This is part 2 of a 3 part series on Oracle’s LMS Audit of the City of Denver.
In part one we looked in detail at the Oracle LMS audit of the City of Denver. In this Part 2 we will examine some of the specific tactics Oracle LMS used against Denver so you can be prepared should Oracle LMS use those tactics against you. In the final Part 3, we will examine what the City of Denver could have done differently, and avoid a multi-million dollar payment to Oracle.
… we have identified at least three tactics in the Denver audit that Oracle LMS/Sales will use in audits all the time.
If you haven’t read our first part in this series, you may want to take a look. Because Oracle audited Denver, a public sector entity, the communications of this audit were subject to Denver open records rules, and we were able to obtain much of the back and forth. Interesting that the written record gets pretty sparse once Oracle identifies a compliance problem. That being said, we have identified at least three tactics in the Denver audit that Oracle LMS/Sales will use in audits all the time.
Oracle LMS/Sales tactic 1: rush to meet
The first Oracle LMS strategy is to bypass the notification safety period in their customer’s contracts. Oracle has the right to audit their customers. There is a contractual provision that allows Oracle to perform that audit. In that provision, there is a notice period that says Oracle can audit upon 30/45/60 days’ notice to the customer. Different customers have different notice periods, so we can’t be 100% certain what Denver’s notice period was. We do know it was at least 30 days. Oracle LMS knows about this notice period. However, as you can see in the audit letter excerpt below, Oracle demanded a meeting with Denver within 3 days.
This is a classic Oracle LMS tactic. Rather than letting the customer fully prepare and get ready for the audit, Oracle wants to get in there right away and start the process. It would be very easy for Oracle LMS to simply state in their audit letter that they would like to start the audit after those 30 or 45 days. Why do you think they don’t do this? I’ll tell you why. A prepared customer is more difficult to audit and come out with a compliance finding. Oracle LMS is in there to produce revenue and make money for Oracle. That’s why the rush.
Oracle LMS/Sales tactic 2: legal threats
Oracle LMS is known for their aggressive audit tactics. I literally can’t print what some of our clients have said about that organization. After all, this is a PG rated blog.
In the case of Denver, the Oracle LMS analyst was quick to threaten the client with a legal escalation. In fact, Oracle LMS copied the Oracle lawyer on an email where he “demanded” Denver do what Oracle wanted done. As an aside, I wish Denver was my client and I was copied on that note. The audit would have taken a much different turn and the client would have been in such a great position.
What did Denver do that brought the hammer of legal into the situation? Well, Denver asked that the audit be done in writing, to preserve a record for public viewing, as is apparently the law in Denver. That request alone brought Oracle LMS to the legal threat. It’s a tactic we see Oracle LMS use consistently. And I have to say; it’s very effective when they are auditing a customer that does not know how to respond. In this case, Oracle’s threat worked; the face-to-face (not email) process was followed, and Oracle quickly extracted $4m out of Denver. $4m for a threatening email? Not bad.
Oracle LMS/Sales tactic 3: hit the customer with a huge compliance number
As I mentioned earlier, and in part 1 of this series, the record is bare when it comes to exactly what Oracle found that caused the compliance issue. We do know that Oracle stated it could be in the $10,000,000 range. That’s a huge number! What that number really does is let the Oracle LMS and sales teams put another large number on the table, in this case, over $3,000,000 in licenses and cloud fees, and claim that the customer is getting a deal. Look at how great we are being to you. We could charge you $10m, but we’re such great guys we are only going to charge you +$3m!! When you are able to put it in that context, then the audit target doesn’t feel as bad as if the audit found $3m of non-compliance and they paid $3m in non-compliance.
Again, we see this tactic all the time. Oracle LMS running up the score on a client and trying to put the biggest number on the board so they can hand it off to the Oracle sales team and they can close the biggest deal. And yes, once again, it is very effective. You just have to look at the city of Denver and see how quickly (within weeks) they went from a face-to-face audit meeting to agreeing with Oracle on a deal. It’s Oracle’s version of “shock and awe”, only this time it’s inflicted on the customer by the Oracle LMS audit team and sales team working together.
What could Denver have done differently?
We will discuss this in our final part 3 of this series. The short answer is – A LOT! The longer answer may surprise you. Denver had a lot more control of this audit then they were aware of.