How Redress Compliance reduced a $200 million IBM licensing audit exposure to a $1.2 million settlement — a 99.4% reduction — for a top-tier New York financial institution through pre-audit assessment, ILMT remediation, entitlement reconstruction across historic acquisitions, and structured negotiation with IBM’s audit and commercial teams.
Significant reduction in IBM audit exposure
Want similar results with your IBM audit?
$200M+ exposure reduced to $1.2M settlement
A top-tier financial institution headquartered in New York, serving global banking, investment management, and asset management clients, was notified by IBM in early 2023 of an upcoming licence compliance audit. The institution operated a massive technology environment featuring IBM products including DB2, MQ, WebSphere, ILMT, and various mainframe components, deployed across global data centres and virtualised platforms spanning multiple continents.
While the institution had a mature IT and procurement organisation, its IBM licensing model had evolved over time through multiple acquisitions, infrastructure transformations, and organisational restructurings. The resulting licensing landscape was a complex web of legacy entitlements, overlapping contracts, and deployment configurations that had drifted from their original licensing basis. The institution suspected there were blind spots in its compliance position and made the strategic decision to proactively engage Redress Compliance to prepare for and manage the audit before IBM’s auditors arrived. For context on how we approach these engagements, see our IBM audit defence service.
That decision proved transformative. Redress’s pre-audit assessment revealed an initial licensing exposure exceeding $200 million, driven primarily by the assumption of full-capacity licensing in virtualised environments where IBM’s License Metric Tool (ILMT) was missing or misconfigured. Through a combination of technical remediation, entitlement reconstruction, and structured negotiation, Redress reduced the effective shortfall to $3 million before negotiations began, and ultimately settled the audit for just $1.2 million, a 99.4% reduction in total exposure.
Top-tier New York firm, global banking, investment and asset management, data centres across multiple continents
DB2, MQ, WebSphere, ILMT, mainframe components across virtualised and physical infrastructure
Incomplete ILMT coverage triggered full-capacity pricing, inflating shortfall by an order of magnitude
Pre-audit assessment revealed catastrophic potential without intervention
Decades of IBM software embedded in critical financial infrastructure
The institution is one of the largest financial services firms in the United States, with operations spanning commercial banking, investment banking, asset management, custody services, and capital markets. Its technology estate is correspondingly large, supporting real-time trading systems, risk management platforms, regulatory reporting frameworks, client-facing portals, and the back-office processing infrastructure that moves billions of dollars daily.
IBM software has been embedded in the institution’s technology stack for decades. The relationship stretches back to the era of mainframe computing. Over time, the IBM footprint expanded to include middleware (WebSphere Application Server, MQ Series), database platforms (DB2), monitoring and automation tools, and mainframe components that continue to power core banking functions. The institution’s IBM software estate was not built according to a single architectural plan. It was assembled through decades of organic growth, multiple corporate acquisitions, and successive technology transformation programmes. For a broader look at IBM licensing complexity in this sector, visit our IBM Knowledge Hub.
Financial institutions represent IBM’s highest-value audit targets for structural reasons. First, the scale of deployment is enormous. Large banks may run hundreds of IBM products across thousands of servers, with licensing entitlements spanning dozens of contracts negotiated over decades. This scale means that even small per-unit compliance gaps translate to large dollar amounts.
Second, virtualisation has created systemic sub-capacity exposure. Financial institutions were early adopters of virtualisation for disaster recovery, workload management, and cost optimisation, but many did not deploy ILMT consistently across all virtualised environments. Without ILMT, IBM reverts to full-capacity licensing, which can inflate the apparent licence requirement by 5 to 10x compared to actual usage.
Third, M&A activity creates entitlement confusion. When banks acquire other firms, the acquired entity’s IBM licences may not transfer cleanly, may be under different contract terms, or may cover products that no longer exist under those names. This entitlement fragmentation is fertile ground for IBM’s auditors.
Five interconnected exposure areas totalling $200M+
The single largest contributor. Incomplete ILMT deployment across virtualised infrastructure meant IBM could revert to full-capacity licensing, requiring the institution to licence every processor core in the physical server regardless of how much capacity IBM software actually used. For a financial institution running IBM software across large virtualised clusters with dozens of physical cores per server, the difference between sub-capacity and full-capacity pricing was 5x to 10x or more. This single issue accounted for the majority of the $200M+ initial exposure.
Multiple corporate acquisitions over the preceding decade, each bringing its own IBM licensing history. Acquired entities had their own IBM contracts, entitlement records, and deployment configurations that had never been properly reconciled. Some legacy entitlements were under contract terms that no longer existed. Others referenced product names that IBM had retired or renamed. This entitlement fragmentation meant the institution could not confidently demonstrate which licences it owned.
Several business units had independently scaled their use of IBM middleware and database products without validating licensing entitlements or consulting the procurement team. A trading desk deploys additional DB2 instances. An operations team provisions WebSphere servers. A risk management group adds MQ capacity. Each deployment consumed additional PVU/RVU capacity without corresponding licence procurement. The cumulative effect created a significant licensing gap.
The mainframe environment running z/OS, CICS, IMS was subject to IBM’s Monthly License Charge pricing calculated based on peak MSU consumption. MLC reporting was based on outdated tooling that did not accurately capture peak consumption across all LPARs, creating a gap between reported and actual usage. Some mainframe workloads had been migrated to new LPARs without corresponding licence adjustments.
The internal licensing team lacked confidence in handling a formal IBM audit without external support. Concerns about over-disclosure (providing IBM’s auditors with more data than contractually required, expanding scope), under-preparation (entering the audit without a defensible compliance position), and negotiation asymmetry (being outmanoeuvred by IBM’s specialised audit team). These concerns drove the decision to engage Redress proactively. For more on how we manage these situations, see our guide on negotiating IBM audit settlements.
The earlier you prepare, the more exposure you eliminate. Pre-audit remediation is worth 100x post-audit negotiation. See our IBM audit defence service for the full methodology.
IBM Audit Defence Service →Three-phase defence framework executed before IBM’s auditors arrived
Before engaging with IBM at all, Redress conducted a complete internal review of the institution’s IBM licensing position. This involved collecting and analysing every IBM contract and entitlement record, including those from acquired entities, historical Passport Advantage agreements, and legacy contracts predating the current procurement system.
Redress cross-referenced the entitlement inventory against actual software installations across all virtualised and physical environments, mapping every IBM product deployment to its corresponding licence metric (PVU, RVU, or MLC). The team rebuilt the institution’s Effective License Position (ELP) from the ground up, not relying on internal records that had accumulated inaccuracies over years, but reconstructing the true position from primary sources.
This ELP revealed an initial licensing shortfall exceeding $200 million. Critically, the pre-audit assessment also identified specific areas where the apparent shortfall was inflated by incorrect assumptions, areas where remediation could dramatically reduce the exposure before IBM’s auditors even entered the picture. For more on our IBM licensing assessment methodology, see the service page.
Redress collaborated with the institution’s infrastructure, application, and operations teams to implement a fast-track remediation programme targeting the highest-value exposure areas across five components:
ILMT remediation: Corrected ILMT deployments across all affected servers, ensuring the tool was installed, configured, and reporting accurately on every virtualised host running IBM software. Where retroactive sub-capacity evidence could be constructed from historical deployment data, Redress documented it. This single step eliminated the majority of the $200M exposure.
Usage reporting retrofit: For environments where ILMT had been absent, Redress worked with infrastructure teams to retroactively demonstrate sub-capacity eligibility using alternative evidence including virtualisation configuration records, capacity management logs, and workload distribution data.
Decommissioning and consolidation: Underused IBM product instances were identified and decommissioned. Where multiple installations of the same product served overlapping functions, they were consolidated onto fewer servers.
Entitlement reallocation: Licences from inactive or decommissioned environments were formally reallocated to active usage clusters, closing gaps that existed not because licences were missing but because they were assigned to the wrong infrastructure.
Audit-ready documentation: Every remediation action was documented with timestamps, before-and-after deployment data, and references to the specific contractual provisions that each action addressed.
By the time IBM’s auditors formally engaged, the effective shortfall had been reduced from $200M+ to approximately $3 million, a 98.5% reduction achieved entirely through remediation before any negotiation occurred.
With the remediation complete and the effective shortfall reduced to $3M, Redress took the lead in managing all audit interactions with IBM. The negotiation strategy was built on three principles:
Controlled disclosure: Redress responded to IBM’s audit inquiries using precise contract language and technical justifications, providing exactly the information required by the audit clause and no more. This prevented IBM from expanding the audit scope into areas beyond the original notification.
Proactive positioning: Rather than waiting for IBM to present its findings and then reacting defensively, Redress presented IBM with the institution’s complete licence remediation report at the outset. This established a cooperative but firm stance, demonstrating that the institution had taken its compliance obligations seriously.
Commercial leverage: Redress challenged IBM’s attempts to apply punitive interpretations of licensing terms to the remaining $3M exposure, using contract language, IBM’s own published licensing guidance, and industry precedent to argue for a fair settlement.
IBM’s audit and commercial teams ultimately agreed to a final settlement of $1.2 million, representing a 60% discount on the already-reduced $3M exposure, and a 99.4% reduction from the original $200M+ risk. The audit was closed within five months, without reputational damage, legal escalation, or regulatory notification.
| Exposure Category | Initial Exposure | After Remediation | Final Settlement |
|---|---|---|---|
| Sub-Capacity / ILMT Gap | ~$160M | ~$1.5M | Included |
| Legacy Entitlement Gaps | ~$18M | ~$0.5M | Included |
| Unmonitored BU Growth | ~$12M | ~$0.6M | Included |
| Mainframe MLC Exposure | ~$10M | ~$0.4M | Included |
| Total | ~$200M+ | ~$3M | $1.2M |
Our IBM licensing assessment service identifies compliance gaps, shelfware, and optimisation opportunities. Pre-audit remediation is worth 100x post-audit negotiation.
IBM Licensing Assessment →$198.8M avoided, compliance transformed, governance established
The institution avoided $198.8 million in IBM licensing exposure. For a financial services firm subject to quarterly earnings reporting, regulatory capital requirements, and shareholder scrutiny, the avoidance of a nine-figure unplanned expense was not merely a cost saving. It was a preservation of the institution’s financial stability and market credibility. The $1.2M settlement was absorbed as a routine compliance expense within the existing technology budget, requiring no board-level notification, no earnings restatement, and no investor communication.
The engagement produced a complete, accurate Effective License Position, the first the institution had ever had. For the first time, the institution could definitively state what IBM licences it owned, what products they covered, and where they were deployed. The ILMT deployment was completed across 100% of the virtualised estate, ensuring that sub-capacity pricing would be maintained automatically going forward.
Redress established a permanent IBM licensing governance framework comprising continuous ILMT monitoring with automated alerts, a deployment approval workflow requiring procurement sign-off, quarterly licence reconciliation, M&A licence due diligence playbooks, and mainframe MLC optimisation with updated reporting tools. The audit was closed within five months without legal escalation, without involving external counsel, and without any regulatory notification or reputational impact. For more on our ongoing advisory approach, see our IBM licence consulting services.
Redress Compliance saved us from a disaster. Without their intervention, we would have faced an unmanageable audit outcome. Their licensing knowledge, technical support, and negotiation strategy reduced a $200 million exposure to just over $1 million. More importantly, they gave us control and confidence throughout the entire process.— CIO, Leading New York Financial Institution
IBM audit exposures in financial services almost always look catastrophic on first assessment. The numbers are genuinely frightening. Nine figures is not unusual for large banks. But the vast majority of that exposure is inflated by ILMT gaps, entitlement fragmentation, and metric miscounting. The actual compliance gap is typically a fraction, often less than 2%, of what the initial full-capacity calculation suggests.— Fredrik Filipsson, Co-Founder, Redress Compliance
Why apparent exposure is almost always dramatically larger than actual compliance requirement
The institution’s experience illustrates a pattern that Redress has observed across dozens of large-enterprise IBM audits. The apparent exposure is almost always dramatically larger than the actual compliance requirement, typically by a factor of 10x to 50x. Understanding why this inflation occurs is essential for any organisation facing an IBM audit.
The primary inflation mechanism is full-capacity versus sub-capacity pricing. In virtualised environments, IBM’s sub-capacity terms allow customers to licence only the processor capacity assigned to IBM workloads. But this pricing depends on ILMT being deployed, configured, and reporting accurately. Any gap in ILMT coverage triggers full-capacity pricing for that environment. In a large financial institution with hundreds of virtualised servers, even a handful of ILMT gaps can create tens of millions of dollars in apparent exposure that does not reflect actual usage.
The secondary inflation mechanism is entitlement ambiguity. IBM’s auditors compare installations against entitlement records, and where the entitlement record is unclear, IBM assumes the customer does not have the licence. The burden of proof falls on the customer to demonstrate entitlement, not on IBM to prove the licence is missing.
The third inflation mechanism is metric miscounting. IBM’s PVU and RVU metrics are calculated based on processor type, core count, and virtualisation configuration. Small errors in any of these inputs compound across a large estate to create significant apparent shortfalls. These errors are rarely intentional; they result from the inherent complexity of IBM’s licensing model applied at enterprise scale. For more on these dynamics, see our IBM negotiations service.
Similar outcomes across industries
A major US technology company faced an $82M IBM audit exposure driven by sub-capacity gaps and middleware sprawl across development and production environments. ILMT remediation, footprint consolidation, and structured negotiation delivered a 99.3% reduction.
Read full case study →Charles Schwab conducted a proactive IBM licensing review outside an audit context to identify shelfware, optimise entitlements, and reduce annual IBM costs. Proactive optimisation delivers significant savings even without an audit and positions the organisation to defend against future audits from a position of documented compliance.
Read full case study →Our complete collection of IBM audit defence, licensing assessment, and ELA renewal case studies, demonstrating consistent 80 to 99%+ reductions in IBM audit exposures across financial services, technology, manufacturing, and retail.
View all IBM case studies →Five principles from this engagement
For any organisation running IBM software in virtualised environments, ILMT deployment is the difference between sub-capacity pricing (based on actual usage) and full-capacity pricing (based on total server capacity). The cost difference can be 5 to 10x or more. ILMT must be deployed on every server running IBM software in virtualised environments. A single gap can trigger full-capacity pricing for that entire cluster.
The institution’s $200M exposure was reduced to $3M through remediation before negotiations began. This 98.5% reduction was achieved through technical actions, not negotiation tactics. The negotiation phase reduced the $3M to $1.2M, a further 60% reduction, but a far smaller absolute saving. Invest in remediation before engaging with IBM’s auditors. Every dollar of exposure eliminated through technical action is a dollar that never enters the negotiation.
For organisations with acquisition history, the Effective License Position cannot be constructed from current records alone. It requires forensic analysis of original contracts, acquired entity agreements, product rename mappings, and historical entitlement transfers. IBM’s auditors will not perform this analysis on the customer’s behalf. They will assume entitlements do not exist unless the customer proves otherwise. For support with this process, our IBM ELA renewal service includes full entitlement reconstruction.
IBM auditors routinely attempt to expand the audit scope beyond the products originally specified. Over-disclosure, providing IBM with deployment data for products not covered by the audit clause or sharing information about infrastructure beyond what is contractually required, enables this expansion. The institution’s engagement was managed with strict disclosure controls, ensuring that IBM received exactly the information required by the audit clause and no more.
Many organisations fear that defending an IBM audit aggressively will damage the commercial relationship. The opposite is true. A well-managed audit, conducted cooperatively, with documented remediation and a fair settlement, demonstrates that the organisation is a serious, capable counterparty. The institution’s audit was closed as a cooperative resolution, and the ongoing IBM relationship was strengthened, not damaged, by the process.
IBM Audit Defence Framework
Monthly insights on IBM audit defence, licensing optimisation, and ELA strategy from our advisory team.
Subscribe Free →Facing an IBM audit? Get expert defence support now.