and retained in line with IBM's two-year evidence requirement. The client's IT asset management team received formal ILMT operating procedures and a monitoring dashboard to flag any future scope gaps before they become audit exposure.

Ongoing IBM Licence Governance

Following the engagement, the client retained Redress on an annual IBM licence governance retainer. This covers a bi-annual ILMT health check, proactive licence position review ahead of any IBM renewal or Passport Advantage contract discussion, and an advisory brief whenever IBM proposes product migrations — a common vector through which IBM attempts to reset sub-capacity eligibility or introduce less favourable licence metrics.

The client's Head of IT Procurement summarised the engagement: "We went into the IBM audit assuming we were largely at fault and that paying a significant sum was inevitable. Redress showed us that IBM's methodology had material errors and that the actual shortfall was a fraction of what we had been told. The savings more than covered the cost of independent advice many times over."

Key Lessons from This Engagement

Several patterns in this case recur across the IBM audits Redress manages each year. IBM's auditors routinely apply full-capacity penalties to entire estates when any ILMT gap exists, regardless of whether the gap affects every product in scope. Peak-snapshot methodology inflates apparent consumption in ways that time-weighted averaging corrects. And back-maintenance calculations almost always apply list-price rates rather than contracted discount levels unless explicitly challenged.

Organisations receiving an IBM Software Licence Verification notification should engage independent advice before submitting any data or responding to findings. IBM's audit process is calibrated to maximise settlement value from organisations that do not challenge the underlying methodology. The gap between IBM's opening claim and the defensible settlement is typically between 40% and 75% for organisations with any form of partial ILMT deployment — precisely because IBM's default assumptions are designed to be contested.