Dont ignore a bsa software audit notice failing to respond to a letter from the. Audit programs, audit resources, internal audit auditnet is the global resource for auditors. Besides disgruntled former employees, the rat of choice by the bsa is your microsoft reseller. For the last ten years, i have been representing enduser companies nationally in software audit matters initiated by major software publishers. An llc notice is sent to the organization from the bsa before conducting an llc audit. Unbundling software suites microsoft office and adobe creative suite are two compilations that are frequently involved in bsa audit matters. Here, redmond explores the most harrowing tales of software audits. Bsa audits by software licensing attorney vondran legal. Purchasing additional software upon receipt of audit request purchasing additional licenses of installed software in response to an audit request letter will have no effect on the outcome of the audit. The bsa business software alliance represent many vendors, not just microsoft so are the most likely ones to be involved with an audit. Bsa licensing audits following on from my post about microsoft licensing options, i thought it prudent to cover what may happen if your licensing isnt in order and you end up getting audited. About the business software alliance bsa audit defense.
It includes a datagrading capability that allows the auditor to rate the overall degree of validity of their water audit data. How to respond to a bsa or siia software audit letter without. A bsa audit is a request, under threat of litigation, to compile a listing of all bsa member software products installed on the audited entitys computer network as of the audit effective date. Bsa and autodesk software audits faq deleting software. One half of their business promotes the legal use of software and does pr. An adversarial attitude about a software audit is unwise. Lets face it, software asset management sam might be a best. He is counsel to some of the worlds largest corporations on information technology matters including intellectual property licensing, risk management, data privacy, and outsourcing. The bsa has requested that our company completes a selfaudit. Once an accurate inventory of the bsa member software products is completed, the next step. Jun 21, 2015 feel free to share this video on your social media networks.
The fdic last described its expectations in fil 2996. The audit effective date is the date on the bsa initial letter requesting an audit. Solved anyone have recent experience dealing with the. In installations using advanced software library control systems. Aml and bank secrecy act compliance heavily depends on technology. Here are the top 20 things to think about when you are thinking about how to respond to a software audit letter from the bsa, siia, microsoft, autodesk, adobe or other software publisher. A ccused of software piracy by bsa the software alliance. How to respond to a bsa or siia software audit letter.
Determine that the bank provides periodic training for appropriate personnel regarding their responsibilities under bsa aml. Bsa the software alliance bsa is an organization that represents software companies and prosecutes alleged unlicensed use of those member companies software products. Bsas free audit resources are a key element in bsas ongoing educational campaigns that alert businesses to the serious ethical and digital security risks associated with unlicensed software use. Software piracy is big business and bad for it as a whole, so someone has to police it. Bsa internal audit questionnaire internal audit bsaaml. What i learned in the last 10 years defending bsa the software. Here is what you can expect if you get a letter demanding a voluntary bsa software license audit or audit from some other software compliance company. Oct 19, 2004 bsa s free audit resources are a key element in bsa s ongoing educational campaigns that alert businesses to the serious ethical and digital security risks associated with unlicensed software use. Business software alliance dirty tricks update network world. We received a form letter from the business software alliance bsa telling us to do a self audit and if we find any unlicensed software to report it during our grace period because if you organizations software is not licensed, it could become to focus of a bsa investigation.
Although it may read like a bad joke or a scam, infact it is a frequent practice by software vendors or their agents such as the bsa or siia software and information industry association to demand that you perform an audit of the software used at your business, report the results, and payup if there is any alleged deficiency in your. Yes, independent testing of bank secrecy act compliance is required by each of the bank regulatory agencies. Bsa the software alliances primary enforcement tool is to send a threatening letter indicating that an. Includes audit of cip, ctr, sar, monetary instrument log, unlawful internet gambling, exemptions, training, etc. Bsa the software alliance investigates all reports of software piracy without independently confirming the veracity of the information provided or the motive of the person making the complaint. Bsa microsoft audit shakedown survivor thought people might find this useful, as when i got our letter informing us of the audit, i couldnt find much in the way of detail. How to fend off the bsa in a software audit legal guides. Your company gets a letter demanding that you submit to a voluntary software licensing audit.
Water loss control american water works association. I work at a small nonprofit that has 18 employees plus a seat computer lab. Through years of helping more than 250 clients navigate the. The free movement of data across borders drives economic growth, development, and. A business software alliance team member will provide you with the latest information. Microsoft audits its customers using a variety of strategies. Even officers and directors can be held liable for software piracy or using crack codes to run expensive software. What auditors should know and ask about bsa aml software before a successful audit can be conducted. It is very important to respond to the bsa audit letter, preferably through your legal counsel.
In the absence of technology, banks and other financial institutions would be overwhelmed by labor costs. When you receive a bsa audit letter it is important to understand that the bsa business software alliance is acting on behalf of its member companies. Aml white paper white papers, audit, automation, software. Mar 12, 2016 here are the top 20 things to think about when you are thinking about how to respond to a software audit letter from the bsa, siia, microsoft, autodesk, adobe or other software publisher. The business software alliance maintains telephone hotlines and a web site to encourage disgruntled employees and vendors to make anonymous reports against companies of all sizes. I am an intellectual property attorney in southlake, texas who has handled more than 230 business software alliance audit matters for small to mediumsized companies. If you have been contacted by bsa the software alliance, you need experienced counsel to protect your business. Regardless of how up to date your licensing is, its possible for the bsa to audit you if they suspect youre not compliant. Feb 19, 2019 if you are facing a compliance audit from autodesk, business software alliance bsa, vero, siemens, or another software vendor, we can help you minimize your legal risk and liability.
It outlines requirements for banks, credit unions, mortgage companies and more. We were just fedexd a bsa self audit request due to a disgruntled former employee sending in a tip. The free edition will allow you to view the older reports on domain controllers, file servers, and windows servers based on the data collected during the evaluation. Call us if you or your company is involved in a software audit, these are tough to handle on your own as tempting as it seems. What to do when you receive a bsa audit letter by ericka chickowski print baseline talked to the experts whove directly dealt with the business software alliance, and weve compiled an 8 step guideline process for handling the aftermath of receiving an intimidating audit letter. The business software alliance bsa are an international body that are financed by the biggest software companies on the planet bsa members. There are also free tools, templates and processes available at sam.
Feel free to share this video on your social media networks. If you do receive an llc audit, do not simply accept the audit terms, process, and results. It extracts details of all components of the pc, shows installed software with version and product. Baseline talked to the experts whove directly dealt with the business software alliance, and weve compiled an 8 step guideline process for handling the aftermath of receiving an intimidating audit letter. Bsa compliance solutions supports our members and their customers by partnering with key stakeholders around the world to raise awareness of the risk of malware, ransomware, and other critical security threats and drive license compliance through sound it procurement. The business software alliance bsa conducts all llc audits. If the it audit did not address the bsa aml monitoring system, it is important that the bsa auditor understands how the software was. Whatever the source, audit software programs should remain under the strict control of the audit department. Small to mediumsized firms are frequently the target of a microsoft audit initiated by a trade group such as the bsa. Please note that the investigative process is very thorough and.
That is a fact reflecting the reality of monitoring and auditing numerous customer relationships, correspondent banking and large numbers of transactions. The bsa unbundles the software suites and attempts to recover up to three times the msrp of each of the components for each installation of allegedly unlicensed software. Ffiec it examination handbook infobase internal audit. Bsa internal audit performed quarterly and reported to the audit committee each quarter. This has led to accusations that the bsa is a front for microsoft, with its other members being enlisted purely to disguise microsofts dominant role. We are driven to excellence in all areas of our business by focusing 100% of our efforts on solving customers problems, creating deep and lasting customer. It extracts details of all components of the pc, shows installed software with. How to fend off the bsa in a software audit legal guides avvo. Our members create innovative software that improves peoples lives and grows the economy. What i learned in the last 10 years defending bsa the.
Call us to discuss your case with a free initial consultation or email me at the address at the right side of this page. How to survive a software licensing audit informationweek. Training should include, but not be limited to, tellers, platform, lending personnel, trust personnel, wire room, and bookkeeping personnel. Guidance on loss control planning is given based upon the credibility of the data and the. Responding to software audits by the bsa, siia and other. Nov 21, 2014 although it may read like a bad joke or a scam, infact it is a frequent practice by software vendors or their agents such as the bsa or siia software and information industry association to demand that you perform an audit of the software used at your business, report the results, and payup if there is any alleged deficiency in your. The adequacy of the banks policies and procedures for identifying and reporting suspicious activity. What auditors should know and ask about bsaaml software before a successful audit can be conducted author. The integrity and accuracy of management information systems mis used in the bsa aml compliance program.
While preparing before an audit is by far the most effective strategy especially because an organization is bound to undergo a software audit at some point once. This program has been examined by fdic several times and received high marks. I work for a smallmidsized enterprise shop, under users, and we just finished a bsa audit. The business software alliance bsa are an international body that. For the last ten years, i have been representing enduser companies nationally in software audit matters initiated by major software publishers including microsoft, adobe, autodesk, ibm and their.
The bsa software asset management certification through the bsa verafirm sam certification program, participants are trained on how to establish, implement, maintain, and improve sam systems by applying principles and processes from iso 197701, the industry standard. Apr 25, 2014 when you license software, you agree to a licensing agreement often called eula that can subject you to a internal audit of your company if the bsa or siia suspects you are using pirated copies. A bsa audit is a request, under threat of litigation, to compile a listing of all bsa member software. I use checkpoint from thompson reuters for my audit program. Bsa aml software has been correctly and effectively implemented and utilized. Jenny blank, north american enforcement programs manager for the business software alliance bsa, explains the bsas audit process. When asked to rank the top benefits of strong software license management and better software compliance, 54 percent of cios listed lower security risks as the primary reason to ensure their software was fully licensed. For this reason, all documentation, test material, source listings, source and object program modules, and all changes to such programs, should be strictly controlled.
Dont use free tools provided by software associations while these tools. We are a pretty small shop, and the audit will be relatively easy, i have a quick question for anyone that has had to deal with this before. Bsa and autodesk software audits faq deleting software youtube. Board reporting and supervision of, and its responsiveness to, audit. Like many websites, bsa s websites use cookies to ensure the efficient functioning of those websites and give our users the best possible experience. But the business software alliance bsa, the software industrys. Its best to cooperate with the auditors, albeit while protecting the interests of your company. Please note that the investigative process is very thorough and can take several months for significant developments. The date of the letter is the effective date in bsa and siia audit matters. The awwa free water audit software audit software was first released in 2006, and has been through several generations.
Once a report is received, bsa the software alliance makes a decision about whether to request a self audit or to immediately file suit. If you are facing a compliance audit from autodesk, business software alliance bsa, vero, siemens, or another software vendor, we can help you minimize your legal risk and liability. He has defended over 250 software audit matters initiated by software piracy trade groups such as the bsa and siia. Your bank secrecy act bsa compliance team and fraud prevention efforts are only as good as the data and logic in their tools. Bsa offers onemonth grace period to software pirates. Businesses trying to determine whether their organization is using unlicensed software can download a free bsa software audit tool or call 877.
What you need to know if you receive a letter from bsa the. Therefore, consider a bsa audit letter to be directly from its members. Auditnet has templates for audit work programs, icqs, workpapers, checklists, monographs for setting up an audit function, sample audit working papers, workpapers and a library of solutions for auditors including training without travel webinars. For the last ten years, i have been representing enduser companies nationally in software audit matters initiated by major software publishers including microsoft, adobe, autodesk, ibm and their trade groups. How to handle business software alliance audit demand letters. After this period, adaudit plus will automatically downgrade to free edition. Look at your bsa the software alliance audit notice and you will see that they. What to do when you receive a bsa audit letter by ericka chickowski print. This edition never expires, and will allow you to audit and report on up to 25 workstations only. The bsa generally initially sends a company a letter indicating the company may be out of compliance with applicable software license agreements and demanding that the.
Audit program bank secrecy act and antimoney laundering 5. Integration with our cash receipting and general ledger applications allows for payments to be processed and then recorded in our. Everything you need to know about software audits aberdeen. By the phrase software audit, i mean any inquiry by a software vendor or their attorney or agent such as the bsa to a thirdparty user of the vendors proprietary software. Use this free checklist to assess your bsa aml compliance program. Audit requests from adobe, autodesk, and other software publishers. Audit program bank secrecy act and antimoney laundering. We use verafin to monitor or bsa and i complete the independent audit internally.
Those that are done by the big accounting firms and those that are conducted by organizations such as bsa the software alliance. Software audit process explained by attorney steve youtube. Prior to submitting audit materials on behalf of clients we require that the bsa sign a contract protecting the confidentiality of the audit materials and ensuring that the audit materials will not be used in court if the case cannot be settled informally. Independent testing for compliance with the bsa and 31 c.
Ten years later, this practice is widely used in software audit matters generally and has become so routine in bsa cases that the bsa lawyers now send us. The bsa s lawyers in uruguay quickly filed suit, but dropped the suit in 1997 when antel signed a special agreement with microsoft to replace all of its software with microsoft products. If not, when the bsa comes knocking in the guise of your local microsoft reseller offering a free software audit, you could be putting your business in danger of serious fines. The bsa dedicates a substantial portion of its revenue marketing on radio stations and the. This bsa aml compliance program checklist will help you assess. You can learn more about how we use cookies, and how you can change your browsers cookie settings, in our cookies statement. Yes, we also handle autodesk, adobe, siemens, microsoft, and others, but the business software alliance is one of our favorite software trade associations to work with. Do not use free tools provided by software associations. He is counsel to some of the worlds largest corporations, such as schlumberger, pepsico, iron mountain and american express, on information technology matters including intellectual property licensing, risk management, data.
With verafin, once you get your parameters set up and have someone monitoring them completely, it is very to complete the audit. In 2008, the business software alliance received more than 2,500 reports of illicit use of software by companies in the u. Free pc audit is a freeware system, hardware and software information tool. Learn about bsa s work on responsible ai, protecting consumer privacy, strengthening cybersecurity, promoting crossborder data, and helping people train for the future. Most bsa audits begin with a report from a disgruntled employee or former employee.
Lake, camsaudit when it comes to auditing bsaaml programs, one of the first questions the average auditor will ask is. Our lawyers have the legal and technical expertise to defend your business through every step of the bsa audit process. A critical goal of any technology solution is to deliver accurate and timely information to stakeholders and decision makers. Properly preparing for and responding to software audits can reduce the financial and organizational impact on your business.
1580 117 277 251 920 194 135 301 430 414 646 870 918 1237 684 629 1147 41 836 798 1416 252 1183 456 62 1190 1424 1252 782 420 1294 554 1104