Executive Summary
Pernod Ricard is the world's second-largest spirits and wine company, headquartered in Paris, France, with annual revenue exceeding €12 billion and a portfolio of globally recognised brands including Absolut, Jameson, Chivas Regal, and Martell. Oracle technology is deeply embedded in this infrastructure — Oracle Database Enterprise Edition powers critical ERP, supply chain, and financial systems, while Oracle Java SE is deployed across thousands of servers and workstations globally.
When Oracle initiated a “soft” compliance review focused on Java SE and cloud deployments, the situation escalated rapidly. Oracle's auditors identified compliance gaps across three distinct areas. Redress Compliance was engaged to defend against the active audit while simultaneously remediating the genuine exposure and optimising Pernod Ricard's long-term Oracle licence position. The result: $4 million in Oracle licensing exposure eliminated, the active audit closed with zero penalties, and cloud licensing governance established.
Oracle's “soft audit” process uses account team reviews and LMS tool-based data collection to identify compliance gaps without formally triggering audit rights. For multinational enterprises, this process consistently finds three categories of exposure: Java SE under-licensing, cloud BYOL configuration gaps, and VMware cluster-wide licensing. Each is contestable through independent assessment — but requires specialist expertise to challenge effectively.
Background and Context
Pernod Ricard's Oracle Estate
Pernod Ricard's Oracle footprint reflects the complexity of a highly decentralised global enterprise operating across 73 countries with approximately 20,000 employees. Oracle Database Enterprise Edition runs across multiple data centres and cloud environments, supporting SAP-integrated financial systems, supply chain planning platforms, and customer analytics applications. Oracle Java SE is ubiquitous across the global IT environment, running on application servers, middleware platforms, developer workstations, and end-user desktops in every operating region.
The cloud migration added a third layer of complexity. Pernod Ricard had begun moving Oracle Database workloads to AWS EC2 and Microsoft Azure under Oracle's BYOL policy. Oracle's cloud licensing rules are precise: on AWS, two vCPUs count as one Oracle processor licence; on Azure, the count depends on whether the instance is multi-tenant or dedicated infrastructure. Several cloud instances had been provisioned with more vCPUs than the available licence entitlements could cover.
The FMCG Licensing Challenge
Fast-moving consumer goods companies like Pernod Ricard face distinctive Oracle licensing risks. Their IT estates are characterised by high user counts, decentralised procurement, and ongoing cloud migration. Pernod Ricard's decentralised operating model — where Brand Companies and Market Companies had autonomy to deploy Oracle technology without centralised licensing approval — compounded these risks significantly over years of organic and acquisition-driven growth.
The Challenges
Java SE — Enterprise-Wide Subscription Demand
Oracle's compliance review began with Java SE, an area where Oracle has become increasingly aggressive since introducing the Employee Metric pricing model in January 2023. Under this model, the cost of a Java SE subscription is calculated based on total organisational headcount, not the number of actual Java users. Oracle's auditors catalogued Java SE installations across Pernod Ricard's global estate and presented the Employee Metric as the only available pricing model, generating a subscription demand running to several million euros annually.
Cloud BYOL Compliance Gaps
Pernod Ricard had migrated several Oracle Database instances to AWS EC2 and Microsoft Azure under Oracle's BYOL policy. Oracle's cloud licensing rules count the maximum vCPU allocation ever assigned to an instance — not the current or average allocation. Several cloud database instances had been provisioned with more vCPUs than the available licence entitlements could cover because project teams migrating workloads had provisioned larger instances than originally planned, and some instances had been upsized during peak periods without triggering a licence review.
VMware Virtualisation Exposure
Pernod Ricard's on-premises Oracle Database instances ran on a shared VMware vSphere infrastructure. Oracle's official position is that VMware does not constitute hard partitioning — meaning that if Oracle VMs can potentially migrate to any host in a cluster, all processors in that cluster may require licensing. Oracle's compliance review flagged Pernod Ricard's VMware environment and calculated the licensing requirement based on the total physical core count of the VMware clusters hosting Oracle VMs — producing a claim that was dramatically larger than the actual Oracle workload.
Fragmented Entitlement Records
Pernod Ricard's Oracle licence entitlements had been accumulated over 20+ years through a combination of direct purchases, subsidiary acquisitions, regional procurement, and global enterprise agreements. No single repository held a complete, validated entitlement record. Before any meaningful defence could be mounted, the full entitlement picture had to be reconstructed from dozens of historical contracts, ordering documents, and purchase records.
Oracle initiated a compliance review across your global estate?
Redress Compliance's Approach
Redress executed a four-phase engagement designed to simultaneously defend against the active Oracle audit, remediate genuine compliance gaps, and optimise Pernod Ricard's long-term Oracle licence position.
Comprehensive Licence and Usage Audit
Redress began by constructing a complete Effective Licence Position (ELP) for Pernod Ricard's entire Oracle estate. This required gathering data from three distinct sources: deployment data (what Oracle software is installed where, at what version, with what features enabled), entitlement data (what licences Pernod Ricard owns across all historical contracts and ordering documents), and cloud configuration data (current and historical vCPU allocations for all Oracle BYOL instances). The ELP revealed that the genuine compliance gap was significantly smaller than Oracle's claim across all three exposure categories.
Java SE Optimisation and Migration
Redress conducted a detailed Java SE inventory across Pernod Ricard's global infrastructure. Every Java installation was categorised by version, deployment context (server, desktop, middleware dependency), and commercial necessity. Non-essential Oracle Java installations — including developer workstations, non-critical internal tooling, and applications with no Oracle API dependencies — were replaced with OpenJDK distributions. This eliminated the majority of Oracle's Java SE subscription demand. The remaining commercial Java SE obligation was covered through targeted subscription at a fraction of Oracle's initial claim.
Cloud BYOL Remediation
Redress worked with Pernod Ricard's cloud operations team to right-size Oracle Database instances in AWS and Azure to match available licence entitlements. Where upsizing had created temporary over-licensing, evidence of actual usage patterns and the documented rationale for instance sizing was compiled to support the negotiating position. Cloud licensing governance was established going forward — including pre-migration licence reviews and vCPU allocation monitoring for all Oracle BYOL instances.
VMware Workload Isolation
Oracle workloads were moved to dedicated hosts within Pernod Ricard's VMware infrastructure. DRS affinity rules prevented Oracle VMs from migrating to non-Oracle hosts, and vMotion was disabled for Oracle VMs. This eliminated Oracle's cluster-wide licensing argument: Pernod Ricard's existing licences covered the dedicated Oracle hosts, with no additional purchases required.
Audit Defence and Negotiation
With the remediated compliance position documented across all three exposure areas, Redress led the Oracle audit response. The counter-submission addressed each of Oracle's claims with evidence and contractual analysis. Oracle's audit negotiations were managed exclusively by Redress, preventing Oracle from using direct client contact to apply commercial pressure. The audit was closed with zero penalties, no forced licence purchases, and no commercial commitments beyond the targeted subscriptions already planned.
Exposure Reduction Analysis
| Exposure Area | Oracle's Initial Claim | Verified Position After Remediation |
|---|---|---|
| Java SE (Employee Metric) | Multi-million euro annual subscription | Targeted subscription covering genuine Oracle JDK dependencies only |
| Cloud BYOL (AWS/Azure) | Licence shortfall on over-provisioned instances | Right-sized; evidence-based defence for historical peaks |
| VMware Cluster-Wide Licensing | All cluster hosts require licensing | Dedicated hosts only — covered by existing licences |
| Active Audit Penalties | Settlement demand during active review | $0 — audit closed through remediation and evidence |
| Total Cost Avoidance | — | $4M across all exposure categories |
Results and Business Impact
$4 million in Oracle licensing exposure was eliminated across Java SE, cloud BYOL, and VMware virtualisation. The active Oracle soft audit was closed with zero penalties — all claims settled through remediation and evidence-based negotiation rather than commercial concession. Cloud licensing governance was established, preventing recurrence of BYOL compliance gaps. Ongoing Oracle support costs were reduced through licence right-sizing. A centralised licence governance framework replaced the previously decentralised approach that had allowed compliance risks to accumulate undetected.
Lessons Learned and Best Practices
Java SE Employee Metric Is Negotiable — Not Mandatory
Oracle presents the Employee Metric as the only available Java SE pricing model for large enterprises. It is not. Alternatives exist for organisations that can demonstrate targeted deployment patterns, and the Employee Metric calculation can be challenged through independent inventory and classification of genuine Oracle JDK dependencies. Most global enterprises can reduce their Java SE obligation by 70 to 90% through systematic remediation and targeted subscription.
Cloud BYOL Governance Must Be Established Before Migration
Every Oracle workload migration to AWS, Azure, or GCP should be reviewed against Oracle's BYOL rules before provisioning. The maximum vCPU rule — Oracle counts the highest allocation ever assigned, not current usage — means that even temporary instance upsizing creates a permanent licensing obligation. Pre-migration licence reviews and instance sizing controls prevent these gaps from accumulating.
VMware Isolation Is the Most Effective Defence Against Cluster-Wide Licensing
Isolating Oracle databases onto dedicated VMware hosts eliminates Oracle's cluster-wide licensing argument entirely. The technical implementation is well-established, and the licence cost of dedicated hosts is almost always dramatically less than the full-cluster exposure Oracle claims. This is the single highest-value action available to enterprises facing Oracle's virtualisation position.
Decentralised IT Creates Centralised Compliance Risk
Pernod Ricard's decentralised operating model — common across FMCG enterprises — allowed Oracle licensing risks to accumulate across Brand Companies and Market Companies without central visibility. Establishing a centralised licence governance function with clear deployment standards, cloud provisioning rules, and regular ELP reviews prevents the multi-year accumulation of exposure that Oracle's compliance process is designed to exploit.