Home/Vendors
Vendors

Software publisher audit risk profiles.

The major audit risk after a deal comes from a short list of publishers. Know how each one behaves before you sign.

These software publisher audit risk profiles cover the vendors that drive the most exposure after a transaction. As of June 2026, Oracle, SAP, Microsoft and IBM remain the most active, with Broadcom following its VMware acquisition, Salesforce and ServiceNow rising fast.

Publisher audit risk profiles

Each profile covers how the publisher licenses, where inherited exposure hides, and what triggers an audit after a change of ownership.

Frequently asked questions

Which software publishers drive the most M&A audit risk?

As of June 2026, Oracle, SAP, Microsoft and IBM are the most active after a deal, with Broadcom (VMware), Salesforce and ServiceNow increasingly so.

Why does a change of ownership trigger a vendor audit?

A transaction is a known prompt for publisher compliance teams. The combined entity is larger and freshly capitalised, which resets attention on the estate.

How large can vendor exposure be?

Very large. SAP pursued AB InBev for a figure in the region of 600 million dollars, and the Diageo Great Britain Ltd v SAP UK Ltd judgment, [2017] EWHC 189 (TCC), confirmed indirect access can require licensing.

Facing exposure from one of these publishers?

Request a confidential software M&A risk assessment focused on your highest risk vendors.

Book a confidential assessment