I got a call last month from a CTO I know at a mid-size logistics company. Oracle had just initiated an audit, and his team was scrambling. The compliance gap they’d uncovered in the first week was sitting at around $1.8 million in potential back-licensing fees. His exact words: “We thought we were covered. We weren’t even close.”

This isn’t an unusual story. Software licence audits have been intensifying across the Australian enterprise market over the past eighteen months, and the vendors aren’t being gentle about it. Microsoft, Oracle, SAP, and IBM have all ramped up their audit programs, and the findings consistently catch IT teams off guard.

Let me walk through what’s actually happening and what you can do about it.

Why Audits Are Increasing Now

There are a few factors converging. First, subscription and cloud transitions have created genuinely confusing licensing landscapes. When you’re running a hybrid environment — some workloads on-prem, some in Azure or AWS, some in a colocation facility — tracking what’s licensed where becomes a nightmare. Vendors know this, and they’re banking on the complexity working in their favour.

Second, economic pressure on the vendors themselves. When software companies need to hit revenue targets, audit-driven revenue is an easy lever to pull. It’s not cynical to say this — it’s documented. Gartner’s 2025 report on software auditing trends showed that audit-related revenue recovery increased 23% year-over-year for major enterprise vendors.

Third, the tools available to auditors have improved dramatically. Automated discovery tools can now scan your environment in days rather than weeks, and they’re very good at finding installations and usage patterns you didn’t know existed.

The Most Common Traps

In my experience, the same issues come up repeatedly:

Virtualisation licensing confusion. This is Oracle’s favourite hunting ground. If you’re running Oracle databases on VMware, the licensing implications are different than you probably think. Oracle’s position is that you need to license every physical core that could potentially run the workload, not just the cores actually assigned to the VM. That one interpretation has generated billions in audit findings globally.

Indirect access to SAP. If your customers interact with a system that reads from or writes to SAP — even through a middleware layer — SAP may argue those users need licences. The “indirect access” definition has been refined over the years, but it still catches companies out.

Microsoft licence mobility gaps. Moving workloads to Azure doesn’t automatically mean your existing licences follow. The rules around Software Assurance, Azure Hybrid Benefit, and licence mobility across server farms are specific and easy to get wrong.

Shadow deployments. Developers spinning up test environments, teams installing desktop software outside of official channels, legacy servers that nobody decommissioned — these all create compliance exposure.

Building an Audit Defence Strategy

Here’s what I tell every IT leader I work with: don’t wait for the audit letter. The time to prepare is now.

Run your own internal audit first. Use a software asset management (SAM) tool to get a complete picture of what’s installed across your environment. Tools like Snow Software, Flexera, and ServiceNow’s SAM module can all do this. The investment pays for itself the first time it prevents an audit surprise.

Appoint a licence compliance owner. This should be someone’s actual job — or at least a clearly defined part of their role. Not a side task that gets forgotten. They need to understand your major vendor agreements inside and out.

Document everything. Keep records of every licence purchase, every true-up, every migration. When an auditor arrives, the burden of proof is effectively on you. If you can’t demonstrate compliance, the vendor’s interpretation prevails.

Get independent legal advice before engaging with the auditor. This is critical and often overlooked. The audit letter will usually come with a tight timeline and an implied sense of urgency. Don’t respond in panic. Engage a lawyer who specialises in software licensing — there are several good firms in Australia that do this — and let them manage the communication.

Negotiate the scope. Auditors will often try to expand the scope of an audit beyond what’s contractually required. Know your audit clause. If your contract says they can audit once per year with 30 days’ notice, hold them to it.

During the Audit

Stay calm. Be professional. Provide what’s required and nothing more.

Don’t let auditors have unsupervised access to your systems. Don’t let them install their own discovery tools without understanding exactly what data those tools collect. And don’t agree to any findings on the spot — take everything in writing and review it with your legal and SAM teams.

I’ve seen companies negotiate audit findings down by 60-70% simply by challenging the vendor’s interpretation with solid documentation and legal backing. The initial finding is almost always the vendor’s most aggressive position. It’s a negotiation starting point, not a final number.

The Uncomfortable Truth

Most Australian enterprises are non-compliant with at least one major software vendor right now. That’s not because IT teams are reckless — it’s because the licensing models are deliberately complex, change frequently, and don’t align with how modern infrastructure actually works.

The vendors have no incentive to make this simpler. Their revenue model depends, in part, on the gap between what you think you’re licensed for and what their interpretation says.

Your best defence is knowledge, documentation, and a willingness to push back. An audit doesn’t have to be a disaster. But you have to prepare for it before the letter arrives.