Client Background
A Toronto-based Canadian bank with approximately 12,000 employees operates across multiple divisions: retail banking, commercial lending, wealth management, and technology innovation. The institution is heavily regulated by OSFI (Office of the Superintendent of Financial Institutions) and PIPEDA (Personal Information Protection and Electronic Documents Act) and maintains strict compliance requirements around data residency, encryption, audit logging, and security posture.
The bank had been operating under a Microsoft Enterprise Agreement (EA) for seven years and was approaching renewal. The institution's historical approach to licensing had been conservative: many teams were licensed at the E5 (highest) tier regardless of actual usage patterns, creating significant "shelfware"—subscriptions paid but not actively utilised.
Challenges
The bank faced several challenges heading into the EA renewal:
- Over-licensing through lack of visibility: Finance, operations, and many support teams were on E5 licences but primarily used email and basic productivity tools. The bank had no systematic way to measure actual adoption of premium features (Power BI, advanced Azure capabilities, Teams advanced features).
- No Azure cost optimisation: The bank's Azure consumption had grown 40% year-on-year, but there was no governance, tagging, or cost allocation discipline. Many development and test environments were running 24/7 unnecessarily.
- Compliance complexity: The bank's compliance teams were uncertain whether E5 licences were necessary to meet OSFI and PIPEDA requirements. They feared that reducing licence tiers would trigger audit findings.
- Weak renewal negotiation position: Without clear usage data or a competitive vendor landscape analysis, the bank's procurement team had little leverage with Microsoft.
- Fragmented management: Licensing decisions were made department-by-department rather than centrally, leading to inconsistency and opportunity loss.
Our Approach
Redress Compliance engaged with the bank on a three-month advisory engagement covering five streams:
1. Usage Analytics & Licence Assessment
We deployed usage telemetry collection across the bank's Microsoft ecosystem (Office 365, Teams, Power BI, Dynamics 365, Azure) and analysed adoption patterns at the user and department level. This revealed:
- 62% of E5 users never accessed premium Power BI or advanced Teams features.
- 34% of Azure resources were idle (test/dev environments) or severely underutilised.
- Email and basic productivity (Office, OneDrive) were the primary use cases for 70% of the user base.
2. Compliance Mapping
We reviewed OSFI and PIPEDA requirements and mapped them to Microsoft feature sets. We confirmed that E5 licenses were not explicitly required for compliance; rather, specific security and audit capabilities (Advanced Threat Protection, eDiscovery, audit logging) could be achieved through lower-tier E3 licences plus targeted add-ons (such as Azure AD Premium P2, Advanced Threat Protection).
3. Right-Sizing Recommendation
Based on usage data and compliance requirements, we recommended a tiered approach:
| User Segment | Original Licence | Recommended Licence | Rationale |
|---|---|---|---|
| Executive & Development Teams | E5 | E5 | Heavy Power BI, advanced automation, and Azure usage. Maintain E5. |
| Finance, HR, Operations | E5 | E3 + ATP + ADP P2 | Core productivity + compliance features. ATP covers advanced threat protection; ADP P2 covers advanced audit. |
| Retail Banking, Branch Staff | E5 | Business Standard | Email, Teams, and basic Office. No advanced analytics or security features required. |
| Contractors & Consultants | E3 | Business Essentials | Reduce to web-only Office and core collaboration. Reduces cost and security surface area. |
4. Azure Cost Optimisation
In parallel, we worked with the bank's cloud team to optimise Azure spend through:
- Tagging all resources by cost centre and environment.
- Implementing automated shutdown for non-production environments outside business hours.
- Rightsizing over-provisioned VMs based on actual utilisation metrics.
- Consolidating redundant storage accounts and databases.
5. Renewal Negotiation Strategy
Armed with usage data and a clear right-sizing model, we developed a negotiation strategy that positioned the bank as a sophisticated buyer with alternatives, leading to a competitive renewal offer.
Detailed Actions and Results
Licence Right-Sizing Results:
- Reduced E5 licences from 3,200 to 1,400 (56% reduction in E5 seats).
- Shifted 1,600 users to E3 + compliance add-ons.
- Shifted 800 users to Business Standard (lower-cost tier).
- Shifted 300 contractors to Business Essentials.
- Annual recurring licence cost reduction: CAD 1.8 million (28% of base licensing).
Azure Cost Optimisation Results:
- Implemented cost governance and tagging across 850+ Azure resources.
- Eliminated idle resources and archived unused storage: CAD 140,000 annual savings.
- Rightsize VMs and storage: CAD 320,000 annual savings.
- Automated non-production shutdowns: CAD 180,000 annual savings.
- Total Azure cost reduction: CAD 640,000 (18% of Azure spend).
Negotiation Results:
- Secured a three-year EA renewal (vs. traditional one-year) with 12% discount on base pricing due to competitive positioning and volume commitments.
- Included anti-true-up clause, ensuring no surprise charges for exceeding committed usage.
- Added flexible downgrades for new employees (allowing step-down from E5 to E3 if usage data confirms lower usage patterns).
Total Three-Year Savings:
- Licence right-sizing: CAD 5.4 million
- Azure optimisation: CAD 1.92 million
- Renewal discount & terms: CAD 2.1 million (vs. projected renewal cost)
- Total three-year savings: CAD 9.42 million (22% vs. baseline renewal cost)
- Annualised savings: CAD 3.14 million
Outcome and Impact
The engagement delivered measurable outcomes across three dimensions:
Financial: CAD 9.42 million in three-year savings with sustainable cost discipline going forward.
Operational: Implemented governance processes for ongoing licence management, including quarterly usage reviews and cost attribution by department. Finance now has clear visibility into Microsoft spend and can tie costs to business units.
Compliance: Documented mapping between OSFI/PIPEDA requirements and Microsoft capabilities. The compliance team gained confidence that the right-sized licence portfolio maintains security and audit requirements, reducing regulatory risk and freeing the team to focus on broader information security initiatives.
Governance Framework Delivered
Beyond immediate cost savings, Redress Compliance established a governance framework that the bank can maintain internally:
- Quarterly Licence Review: Process to review actual usage and trigger licence tier adjustments as business needs evolve.
- Cost Allocation Dashboard: Finance dashboard tracking Microsoft spend by department, enabling accountability and cost optimisation discussions.
- Azure Cost Management Policy: Documented policies for resource tagging, cost attribution, and approval workflows for new cloud consumption.
- Compliance Tracking: Alignment matrix documenting which Microsoft features/capabilities satisfy which regulatory requirements.
Key Lessons for Financial Services CIOs
1. Audit your usage before renewal. Many financial institutions over-licence due to lack of visibility, not regulatory requirements. Conduct a thorough usage analysis 6-9 months before EA renewal to quantify actual adoption and identify right-sizing opportunities.
2. Separate compliance from over-licensing. Compliance requirements often don't map 1:1 to the highest licence tier. Work with compliance and security teams to understand exactly which features are required. Often, lower tiers plus targeted add-ons satisfy regulatory requirements at lower cost.
3. Optimise cloud spend alongside licensing. Microsoft EAs typically include cloud credits, but many organisations don't optimise Azure consumption. Implementing cost governance and rightsizing can yield 15-25% Azure savings without service degradation.
4. Build negotiation leverage through data. Microsoft sales engage more seriously when they see a customer has conducted thorough analysis and understands the competitive landscape. Usage data, right-sizing recommendations, and clear alternatives all strengthen your renewal position.
5. Establish ongoing cost discipline. Once you've right-sized, implement quarterly or semi-annual reviews to ensure licences remain aligned with actual usage. As business needs and team sizes shift, licence assignments can drift; regular reviews prevent creep.
Want similar results? Get independent analysis of your Microsoft EA and cost optimisation opportunities.
Buyer-side advice only. No vendor relationships. Real numbers, real options.
Related Resources
Get insights on enterprise software licensing and negotiation
Subscribe to the Redress Compliance newsletter for independent analysis of vendor negotiations, contract terms, and cost optimisation strategies.