The bottom line on Oracle license due diligence in M&A
Bottom LineOracle license due diligence quantifies, before you sign, the gap between what the target runs and what it is licensed to run — because that gap becomes the buyer's liability at close. Oracle licenses do not transfer automatically, the Oracle Master Agreement forbids transfer without Oracle's written consent, and Oracle audits acquirers within twelve months of a deal. Reconcile deployment against entitlement, price the exposure into the transaction, and you control the outcome instead of inheriting it.
A target's Oracle estate is one of the largest contingent liabilities most deal teams never line-item. This field manual is the buyer-side procedure for finding it: what to demand in the data room, how to read the contracts, how to put a defensible number on the exposure, and how to carry that number into price, escrow, and the post-close audit you are statistically about to face.
Key takeaways
- Oracle licenses do not transfer with the company by default. The Oracle Master Agreement states the customer may not assign the agreement or transfer the programs to another entity without Oracle's prior written consent (Oracle Master Agreement, 2026).
- A divested business gets roughly 90 days, not forever. Standard Oracle terms let a divested entity keep using the seller's programs only for a short transition period — commonly around 90 days — after which it must license Oracle in its own name (Oracle contractual terms, 2026).
- More than 70% of Oracle customers carry some non-compliance risk, which is why an acquisition is one of Oracle's highest-probability audit triggers and many acquirers get a notice within twelve months of close (industry Oracle compliance analysis, 2026).
- A ULA usually does not cover a company you acquire. ULAs are scoped to the named entity and its majority-owned subsidiaries as of the effective date, so post-signature acquisitions are commonly excluded — exposure that routinely runs $4M–$12M at certification (Oracle Licensing Experts engagement data, 2026).
- Oracle's opening number is a negotiating position, not your liability. Across 600+ Oracle engagements, the opening post-deal compliance claim averages 3–5× what the combined entity actually owes once deployment is reconciled against entitlement (Oracle Licensing Experts benchmark, 2026).
What to run, by deal seat
Corporate Development Deal Lead
- Name Oracle licensing as a discrete diligence workstream with an owner and a deadline — never bury it in a generic IT appendix.
- Gate the bid: require a reconciled Oracle exposure figure with a confidence range before the price is locked.
- Build the Oracle data-room request list into the first information request, not a late follow-up after the data room is half-closed.
CFO Capital
- Carry the reconciled exposure — not Oracle's headline claim — into the valuation model, escrow holdback, or purchase-price adjustment.
- Model the combined Oracle support bill at 22% of net license fees and budget for duplicate streams integration can remove.
- Treat any undisclosed compliance gap as a value transfer to the seller, and recover it through reps, warranties, or holdback.
SAM / ITAM Manager Compliance
- Run a forensic inventory of every Oracle contract, ordering document, ULA, CSI, and deployment at the target before the data room closes.
- Scan specifically for database options and management packs in use without entitlement — the most common hidden M&A exposure.
- Map ULA entity and territory scope and flag every deployment that falls outside what can be certified.
General Counsel Contracts
- Read the OMA assignment and change-of-control language for both parties — it governs whether licenses can move at all.
- Draft license-compliance and right-to-transfer representations, a cooperation covenant for Oracle consent, and a sized escrow.
- For carve-outs, set the Transition Services Agreement against a hard license-separation deadline, not an open-ended bridge.
Oracle due diligence, procedure by procedure
What goes on the Oracle due diligence data-room request list?
Everything that proves both what the target is allowed to run and what it is actually running. License due diligence is the pre-signing review of a target's Oracle contracts and deployments to quantify exposure before it becomes the buyer's liability at close, and it only works if the data room contains the full record: every Oracle Master Agreement and ordering document, every ULA and its certification history, all support renewals and Customer Support Identifiers, plus deployment evidence — processor counts, named-user counts, virtualization topology, and the option/pack usage data Oracle would pull in an audit.
Most data rooms ship the contracts and skip the deployment evidence, which is exactly the half that determines the number. Demand both, in writing, early. A target that can produce contracts but not a current measurement of what is installed and running is telling you the compliance position has never been verified — and an unverified Oracle estate is where the post-close surprise lives. Our Oracle compliance review assembles this diligence-grade record on the buyer's behalf.
Before contacting Oracle, ask the seller in writing: "Provide the current deployment measurement for all Oracle Database Enterprise Edition instances, every licensed and installed option and management pack, and all Java SE usage, mapped to the specific ordering document that licenses each." If they cannot, that gap belongs in the price.
How do you read the target's Oracle contracts for transfer risk?
Start with the assignment clause. The Oracle Master Agreement is explicit that the customer "may not assign this agreement or give or transfer the programs or an interest in them to another individual or entity" without Oracle's prior written consent (Oracle Master Agreement, 2026). That single sentence governs whether the deal even carries Oracle rights to the buyer — and the answer depends on structure. In a stock purchase where the licensed entity survives, entitlements stay put; in an asset purchase or carve-out, the programs are being "transferred to another entity," which is precisely the act the clause restricts.
Then read the change of control language, the territory and entity definitions, and any negotiated M&A scope in a ULA. These define the boundary the software was licensed to live inside, and a deal moves it across that boundary. The contract review is not a formality you clear — it is where you learn whether you are buying transferable entitlements or a re-licensing event in disguise. Our Oracle Master Agreement analysis and Oracle contract negotiation team read these clauses for a living.
If the deal model assumes the target's Oracle licenses "come with the company," stop. A stock purchase where the entity survives is treated very differently from an asset purchase or carve-out, where Oracle's assignment restriction applies and consent becomes a priced negotiation. The structure on the term sheet changes the Oracle answer.
How do you quantify the target's Oracle compliance exposure before signing?
Reconcile deployment against entitlement and express the result as one defensible number with a range. Count every licensable processor and named user, scan for database options and management packs — Diagnostics Pack, Tuning Pack, Partitioning, Advanced Compression, Active Data Guard — that install and run without any separate gate, and check whether ULA scope excludes acquired entities. The exposure is the gap between installed-and-running and licensed, sized as a dollar figure with a confidence band, not a binary "compliant / non-compliant."
That number is the deliverable the rest of the deal depends on. Post-acquisition under-licensing discoveries commonly run $1M–$5M for mid-sized companies and far higher for ULA-entangled estates, and with more than 70% of Oracle customers carrying some non-compliance risk, the base rate is against the unprepared buyer (industry Oracle compliance analysis, 2026). A quantified exposure converts a hidden contingency into a line item you can negotiate. The Oracle database licensing guide details exactly where options and Java exposure hide, and our Oracle license optimization team sizes the estate.
Across 600+ Oracle engagements, the opening post-deal compliance claim averages 3–5× what the combined entity actually owes once deployment is reconciled against entitlement (Oracle Licensing Experts benchmark, 2026). Diligence that produces your own number first is what collapses the gap — see Oracle licensing case studies with hard figures.
Why does deal structure change the Oracle answer?
Because Oracle rights attach to a named legal entity, and the structure decides whether that entity survives or the programs move. In a stock purchase or statutory merger where the licensed entity continues, entitlements generally remain in place, so the work is reconciliation and contract harmonization. In an asset purchase or carve-out, the programs transfer to a new entity, the assignment clause is triggered, and you need Oracle's consent — or you re-license. Same target, same software, completely different Oracle outcome depending on the box on the term sheet.
This is why the licensing workstream has to start when the structure is still being decided, not after. The choice between a stock and an asset deal has an Oracle cost attached to it, and a buyer who knows that cost can factor it into structure negotiations rather than discovering it during integration. Read the deal structure as an Oracle question, and bring the number to the table while the structure is still movable. Our contract negotiation team prices each path before the structure is locked.
When structure is still open, model the Oracle cost of each path side by side. An asset deal that triggers a punitive transfer true-up can be more expensive on the Oracle line than a stock deal that keeps entitlements intact — a difference large enough to influence how the transaction is structured in the first place.
How long can a divested business keep using Oracle after close?
Not long. Standard Oracle terms allow a divested entity to keep using the seller's Oracle programs only for a short transition period — commonly around 90 days — under the seller's agreement, after which the divested business must obtain its own Oracle licenses (Oracle contractual terms, 2026). A Transition Services Agreement (TSA) can formalize that bridge, but a TSA does not by itself hand the new owner permanent Oracle rights; it buys time, not entitlement.
That short clock is where carve-outs go wrong. The integration team treats "we have a TSA" as if it solved the license question, the 90-day window lapses, and the divested entity is suddenly running Oracle unlicensed — a conversation Oracle then prices from a position of total leverage. Plan license separation as a named workstream with a hard deadline that sits inside the transition window: inventory what runs at the carved-out unit, decide what transfers versus what gets re-licensed, and execute before the bridge expires. Our license optimization work sizes the standalone estate so neither side overpays.
A Transition Services Agreement with no hard license-separation deadline is an unlicensed liability waiting to mature. If the TSA can drift past the roughly 90-day Oracle transition window without the divested entity securing its own entitlements, the bridge has quietly become exposure — and Oracle is the only party with leverage when it surfaces.
How should Oracle exposure show up in price, escrow, and reps and warranties?
As real, sized deal terms — not a footnote. Once exposure is quantified, it belongs in one of three places: a purchase-price adjustment that lowers what the buyer pays, an escrow holdback sized to the reconciled figure and released once the Oracle position is cleared, or specific representations and warranties in which the seller affirms license compliance and the right to transfer the software. Add a covenant requiring the seller to cooperate on Oracle consent or novation. Each mechanism turns a contingent Oracle liability into a recoverable, allocated risk.
The discipline is to let the diligence number drive the deal terms, not the other way around. Sellers will represent that everything is compliant; the buyer's protection is a holdback and a warranty sized to the independently reconciled exposure, with the basis documented. Diligence done before signing converts a hidden post-close audit shock into a negotiated, priced risk the buyer controls — and gives the buyer a defensible baseline for the audit that tends to follow. Bring our Oracle audit defense view into the drafting so the warranties cover what Oracle actually claims.
"Seller represents that all Oracle Programs in use by the Company are properly licensed under valid, transferable agreements, that no Oracle compliance review or audit is pending or threatened, and that Seller will cooperate in obtaining Oracle's consent to any required assignment or novation; the Compliance Holdback shall be released upon written confirmation that the reconciled Oracle license position is cleared."
Why does Oracle audit the company you just bought — and how do you defend it?
Because the deal itself is the signal. Oracle's License Management Services (LMS) — now also delivered through Global Licensing and Advisory Services — monitors public M&A activity and uses it to prompt a formal audit, timed to land when integration is mid-flight and the buyer's leverage is lowest. The trigger is structural: combined deployments exceed entitlements, the acquired estate sits outside the buyer's contracts, and integration moves software onto new processors. Many acquirers receive a notice within twelve months of close.
The defense is the diligence baseline you already built, kept current: a forensic reconciliation of every deployed processor and named user against entitlement across both estates, every option and Java instance accounted for. With that in hand, the audit becomes an administrative exercise — you control scope, respond with evidence rather than guesses, and meet Oracle's opening claim with a documented counter-position, which is why the reconciled figure routinely settles far below the first number quoted. Going into integration without it hands Oracle exactly what it wants. Our Oracle audit defense and compliance review services exist for this window.
If licenses also need to transfer, run the audit and the transfer-consent as one negotiation, not two. When Oracle needs you to sign a consolidated agreement and you need clean consent, trade them — settle the compliance position, cap back-support, and harmonize the contract in a single deal rather than letting Oracle work the audit and the consent separately to maximize leverage on each.
What is the day-1 to day-100 Oracle integration sequence?
Freeze, reconcile, right-size, then harmonize — in that order. Day 1: freeze risky moves; no re-platforming, virtualization, or DR changes until entitlements are confirmed, because each of those silently changes the licensable footprint. Day 30: finalize the combined deployment-versus-entitlement reconciliation and complete any Oracle consent or novation required to move entitlements to the surviving entity. The first month is about not making the position worse while you establish exactly where it stands.
Day 60: right-size to actual usage — identify duplicate products, overlapping options, and parallel support streams the combined organization no longer needs, and retire them deliberately rather than carrying both "to be safe." Day 100: harmonize fragmented agreements onto a single, cleaner Oracle Master Agreement with consistent metrics, and merge or transfer Customer Support Identifiers so support is billed once, not twice. Post-merger integration is the rare window when both estates are fully open at once — exactly when redundant Oracle spend is easiest to remove, or to cement in by accident. Our Oracle support cost reduction team runs this sequence as one project.
A global manufacturer that had completed three acquisitions in two years was carrying duplicate Oracle estates and overlapping support. We reconciled entitlements across all four entities, eliminated redundant products, and consolidated onto one OMA — cutting the combined Oracle support bill by 38% while closing the open compliance gap. Explore our contract negotiation work.
Where does your diligence stand?
Estate mapped · exposure priced
Reconciliation done · number in the dealBest position. You hold an independent exposure figure and have reflected it in price, escrow, or warranties. Proceed to consent/novation and integration from a documented baseline — and use it as audit defense after close.
Estate mapped · exposure not priced
Reconciliation done · deal terms silentFix before signing. You know the number but the deal doesn't reflect it, so the liability transfers to you free. Convert it into a holdback or warranty now; an unpriced known gap is a gift to the seller.
Estate unmapped · structure decided
No reconciliation · path lockedHighest risk. You're committing to a structure without knowing the Oracle cost it carries. Force a reconciliation into the timeline before close, even if it compresses the schedule — the alternative is discovery during the audit.
Estate unmapped · structure open
No reconciliation · path movableAct now while it's cheap. Run the Oracle reconciliation before structure is locked so the cost of each path informs the deal design — the one moment the Oracle answer can still change the structure.
Decision matrix: your Oracle position in a deal is set by two axes — whether the estate is reconciled and whether the exposure is reflected in the deal terms — not by whether the timeline feels comfortable.
What to demand, and what each artifact reveals
| Artifact to request | What it is | Risk it exposes | Where it lands in the deal |
|---|---|---|---|
| OMA & ordering documents | The framework contract plus every order that grants entitlement | Assignment/transfer restrictions; non-transferable rights | Deal structure; consent/novation covenant |
| ULA & certification history | Unlimited agreement, scope definitions, prior certifications | Acquired entities excluded from scope; $4M–$12M certification gap | Price adjustment; escrow holdback |
| Deployment measurement | Current processor, NUP, option, pack, and Java usage data | Options/packs used without entitlement; under-licensing | Reconciled exposure figure; warranties |
| Support contracts & CSIs | Renewals, net license fees, support identifiers | Duplicate streams; 22% support base; repricing traps | Synergy model; post-close consolidation |
| Prior audit / LMS records | Any past or pending Oracle compliance review | Open or threatened audit inherited at close | Reps & warranties; indemnity |
Oracle M&A due diligence glossary
- License Due Diligence
- The pre-signing review of a target's Oracle contracts and deployments to quantify compliance exposure and transfer risk before it becomes the buyer's liability at close.
- Data Room
- The controlled repository where the seller discloses contracts and records; for Oracle it must include every agreement, ordering document, ULA, support renewal, and deployment record.
- Representations and Warranties
- Contractual statements by the seller about facts such as license compliance and the right to transfer software, which the buyer can rely on and recover against if untrue.
- Escrow Holdback
- A portion of the purchase price held back to cover identified risks, such as a quantified Oracle compliance gap, and released once the risk is resolved.
- Assignment Clause
- The Oracle Master Agreement provision stating the customer may not assign the agreement or transfer the programs to another entity without Oracle's prior written consent.
- Novation
- A negotiated agreement that substitutes the acquirer or surviving entity for the original licensee, transferring Oracle entitlements and obligations with Oracle's consent.
- Oracle Master Agreement (OMA)
- Oracle's standard framework contract governing the right to use Oracle programs; the assignment and transfer restrictions that constrain M&A sit here.
- ULA
- An Unlimited License Agreement: a fixed-term Oracle contract granting unlimited deployment of named products for a single fee, scoped to a named entity and its majority-owned subsidiaries.
- Transition Services Agreement (TSA)
- A short-term agreement under which a seller continues providing services, including software use, to a divested entity during separation; it does not grant permanent Oracle rights.
- License Management Services (LMS)
- Oracle's audit function, also delivered through Global Licensing and Advisory Services, which monitors M&A activity and conducts formal compliance reviews.
- Customer Support Identifier (CSI)
- The identifier tied to an Oracle support contract; merging or transferring CSIs is part of post-deal contract harmonization.
- Net License Fee
- The discounted license price actually paid, on which Oracle annual technical support is calculated, typically at 22% per year.
Oracle M&A due diligence: frequently asked questions
What should an Oracle license due diligence review cover?
It covers every Oracle contract, ordering document, ULA, support agreement, and Customer Support Identifier at the target, reconciled against actual deployment across database Enterprise Edition, options, middleware, applications, and Java. The output is a single defensible number: the gap between what is installed and running and what is licensed, with a confidence range. That exposure then drives price, escrow, or representations and warranties before signing.
Do Oracle licenses transfer to the buyer in an acquisition?
Not automatically. The Oracle Master Agreement states the customer may not assign the agreement or transfer the programs to another entity without Oracle's prior written consent. Whether licenses move depends on deal structure: a stock purchase where the entity survives keeps entitlements in place, while an asset purchase or carve-out transfers programs to a new entity and triggers the assignment restriction, requiring Oracle consent or re-licensing.
How long can a divested business keep using Oracle after close?
Standard Oracle terms allow a divested entity to keep using the seller's Oracle programs only for a short transition period, commonly around 90 days, under the seller's agreement. After that window the divested business must obtain its own Oracle licenses. A Transition Services Agreement can formalize the bridge, but it does not grant permanent rights, so license separation must be planned as a deal workstream with a hard deadline.
Why does Oracle audit companies after a merger or acquisition?
Oracle's License Management Services and Global Licensing and Advisory Services teams monitor public deal activity because M&A reliably creates license gaps: combined deployments exceed entitlements, acquired estates sit outside the buyer's contracts, and integration moves software onto new hardware. With more than 70% of Oracle customers carrying some non-compliance risk, an acquisition is a high-probability audit trigger, and many acquirers receive a notice within twelve months of close.
How do you quantify Oracle exposure before signing a deal?
Build a forensic reconciliation of deployment against entitlement for the target: count every licensable processor and named user, scan for database options and management packs used without entitlement, and check ULA scope for excluded acquired entities. Express the result as a priced exposure with a confidence range, not a yes-or-no. That number belongs in the valuation model, the escrow holdback, or specific representations and warranties before close.
What happens to an Oracle ULA in an acquisition?
An Oracle ULA is scoped to the named licensee and its majority-owned subsidiaries as of the effective date. Entities acquired after that date are usually excluded unless the ULA was negotiated with M&A scope expansion. At certification, Oracle can refuse to count deployments at the acquired company and assert a separate license obligation, which commonly creates $4M to $12M of unbudgeted exposure. Read the entity, territory, and product definitions before relying on a ULA.
How should Oracle risk appear in the purchase agreement?
Reflect quantified Oracle exposure as a price adjustment, an escrow holdback sized to the reconciled figure, or specific representations and warranties covering license compliance and the right to transfer. Add a covenant requiring the seller to cooperate on Oracle consent or novation. Diligence done before signing converts a hidden post-close audit shock into a negotiated, priced risk the buyer controls.
What is the day-1 to day-100 Oracle integration sequence?
Freeze risky moves first: no re-platforming, virtualization, or DR changes until entitlements are confirmed. By day 30, finalize the combined reconciliation and any Oracle consent or novation. By day 60, right-size to actual usage and eliminate duplicate products and support streams. By day 100, harmonize fragmented agreements onto a single Oracle Master Agreement and merge Customer Support Identifiers so support is billed once.
How we built this field manual
This field manual reflects Oracle Licensing Experts engagement data from merger, acquisition, divestiture, and post-deal integration work across enterprise buyers, combined with Oracle's current contractual terms and pricing positions verified in mid-2026. Benchmarks branded "Oracle Licensing Experts benchmark" derive from our buyer-side engagements and are stated as ranges to protect client confidentiality. Every external figure is attributed to a primary or authoritative source below.
- Oracle — Oracle Master Agreement (assignment and transfer restrictions; "you may not assign … or transfer the programs … to another individual or entity"): oracle.com (Oracle Master Agreement, US, 2026).
- Oracle — Online Transactional Oracle Master Agreement (current consumer-facing OMA terms, assignment clause): oracle.com (Online Transactional OMA, 2023/2026).
- Oracle — Technical Support Policies and Lifetime Support (annual technical support at 22% of net license fees; repricing on reduction of licenses or support level): oracle.com (Oracle Lifetime Support and Technical Support Policies, 2026).
- Oracle contractual terms, 2026 — short divestiture transition period (commonly ~90 days) for a divested entity's continued use under the seller's agreement, after which the entity must license in its own name.
- Industry Oracle compliance analysis, 2026 — post-acquisition audit timing (within ~12 months), mid-sized under-licensing exposure ($1M–$5M), and the finding that more than 70% of Oracle customers carry some non-compliance risk, reconciled against Oracle Licensing Experts engagement data.
- Oracle Licensing Experts — buyer-side engagement data and benchmarks, 2026 (post-deal claim multiples, ULA exclusion exposure, support consolidation savings).
Download the PDF edition
Take the full Oracle M&A Due Diligence Field Manual — the data-room request list, deal-structure decision matrix, and day-1 to day-100 integration sequence — as a shareable PDF for your deal team, integration leads, and counsel.
Request the PDF & a briefing →Keep building your M&A licensing position
Free weekly Oracle briefing
Audit triggers, M&A and divestiture licensing intelligence, and negotiation tactics — from former Oracle insiders.
Find the Oracle liability before you sign
Get an independent, buyer-side read on the Oracle exposure in your transaction. We run the license due diligence, price the compliance gap into the deal, negotiate any transfer, and strip redundant Oracle cost out of the combined business.