Skip to content

Software Police

Question: 
I have just been advised that we have received a notice that we are to be audited by the "BSA" for compliance with software licensing. The letter or notice "The BSA(Business Software Alliance) - an assoication comprised of Adobe, Apple, Autodesk, Bentley Systems, CNC Software/Mastercam, Microsoft, Symantec and UGS - works to educate the public on the importance of software compliance and to enforce intellectual rights." Anybody heard of or dealt with the "BSA"(other than Bank Secrecy Act) before? Where does their authority originate?(somewhere in the fine print that nobody read?) I would appreciate anyone sharing their experience with this group(if it's legit) and what we should expect.
Answer: 

Answer by Andy Zavoina: I contributed to an article on this in a past issue of ABA Bank Compliance. "Software Piracy Can Plunder The Unwary Bank". This organization currently has marketed itself to ex- and unhappy employees to rat on their employers who they know have made or are using unauthorized copies of software.

As I understand the process, in general terms they may allow you to use a program to audit all computers (or they can do it). This is then compared to the actual iicenses you have. I have heard a common penalty is that you pay for the software (doesn't matter if you're using it) and then you double that amount as the penalty.

A common scenario used to be that when User A got a new PC, the old one went to User B. User A wanted all his programs, so they were loaded on his PC from the original media. User B now has to have a license for the software still on that old PC.

If you bought PCs (new or used) with software on them, have the licenses. If you have LANs with a certain number of authorized users at any time, have the license and be able to document that you restrict the number of users.

For starters, dig out your Y2K inventory if you haven't tracked these assets. You have a fun road ahead.

Answer: 

Answer by Dana Turner: Check first with the licenses for your software. Those licenses should contain the language that the user will allow the licensing company to conduct the audit. Examiners have conducted these audits for several years, and it appears that the examiner team that will examine your institution will also handle this task.

First published on BankersOnline.com 11/29/10

First published on 11/29/2010

Filed under: 
Filed under compliance as: 
Filed under security as: 

Search Topics