VCF renewals ▲ 31.4% YoY· Symantec EDR true-ups ▲ 18%· Carbon Black avg quote uplift +22%· Mainframe MIPS capacity squeezes ▲· Audit notices ▲ 47% QoQ· Our last 10 deals avg −41% on quote· VCF renewals ▲ 31.4% YoY· Symantec EDR true-ups ▲ 18%· Carbon Black avg quote uplift +22%· Mainframe MIPS capacity squeezes ▲· Audit notices ▲ 47% QoQ· Our last 10 deals avg −41% on quote
Wednesday · 27 May · MMXXVIIssue II
Independent · Buyer-SideLive
Broadcom Negotiations
VMware · Symantec · CA · Carbon Black · Mainframe · Brocade The buyer's report on Broadcom contract economics. Not affiliated with Broadcom Inc.
Strategy & Negotiation

Why the audit cooperation clause in your Broadcom master agreement costs more than it looks.

A clause most buyers read once and never look at again. It defines who responds, on what timeline, with what scope, and at whose cost. It also defines whether the next audit is a defensible event or a financial accident.
By The Negotiation Desk · Strategy & Negotiation · Archetype: The Trap
Published 18 Oct 2024

The audit cooperation clause sits about two thirds of the way through most Broadcom master agreements. It is rarely longer than a page. It is rarely shorter than half a page. It is almost never read by anyone on the buyer side after the original signature. That is the trap. The clause defines the rules of every audit the buyer side will defend under the contract, and it does so in language that almost always favours the seller. When the audit notice arrives three years later, the buyer side discovers that the clause is the contract the audit is being run under, and the buyer has no negotiating room left because the room was given away on the day of signature.

This is not a hypothetical. The Desk has run 28 formal audit defenses under Broadcom paper in the last 24 months, and on each one the audit cooperation clause has been the document the seller side leans on hardest. The buyer who read that clause carefully at signature, negotiated four or five specific phrases, and built the response capability around what the clause actually required, has a substantially better audit than the buyer who took the seller's first draft and signed it.

The five places the clause does most of its work

The clause looks innocuous because the language is procedural. Procedural language hides commercial weight. There are five specific places in the standard Broadcom audit cooperation clause where the language defines who pays, how much, and how fast. Each of the five is negotiable at signature. None of them is negotiable once the audit notice arrives.

One. The definition of cooperation

The first place is the definition of cooperation itself. The standard Broadcom draft asks for full and reasonable cooperation. Full is a word that has commercial weight. Reasonable is a word that does not. A buyer who signs full cooperation has accepted an open ended obligation to provide information on the seller's schedule, in the seller's preferred format, at the seller's level of detail. A buyer who negotiates reasonable cooperation, with a defined list of information categories and a defined response window, has reserved the right to push back when the auditor asks for material that exceeds what the contract actually requires.

The word change costs nothing to negotiate at signature. The same word change is the difference between an audit defense that closes in 90 days and an audit defense that runs for 18 months. The Desk's standing recommendation on every Broadcom master agreement is to strike full, replace with reasonable, and attach a schedule that defines the categories of cooperation the buyer is committing to.

Two. The notice period

The second place is the notice period. The standard Broadcom draft proposes 30 days of notice before an on premise audit and effectively no notice for documentary requests. The buyer who signs 30 days has accepted a window that is almost certainly too short to assemble the entitlement baseline before the auditor walks through the door. The buyer who negotiates 90 days of notice for any substantive request has 60 additional days to do the internal entitlement audit that, in our experience, is the single largest determinant of the financial outcome.

The 90 day notice period is not unreasonable to ask for. Sellers grant it routinely when the buyer side raises it at the right point in the negotiation, which is the first round of redlines, not the last. The Desk has seen this redline accepted on more than half of the master agreements we have advised on. The buyers who did not ask did not get it. The buyers who did ask got it.

Three. The scope language

The third place is the scope language. The standard Broadcom draft asserts a right to audit the buyer's use of all products licensed under the contract and any related deployments. Related is the word that does the damage. Related can be argued to include deployments by affiliates, deployments in cloud environments the contract does not contemplate, deployments by joint ventures, and deployments by acquired entities the buyer integrated post acquisition.

"The audit scope conversation is won or lost in the master agreement, not in the audit. The clause writes the scope before the auditor arrives. Every entity you do not name in the clause is an entity the seller can argue into the audit later."Audit Defender, The Desk

The buyer side counter is to strike related and replace with a specific list of entities, geographies and deployment environments the audit is permitted to cover. The list can be generous. It needs to be specific. Specificity at signature is the only protection against the seller side argument three years later that an affiliate, a cloud tenant or a post acquisition deployment was always inside scope.

Four. The cost allocation

The fourth place is the cost allocation. The standard Broadcom draft has the buyer pay for the auditor's time if the audit reveals a material variance. Material is undefined. The buyer who signs the standard draft has accepted an obligation to pay the seller's audit costs based on the seller's later definition of material. The buyer who negotiates a defined materiality threshold, a defined cap on auditor cost recovery, and a defined right to dispute the auditor's bill, has converted an open ended liability into a managed one.

The Desk's standing recommendation is a materiality threshold of 5 percent of the licensed value, a cap on auditor cost recovery at a defined dollar figure, and a 30 day window to dispute. These three numbers are negotiable at signature. They are unobtainable after the audit notice arrives.

Five. The remediation timeline

The fifth place is the remediation timeline. The standard Broadcom draft asks the buyer to remediate any identified variance within 30 days, including payment of any back licensing fees. The buyer who signs the standard draft has accepted a clock that almost certainly runs faster than the buyer's internal procurement and finance approval cycles. The buyer who negotiates a 90 day remediation window, a phased payment schedule, and a right to convert remediation into a renewal credit, has the time and the structure to negotiate the variance rather than concede it.

The remediation clause is where most audit settlements actually live. A defensible remediation clause turns a one time exposure into a negotiation about the next renewal. A weak remediation clause turns the audit into a forced spend at a moment when the buyer has the least leverage in the entire commercial relationship.

Avg time saved on audit defense when notice period is 90 days vs 30 days5 to 8 weeks
Avg scope reduction when "related" struck and entities listed22% to 41%
Avg savings on auditor cost recovery when cap negotiated$140K to $620K
Audits closed below 25% of initial assertion when clause is well drafted19 of 22

Why the clause is the trap

The clause is the trap because it is procedural language in a contract about software, signed by buyer side teams that are focused on commercial terms. The procurement team is reading the price schedule. The legal team is reading the limitation of liability. The technical team is reading the support terms. Almost nobody on the buyer side reads the audit cooperation clause with the assumption that the clause itself will be the document the next audit is run under. That assumption is what changes the negotiation. A buyer who reads the clause with that assumption negotiates the five places hard at signature and reduces the audit risk profile across the term of the contract.

What we have seen on live deals this quarter

On a healthcare network's Carbon Black renewal closed last quarter, the buyer side asked for all five redlines in the first round. The seller accepted four of the five outright. The fifth, the materiality threshold, was negotiated to 4 percent rather than the buyer's preferred 5 percent. The redlines added nothing to the price of the contract. The contract closed on the same commercial terms as the prior version, with an audit cooperation clause that materially reduced the buyer's audit exposure for the next three years.

On a regional bank that signed the standard Broadcom draft 18 months earlier without redlining the clause, the next audit notice arrived under the original language. The buyer side spent four months on what should have been a six week response, and paid for the auditor's time under a cost allocation the buyer had no defined cap against. The clause was the trap. The trap closed at the audit, not at signature.

The takeaway

  • The audit cooperation clause is the contract every future Broadcom audit will be run under. The room to negotiate the clause exists at signature and disappears at the audit notice.
  • Five specific places in the standard clause do almost all of the commercial work. Cooperation definition, notice period, scope language, cost allocation and remediation timeline. Each of the five is negotiable in the first round of redlines.
  • The redlines add nothing to the price of the contract and substantially reduce the audit exposure across the term. Buyers who ask for them get most of them. Buyers who do not ask sign the trap.
Working through a Broadcom renewal, audit notice or portfolio review right now? Write to the Desk → Two analyst calls, no pitch.

Three related articles

Service · Audit Defense
Audit defense, buyer side
Practice · Symantec
Symantec practice hub
Strategy · The Audit
The first seven days after any Broadcom audit notice
Strategy · The Lever
The BATNA construction lever most Broadcom buyers leave on the table
Outcomes · Case
A regional bank cut Symantec audit exposure by 81 percent
Correspondence Invited

Write before the quote becomes a position.

Two analyst calls. No pitch. We tell you what we would do, what the leverage actually is, and whether we are the right firm. If we are not, we will say so.
Who we work for. Buyer-side only. No reseller relationship with Broadcom. No partnership of any kind. We do not earn anything from products sold or renewed. Only from outcomes delivered against the contract.