A leading Swedish bank faced an IBM software audit with non-compliance claims totalling SEK 140 million. Through meticulous data validation, sub-capacity licensing analysis, and expert negotiation, Redress Compliance achieved a 96% reduction — bringing the final settlement to SEK 5.6 million with zero penalties or retroactive fees.
A leading Swedish bank, known for its extensive retail and corporate banking services, was subjected to a formal IBM software audit. IBM's initial findings produced non-compliance claims totalling SEK 140 million — a figure that threatened to divert significant capital away from technology investment and regulatory compliance programmes.
The bank's vast IT infrastructure supported a range of mission-critical operations that could not tolerate disruption:
| Operational Area | IBM Dependency | Risk if Disrupted |
|---|---|---|
| Digital Banking Platforms | Online and mobile banking, customer portals, API gateways | Customer access, competitive positioning, revenue generation |
| Transaction Systems | Core banking engines, payment processing, SWIFT integration | Settlement failures, regulatory penalties, reputational damage |
| Customer Databases | CRM systems, KYC/AML platforms, customer analytics | Regulatory non-compliance, data integrity, service quality |
| Risk & Compliance | Risk modelling, regulatory reporting, fraud detection | Regulatory sanctions, financial losses, supervisory action |
IBM's audit findings alleged three primary compliance issues:
| Compliance Issue | Root Cause | IBM's Claim |
|---|---|---|
| Sub-Capacity Licensing Violations | Inconsistent ILMT deployment across virtualised banking environments | Full-capacity licensing applied where sub-capacity should have qualified |
| Cloud System Misconfigurations | Rapid cloud adoption without corresponding licence adjustments or monitoring | Unlicensed IBM software usage in cloud and hybrid environments |
| Entitlement Mismatches | Complex legacy licensing history with multiple contract generations | Gaps between deployed software and documented entitlements |
Financial institutions face heightened IBM audit risk. The banking sector's combination of complex virtualised environments, strict regulatory requirements, rapid cloud adoption, and deep IBM dependencies creates exactly the conditions that produce inflated audit claims. Banks also face additional pressure to settle quickly — regulatory scrutiny means any disruption to IT systems can trigger supervisory concern, giving IBM implicit leverage during negotiations.
Given the highly regulated nature of the Swedish financial industry and the potential financial impact, the bank engaged Redress Compliance to address the audit and mitigate risks.
Redress Compliance deployed a structured four-phase audit defence strategy tailored to the specific regulatory and operational requirements of a Nordic financial institution.
For regulated financial institutions, the ELP serves a dual purpose: it is both the foundation of audit defence and a critical input for regulatory compliance. Swedish financial supervisors expect institutions to maintain accurate records of all technology assets and their licensing status. A well-constructed ELP not only challenges IBM's audit claims — it demonstrates to regulators that the bank has robust IT governance in place.
Armed with validated data and a defensible ELP, Redress Compliance engaged IBM's audit team directly:
| Negotiation Tactic | Details | Impact |
|---|---|---|
| Present Corrected Data | Submitted detailed evidence disproving IBM's sub-capacity calculations and entitlement mapping errors | Eliminated the vast majority of IBM's claimed financial exposure |
| Challenge Cloud Claims | Demonstrated that cloud deployment configurations were properly licensed under existing entitlements | Removed entire categories of claimed non-compliance |
| Leverage Compliance Commitment | Emphasised the bank's proactive regulatory and operational compliance efforts and long-standing IBM investment | Secured goodwill concessions on remaining disputed items |
| Challenge Ambiguous Interpretations | Identified and disputed IBM's aggressive interpretations of licensing terms, citing contract language and precedent | Reduced the settlement to forward-looking licences only |
| Metric | Before Redress | After Redress | Result |
|---|---|---|---|
| IBM Audit Claim | SEK 140,000,000 | SEK 5,600,000 | 🟢 96% reduction |
| Savings Achieved | — | SEK 134,400,000 | 🟢 SEK 134.4M saved |
| Penalties / Retroactive Fees | Risk of full penalties | $0 | 🟢 Zero penalties |
| Settlement Composition | — | New deployment licences only | 🟢 Forward-looking only |
| Banking Operations | Risk of service disruption | Zero disruption | 🟢 All systems unaffected |
| Compliance Governance | No centralised tracking | Real-time monitoring + framework | 🟢 Audit-ready going forward |
IBM's audit presented a significant financial and operational challenge, but Redress Compliance delivered exceptional results. Their expertise saved us millions and left us better equipped to manage compliance in the future. Their partnership was invaluable.
Banks share a common audit risk profile: deep IBM dependencies (mainframes, middleware, databases), complex virtualisation estates, rapid cloud adoption, and regulatory pressure that discourages prolonged disputes. IBM's audit methodology systematically exploits these characteristics. In this case, 96% of the initial claim was attributable to calculation errors, uncredited entitlements, and aggressive licensing interpretations — not genuine non-compliance. This pattern is consistent across our financial sector engagements globally.
🔗 See all IBM audit defence results: IBM Licensing Case Studies
See how we help enterprises defend against IBM audit claims globally.
Learn our proven approach to IBM, Oracle, SAP, and Microsoft audit defence
Expert guides on IBM, Oracle, Microsoft, SAP, and Salesforce licensing optimisation and audit defence
Redress Compliance has defended financial institutions across Europe, the Americas, and Asia-Pacific against multi-million IBM audit claims — consistently achieving 90%+ reductions. Our team includes former IBM employees with 200+ years of collective IBM licensing experience. We're 100% independent.