When a SPLA audit produces a number, it can feel like a single, unarguable figure. It is not. It is the product of a calculation with distinct inputs, and each input behaves differently when you push on it. Understanding how the penalty is assembled tells you exactly where the argument is worth having and where it is not. The hosters that reduce their exposure the most are the ones that take the calculation apart rather than treating it as a verdict.
This article breaks down each step, then walks an indicative example to show how the pieces combine. Every figure below is indicative and used only to illustrate the mechanics. For the full method, see the SPLA audit defense guide.
Step one: the under reported count
SPLA is reported each month, either as Subscriber Access Licenses, the SAL count, or by processor or core count, depending on the product and how it is licensed. The auditor reconstructs what you should have reported for each month in the 36 month lookback and compares it to what you actually reported. The gap, summed across months, is the under reported count. This is the base everything else is calculated from, which is why shrinking it is the highest leverage move in the whole exercise.
Every dollar of the penalty grows from the count. Reduce the count and you reduce all of it.
The count is also the input most often overstated, because the auditor builds it from incomplete data and the vendor's reading of ambiguous use. Use that should have been covered by a customer's own license, environments that were dev and test rather than production, and SAL blocks that were double counted across tenants all inflate the base if they are not challenged. Reconstructing the true count is the foundation of the defense.
Step two: back fees at the price file rate
The under reported count is multiplied by the applicable price file rate to produce the back fees. This is the license cost you should have paid had you reported correctly. Back fees at the price file rate are not negotiable. The rate is fixed by Microsoft's price file, and if the count is genuinely owed, so is the fee.
That does not make this step irrelevant to the defense. The back fee is the count multiplied by the rate, so every unit you remove from the count removes its full rate from the back fee. You do not argue the rate. You argue the count that the rate is applied to. The arithmetic does the rest.
Step three: the penalty uplift
On top of the back fees, the auditor applies a penalty uplift. This is where the calculation stops being fixed and becomes a judgment, and judgment is negotiable. The uplift ranges from 25 to 125 percent and depends on factors the auditor weighs.
- Severity, meaning how large the under reporting was relative to what was reported
- Duration, meaning how many months the gap persisted across the lookback
- Nature, meaning whether it reflects an honest reporting error or deliberate under reporting
- Cooperation, meaning whether you can evidence good faith and a disciplined reporting process
Because the uplift is a percentage applied to the back fee, the difference between a 25 percent and a 125 percent uplift is enormous. On the same base, the high end is five times the low end. Moving the uplift down the range is the second highest leverage move after reducing the count, and it is won with evidence of severity, duration, and good faith.
An indicative worked example
To see how the parts combine, here is a simplified, indicative example. The numbers are illustrative only and not a quote for any real situation.
| Line | Auditor opening position | After reconstruction and defense |
|---|---|---|
| Under reported SAL, summed over 36 months | 4,000 | 2,400 |
| Price file rate per SAL (indicative) | $50 | $50 |
| Back fees | $200,000 | $120,000 |
| Penalty uplift applied | 100 percent | 35 percent |
| Uplift amount | $200,000 | $42,000 |
| Total exposure | $400,000 | $162,000 |
In this indicative case, reconstructing the count removed inflated and double counted SAL, cutting the base. Evidence of an honest, well documented reporting process moved the uplift from the top of the range toward the bottom. Neither move touched the price file rate, which stayed fixed. The combined effect took the total from four hundred thousand to one hundred and sixty two thousand, a reduction driven entirely by the two negotiable levers.
Where the defense concentrates
The calculation tells you precisely where to spend your effort. The price file rate will not move, so arguing it wastes time. The count and the uplift will both move with evidence, so that is where the defense lives. Reconstruct the count from your own data to strip out what should never have been included, then build the good faith case that pulls the uplift down the range. Done together, those two moves are what turn an opening position into a defended outcome.
A buyer side advisor runs both. We rebuild the monthly count line by line, separate the fixed back fee from the negotiable uplift, and argue each on its own terms. Our guarantee applies: we reduce your exposure or we reimburse our service fee, and with gainshare you pay only from verified savings. For the complete mechanics, download the SPLA audit defense guide.
When the exposure is real, our SPLA audit defense service manages the Big Four auditor on your behalf.