You don't by any chance offer software compliance and auditing services by any chance? What if instead of insisting on expensive audits you simply have a policy of using open source software? If you are using open source there are no legal entanglements, you have less exposure to security threats and control over your IT infrastructure.