Unlicensed Software Audit Demand Letters

Published: December 4, 2025 β€’ Demand Letters
Unlicensed Software Audit Demand Letters | BSA, SIIA & Vendor Audits
Unlicensed Software Audit Demand Letters

BSA, SIIA & Vendor Software Compliance Audits

Software Audit Overview
πŸ“‹ How It Starts: Software audits typically triggered by former employee tip, reseller report, or BSA/SIIA investigation. Demand letter arrives requesting voluntary audit or threatening copyright infringement lawsuit.
Types of Software Audits
Audit Type Who Conducts Typical Trigger
BSA (Business Software Alliance) Trade group representing Microsoft, Adobe, Autodesk, etc. Whistleblower reports; targets mid-large companies
SIIA (Software & Information Industry Association) Trade group for software/content publishers Similar to BSA; broader software vendors
Direct vendor audit Software publisher (Microsoft, Oracle, SAP, etc.) Contract audit rights; compliance verification
Reseller audit Authorized reseller reporting suspected piracy Competitive intelligence; lost sales
Legal Basis for Audits
  • Copyright infringement: Installing software beyond licensed copies = reproduction/distribution under 17 U.S.C. Β§106
  • Contract breach: License agreements specify number of seats/users; excess = breach
  • Audit rights: Many enterprise licenses include contractual audit provisions
  • Statutory damages: Up to $150,000 per work for willful infringement (each software title = separate work)
Typical Settlement Structure

BSA/SIIA settlements usually include:

  • Retroactive licenses: Pay for all unlicensed copies discovered Γ— MSRP Γ— multiplier (1.5–3Γ—)
  • True-up payment: Bring company into compliance by purchasing needed licenses
  • Compliance commitment: Implement software asset management (SAM) program
  • Future audit rights: Agree to periodic audits
  • No admission of wrongdoing: Settlement framed as “voluntary compliance”
⚠️ Cost Reality: Settlements range from $50k for small companies to millions for large enterprises. Fighting is expensive (federal copyright litigation), so most companies settle.
Responding to Audit Demands
Initial Response Strategy
🚨 Don’t Ignore: Ignoring BSA/SIIA or vendor audit letters leads to copyright infringement lawsuit with statutory damages exposure. Engagement is necessary, but on your terms.
  • Acknowledge but don’t admit: Respond that you received letter and are reviewing
  • Don’t provide immediate access: You have no legal obligation to allow audit without court order (unless contract requires it)
  • Assess internal compliance: Conduct your own audit before letting them in
  • Engage counsel: Software audit lawyers can negotiate scope and protect your interests
  • Preserve evidence: Litigation hold on all software inventory records
Self-Audit Checklist

Before responding, determine your exposure:

  • Inventory all software: What’s installed on workstations and servers?
  • Gather purchase records: Licenses, invoices, proof of purchase for all software
  • Count installations: How many copies installed vs. licenses owned?
  • Check license types: Per-device, per-user, concurrent user, enterprise?
  • Review contracts: Do you have audit obligations in license agreements?
  • Calculate gap: Unlicensed copies Γ— MSRP Γ— typical multiplier = potential settlement
Negotiating Audit Scope

If agreeing to audit:

  • Limit scope: Only software from vendors represented by auditor (not all software)
  • Specify methodology: What tools will be used? Manual vs. automated?
  • NDA requirements: Protect confidential business information
  • Dispute resolution: Process for challenging audit findings
  • Timeline: Reasonable time to prepare and conduct audit
  • Cost allocation: Who pays for audit? (Usually auditor if initiated by them)
Common Audit Findings
Issue Explanation Defense
Over-deployment More installations than licenses Prove unused installations, virtual machines counted twice, license transfers
Indirect access / multiplexing Users accessing via terminal server/Citrix using fewer licenses than users Challenge vendor interpretation; cite license terms allowing indirect access
Reassignment without proper tracking Licenses reassigned from departed employees but not documented Prove licenses were reassigned, not additive
Downgrade rights not recognized Using older version under downgrade rights but auditor claims separate license needed Cite license agreement allowing downgrades
Bundled software claimed separately Software included with hardware/OS counted as separate license needed Prove OEM/bundled license included
Settlement Negotiation

Leverage points:

  • Challenge counts: Dispute methodology and inflated numbers
  • Reduce multiplier: Argue from 3Γ— down to 1.5Γ— or 1Γ— (especially if inadvertent)
  • Use true-up purchases: “We’ll buy licenses going forward at MSRP, reduce retroactive penalty”
  • Ability to pay: Financial hardship can reduce settlement (but requires documentation)
  • Litigation cost comparison: Remind them litigation is expensive for both sides
Software Vendor Demand Letters
Vendor-Side: Initiating Audit

If you’re a software publisher pursuing unlicensed use:

Pre-Audit Intelligence Gathering
  • Tip verification: Investigate whistleblower claims (ex-employee, reseller)
  • Purchase history: Compare customer’s purchase records to typical deployment patterns
  • Technical evidence: License server logs, activation records, support tickets indicating more users than licenses
  • Public information: Company size (employees on LinkedIn), locations, job postings mentioning your software
Demand Letter Strategy
  • Professional tone: Frame as compliance verification, not accusation
  • Contractual audit rights: Cite license agreement audit provision (if exists)
  • Voluntary cooperation: Emphasize benefits of self-audit vs. litigation
  • Settlement incentive: Offer reduced multiplier for voluntary compliance
  • Deadline: 30 days to respond; longer than typical IP demands given complexity
BSA/SIIA Engagement

Software publishers can engage BSA or SIIA to pursue audits:

  • Advantages: Industry credibility; shared audit costs; intimidation factor
  • Process: BSA/SIIA sends initial demand; conducts audit; negotiates settlement; vendor receives share
  • Settlement split: Vendor typically receives retroactive license fees; BSA/SIIA may take percentage
Escalation Path
Stage Action Timeline
1. Initial demand Letter requesting voluntary audit or purchase records 30-day response deadline
2. Follow-up More detailed evidence of infringement; settlement proposal Additional 30 days
3. Final demand Formal settlement offer with deadline; threat of litigation 14-30 days
4. Litigation File federal copyright infringement lawsuit After all settlement efforts exhausted
Sample Demand Letters
Sample 1: Software Vendor Initial Audit Request
[Software Company Name] [Address] [Phone / Email] [Date] [Target Company Name] [Address] Attn: Chief Technology Officer / IT Director Re: Software License Compliance Review – [Your Software Product] Dear [Company]: We are writing regarding your use of [Software Product Name], for which [Your Company] holds exclusive copyright and licensing rights. Our records indicate that your company has purchased [number] licenses of [Software Product] over the past [timeframe]. However, we have reason to believe that your actual deployment exceeds your licensed quantity. LICENSE COMPLIANCE VERIFICATION: Section [X] of our Software License Agreement grants us the right to verify compliance with license terms through periodic audits. We are now exercising this right. We request that you: 1. Conduct a self-audit of all installations of [Software Product] within your organization; 2. Provide a detailed report of: β€’ Total number of installations (workstations, servers, virtual machines) β€’ Number of active users β€’ License keys in use β€’ Purchase records and proof of license ownership 3. Submit this information within 30 days. ALTERNATIVE: VOLUNTARY AUDIT Alternatively, we can arrange for an independent third-party auditor to conduct a software asset management audit at our expense. This would involve: β€’ Installation of audit software or manual review (with your approval) β€’ Confidentiality agreement protecting your proprietary information β€’ Jointly agreed-upon audit methodology β€’ Dispute resolution process for any findings SETTLEMENT INCENTIVE: If the audit reveals unlicensed installations, we are prepared to work with you to bring your organization into compliance through: β€’ Purchase of additional licenses at current pricing β€’ Reasonable payment plan for retroactive license fees (reduced multiplier for voluntary cooperation) β€’ Implementation of software asset management best practices This approach is significantly more cost-effective than copyright infringement litigation, which would involve: β€’ Statutory damages of up to $150,000 per software title (17 U.S.C. Β§504(c)) β€’ Your legal defense costs ($100,000+) β€’ Injunctive relief β€’ Potential criminal penalties for willful infringement for commercial advantage NEXT STEPS: Please respond within 30 days indicating your willingness to cooperate. We prefer to resolve this matter amicably and help you achieve compliance. Contact [Name] at [Email/Phone] to discuss audit scheduling or self-audit procedures. Sincerely, [Your Name] [Title] [Software Company]
Sample 2: BSA Audit Demand
BSA | The Software Alliance [Address] [Date] [Company Name] [Address] Attn: Chief Executive Officer CONFIDENTIAL Re: Software Licensing Compliance Matter Dear [CEO Name]: The Business Software Alliance (BSA) represents the world’s leading software companies, including [list: Microsoft, Adobe, Autodesk, etc.]. We have received information suggesting that your company may be using unlicensed software from one or more BSA members. INFORMATION RECEIVED: We have obtained credible information indicating that [Company Name] has installed and is using commercial software products without proper licensing, including: β€’ [Software Product 1] – estimated [X] unlicensed installations β€’ [Software Product 2] – estimated [Y] unlicensed installations β€’ [Additional products] USE OF UNLICENSED SOFTWARE: Using software without proper licenses violates federal copyright law (17 U.S.C. Β§101 et seq.) and exposes your company to substantial liability, including: β€’ Statutory damages: $750 to $150,000 per infringed work β€’ Actual damages and infringer’s profits β€’ Injunctive relief β€’ Attorney’s fees and costs β€’ Potential criminal penalties VOLUNTARY COMPLIANCE PROGRAM: BSA offers a Voluntary Compliance Program that allows companies to self-report unlicensed software use and avoid litigation. Benefits include: β€’ Significantly reduced settlement amounts compared to litigated cases β€’ Confidential resolution β€’ Assistance implementing software asset management policies β€’ No public disclosure of non-compliance NEXT STEPS: We request that you respond within 30 days to: 1. Acknowledge receipt of this letter 2. Conduct an internal software audit 3. Work with us to resolve any unlicensed use If we do not receive a response, BSA members reserve all rights to pursue legal action, including filing federal copyright infringement lawsuits seeking maximum statutory damages. We strongly encourage voluntary cooperation. Please contact me directly at [Phone] or [Email] to discuss resolution. This matter is time-sensitive. We look forward to your prompt response. Sincerely, [BSA Representative Name] [Title] BSA | The Software Alliance
Sample 3: Company Response to Audit Request
[Your Company Name] [Address] [Date] [Software Vendor / BSA] [Address] Re: Response to Software Audit Request dated [Date] Dear [Vendor/BSA]: We acknowledge receipt of your letter dated [Date] regarding software license compliance. We take software licensing compliance seriously and maintain policies to ensure we operate within our license entitlements. However, we have several concerns about the audit request: 1. CONTRACTUAL AUDIT RIGHTS: We have reviewed our license agreements with [Vendor]. [If no audit right: Our agreements do not contain audit provisions, and we are under no legal obligation to permit inspection without court order.] [If audit right exists: Section [X] provides audit rights, but subject to [limitations: reasonable notice, defined scope, NDA, etc.].] 2. SCOPE OF REQUEST: Your request appears overly broad. We are willing to cooperate in a reasonable compliance review limited to: β€’ Software products for which you have identified specific concerns β€’ Methodology we mutually agree upon β€’ Protection of our confidential business information under NDA β€’ Dispute resolution process if we disagree with findings 3. PRELIMINARY REVIEW: We have conducted a preliminary internal review and believe we are substantially in compliance with our license obligations. [If minor issues: We have identified [X] potential discrepancies totaling [number] licenses, which we are prepared to address through purchase of additional licenses at standard pricing.] 4. PROPOSED RESOLUTION: We propose the following: β€’ We will conduct a comprehensive self-audit within [60] days β€’ We will provide summary findings (specific to software products you identified) β€’ For any shortfalls, we will purchase true-up licenses at current MSRP β€’ [If appropriate: We request waiver of retroactive penalties given our good-faith compliance efforts and willingness to resolve promptly] Please advise if this proposal is acceptable. We prefer to resolve this matter cooperatively without need for formal audit or litigation. Sincerely, [Your Name] [Title]
Defense Strategies
Challenging Audit Findings
  • Methodology disputes: Challenge automated tools that double-count, miss license transfers, or ignore license types
  • License interpretation: Argue your interpretation of ambiguous license terms (per-device vs. per-user, etc.)
  • Proof of purchase: Locate old purchase records, invoices from acquisitions, OEM licenses
  • Multiplexing defense: Terminal server/VDI use may be licensed (depends on license terms)
  • Downgrade rights: Using older versions under downgrade provisions doesn’t require separate licenses
Reducing Settlement Amounts
Strategy Approach
Challenge inflated counts Dispute number of unlicensed copies; demand detailed methodology; conduct own audit
Reduce multiplier Argue inadvertent non-compliance; cooperated fully; no commercial piracy intent β†’ 1–1.5Γ— instead of 3Γ—
True-up offset Purchase going-forward licenses at MSRP; offset against retroactive penalty
Financial hardship Provide financials showing settlement would cause undue hardship; request payment plan
Laches defense If vendor waited years to audit, argue unreasonable delay
When to Litigate vs. Settle

Settle if:

  • Audit findings are largely accurate
  • Settlement is reasonable (1–2Γ— MSRP for retroactive, purchase going-forward licenses)
  • You want to maintain vendor relationship
  • Litigation costs exceed settlement amount

Consider litigation if:

  • Audit methodology is fundamentally flawed
  • Vendor claims are pretextual or abusive
  • Settlement demand is grossly excessive (5–10Γ— MSRP)
  • You have strong defenses (license interpretation, proof of purchase vendor can’t refute)
  • No contractual audit right exists and you want to force vendor to prove case
⚠️ Litigation Reality: Federal copyright cases are expensive ($200k–$500k through trial) and outcomes uncertain. Most rational businesses settle for 1.5–3Γ— retroactive licenses rather than roll dice on statutory damages.
Preventing Future Audits
  • Software asset management (SAM): Deploy tools to track installations vs. licenses
  • Centralized purchasing: All software purchases through single IT procurement process
  • Regular self-audits: Quarterly reviews of compliance (find issues before vendors do)
  • License optimization: Right-size licenses; terminate unused subscriptions; negotiate enterprise agreements
  • Employee training: Prohibit installing personal or unlicensed software on work devices
  • Audit trail: Maintain detailed records of all purchases, installations, decommissions
Attorney Services for Software Audits
Facing Software Audit?

I represent companies responding to BSA, SIIA, and vendor audits, negotiating settlements, and defending copyright infringement claims. I also advise software publishers on audit programs and enforcement.

For Companies Being Audited
  • Respond to BSA, SIIA, and vendor audit demands
  • Negotiate audit scope and methodology
  • Conduct privileged internal compliance assessments
  • Challenge audit findings and inflated counts
  • Negotiate settlement terms and payment structures
  • Defend copyright infringement litigation if settlement fails
  • Implement software asset management policies
For Software Vendors
  • Design and implement audit programs
  • Draft audit demand letters and settlement proposals
  • Engage BSA or SIIA for collective enforcement
  • Negotiate license compliance agreements
  • File and prosecute copyright infringement lawsuits
  • Draft license agreements with enforceable audit rights
Why Specialized Counsel Matters
High-Stakes Negotiations: Software audits involve complex technical issues (license types, deployment models, multiplexing) combined with copyright law and contract interpretation. Experienced counsel reduces settlement costs by 30–50% on average through effective negotiation and audit challenge.
Representative Matters
  • BSA audits (Microsoft, Adobe, Autodesk products)
  • Oracle license compliance reviews
  • SAP indirect access disputes
  • Vendor audit right enforcement
  • Software copyright infringement defense
  • Enterprise license agreement negotiation
Schedule a Call

Book a call to discuss your software audit matter. I’ll assess the audit demand, evaluate your exposure, and recommend strategy for negotiation or defense.

Contact Information

Email: owner@terms.law

Frequently Asked Questions
No. Without contractual audit rights, you have no legal obligation to permit audit or provide information without court order. However, refusing to cooperate often leads to copyright infringement lawsuit. Pragmatic approach: conduct self-audit, determine exposure, then decide whether to cooperate or force them to sue. If you’re substantially compliant, cooperation may resolve quickly. If you’re significantly non-compliant, litigation may be inevitable either way.
Formula: (Number of unlicensed copies) Γ— (MSRP per license) Γ— (Multiplier 1.5–3Γ—) + (True-up licenses for future compliance). Example: 50 unlicensed copies Γ— $500 MSRP Γ— 2Γ— multiplier = $50,000 retroactive + purchase of 50 licenses at $500 = $25,000 true-up = $75,000 total. Multiplier varies: 1–1.5Γ— for inadvertent/cooperative; 2–3Γ— for willful or uncooperative. Settlements range from $25k (small business) to millions (enterprise).
Yes. Everything is negotiable: number of unlicensed copies (challenge methodology), multiplier (argue good faith, cooperation), payment terms (installment plan), and true-up requirements. Vendors want settlement more than litigation (litigation is expensive and uncertain). Use this leverage. Also consider: purchasing future licenses offsets retroactive penalty; financial hardship documentation; correcting vendor’s inflated counts. Skilled negotiation typically reduces initial demands by 30–50%.
Escalation: (1) Follow-up demand letters with more detailed evidence; (2) Final settlement offer with litigation threat; (3) Federal copyright infringement lawsuit seeking statutory damages ($750–$150k per work), injunction, and attorney’s fees. Ignoring doesn’t make it go awayβ€”vendors/BSA have resources to pursue litigation. Better approach: engage early, assess exposure, negotiate from informed position. Early cooperation typically results in better settlement terms than waiting until they file suit.

More from Terms.Law