Executive Summary
Pernod Ricard is the world's second-largest spirits and wine company, headquartered in Paris, France. With an annual revenue exceeding €12 billion and a portfolio of globally recognised brands — including Absolut, Jameson, Chivas Regal, Martell, and Mumm — the company operates across 73 countries with nearly 20,000 employees. Pernod Ricard's IT infrastructure supports a complex global operation spanning supply chain management, financial consolidation, customer relationship management, and e-commerce across dozens of subsidiaries and affiliate companies.
Oracle technology is deeply embedded in this infrastructure. Oracle Database Enterprise Edition powers critical ERP, supply chain, and financial systems. Oracle Java SE is deployed across thousands of servers and desktops. In recent years, Pernod Ricard had begun migrating Oracle workloads to AWS and Microsoft Azure, creating a hybrid on-premises and cloud environment that introduced new licensing complexity.
When Oracle initiated a "soft" compliance review focused on Java SE and cloud deployments, the situation escalated rapidly. Oracle's auditors identified compliance gaps across three distinct areas — Java SE subscriptions, cloud BYOL (Bring Your Own License) configurations, and VMware virtualisation — with a combined claimed exposure approaching $4 million. Pernod Ricard engaged Redress Compliance to conduct an independent assessment, manage the audit defence, and negotiate a resolution. The result: all compliance claims were resolved with zero penalties, the actual cost of remediation was a fraction of Oracle's initial demand, and Pernod Ricard emerged with a fully optimised Oracle licence position and strengthened governance for the future.
☕Java SE Optimisation
Non-essential Oracle Java installations replaced with OpenJDK across the global estate, eliminating the majority of Java subscription costs Oracle demanded.
☁️Cloud BYOL Remediation
AWS and Azure Oracle Database deployments reconfigured to meet Oracle's 2-vCPU-per-licence BYOL rules, closing cloud compliance gaps.
🖥️VMware Isolation
Oracle workloads moved to dedicated hosts, preventing Oracle from claiming licences for entire VMware clusters.
🛡️Active Audit Resolved
Oracle's soft audit closed with zero penalties — all claims settled through remediation and evidence-based negotiation.
Background & Context
Pernod Ricard's Oracle Estate
Pernod Ricard's Oracle footprint reflects the complexity of a highly decentralised global enterprise. The company operates through a network of Brand Companies (managing specific spirit or wine brands), Market Companies (managing distribution and sales in specific geographies), and a central headquarters function in Paris. Each entity historically maintained a degree of IT autonomy, resulting in an Oracle estate that had grown organically over two decades with limited centralised oversight.
Oracle Database Enterprise Edition runs across multiple data centres and cloud environments, supporting SAP-integrated financial systems, supply chain planning platforms, and customer analytics applications. Many database instances use advanced options — including Real Application Clusters (RAC), Partitioning, Advanced Security, and Diagnostics & Tuning Packs — some of which had been enabled during initial deployment without corresponding licence entitlements.
Oracle Java SE is ubiquitous across Pernod Ricard's global IT environment. Java runs on application servers, middleware platforms, developer workstations, and end-user desktops in every operating region. Prior to Oracle's 2023 licensing change, Java SE was effectively free for most commercial use — creating a widespread deployment footprint that few enterprises tracked with the rigour now required under Oracle's Employee Metric subscription model.
The cloud migration added a third layer of complexity. Pernod Ricard had begun moving Oracle Database workloads to AWS EC2 and Microsoft Azure under Oracle's BYOL (Bring Your Own License) policy. However, the migration had been executed by individual project teams without centralised licensing governance, resulting in configurations that did not consistently comply with Oracle's cloud licensing requirements.
🌍 Global Reach
73 countries, ~20,000 employees, €12B+ revenue. Decentralised IT across Brand Companies, Market Companies, and headquarters.
🗄️ Oracle Footprint
Database EE with RAC, Partitioning, Advanced Security, Diagnostics & Tuning Packs. Java SE deployed enterprise-wide. SAP-integrated financial systems.
☁️ Hybrid Cloud
Active migration from on-premises to AWS and Azure under Oracle BYOL policy. Mixed estate with inconsistent cloud licensing configurations.
The FMCG Licensing Challenge
Fast-moving consumer goods (FMCG) companies like Pernod Ricard face a distinctive set of Oracle licensing risks. Their IT estates are characterised by high user counts (thousands of employees across dozens of countries), distributed infrastructure (regional data centres, local office environments, and increasingly cloud-hosted services), and rapid technology change (ongoing migrations to cloud, new analytics platforms, digital commerce initiatives). Each of these characteristics creates Oracle compliance triggers that accumulate silently until a compliance review brings them to the surface.
Pernod Ricard's decentralised operating model compounded these risks. Individual Brand Companies and Market Companies had the autonomy to deploy Oracle technology without centralised licensing approval — meaning that database options could be enabled, Java versions upgraded, and cloud instances provisioned without anyone tracking the licensing implications. Oracle is acutely aware that global FMCG companies operate in this way, and the compliance review was clearly targeted at exploiting these governance gaps.
The Challenges
☕ Challenge 1: Java SE — Enterprise-Wide Subscription Demand
Oracle's compliance review began with Java SE — an area where Oracle has become increasingly aggressive since introducing the Employee Metric pricing model in January 2023. Under this model, the cost of a Java SE subscription is calculated based on the total number of employees in the organisation, not the number of Java installations or actual Java users. For a company with ~20,000 employees globally, the Employee Metric pricing created a potential annual Java subscription cost of $1.5–2 million per year — a dramatic increase from the effectively zero cost Pernod Ricard had paid for Java SE previously.
Oracle's auditors catalogued Java SE installations across Pernod Ricard's global estate and presented the Employee Metric as the only available pricing model. They did not distinguish between installations that genuinely required Oracle's commercial Java distribution and those that could use free alternatives. Nor did they account for the fact that many of Pernod Ricard's Java installations were legacy deployments on versions that pre-dated Oracle's licensing changes and might qualify for continued free use under Oracle's No-Fee Terms and Conditions (NFTC).
☁️ Challenge 2: Cloud BYOL Compliance Gaps
Pernod Ricard had migrated several Oracle Database instances to AWS EC2 and Microsoft Azure under Oracle's BYOL policy. However, Oracle's cloud licensing rules are precise and unforgiving: on AWS, two vCPUs equal one Oracle processor licence (unless hyper-threading is disabled, in which case one vCPU equals one processor licence). On Azure, the calculation follows a similar formula based on the number of vCPUs allocated to the virtual machine.
Oracle's review found that several cloud database instances had been provisioned with more vCPUs than the available licence entitlements could cover. This had occurred because project teams migrating workloads to the cloud sized their virtual machines for performance requirements without consulting Oracle licensing rules. The result was a cloud BYOL compliance gap that Oracle quantified at approximately $1.2 million in additional processor licences.
The cloud compliance challenge was compounded by the fact that cloud VM sizes can change over time. Some instances had been upsized during peak periods (year-end financial processing, for example) and the temporary increase in vCPUs created a permanent licensing obligation under Oracle's policies — even after the VM was scaled back down. Oracle counts the maximum vCPU allocation, not the current or average allocation, making cloud licensing a moving target for enterprises without rigorous governance.
⚠️ Cloud BYOL Trap: Maximum vCPU Rule
Oracle's cloud licensing policy counts the maximum vCPU allocation ever assigned to an instance — not the current or average allocation. Temporarily upsizing a cloud VM for a project or peak period permanently increases the licensing requirement unless the instance is terminated and recreated at the correct size. This rule catches many enterprises mid-cloud-migration.
🖥️ Challenge 3: VMware Virtualisation Exposure
Pernod Ricard's on-premises Oracle Database instances ran on a shared VMware vSphere infrastructure. Oracle's official position is that VMware does not constitute "hard partitioning" — meaning that if even a single Oracle Database VM runs on a VMware cluster, Oracle can claim that all physical cores across every host in that cluster require licensing. This policy can inflate licensing requirements by an order of magnitude compared to the actual resources consumed by Oracle workloads.
Oracle's compliance review flagged Pernod Ricard's VMware environment and calculated the licensing requirement based on the total physical core count of the VMware clusters hosting Oracle VMs. The resulting claim added approximately $800,000 to the total compliance demand. For Pernod Ricard, this was particularly problematic because the VMware clusters in question hosted a mix of Oracle and non-Oracle workloads — Oracle Database VMs shared cluster resources with Microsoft SQL Server, Linux application servers, and other workloads that had nothing to do with Oracle licensing.
🔍 Challenge 4: Fragmented Entitlement Records
Pernod Ricard's Oracle licence entitlements had been accumulated over 20+ years through a combination of direct purchases, subsidiary acquisitions, regional procurement, and global enterprise agreements. The entitlement records were spread across multiple systems, geographies, and contract structures — with no single consolidated view of what Oracle licences the company actually owned. This fragmented entitlement picture made it impossible for Pernod Ricard's internal team to independently verify Oracle's compliance claims. Oracle's auditors, by contrast, had full visibility into Oracle's records of what had been sold — but not necessarily what had been deployed — creating an information asymmetry that Oracle routinely exploits.
🎯 What Enterprises Migrating Oracle to the Cloud Should Do
- Establish cloud licensing governance before migration: Every Oracle workload migration to AWS, Azure, or GCP should be reviewed against Oracle's BYOL rules before provisioning.
- Track vCPU allocations rigorously: Oracle counts maximum-ever allocation, not current. Document every resize event and implement alerts for Oracle-licensed instances.
- Consolidate entitlement records: Create a single Oracle licence inventory covering all contracts, purchase orders, and entitlements before engaging with Oracle on any compliance matter.
- Separate Oracle from non-Oracle VMware workloads: Isolating Oracle on dedicated hosts eliminates the cluster-wide licensing argument entirely.
Redress Compliance's Approach
Redress executed a four-phase engagement designed to simultaneously defend against the active Oracle audit, remediate genuine compliance gaps, and optimise Pernod Ricard's long-term Oracle licence position.
1
Comprehensive Licence & Usage Audit
Redress began by constructing a complete Effective Licence Position (ELP) for Pernod Ricard's entire Oracle estate. This required gathering data from three distinct sources: deployment data (what Oracle technology was actually installed and running), entitlement data (what Oracle licences Pernod Ricard had purchased across all contracts and subsidiaries), and configuration data (how Oracle software was deployed across on-premises, VMware, and cloud environments). The ELP reconciled deployments against entitlements for every Oracle product — Database, Database Options, Java SE, and any other Oracle components discovered during the inventory. This analysis identified both compliance gaps (where deployments exceeded entitlements) and over-licensing (where Pernod Ricard owned licences for products no longer in use).
2
Java SE Optimisation & Migration
Redress conducted a detailed Java SE inventory across Pernod Ricard's global infrastructure. Every Java installation was categorised by version, deployment context (server, desktop, middleware dependency), and licensing status. The analysis identified three categories: installations eligible for free use under Oracle's NFTC (primarily Java 17+ on qualifying terms), installations that could be replaced with Eclipse Temurin or Amazon Corretto at zero cost, and installations with genuine Oracle Java dependencies requiring a paid subscription. Redress guided Pernod Ricard's IT teams across multiple regions through a phased migration — replacing Oracle Java SE with OpenJDK alternatives on application servers, build systems, and developer workstations. The migration eliminated approximately 80% of the Java installations that Oracle had flagged, dramatically reducing the required subscription scope. For the remaining installations, Redress negotiated Java SE subscriptions on a per-installation basis rather than the Employee Metric — saving Pernod Ricard millions compared to the enterprise-wide pricing Oracle had initially demanded.
3
Cloud BYOL Remediation
Redress audited every Oracle Database instance running on AWS and Azure, documenting vCPU allocations, instance types, and licence consumption. Where instances had been provisioned with more vCPUs than licence entitlements could support, Redress worked with Pernod Ricard's cloud engineering team to right-size the virtual machines — reducing vCPU counts to match available licences without sacrificing application performance. In several cases, the cloud instances had been over-provisioned for performance headroom that was never actually consumed; right-sizing improved both licensing compliance and cloud infrastructure costs simultaneously. Redress also implemented Oracle licence tagging in AWS and Azure — marking Oracle-licensed instances with metadata tags that trigger alerts if instance types are changed without licensing review. This governance control prevents future cloud BYOL gaps from accumulating silently.
4
VMware Workload Isolation
To address Oracle's VMware cluster-wide licensing claim, Redress recommended and supervised the isolation of Oracle Database workloads onto dedicated VMware hosts. By moving Oracle VMs to hosts that run exclusively Oracle workloads — separate from the shared VMware clusters — Pernod Ricard confined Oracle's licensing scope to the physical cores in those dedicated hosts only. This reduced the processor licence requirement from the total core count of the shared clusters (hundreds of cores) to the core count of the dedicated Oracle hosts (a fraction of the original). The architectural change was straightforward to implement and had no impact on Oracle Database performance or availability. It also future-proofed Pernod Ricard's VMware licensing position: any future Oracle Database deployments on VMware would be placed on the dedicated hosts, maintaining the isolation boundary.
5
Audit Defence & Negotiation
With all remediation actions completed and documented, Redress managed all communications with Oracle's LMS (License Management Services) team on Pernod Ricard's behalf. Redress presented a detailed counter-report addressing each of Oracle's compliance claims — demonstrating that the Java SE obligation was a fraction of Oracle's initial demand, that cloud BYOL configurations had been corrected, and that VMware licensing was now confined to dedicated hosts. Oracle's initial $4 million claim was countered with evidence showing that Pernod Ricard's actual compliance gap, after remediation, required only a minimal number of additional processor licences at a cost far below Oracle's original demand. Oracle accepted the remediated position, closed the audit with zero penalties, and Pernod Ricard purchased only the small number of additional licences necessary to cover its genuine, post-remediation compliance gap.
Exposure Reduction Analysis
| Compliance Area | Oracle's Initial Claim | After Redress Assessment | Method of Resolution |
|---|
| Java SE (Employee Metric) | $1.8M | ~$120K/yr | 80% of installations migrated to OpenJDK; remaining licensed per-installation, not Employee Metric |
| Cloud BYOL (AWS & Azure) | $1.2M | ~$80K | Cloud VMs right-sized to match licence entitlements; governance tags implemented |
| VMware Virtualisation | $0.8M | $0 | Oracle workloads isolated onto dedicated hosts; cluster-wide claim eliminated |
| Database Options | $0.2M | $0 | Unused database options (Diagnostics & Tuning Packs) disabled in non-production environments |
| Total | $4.0M | ~$200K | 95% reduction — from $4M claim to ~$200K in minimal remediation costs |
The largest single reduction came from Java SE. Oracle had attempted to apply the Employee Metric — pricing based on Pernod Ricard's entire 20,000-person headcount — which would have created an annual subscription cost of approximately $1.8 million. By migrating 80% of Java installations to OpenJDK and negotiating per-installation pricing for the remainder, Redress reduced the annual Java cost to approximately $120,000 — a 93% reduction. This distinction between Employee Metric and per-installation pricing is one of the most impactful negotiation levers available to enterprises facing Oracle Java compliance claims; Oracle strongly prefers the Employee Metric because it maximises revenue, but alternative pricing structures exist and can be negotiated with the right expertise and evidence.
The cloud BYOL remediation was largely a configuration exercise — right-sizing VMs and implementing governance controls — with a small number of additional processor licences purchased to cover genuine gaps that could not be resolved through resizing alone. The VMware exposure was eliminated entirely through workload isolation, at zero software cost. The database options claim ($200K) was resolved by disabling Diagnostics and Tuning Packs that had been automatically enabled in non-production environments — a common "silent" compliance trigger that Oracle routinely exploits.
Results & Business Impact
💰 $4 Million in Cost Avoidance
Pernod Ricard's total Oracle compliance exposure of $4 million was reduced to approximately $200,000 in remediation costs — a 95% reduction. The savings directly benefited the company's IT budget, freeing capital for strategic initiatives including continued cloud migration and digital transformation programmes. The $4 million represents the difference between Oracle's initial compliance demand and the actual cost of resolving the genuine compliance gaps identified by Redress's independent analysis.
🛡️ Active Audit Closed with Zero Penalties
Oracle's soft audit was formally closed with no financial penalties. Pernod Ricard's remediated compliance position — documented by Redress with evidence from Oracle's own measurement methodologies — left Oracle with no basis to pursue further action. The audit closure documentation serves as a permanent record that protects Pernod Ricard against future claims related to the same deployment period.
☁️ Cloud Licensing Governance Established
The cloud BYOL remediation delivered benefits beyond the immediate compliance resolution. Pernod Ricard now has Oracle licence tagging implemented across its AWS and Azure environments, with automated alerts for any changes to Oracle-licensed instance configurations. This governance framework ensures that future cloud deployments, resizing events, and migrations are automatically reviewed against Oracle licensing rules — preventing the accumulation of new BYOL compliance gaps. The right-sizing exercise also reduced cloud infrastructure costs by eliminating over-provisioned VM configurations.
📉 Ongoing Support Cost Reduction
By identifying and removing unused database options and over-licensed Oracle products, Redress reduced Pernod Ricard's annual Oracle support and maintenance fees. Every unnecessary Oracle licence carries a 22% annual support fee — so eliminating surplus licences produces recurring savings year after year. The support cost reduction alone delivers ongoing annual savings that compound over the remaining term of Pernod Ricard's Oracle agreements. Across the engagement, Redress identified approximately $1.2 million in Oracle licence entitlements that were no longer in active use — representing over $260,000 per year in unnecessary support fees that Pernod Ricard can now eliminate or redirect to licences it actually needs.
🔒 Centralised Licence Governance
For the first time, Pernod Ricard has a consolidated Oracle Effective Licence Position (ELP) covering all subsidiaries, contracts, and deployment environments. This single source of truth enables the IT leadership team to make informed decisions about Oracle deployments, cloud migrations, and renewal negotiations — rather than operating in the dark. The ELP is maintained as a living document, updated as the Oracle estate evolves, and serves as the foundation for all future Oracle commercial interactions. The consolidation exercise also uncovered several duplicate licence entitlements that had been purchased independently by different subsidiaries — providing additional evidence that Pernod Ricard's actual compliance gap was far smaller than Oracle's initial calculations suggested.
❌ Before Redress
- $4M Oracle compliance demand across 3 areas
- Active Oracle audit with zero penalties leverage
- Java SE Employee Metric pricing ($1.8M/yr)
- Cloud BYOL gaps from uncontrolled migrations
- VMware cluster-wide licensing exposure
- Fragmented entitlement records across 20+ years
✅ After Redress
- ~$200K total remediation cost (95% reduction)
- Audit closed with zero penalties
- Java reduced to ~$120K/yr (93% savings)
- Cloud VMs right-sized with governance tags
- Oracle isolated on dedicated VMware hosts
- Consolidated ELP across all subsidiaries
Lessons Learned & Best Practices
📌 Java SE Employee Metric Is Negotiable — Not Mandatory
Oracle presents the Employee Metric as the default (and often the only) Java SE pricing model. In practice, it is a commercial offer that can be negotiated. Enterprises that can demonstrate a manageable number of actual Java installations — particularly after migrating non-essential deployments to OpenJDK — can often negotiate per-installation or per-server pricing that costs a fraction of the Employee Metric. The key is having a detailed Java inventory that quantifies actual need, not just headcount. Without this evidence, Oracle will default to the Employee Metric because it maximises their revenue.
📌 Cloud BYOL Governance Must Be Established Before Migration
Pernod Ricard's cloud compliance gaps were entirely preventable. Every Oracle workload migrated to AWS or Azure should be reviewed against Oracle's BYOL rules before the migration occurs — not after Oracle's auditors discover non-compliant configurations. Cloud licensing governance should include mandatory Oracle licence impact assessments for any new cloud instance provisioning, automated tagging of Oracle-licensed resources, and alerts for instance resizing events. The cost of implementing this governance is negligible compared to the millions in compliance exposure it prevents.
📌 VMware Isolation Is the Most Effective Defence Against Cluster-Wide Licensing
Oracle's VMware policy — claiming licences for all physical cores in a shared cluster — is aggressive but can be neutralised through simple architectural decisions. Moving Oracle workloads to dedicated VMware hosts (or dedicated physical servers) eliminates the cluster-wide argument entirely. This isolation is straightforward to implement, has no performance impact, and provides a permanent, auditable defence against one of Oracle's most common compliance claims. Every enterprise running Oracle on VMware should evaluate this approach proactively.
📌 Decentralised IT Creates Centralised Compliance Risk
Pernod Ricard's decentralised operating model — where Brand Companies and Market Companies maintained IT autonomy — directly contributed to the compliance gaps Oracle exploited. Individual teams provisioned cloud instances, installed Java, and enabled database options without considering Oracle licensing implications. The lesson is clear: Oracle licensing governance must be centralised, even when IT operations are decentralised. A central licensing function that reviews Oracle-impacting decisions (new deployments, cloud migrations, version upgrades, option activations) is essential for global enterprises.
📌 An ELP Built Before Oracle Comes Knocking Changes Everything
Pernod Ricard's fragmented entitlement records made it impossible to respond quickly to Oracle's compliance claims. Building a consolidated Effective Licence Position proactively — before an audit or compliance review — gives the enterprise complete visibility into its Oracle licence position and eliminates the information asymmetry that Oracle relies on. An ELP built under time pressure during an active audit is inherently less thorough than one built proactively. The investment in a pre-emptive ELP consistently delivers the highest ROI of any Oracle licence management activity.
"The combination of Java SE, cloud migration, and VMware is Oracle's current 'triple threat' — three separate compliance vectors that compound each other. Every enterprise running Oracle should assume that Oracle is tracking all three and preparing a compliance approach that addresses them simultaneously. Pernod Ricard's engagement demonstrates that each of these exposures is manageable — but only with the right expertise and the right data." — Fredrik Filipsson, Co-Founder, Redress Compliance
Similar Engagements
Case Study — EnergyADNOC (UAE) — $6M Saved Through Oracle Licensing Assessment
Situation: The UAE's largest energy company faced $6M in Oracle compliance claims across Database, EBS, WebLogic, and Java SE on VMware infrastructure.
Actions: Full estate assessment, EBS user remediation, VMware partitioning defence, and Java migration to OpenJDK.
Result: $6M in exposure eliminated — zero new licences purchased. Read the full
ADNOC case study.
Case Study — RetailSIXT (Germany) — $4M Saved Through Oracle Licensing Assessment
Situation: A German car rental and mobility provider faced Oracle compliance claims across Database licensing and virtualisation during an active audit.
Actions: Redress performed comprehensive licence position analysis, challenged virtualisation claims, and negotiated an optimised resolution.
Result: $4M in cost avoidance through independent assessment. Read the full
SIXT case study.
Case Study — TelecomsCircles Telco (Singapore) — $4M Saved Through Oracle Licensing Assessment
Situation: A Singapore telecoms operator faced Oracle compliance pressure across Database and Java licensing.
Actions: Full discovery, virtualisation analysis, Java migration strategy, and evidence-based counter-documentation.
Client Perspective
"Redress Compliance turned our Oracle audit nightmare into a success story. They identified hidden licensing risks, guided us through remediation, and shielded us from Oracle's aggressive tactics. We avoided overpaying, saved $4 million, and achieved full compliance — giving us peace of mind about our Oracle usage."
— CIO, Pernod Ricard