IBM Audit Defence: Singapore Telecommunications Group Reduces $18.4M Exposure to $2.1M

The Challenge

The client — a major telecommunications group headquartered in Singapore, operating across Southeast Asia with approximately 9,000 employees — had used IBM middleware products for more than a decade. The estate spanned IBM WebSphere Application Server, IBM MQ, IBM DB2, and IBM Cognos Analytics, all running across a virtualised VMware infrastructure.

In Q2 2024, the client received formal notification from IBM's Software Compliance team initiating a Software Compliance Review (SCR). The scope letter cited all IBM Passport Advantage agreements active in the prior four years and requested a full self-declaration of IBM software deployments within 60 days.

Three Compounding Exposure Drivers

ILMT Coverage Gaps: IBM's License Metric Tool (ILMT) — the mandatory tool for sub-capacity licensing on virtualised environments — had been partially deployed across only 64% of the server estate. Servers without ILMT agents were not eligible for sub-capacity Processor Value Unit (PVU) pricing. IBM's initial calculations applied full-capacity physical-server PVU counts to the uncovered 36%, producing a dramatically inflated demand. A VMware host running 48 physical cores was priced at 48 cores even if the IBM software partition consumed only 6 virtual CPUs.

Disputed Sub-Capacity Eligibility: IBM's auditors challenged the sub-capacity eligibility of several VMware clusters on the grounds that ILMT quarterly reports had gaps in continuity. Under IBM's sub-capacity terms, organisations must produce and retain ILMT reports quarterly without interruption. Missing quarterly reports for three clusters spanning two years meant IBM argued those clusters had never validly elected sub-capacity licensing and should be priced at full capacity for the entire audit period.

Retroactive Support Uplift: IBM also included $3.2M in retroactive support and maintenance charges. The client had allowed support on several legacy IBM WebSphere and DB2 licenses to lapse when it migrated workloads to newer platforms. IBM's position was that lapsed support triggered a reinstatement fee at current list price, calculated retroactively to the lapse date. IBM's reinstatement formula — calculated at 100% of the lapsed support value compounded annually — produced charges that bore no relation to the actual usage of the platforms during the lapsed period.

The Approach

Redress Compliance was engaged within three weeks of the SCR notification. The engagement was structured in three parallel workstreams: technical remediation, entitlement reconstruction, and negotiation strategy.

Technical Remediation: Restoring ILMT Coverage

The first priority was stopping the bleeding. Redress's IBM licensing specialists worked with the client's infrastructure team to deploy ILMT agents across the 36% of the server estate that lacked coverage. This remediation was completed within six weeks and immediately established valid sub-capacity data going forward. Critically, Redress argued — and IBM's auditors eventually accepted — that prospective ILMT compliance should be a mitigating factor in calculating historic exposure, particularly for servers where there was no evidence of IBM software running beyond licensed capacity.

A forensic review of server build records, hypervisor configuration logs, and change management tickets was conducted to reconstruct the actual deployment history for the uncovered servers. For 19 of the 34 disputed servers, the client's operations team was able to produce contemporaneous evidence demonstrating that IBM software had either not been deployed or had been decommissioned before the claimed exposure period began. This reduced the uncovered footprint subject to full-capacity pricing from 34 servers to 15.

Entitlement Reconstruction: Building the Effective License Position

IBM's audit scope covered four years of Passport Advantage agreements. Redress undertook a full entitlement reconstruction, gathering all purchase orders, Passport Advantage account statements, upgrade credits, and ELA entitlements. Several entitlement pools had not been correctly registered against the deployed products in IBM's own records. Two ELA amendments granting additional PVU entitlements for WebSphere and MQ had expired but their entitlements remained valid for the periods in which they were active — IBM's initial claim had treated these as zero, artificially widening the compliance gap.

The entitlement reconstruction also identified that the client held unused IBM DB2 Advanced Enterprise Server Edition licenses sufficient to cover a portion of the disputed DB2 capacity exposure. IBM's auditors had scoped the review to specific product lines and had not cross-checked the entitlement portfolio as a whole. Applying the correct entitlement mapping reduced the DB2 exposure component by $2.7M.

Negotiation Strategy: Structuring the Settlement

With the technical and entitlement workstreams complete, Redress prepared a formal rebuttal to IBM's compliance findings. The rebuttal presented: a revised Effective License Position showing a genuine compliance shortfall of approximately $2.1M (primarily in MQ on three clusters with confirmed ILMT continuity gaps); evidence that IBM's retroactive support reinstatement charges were contractually unsupported under the client's specific Passport Advantage terms; and a prospective IBM Cloud Pak for Integration commitment as commercial offset against the residual exposure.

IBM's ISLM (Identified Software License Management) team accepted the revised ELP after two rounds of review. The retroactive support reinstatement demand of $3.2M was withdrawn entirely on the basis of contractual language that limited reinstatement charges to a maximum of 12 months of lapsed support fees — not the multi-year compound calculation IBM had initially applied. The final settlement of $2.1M reflected the genuine MQ compliance shortfall, satisfied through a combination of new license purchases and a three-year IBM Cloud Pak for Integration agreement at aggressively negotiated pricing.

The Outcome

The final settlement of $2.1M against an opening claim of $18.4M represented an 88.6% reduction in liability. The client's IT procurement director described the result as "transformational" — IBM's initial demand, if accepted without challenge, would have forced an unbudgeted spend that would have consumed the entire IT department's discretionary budget for the following year.

Financial Outcome

The $16.3M reduction was achieved through four mechanisms: entitlement reconstruction recovered $5.1M by mapping unused license pools; server decommissioning evidence eliminated full-capacity pricing from 19 servers ($4.8M); contractual challenge removed the $3.2M support reinstatement demand; and ILMT remediation reduced the remaining PVU gap by $3.2M. The residual $2.1M was a genuine shortfall settled through new commercial agreements at negotiated pricing.

Structural Improvements

Beyond the financial settlement, the engagement produced three durable improvements. ILMT was deployed across 100% of the server estate with automated quarterly reporting, eliminating future sub-capacity risk. An entitlement register in ServiceNow mapped all Passport Advantage licenses to deployed products with automated capacity alerts. A pre-audit playbook was documented and tested, enabling the client to respond to any future IBM SCR within five business days.

Commercial Position

The Cloud Pak for Integration agreement provided expanded middleware licensing at 34% below IBM's standard enterprise rate — converting a compliance liability into a commercial transaction that advanced the client's existing technology roadmap.