IBM Audit Defence: UK Mining Group Closes £3.6M IBM Licensing Claim

The Challenge

A UK-listed mining and resources group—anonymised here as "a leading global resources operator"—operates approximately 6,200 employees across asset-heavy operations in the United Kingdom, South Africa, and Chile. The group's core IT infrastructure relies heavily on IBM middleware and data management platforms: IBM Maximo for asset and maintenance management across multiple mine sites, IBM Db2 for operational data warehousing, and IBM Cognos for group-wide financial consolidation.

Eighteen months prior to the audit, the group completed a significant M&A transaction acquiring a Chilean mining asset. The integration project prioritised operational stability and accelerated production ramp-up, but IBM licensing for the new Chilean sites was not provisioned during the integration phase. The software had been deployed across three new Chilean mine locations running IBM Maximo and Db2, but the licensing team had not captured these deployments in the group's existing IBM contracts.

IBM's Software Asset Management (SAM) team initiated an unannounced review in Q4 2025, triggered by a third-party tip-off regarding the undeclared Chilean deployments. The audit team issued a preliminary claim totalling £3.6M, structured around two primary audit findings:

• IBM Maximo Application Point undercounting: IBM asserted that the Chilean sites represented three additional "production environments," each requiring a higher tier multiplier (3.0x vs. the group's existing 1.0x tier agreement), resulting in a claimed shortfall of £2.2M.
• Undocumented Db2 deployments: IBM identified multiple undeclared instances of IBM Db2 running at the Chilean locations, claiming an additional £1.4M in licensing exposure.

The group's in-house licensing team lacked visibility into deployment details at remote mine sites (limited bandwidth and security protocols restricted IT systems access) and had no independent means to validate IBM's Application Point methodology or counter the claim.

The Approach

Redress Compliance engaged with the group to execute a three-phase response strategy:

Phase 1: ILMT Retroactive Deployment (Weeks 1–4)

The first priority was establishing an independent, auditable baseline of all IBM software deployments across all seven mine sites—UK, South Africa, and Chilean locations. Redress coordinated with the group's infrastructure team to deploy IBM License Metric Tool (ILMT) agents retroactively on all systems, with historical telemetry collection dating back to the integration point.

Deploying ILMT into remote mine environments presented significant logistical challenges: limited IT staff on-site, intermittent network connectivity, and strict physical security protocols. Redress worked directly with site managers and IT contractors to schedule agent installation during scheduled maintenance windows, ensuring minimal operational disruption to production assets.

Within 8 weeks, ILMT was collecting live usage data from all 7 mine sites across the three countries. This independent data layer became the foundation for the audit response, providing objective evidence of what software was actually installed, running, and how frequently it was accessed.

Phase 2: Methodological Challenge to Maximo Tier Multiplier (Weeks 5–10)

IBM's claim rested on the assertion that each new Chilean production mine required a 3.0x tier multiplier under the "production environment" classification in IBM's Maximo pricing model. Redress conducted a detailed review of the group's existing IBM contracts and IBM's published Application Point methodology documentation.

The analysis revealed a critical error in IBM's calculation: IBM had applied the 3.0x production multiplier based on the geographic location and asset criticality of the new Chilean sites, but the group's existing ELA defined production multipliers based on software release cycles and IT governance classification. Under the contract's actual terms, the Chilean deployment was operationally equivalent to the group's UK and South African sites—all running the same Maximo release, the same patch cadence, and the same operational governance model.

Redress prepared a detailed technical memo challenging IBM's tier calculation, supported by ILMT evidence showing deployment patterns identical to the existing estate. The memo demonstrated that IBM had overcounted Application Points by applying a 3.0x multiplier where the contract's methodology supported only a 1.0x multiplier—eliminating £2.2M of the original £3.6M claim.

Phase 3: Db2 Entitlement Review & ELA Restructure (Weeks 11–12)

The remaining £1.4M claim related to undocumented Db2 instances at the Chilean sites. ILMT data confirmed the Db2 deployments were real, but Redress's contract review identified that the group's existing IBM Data Management Agreement (part of the broader enterprise licensing agreement) included unlimited Db2 deployment rights across all operating divisions. The group's licensing team had never exercised this entitlement across the Chilean asset—an administrative gap, not a contractual violation.

Rather than contest the Db2 audit finding, Redress restructured the group's ELA to explicitly document the Db2 entitlements already included in the existing agreement, simultaneously consolidating the Maximo challenge and negotiating a 3-year renewal at 16% below IBM's standalone pricing for the Chilean sites. This unified settlement approach resolved both audit findings in a single, binding amended ELA.

The Outcome

The restructured ELA settlement achieved the following:

• £3.6M claim closed to £0: The Maximo tier multiplier challenge eliminated £2.2M; the Db2 entitlement clarification resolved the remaining £1.4M.
• ILMT deployed across 7 mine sites in 3 countries within 8 weeks: The group gained independent visibility into its entire IBM estate, enabling future compliance audits to proceed on a factual, not assumption-based, footing.
• New 3-year global ELA at 16% below IBM's standalone offer: The amendment consolidated Maximo, Db2, and Cognos into a unified agreement covering all three geographic regions, with volume-based pricing that reflected the group's full committed consumption across all sites.
• Audit immunity for the integration period: The amended agreement explicitly documented retroactive entitlements dating back to the acquisition date, closing any contractual ambiguity around the Chilean asset integration.

Key Takeaways

1. ILMT is non-negotiable in audit defence. Remote or distributed IT environments create gaps between what IT teams believe is deployed and what's actually running. ILMT fills that gap with objective data that audit teams cannot dispute. In this case, ILMT was deployed retroactively and still provided sufficient historical telemetry to establish the factual baseline.

2. Contract language matters more than vendor interpretations. IBM's claim rested on a specific interpretation of "production environment" that did not align with the group's actual contract terms. A detailed contract review, paired with technical evidence, can expose vendor calculation errors worth millions. Redress's methodology challenge eliminated 61% of the original claim.

3. Entitlement consolidation can turn audit exposure into commercial advantage. Rather than fighting the Db2 finding, Redress reframed it as an opportunity to consolidate dispersed IBM agreements into a single, volume-optimized ELA. The restructure resulted in a 16% discount on renewal pricing—converting a potential loss into a win.

4. Integration timelines demand licensing oversight. M&A transactions routinely defer licensing until post-acquisition integration is complete. Building IBM SAM oversight into acquisition integration checklists prevents £3M+ surprises down the line.