Introduction: What Are Contract Red Lines and Why They Matter

A contract red line is a clause that an enterprise buyer cannot accept as written—it either must be negotiated out, significantly modified, or explicitly refused. These are the provisions that create asymmetrical risk, expose your organisation to unlimited liability, or hand vendors unilateral control over pricing, scope, or termination.

The problem is simple: vendors draft contracts to maximise their own protection and flexibility. They build in rights to raise prices without notice, audit your systems without limits, modify product capabilities without consent, and auto-renew unless you jump through specific hoops. Most enterprise buyers never negotiate these clauses at all, which means they accept terms that would never survive a five-minute review by a competent procurement lawyer.

In this guide, we cover the 12 most dangerous contract red lines we see across Oracle, SAP, Microsoft, Salesforce, IBM, Broadcom, ServiceNow, AWS, and the rest of the enterprise software market. For each red line, we explain what vendors are trying to do, why it matters to your bottom line and operational freedom, and how to negotiate your way out of it without killing the deal.

Red Line 1: Unilateral Price Increase Rights

This is the most common and most expensive red line. Approximately 68% of enterprise software contracts contain a clause that gives vendors the unilateral right to raise your renewal price without limit, without notice, or with only 30 days' notice.

The typical language reads: "Vendor may increase fees annually at its sole discretion, not to exceed X%." Sometimes X% is undefined. Sometimes it's 5%, 10%, or even 20%. What this means is that every renewal becomes a renegotiation whether you want it or not.

The perpetual-to-subscription conversion model has created the most aggressive price increase environment in enterprise software history. Support costs for former perpetual customers have risen 3–5× in a single renewal cycle.

Broadcom's VMware transition from perpetual licensing to subscription pricing in 2024 is the most visible example: thousands of enterprises saw their support costs increase 3–5× overnight. Vendors justify these increases by claiming inflation, new features, or "market recalibration." In reality, they're exploiting switching costs and customer lock-in.

What to demand: Either a hard price cap (e.g., "fees may increase no more than 3% per year") or an automatic Most Favored Nations (MFN) clause that ties your renewal prices to the best rate available to other similarly-situated customers. At minimum, demand 90 days' notice before any price increase takes effect, with an explicit right to terminate if you reject the increase.

If the vendor refuses a hard cap, negotiate for a basket: no increase in Year 1, no more than 3% in Year 2, no more than 5% in Year 3. Lock in three years at a time.

Red Line 2: Unlimited Audit Rights Without Notice

Enterprise software vendors retain the right to audit your systems to verify compliance with license terms. This sounds reasonable on the surface. In practice, it becomes a weapon.

Problematic audit clauses typically allow the vendor to:

  • Audit your systems at any time with minimal notice (48 hours, or none at all)
  • Conduct unlimited audits within a 12-month period
  • Charge you for the cost of the audit, regardless of whether they find anything
  • Use third-party auditors without your approval of their methodology
  • Demand access to your source code, configuration files, or customer data to verify license compliance

This creates operational disruption, security risk, and financial exposure. Even if you're in full compliance, an aggressive audit can cost $50,000 to $500,000 in internal resources, third-party advisors, and system access coordination.

What to demand: Enforce these controls on every software audit: (1) minimum 30 days' written notice; (2) no more than one audit per 12-month period unless a prior audit revealed material underpayment (defined as >15% of fees paid); (3) you choose the time, location, and scope within reason; (4) vendor pays all audit costs unless material underpayment is found (>15%); (5) vendor signs a strict confidentiality and data security agreement covering any data accessed during the audit; (6) you retain the right to have your own advisor present throughout the audit process.

Red Line 3: Uncapped Liability for IP Infringement

Most enterprise contracts contain mutual caps on liability—both parties limit their exposure to fees paid, with a few carve-outs. IP infringement liability (the vendor's warranty that the software doesn't infringe third-party patents or copyrights) is one of those carve-outs, and vendors often leave it uncapped.

This is actually one area where uncapped liability makes sense from your perspective. If a vendor is sued for patent infringement and loses, and your company is named in the suit, your damages could exceed the software fees by orders of magnitude. You need the vendor to carry the full insurance risk for their code.

However, vendors have learned to narrow their indemnification obligations: they'll agree to defend you, but only if you notify them in writing within 30 days of receiving a claim. They'll agree to defend you, but only against third-party claims, not internal exposure. They'll agree to defend you, but will immediately settle to minimise their exposure, leaving you vulnerable to secondary claims.

What to demand: Insist on these provisions: (1) vendor's IP indemnity is uncapped and survives contract termination for the statute of limitations period; (2) vendor's obligation to indemnify arises on your written notice, but notice can be given within 90 days (not 30) if you didn't know about the claim immediately; (3) vendor must defend you at its expense and controls the defence, but you have the right to participate with counsel of your choice at vendor's expense; (4) if the software becomes, or in vendor's opinion is likely to become, subject to an IP claim, vendor must either obtain the right for you to continue use, replace the software with non-infringing alternatives, or permit termination without penalty.

Red Line 4: Auto-Renewal Without a Clear Opt-Out Window

Evergreen or auto-renewal clauses are standard in SaaS contracts, but they create a dangerous trap: if you miss the renewal cancellation deadline by even one day, you're automatically renewed for another year, and you're liable for the entire renewal fee.

Vendors set cancellation deadlines at the worst possible times—often 60–90 days before renewal, during fiscal year-end or budget freeze periods when legal and procurement teams are overwhelmed. Missing the deadline by a single day means you're locked in for another year, often at a price you haven't negotiated yet.

What to demand: (1) Minimum 90-day cancellation notice window before auto-renewal takes effect. Ideally, 120 days. (2) Explicit written notice to at least three people in your organisation 45 days before the cancellation deadline. (3) No auto-renewal if you've initiated renewal negotiations in good faith but haven't reached agreement 60 days before the renewal date. (4) Right to terminate without penalty if the vendor attempts to auto-renew at a price increase >10% without your prior written acceptance.

Red Line 5: No Data Portability on Termination

When you terminate a SaaS contract, the vendor owns the data you created. They may allow you to export it, but on their terms: limited timeframe (often 30–60 days post-termination), proprietary format, degraded data quality, or structured in a way that's hard to migrate to a competitor.

This is vendor lock-in by design. They know that if your data is easy to export and migrate, you're more likely to switch. So they make the export process difficult, slow, or expensive.

What to demand: (1) Right to extract all data in machine-readable, standard format (CSV, JSON, XML, SQL dumps) within 90 days post-termination. (2) Data must be complete, accurate, and unmodified. (3) No degradation of data quality or obfuscation to make migration harder. (4) Vendor must provide export functionality at no additional cost. (5) Right to access data read-only for 180 days post-termination if you need time to migrate.

Red Line 6: Vendor's Right to Modify Product Scope

SaaS vendors reserve the right to deprecate features, retire products, or fundamentally change the platform. The contract might say "vendor may modify the services in its sole discretion," or "vendor may retire features with 90 days' notice." This seems innocuous until the vendor retires the exact feature you're using.

Salesforce has done this repeatedly—retiring Einstein features, changing pricing for specific modules, and deprecating integrations. Workday has deprecated reporting tools that customers relied on. ServiceNow has sunsetted entire product lines.

What to demand: (1) Vendor may not retire or materially degrade features that are described in the contract and upon which your use case depends without 180 days' prior notice and your written consent. (2) If vendor retires a material feature, you have the right to terminate the contract without penalty within 30 days of the retirement notice. (3) "Material" means used in more than 10% of your active transactions or by more than 20% of your users. (4) Vendor cannot change pricing for specific modules or features mid-term without your consent.

Red Line 7: IP Ownership of Customisations

When a vendor implements their software for you, or you hire a consultant to customize it, who owns the code? This is rarely clarified in contracts, and it creates problems later.

Vendors will claim they own all customisations, "enhancements," or "derivatives" because they were built on the vendor's platform. This means you cannot use the customisation if you switch vendors. You cannot reuse it across your organisation. You cannot share it with other team members unless they're also licensed.

What to demand: (1) You own all customisations, configurations, and data created on the vendor's platform, subject to the vendor's intellectual property in the base platform. (2) You have the right to use customisations across your entire organisation, on all licensed instances, with all licensed users. (3) If you hire the vendor or a consultant to build customisations, the customisation IP belongs to you, not the vendor. (4) You have the right to access the source code for customisations (if applicable) and move it to another instance or vendor if you choose.

Red Line 8: Bundled-SKU Restrictions

Broadcom's move to bundled licensing in 2024 is the worst recent example: customers could no longer buy individual products. They had to buy bundles containing products they didn't want or need. This forces you to pay for scope you don't use and blocks de-scoping strategies.

SAP, Oracle, and Microsoft all use bundling as a pricing tactic. A single renewal might force you to upgrade entire user classes even though you don't need the upgrade.

What to demand: (1) Right to purchase specific modules or features individually, not bundled. (2) Right to de-scope unused modules during the contract term, with credits applied to your renewal. (3) If the vendor moves to bundled-only licensing, you have the right to terminate without penalty and negotiate a transition period. (4) Clear mapping of what's included in each bundle, with the ability to opt-out of specific components.

Red Line 9: Indemnification Asymmetry

Vendors cap their own liability to fees paid but demand unlimited indemnification from you for misuse of the software, violations of intellectual property laws, or breach of the agreement. This is asymmetrical and unfair.

A typical asymmetrical clause: "Vendor limits its liability to fees paid. Customer indemnifies Vendor for any claim arising from Customer's use of the Services, regardless of amount or cause."

What to demand: (1) Mutual indemnification obligations with the same caps and carve-outs. (2) Your indemnification obligation applies only to third-party claims arising from your use of the software in violation of the agreement, not to general use. (3) You're not liable for claims arising from the vendor's breach, negligence, or infringement. (4) Caps on indemnification should match the liability cap, except for IP indemnification, which can remain uncapped.

Red Line 10: Support Tier Downgrade Rights

Vendors often retain the right to downgrade your support level without your consent. A clause might read: "Vendor reserves the right to change support offerings with 30 days' notice." This means your Premium support could be downgraded to Standard, and your response times could increase from 1 hour to 4 hours.

What to demand: (1) Your support tier is locked for the contract term. (2) Vendor cannot downgrade your support level without your written consent. (3) If vendor changes support offerings, you can upgrade at no additional cost. (4) If vendor discontinues your specific support tier, you have the right to maintain it at the current price for the remainder of the contract term, or upgrade to an equivalent tier at no additional cost.

How to Negotiate Red Lines Without Killing the Deal

The key to successful red-line negotiation is understanding what's truly negotiable and what isn't. Vendors have internal rules: some clauses are truly locked down, approved by corporate legal, and non-negotiable with any customer. Others are just the vendor's opening position, and there's room to move.

Start with your must-haves. Identify the 3–4 red lines that are most critical to your risk tolerance. For Broadcom, that might be the price increase cap. For Salesforce, that might be the data portability and feature deprecation clauses. For AWS, it's the consumption billing transparency and true-up provisions.

Then propose a trade. Vendors love trades. You might say: "We'll accept your audit clause as drafted if you give us the 90-day notice period and the one-per-year limitation." Or: "We'll agree to auto-renewal if you lock pricing for three years." Trades work because they give the vendor something they want (operational simplicity, reduced support burden, faster deal closure) in exchange for something you need (financial certainty, operational control, risk mitigation).

Get escalation early. Most account executives have limited authority to negotiate contracts. They can approve small changes, but large carve-outs need approval from regional management or corporate legal. Identify the decision-maker early and get them on a call. Often, a 30-minute conversation with the vendor's legal team will reveal which issues are truly negotiable.

Need independent advice on your enterprise software contracts?

500+ engagements. Redress Compliance advisors have seen every vendor tactic.
Talk to an Advisor →

Conclusion: Red Lines Save Money and Protect Your Organisation

Every major red line you successfully negotiate saves money and operational risk. A 3% price cap vs. unlimited increases saves roughly 2–5% on every renewal. A data portability guarantee reduces switching costs and increases your leverage in future negotiations. A material change right to terminate protects you against feature deprecation.

The vendors who refuse to negotiate red lines often do so because their standard terms have never been challenged. Enterprise buyers routinely accept terms they shouldn't, which creates a market precedent that bad clauses are acceptable. By negotiating red lines early and often, you shift the market toward fairer terms for everyone.