Customer Relationship Management (CRM) has become one of the most expensive IT investments for organizations around the world according to the annual “IT Trends Study” conducted by the Society of Information Management. ​

This IT investment growth is being fueled by two primary industry drivers:

1. Large organizations are both replacing homegrown systems as well as utilizing their CRM platform to further connect their internal and external stakeholders, processes, and communication strategies; and,
2. Small to medium-sized organizations are rapidly acquiring this technology to make a positive step-change in their customer interactions and client prospecting.

​While there are many Software-as-a-Service (SaaS) CRM platforms to choose from in the marketplace today, Salesforce continues to dominate the space. Subsequently, if you are looking at CRM solutions in the marketplace, you’re likely considering Salesforce as an option.

Why is Salesforce (SFDC) the market leader and what makes it different than the others?

‍While this article is not intended to be a tactical comparison of CRM solutions available today, our vast experience and focus on Salesforce naturally has revealed a few key points:

• SFDC has been, and continues to be, very strong in outbound and inbound marketing tactics;
• SFDC arguably was the first mover in defining a SaaS CRM solution that is decoupled from any other large enterprise agreement (ex: Microsoft, Oracle, etc.) making it easier to obtain;
• SFDC developed a buying channel that is direct to a business end-user vs. going through a channel partner/value added reseller (VAR);
• SFDC was founded with the intent of truly being a platform where vertical applications could easily connect and integrate (like the Apple App Store); and,
• SFDC has perfected the sales process inside of organizations in a way that their divide and conquer sales tactics commonly identifies continues growth opportunities across the organization.

Why is negotiating a Salesforce agreement so difficult?

‍The funny thing is that the entire go-to-market model of SFDC makes it very easy to acquire licenses as needed. This is in fact one of the many elements that make negotiating with SFDC difficult. In other words, very often our clients come to us after they have identified SFDC has spread throughout their organization without their knowledge and/or with very little governance. Our clients often describe this situation similar to an “internal virus” (their words, not ours) that spreads organically at a very fast pace. The result of this unmanaged growth can lead to the following (by no means comprehensive):

• Little to no license asset management leading to “shelfware” (acquisition of more licenses than are being used);
• Incorrect license purchase creating higher costs than needed;
• Different monthly subscription fees for the same license type;
• Lack of an enterprise agreement leading to contractual risk (etc.);
• No defined growth or utilization strategy; and;
• A platform that is very difficult to disengage which drastically increases the internal cost of
• change.

CIOs and IT Procurement leaders often find it difficult to negotiate a more favorable agreement when renewing their SFDC agreement.

‍We find the following to be the primary drivers:

• Like other very well-known and established software companies, SFDC has developed a sales process that is very difficult to crack if you don’t deal with them every day (like we do); Find out more about this here.
• The standard SFDC SaaS contract allows for SFDC to introduce price adjustments at any time;
• If a client is reducing their license count, SFDC’s standard contracts permit higher per unit pricing;
• SFDC sales leadership and staff are highly motivated to continuously drive revenue growth at existing clients;
  • To be explicitly clear about this, if a client’s contract is renewed with flat revenue, this is a very negative reflection on your account management team;
• SFDC licenses are constantly changing; and,
• SFDC account management changes (by design) every 6 – 18 months which naturally negates knowledge continuity, etc.

Here are a few quick steps to prepare for your Salesforce negotiation:​

1. Assemble a best-in-class negotiation team  

Including an expert negotiator in your team can help you acquire the most ​reasonable Salesforce subscription agreement. As discussed in previous articles, Salesforce is an expert at “divide and conquer” sales tactics.

As such, they will be looking to speak with different stakeholders at all levels of your business with the intent of gaining as much intelligence about your needs as possible. To properly prepare for, and counter, these tactics we recommend establishing a negotiation team 6 months prior to any planned contract renewal/execution. Within this team you should include business, souring, and legal stakeholders that have decision-making authority on behalf of your organization.

As part of the planning process, the negotiation team should create a working group of business stakeholders that can provide inputs into the needs and wants of the organization.    

2. Perform a thorough review of the current contract prior to renewal  

Part of our standard client onboarding process is a meticulous review of their current contract. While this may seem like common sense, it’s amazing how many prospective clients we speak with that never think of conducting this initial due diligence. Since our entire team originated from large organizations, we actually understand why this happens…initiative overload!

Before we accept a new client, we ask them whether or not they have reviewed their current contract to determine if they actually received the products/services that were under contract within the current term. On average, only about 35% actually completed this step prior to engaging our firm. After we conduct the analysis, we on average find that 60% of our clients do not actually receive/activate the products/services that they pre-paid for as part of their original contract negotiation.  

Subsequently, we suggest you review all special contract terms that are part of your expiring agreement that may impact your contract renewal (i.e. price protection, etc.).  

3. Prepare for a Proactive Negotiation  

A proactive negotiation can enhance your leverage with Salesforce. As stated earlier, we recommend a 6-month runway to ensure the most leverage. If you are a renewing customer, Salesforce will generally start engaging your business stakeholders 3-4 months prior to your natural renewal date. Getting ahead of this stakeholder engagement will only help your organization. To ensure organization, we suggest developing a communication plan that directly advises each level of the organization what to expect, what to say, and when to say it.  

4. Negotiate a 3-year TCO  

Our clients commonly come to us asking about what price they should be paying for a specific product or service. Through years of experience, we advise clients to focus on the Total Cost of Ownership (TCO) for the entire contract instead of becoming fixated on a specific line item on the proposal. Like many other major software companies, Salesforce incentivizes its sales reps differently depending on the product or service. Instead of becoming fixated on a specific price point for a Sales Cloud license we suggest focusing on the net contract value. In other words, identify a TCO that you are comfortable with from a price-to-value standpoint and focus on driving the most value for your needs within that spectrum.  

We commonly obtain a 10 – 15% value increase by negotiating a net TCO vs. that of a line item rate basis. This, of course, is easier said than done but we wanted to share this facts-based article for you to consider as you embark on your Salesforce negotiation.  

Getting an audit notification from your software provider can be nerve-wracking, but after reading this you’ll realize this is less likely due to something you’ve done wrong and more likely a tactic to throw you off-course.

​If you’ve never been through an audit before, you don’t know what to expect, what to do, or how to make sure it’s over as quickly as possible with minimal expense to your organization.

​​In this article, we’re going to make all this crystal clear by outlining the audit processes of large enterprise software providers like Oracle, Salesforce, SAP, and Microsoft.  There are a few key things you need to take into account that apply to all of these providers: ●     Use your contract as your best weapon to defeat audits. Take action if there is any sort of grey space in terms of what is allowed by the supplier.

• Use your contract as your best weapon to defeat audits. Take action if there is any sort of grey space in terms of what is allowed by the supplier.
• You’ll do best if you bring in outside assistance. An expert who has experience guiding businesses through software audits will be a huge help throughout the process.
• You need to control all the information that is shared with the supplier in your own format and spreadsheets.
• The more you are proactively sharing information with suppliers, the less basis they have to bring up an audit.
• Audits are brought forth to customers for many commercial reasons. The more proactive you (the customer) are with sharing information, addressing audit risks in meetings, and creating a paper trail, the less likely your supplier is to audit you.

What is a Software Audit and How Did Your Company Get Selected for One?

A software audit is both a technical and contractual review of your organization’s use of a specific software platform within your IT environment. Most large enterprise software companies like Oracle and SAP have separate departments that focus purely on license compliance audits. These teams look and feel like a shared service organization inside of a large software company. They work with a customer’s account management team to take an aligned, yet separate and distinct, position on behalf of their software company. We will discuss the similarities and differences between these different teams later in the article.

One common similarity across all of these suppliers is that the audits will compare your usage and processes to any specifications, standards, or contractual agreements in place.

Why your company? Why did you get singled out for an audit?

​There are three primary operational/contractual triggers for a software audit:

1. If there is any sort of consumption-based pricing in your contract;
2. If you have any sort of restricted-use license in which you are only allowed to use a license for certain functionality; or,
3. If you have recently acquired or divested a company.

While not mutually exclusive, you’ll also find the timing of these audits is very suspect and robotic in nature. The two primary timing triggers are:

1. Anytime a large software company needs to identify “unearned revenue” to meet quarterly revenue targets; and,
2. A pending contract renewal.

These large enterprise software companies know that it’s very common for their customers to be out of compliance due to the sheer size and scope of their operations. This is augmented by the fact they know anytime there is employee turnover within a customer’s IT organization (especially their “software asset management” department) the company is susceptible to additional compliance risk as a result of lost tribal knowledge of the environment, past internal audits, etc.

Taking all of this into consideration makes it relatively easy to understand why a company like Oracle can confidently predict net new revenue from their existing client base.

In addition to market pressure for additional revenue, a customer’s upcoming contract renewal also serves as an all too common trigger. The general rule of thumb we tell clients is anytime you have a contract renewal coming up nine to twelve months, your supplier is likely to introduce an audit. Your supplier will use this as an opportunity to distract you and gain the upper hand in an anticipated contract negotiation that hasn’t even started.

Suppliers do this because it automatically puts you in a defensive position. Naturally, you will be forced to concentrate on defeating the audit instead of allocating that same time to figuring out what you need for the upcoming contract renewal. They want to gain as much leverage and understanding of your business as possible before going into a renewal negotiation.

The audit is merely a tactic large software providers use to 1) seek out unearned revenue for their company to meet revenue targets and 2) gain the upper hand in your contract renewal negotiations in the hopes of minimizing any revenue loss from your account.

The fact of the matter is that it’s very common for customers to be unintentionally out of compliance. Knowing this, it’s important you know what to do in order to defend your company from what is potentially a very costly situation.  

Here’s an example to help illustrate this tactic

​By way of an audit, an ERP provider could discover you are misusing the license, giving the supplier reason to charge you a larger fee. Often, sales revenue targets for these audits are about 30% of your annual maintenance/subscription costs.

Let’s say you are spending $1M on core licenses, the audit will likely lead to around $300k in costs on top of that. If you can defeat the audit and keep your core license costs at $1M, then you will be happy and reward yourself for fending off the extra charges. In reality, the supplier didn’t expect the $300k in the first place, the audit was just a way to distract you from putting time and effort into your upcoming renewal negotiation.

It’s a win-win situation for them - if they win the audit, they put the money towards their sales revenue to meet their quota; if they don't, they’ve distracted you from being prepared to save money on your upcoming contract negotiation.

As a sales rep, finding new business is much harder than auditing an existing customer. Suppliers will target big companies because they don’t have perfect internal controls and mistakes are likely to happen.

What to Do When You Get an Audit from Oracle

​​When Oracle conducts an audit, they engage their License Management Services (LMS) team to run the process.

The audit process often involves installing software code within your secure environment. It is a listener software that will hit your mainframe servers and figure out how many other systems are connected.

This is important because, historically for this on-premise software, you are licensed based on the interconnectedness of both physical and virtual server environments. Your supplier wants to know how much “value” you are getting from their platform so the software they install provides a report of how many systems are interconnected. In a nutshell, the software delivers a report that illustrates when your technical architecture is in non-compliance. This automatically gives Oracle the upper-hand as it forces the customer to validate the information.

The best tactic to defeat this process is to never allow the software in your environment to begin with.

You have the right to refuse listening software within your Oracle contract.

Unless your contract explicitly calls out installing software, tell Oracle that installing software does not comply with your IT security protocols.

Look to determine if you have audit language specified in your contract. The older the contract you have with Oracle, the more likely you have the right to refuse the audit, or to at least not allow the listener software to be installed within your environment.

If this is the case, tell Oracle that instead of installing the software, you will run the audit yourself using their tools and spreadsheets with no software included. This means you are in control of what information is being shared with Oracle. Controlling the information is incredibly important in any audit, especially when suppliers are involved.

​What to do when Salesforce Conducts an Audit

​Salesforce audits customers when there is a restricted-use license available. When this happens you need to think critically about negotiating with Salesforce.

Salesforce is Software as a Service (SaaS) in the cloud which means they have more ability to freely monitor your utilization of licenses within your environment and can freely audit for misuse.

When you have a Restricted Use License (RUL), you have permission to use the product for a specific business purpose leveraging a certain number of standard and custom objects. Standard objects are modules within the Salesforce platform, such as contacts, accounts, or prospects. A custom object is something that was built by a Salesforce developer specifically for your company.

The license limitations in an RUL are a contractual limitation, not a technical one. A contractual limitation means there is legal language on your Order Form specifying how the license may use a predetermined number of standard/custom objects even though there is a set quantity limitation, technically there is no way to shut off access to other custom objects for that user.

This license is often in place for a subset of users who only need limited access to your tool. For example, an employee who is only viewing the data and not editing it. If this group starts editing objects, it becomes in and of itself a compliance issue.

Salesforce makes it easy for the end-user to accidentally do this without realizing they are in breach of the license. They will use this opportunity to accuse you of using the license incorrectly and request that your organization upgrade these licenses to full users and will seek compensation since the inception of the misuse. Contractually, Salesforce has the right to charge you full retail price for those non-compliant users.

Another time when Salesforce audits come into play is when a client is on a SELA Agreement (Salesforce Enterprise License Agreement).

How do you get around Salesforce RUL audit problems?

The best thing you can do is to establish quarterly check-ins with your account team at Salesforce. Use these meetings to stay on the same page with your account team and create a paper trail that shows how your users are engaging with the platform.

If you are accused of breaching restricted use, but have established quarterly check-ins with a paper trail, you can respond to Salesforce by saying “We met with your team and they didn’t bring anything up during our meeting so why should we believe you now?” Without quarterly check-ins and a paper trail, you get into a he-said-she-said argument.

Often times, the employee in breach of license may have accessed the wrong objects once or twice throughout the life of an account. Salesforce will create an argument that the license has been systematically misused for a long period of time.

We treat this event like a litigation. If you don’t have a paper trail of record, then you have no legal foundation for a defense. When comparing the perspective outcome of the party that has records and the other that does not, the person with records almost always wins in court.

Keep careful documentation about your interactions with Salesforce, and have open conversations about audit and license use risk. This will build a strong foundation and reduce the risk of an audit.

​How to Handle an Audit from SAP

An audit by SAP is very similar to an audit by Oracle in that, historically, their licensing model is primarily “consumption-based.” This means your price is based on your company’s revenue, profit, services used, how many suppliers you have, or any number of a series of variables.

This model falls under the concept of Value-Based Pricing and is a subjective assessment of value captured from the utilization of the software.

SAP will use many of the same tactics as Oracle which we’ve outlined above. One thing to specifically note about SAP is that they very frequently introduce audits during merger & acquisition (M&A) announcements. When supporting clients with M&A IT Sourcing, we commonly tell our clients to “get ready for the ‘ransom letter.’” These aren’t our words but rather those of our clients who received notifications from suppliers such as SAP immediately after announcing a large acquisition to the market.

Want to know if you’re susceptible to these ‘ransom letters?’ Take a look at your contract and keep an eye out for any language within your contract that indicates they will “readdress the terms of the contract if you the customer acquires or divests entities during the term of the contract.” If you have this language within your contract you will more than likely receive a similar notification within 1 month of publicly notifying your M&A intent.

In order to defeat an SAP audit, take the same approach we would take with Oracle and then protect yourself moving forward by changing your pricing model to a fixed baseline model that is attached to the reasonably certain variables in your company such as the number of employees.

​What to Do When Microsoft Audits You

​Microsoft’s audits vary depending on the products and services within your contract. Similar to Salesforce, Microsoft will commonly focus on those licenses that have restricted use. A very common audit for those clients with perpetual Microsoft Office licenses is the 1-to-1 validation of windows desktop licenses to computers within a customer’s environment. Similarly, for those clients with an active Office 365 subscription, Microsoft will look closely at the utilization of subscriptions that are inherently limited in their intended use. This is augmented by a deep analysis of computers and users in your ecosystem to ensure the capabilities being used are properly licensed.

If you are paying for any physical or virtualized servers from Microsoft within an SCE agreement,  you will commonly be audited to ensure your consumption metrics are within your contracted allocation.

Frequently with Microsoft, you are leasing the utilization of servers either on-premise or in the cloud. Generally speaking, if you have a physical piece of hardware from Microsoft on-premise, they will almost certainly conduct an audit at renewal time to monitor utilization as part of their “optimization analysis.” In a nutshell, they will try to move you from an on-premise environment to the cloud.

Conceptually this is fine but they will use that audit as leverage to do a lift and shift into Microsoft Azure.

Microsoft Azure is a very attractive product for the sales team because they are heavily incentivized to get your company into the cloud. The market is looking at how Microsoft’s cloud growth is going year after year and as a result, the company wants to increase its usage.

Essentially, Microsoft will audit to try and sell you on Azure. This isn’t necessarily a bad move to make but knowing key motivators will keep you ahead of the game and alleviate any potentially detrimental surprises.

What Happens Next?

​​If you’ve been audited by any of your enterprise software providers, we recommend bringing in outside help to guide you through the process. Leveraging their experience and expertise will go a long way to mitigate both short and long term risk that can easily rise into the millions.

Don’t solely believe what your account executive is telling you, oftentimes they don’t have all the information needed and they are heavily incentivized by their employers.

Your outside expert will be able to comb through your contracts, identify risks/opportunities, and drive both cost savings and containment.  With the proper assistance, you’ll be able to confidently stand your ground and mitigate risks before they are realized.