A global manufacturing company headquartered in Illinois with 18,000 employees received a soft audit inquiry from Oracle regarding Java usage. Oracle’s employee-based subscription model generated a calculated exposure of $5.346 million over three years. Redress Compliance conducted a comprehensive Java licensing assessment, developed an optimisation and migration strategy, managed all Oracle communications, and delivered a full transition away from Oracle Java — resulting in total savings exceeding $5 million.
The company — a global manufacturer with 18,000 employees across multiple facilities in the United States and internationally — received a communication from Oracle’s licence management services (LMS) team requesting a review of their Java usage. This “soft audit” inquiry is Oracle’s standard approach for identifying organisations using Oracle JDK without a current commercial licence, and it typically precedes a formal audit or aggressive licensing proposal.
Oracle calculated the company’s Java licensing obligation under the January 2023 employee-based subscription model: every employee in the organisation counted toward the Java SE subscription, regardless of whether they personally used Java. At approximately $8.33 per employee per month (the tier for 10,000–19,999 employees), the annual cost was $1,799,280. Oracle’s claim covered three years of retroactive usage plus the forward subscription — totalling $5,346,000 in calculated exposure.
The manufacturer had no Java licensing strategy and no prior commercial Java agreement with Oracle. Like many enterprises, Java had been deployed across the environment over many years — bundled with applications, installed by developers, present on servers and workstations — without centralised governance. The IT leadership team had limited visibility into where Oracle JDK was actually installed, which versions were in use, and which deployments required a commercial licence. The $5.3 million exposure was both unexpected and unbudgeted.
Redress Compliance conducted a comprehensive inventory of all Java deployments across the organisation: servers, workstations, production systems, development environments, and third-party applications bundling Java. For each deployment, we determined which JDK version and distribution was installed (Oracle JDK, OpenJDK, or third-party), whether the usage constituted commercial use requiring a licence, whether the deployment could be migrated to a licence-free alternative (OpenJDK, Azul, Amazon Corretto, Eclipse Temurin), and the business criticality and migration complexity. The assessment revealed that actual Oracle JDK usage was concentrated in a small subset of systems.
Based on the assessment, we developed a phased migration plan: immediate removal of Oracle JDK from workstations and non-production servers, migration of development environments to Eclipse Temurin and Amazon Corretto, coordination with third-party application vendors to confirm their Java bundling rights, and migration of production server deployments to Azul Zulu for mission-critical systems requiring enterprise support SLAs. The plan included application compatibility testing for each production system to ensure zero business disruption.
Redress Compliance managed all communications with Oracle throughout the engagement. This included controlling the information flow, challenging Oracle’s retroactive licensing claims (the company had no commercial Java agreement), establishing a clear timeline for the company’s migration demonstrating active elimination of Oracle JDK, and protecting the client from signing any interim agreement that could create contractual obligations or validate Oracle’s retroactive claims.
Over a 10-month period, the migration plan was executed: Oracle JDK was removed from approximately 14,000 workstations and replaced with OpenJDK distributions, 85+ server deployments were migrated to Azul Zulu or Amazon Corretto, development teams were transitioned to Eclipse Temurin with updated CI/CD pipelines, and third-party application Java dependencies were documented. The IT team implemented Java governance controls — deployment policies preventing future Oracle JDK installation without procurement approval, automated scanning, and a centralised Java distribution management process.
With the migration complete and Oracle JDK fully removed, Redress Compliance engaged Oracle directly to close the audit inquiry. We presented evidence of complete Oracle JDK removal, challenged the basis for retroactive claims (no prior commercial agreement), and negotiated the full elimination of Oracle’s $5.346 million claim. Oracle accepted the outcome: no retroactive licensing fees, no forward subscription signed, and the audit inquiry was formally closed with zero financial obligation.
The engagement delivered a complete elimination of the Oracle Java licensing exposure — from $5.346 million to zero — while establishing a sustainable, cost-effective Java strategy for the long term.
| Metric | Before Engagement | After Engagement |
|---|---|---|
| Oracle Java exposure | $5,346,000 (3-year claim) | $0 — claim eliminated |
| Annual Java licensing cost | $1,799,280/year (Oracle subscription) | ~$85,000/year (Azul Zulu support for critical servers) |
| Oracle JDK installations | ~14,500 (workstations + servers) | 0 — fully migrated to OpenJDK alternatives |
| Retroactive fees paid to Oracle | $5.346M demanded | $0 — no payment |
| Ongoing Oracle Java obligation | $1.8M+/year indefinitely | None — fully independent of Oracle Java |
The assessment revealed Java installations across four distinct categories, each requiring a different migration approach. Understanding this breakdown is valuable for any enterprise facing similar exposure.
| Category | Installations | % of Total | Migration Approach | Timeline |
|---|---|---|---|---|
| End-user workstations | ~12,200 | 84% | Removed or replaced with Temurin/Corretto via automated deployment | Months 4–6 |
| Development environments | ~850 | 6% | Migrated to Eclipse Temurin with updated CI/CD pipelines | Months 5–7 |
| Production servers | ~85 | 0.6% | Migrated to Azul Zulu (commercially supported) with compatibility testing | Months 6–10 |
| Third-party app bundles | ~1,365 | 9.4% | Confirmed covered by vendor Java licences — no migration needed | Months 3–5 |
| Total | ~14,500 | 100% | Zero Oracle JDK remaining after migration | |
The most significant finding: 84% of Oracle JDK installations were on end-user workstations where Java was either unused, used only for browser-based applications that no longer require Java, or could be replaced by a free OpenJDK distribution with zero user impact. This is consistent with patterns we see across manufacturing enterprises — Java accumulates on workstations over years of application deployments without centralised governance, creating an inflated footprint that Oracle uses to maximise its employee-based subscription calculation.
| Cost Element | Oracle Java Subscription (5 Years) | OpenJDK Strategy (5 Years) |
|---|---|---|
| Year 1 (retroactive + current) | $3,598,560 | $285,000 (advisory + Azul support) |
| Year 2 | $1,799,280 | $85,000 (Azul support only) |
| Year 3 | $1,799,280 | $85,000 |
| Year 4 (est. 8% escalator) | $1,943,222 | $90,000 |
| Year 5 (est. 8% escalator) | $2,098,680 | $95,000 |
| 5-Year Total | $11,239,022 | $640,000 |
The company avoided the entire $5.346 million Oracle claim — paying zero in retroactive fees, zero in forward subscription costs, and establishing ongoing Java costs of approximately $85,000/year for commercially supported OpenJDK on mission-critical production systems.
The 5-year savings compared to Oracle’s subscription model (including estimated 8% annual escalators that Oracle typically embeds in multi-year agreements) exceed $10.6 million ($11.2M Oracle path vs $640K OpenJDK path).
Beyond the financial outcome, the company gained complete independence from Oracle’s Java licensing model — eliminating a recurring exposure that would have grown with every new employee hired and every escalator applied at renewal.
Months 1–2: Java licensing assessment, inventory of all 14,500+ installations, and classification by migration complexity.
Months 2–4: Migration strategy development, vendor coordination for third-party application Java rights, and application compatibility testing for production servers.
Months 4–7: Workstation migration — automated removal of Oracle JDK from 12,200 endpoints via SCCM deployment.
Months 5–8: Development environment migration to Eclipse Temurin and CI/CD pipeline updates.
Months 6–10: Production server migration to Azul Zulu with staged compatibility testing and parallel operation.
Months 10–12: Oracle negotiation, audit closure, governance implementation, and formal documentation of the zero-Oracle-JDK environment.
“When Oracle came knocking, we were unprepared. The potential cost was staggering. Redress Compliance helped us make sense of the situation and immediately put us on the right path. Their team was proactive, hands-on, and always two steps ahead of Oracle. We ended up saving over $5 million — and more importantly, we gained control over our software landscape. They’ve earned our trust.”
— VP of IT, Manufacturing Company
This engagement illustrates patterns we see across hundreds of Oracle Java advisory engagements. The following lessons apply to any enterprise that has received — or expects to receive — an Oracle Java licensing inquiry.
Oracle’s employee-based model counts everyone: The January 2023 Java SE subscription model counts all employees (and contractors with access to company systems) regardless of whether they use Java. An 18,000-employee company pays $1.8M/year whether 50 or 18,000 people actually use Java — the metric is headcount, not usage.
Soft audits are the entry point, not the endpoint: Oracle’s initial “review request” is designed to create urgency and pressure a subscription signing. Do not respond to Oracle without independent advisory support. Every communication with Oracle can create obligations or concessions.
Migration to OpenJDK is viable for virtually all enterprises: OpenJDK distributions (Azul Zulu, Amazon Corretto, Eclipse Temurin) are functionally identical to Oracle JDK for the vast majority of enterprise workloads. Commercial support from vendors like Azul costs 90–95% less than Oracle’s subscription.
Retroactive claims are contestable: Oracle’s ability to charge retroactive fees for Java — which was free for commercial use until January 2019 — depends on the specific versions used, the dates of usage, and whether a commercial agreement exists.
Java governance prevents recurrence: The most important long-term outcome is implementing controls that prevent Oracle JDK from re-entering the environment. Automated scanning, deployment policies, and centralised distribution management ensure the company stays Oracle-free permanently.
Do not sign Oracle’s proposed agreement under pressure: Oracle’s standard response to a soft audit is to present a subscription agreement with retroactive terms. Signing this agreement validates Oracle’s claims and creates binding financial obligations. Engage independent advisory before signing anything.
Manufacturing organisations face disproportionate Java licensing exposure under Oracle’s employee-based model for several structural reasons that make independent advisory especially valuable in this sector.
Manufacturing companies typically employ thousands of production workers — assembly line staff, warehouse operatives, quality inspectors — who never interact with Java. Oracle’s model counts every employee regardless of role, meaning a manufacturer with 18,000 employees but only 2,000 office workers using Java-dependent applications pays the same as a technology company where all 18,000 use Java daily. This creates a cost-to-usage ratio that can exceed 15:1 in manufacturing — the single worst ratio of any industry sector.
Manufacturing environments often include legacy Manufacturing Execution Systems (MES), SCADA interfaces, and ERP integrations that were built on Java. These systems may have Oracle JDK embedded deep within their application stack, making migration more complex than in pure office environments. However, in most cases, the Java bundled within these third-party applications is covered by the vendor’s own Java licence — not the customer’s. This distinction can reduce the actual licensable footprint by 40–70% in manufacturing environments.
Oracle follows a predictable escalation pattern with Java licensing inquiries. Understanding this pattern helps enterprises respond strategically rather than reactively.
Oracle’s Global Licence Advisory Services (GLAS) or a regional sales representative sends an email or letter requesting a “review” of the company’s Java usage. The communication is often framed as routine compliance verification. Oracle may reference specific IP address data showing Oracle JDK downloads from the company’s network — Oracle tracks downloads from java.oracle.com by corporate IP range. This phase is designed to establish a communication channel and gauge the company’s preparedness.
Oracle presents a Java SE subscription proposal based on the company’s total employee count — often with a “limited-time discount” of 15–25% off list price to create urgency. The proposal typically includes retroactive terms covering 2–3 years of “unlicensed usage” bundled into the subscription cost. Oracle’s sales team frames this as the company’s best option to “resolve the situation quickly.” In reality, the discount is standard, the retroactive period is negotiable, and the proposal is designed to lock the company into a multi-year subscription before they explore alternatives.
If the company does not sign, Oracle escalates — involving senior licensing managers, referencing audit rights under the Oracle Master Agreement (if one exists), and in some cases, engaging legal counsel to send formal demand letters. This phase creates maximum psychological pressure on IT and legal leadership. The critical insight: Oracle rarely proceeds to formal litigation over Java licensing. The cost-benefit of litigation is unfavourable for Oracle when thousands of companies face similar exposure. Most Java audit engagements are resolved through negotiation, migration, or a combination — which is exactly what this case study demonstrates.
Oracle used the January 2023 employee-based Java SE subscription model. The company had 18,000 employees, placing them in the 10,000–19,999 employee tier at approximately $8.33 per employee per month ($99.96/year). Annual cost: 18,000 × $99.96 = approximately $1.8 million. Oracle claimed three years of retroactive usage (covering the period since the licensing model changed), totalling $5.346 million. Critically, this calculation counts every employee regardless of whether they personally use Java — making headcount, not actual usage, the cost driver.
The migration used three primary alternatives: (1) Eclipse Temurin (free, community-supported OpenJDK) for development environments and non-critical workstations, (2) Amazon Corretto (free, Amazon-supported OpenJDK) for AWS-deployed applications and general server workloads, and (3) Azul Zulu (commercially supported OpenJDK) for mission-critical production servers requiring enterprise support SLAs and guaranteed security patches. All three are functionally identical to Oracle JDK for standard enterprise workloads.
Oracle’s ability to enforce retroactive fees depends on several factors: whether a commercial agreement existed, which JDK versions were used, when they were deployed, and the specific licence terms applicable at the time of deployment. Java was free for commercial use under Oracle’s Binary Code Licence until January 2019. Organisations that deployed Oracle JDK under the free licence and continued using those specific versions may have a defensible position against retroactive claims. Independent advisory is essential for evaluating your specific exposure.
For an enterprise of this scale (18,000 employees, 14,500+ Java installations), the migration took 10 months from strategy to completion. Timelines vary based on: the number of custom applications with Oracle JDK dependencies, the complexity of production server environments, the presence of third-party applications bundling Oracle JDK, and the organisation’s change management maturity. Smaller organisations (under 5,000 employees) can typically complete a migration in 3–6 months. Starting before Oracle escalates gives you the strongest negotiating position.
After migration, the company’s ongoing Java costs are approximately $85,000/year for Azul Zulu commercial support on mission-critical production servers. Development environments and workstations use free OpenJDK distributions (Temurin, Corretto) at zero cost. Compared to Oracle’s $1.8 million/year subscription, the ongoing cost represents a 95% reduction. Most enterprises find that commercial OpenJDK support costs between $50K–$200K/year depending on the number of supported instances.
The company implemented four governance controls: (1) deployment policy — Oracle JDK cannot be installed without explicit procurement approval, (2) automated scanning — quarterly scans detect any Oracle JDK installations and flag them for remediation, (3) centralised Java distribution management — IT maintains an approved repository (Azul, Corretto, Temurin) from which all installations must be sourced, and (4) vendor management — all new third-party application purchases include contractual requirements around Java bundling. These controls ensure the migration investment is permanent.
Absolutely — and before responding to Oracle’s initial communication, not after. Every response to Oracle can create obligations, concessions, or admissions that weaken your negotiating position. Independent advisors provide assessment of your actual exposure, a communication strategy that protects your position, migration planning that reduces or eliminates the obligation, direct negotiation leveraging experience from hundreds of similar engagements, and knowledge of Oracle’s internal processes and settlement thresholds. In this case, advisory turned a $5.3 million exposure into a $0 outcome.