When ILMT was managed by Kyndryl and nobody owned it.

How the ownership gap forms

When infrastructure operations moved to Kyndryl or another managed provider, ILMT frequently came along as a task on a runbook rather than a governed compliance control. The provider kept the service running to the letter of the contract. The customer assumed the licensing position was being protected. Neither party was actually validating that the sub capacity claim would hold under audit.

That gap is where exposure accumulates, because operating ILMT and owning the compliance outcome are not the same job.

What falls through the gap

• New hosts provisioned by the provider without ILMT coverage added to scope.
• Quarterly reports generated but never reviewed against entitlements, or not retained the full two years.
• Miscategorized installs left uncorrected because correction was outside the managed scope.
• Metric changes such as VPC reporting after Passport Advantage v11 that the runbook never absorbed.

Why the contract does not protect you

The audit obligation sits with the license holder, not the operator. IBM looks to the customer named on the Passport Advantage agreement, regardless of who ran the tool day to day. A managed services contract may give you a path to recover costs from the provider afterward, but it does not stop IBM from charging full capacity for periods where the record does not hold. The liability is yours first.

Taking the record back

The fix is to treat ILMT as an owned compliance control again, wherever it physically runs. Reconcile the provider's reporting against the real estate, confirm coverage on every eligible host, recover the missing quarterly reports, and correct the categorizations. Whether the agents live in your data center or a provider's, the defensible position has to be one you can prove, because in the audit it is your name on the agreement.