The Use of (Il)Legal Software and Inspection Supervision

Sep 2020

Contact: Nemanja Žunić

Contact: Anja Berić

According to statistical data, when it comes to software, the piracy rate in Serbia has been 66% in 2017[1]. Although there is a visible tendency in the reduction of that number by about 2% per year, unlicensed computer programs have become part of everyday life, and sometimes it seems that their common use has created an illusion that such behavior is acceptable and justified. However, not being informed well-enough in this matter can have a detrimental effect on everyone who decides to use software not obtained in accordance with the terms and conditions of the software license.

The experience has taught us that there are 2 groups of legally problematic situations:

1) The use of illegally obtained software;

2) The use of software that is legally obtained, but by another entity (for example, when within a group of companies, the parent company obtains a software license, which is then is used by subsidiaries within the group).

In the first part of the blog, we are going to analyze each of the listed situations, while in the second part, we are going to clarify the procedure conducted by the inspection authorities and the possible consequences if the inspector notices certain irregularities.


Software, as an original intangible creation, is primarily protected by copyright and can be protected by other intellectual property rights as well. We have written about this in our blog Legal Protection of Software – This Is what You Need to Know. For this reason, the use of the so-called “cracked” software does not differ from stealing someone’s items, such as a bike or a car, so the consequences of its use can be very unfavorable.

Caught Red-Handed: What Are the Consequences?

The Law on Copyright and Related Rights prescribes in their penal provisions high fines for companies that illegally use the authorizations of the holders of intellectual property rights on computer programs and databases. The amount of fine differs depending on the type of the legal entity, so the fine for the economic offense, i.e. a misdemeanor (if we are speaking of an entrepreneur) can be imposed in the following range:

Besides that, the Law on the Organization and Jurisdiction of Government Authorities in the Suppression of Organized Crime provides for the possibility of initiating criminal proceedings, for example, in cases when the number of illegally copied software used by the supervised entity in their business exceeds 2,000, or the material damages which occurred in these kinds of actions exceeds 1,000,000 dinars. In such situations, that is in fact the execution of criminal offenses against intellectual property rights. The department for fighting against high-tech criminal is working on suppressing these kinds of things, within the High Court of the Republic of Serbia. The fact proving there are potential, serious consequences due to the violation of the mentioned regulations is also evidenced by the fact that the threatened punishments for committing these criminal offenses range up to 5 years in prison.


Having in mind the large number of foreign companies that establish branches and subsidiaries in the Republic of Serbia, the question arises whether it is legal to transfer a software license from a foreign parent company onto a local subsidiary. The answer depends on specific conditions of the obtained license, so they have to be analyzed in each specific case. Generally, there are 3 groups of situations:

  • In most of the cases, the transfer of a license to a legally obtained software is not permitted. A large number of companies that develop software that is massively used explicitly prescribe for such a rule – such as Adobe, Microsoft 365 for Business, PyCharm JetBrains, and others. Most often, as a condition for transfer, you need the consent of the company that developed the software in question. For example, Adobe considers unauthorized sublicensing or transfer of rights to third parties, a misuse of the services provided.

It is particularly important to pay attention to the version of the software that is used: namely, the rules of transferring the license can differ depending on the “plan” you purchased. Certain programs have different conditions for different versions. For example,

  • In addition to companies that strictly forbid the transfer of a license, there are types of software where the transfer of a license is somewhat more liberal, in the sense that it allows for the founding company to transfer their right of use onto another legal entity, but under one condition: it has to be an affiliated company, under which the Terms of Service of each Company define ’affiliated company’ in accordance with their own rules. For example, Atlassian in their Terms of Service considers that an affiliated company is a legal entity which is directly or indirectly under control or in the ownership of the company which has legally acquired the software, or the entity possesses or controls a company which has obtained a software legally, or that those two companies are under joint control by a third entity, by which it is defined that it shall be considered that this type of control exists if the company owns more than 50% of the voting interest in the other company. Similar rules are prescribed by Google’s G Suite Business.
  • Still, some companies allow free sublicensing and software transfer. An example of this is the Visual Studio Code, which prescribes this in short terms within their Terms of Service.

So, if a foreign company wishes to allow its affiliated legal entity (subsidiary) in Serbia to use its licensed software, it is necessary to previously study in detail how this question is answered in the Terms of Service of the license, which is applied onto that particular software.


What Action Does the Tax Administration Take?

Each year, the Tax Administration ex officio adopts the Annual Tax Control Plan, which is based on risk assessment and the importance of taxpayers. Based on the adopted plan, business entities are selected to which the inspection supervision will be applied. In 2019, the Annual plan had provided 100 controls of software legality on the field, carried out by 12 inspectors specialized in intellectual property rights on computer programs and databases.

In order to contribute to an easier understanding of this issue, the Tax Administration has published a checklist of the legality of the software on its website.

Control Checklist: A Last-Minute Save

The control checklist represents a standardized, publicly-available document, which the Tax Administration drafts and publishes, thus making the requirements transparent, so the companies know what they have to do in order to operate a business in a lawful manner. Most importantly, this list contains certain guidelines which can be helpful to all potential entities awaiting a visit by the inspectors, since they can self-evaluate beforehand.

With the questions listed on the checklist, you can form a clear picture of what the supervision procedure is like – i.e. what questions will be asked, which actions will be taken, and the like. By filling out the list, the taxpayers get a picture of the level of risk of their business, so they get a chance to take action and measures to reduce that risk.

The advantage of the checklist is that the legally prescribed requirements seem more accessible and understandable for software users, which significantly contributes to their education, better awareness, and prevention of illegal business.

The questions in the checklist are divided into several parts:

1) Bookkeeping records of electronic computers and software license use – the part where answers are not being scored, since they do not affect the level of risk from the point of view of the legality of software;

2) Determining the legality of installed computer programs and databases – the answers are scored and based on them, the level of risk is determined. In this group, there are questions related to:

  • Determining the legality of Microsoft products,
  • Determining the legality of databases,
  • Determining the legality of computer-protection programs (anti-virus, anti-malware, anti-spyware, firewall),
  • Determining the legality of CAD/CAM computer programs,
  • Determining the legality of computer programs for image editing, graphics, and print,
  • Determining the legality of other computer programs.

3) Awareness of the software copyright protection – in this part, the answers are not scored, since they do not affect the level of risk from the point of the legality of software.

After completing the checklist, the total number of points you have collected will determine the level of risk from the point of view of the legality of the software:

The Procedure of the Inspection Supervision

The Law on Inspection Supervision prescribes several types of inspection supervision: regular, irregular, control, and additional. In accordance with the prescribed provisions, the inspector is obliged to inform the taxpayer in writing of a planned control at least 3 days in advance, unless there is a justified fear that the supervised entity will damage the upcoming control by their actions. Simultaneously, the inspector notifies the taxpayer about the internet page on which the software checklist is published.

Thus, in most cases, a prior notice by the inspector and a written warrant for control (when its use is required) are two preconditions which, once fulfilled, open the door for the competent inspector to carry out supervision in accordance with their powers.

  • The first step includes checking basic information about the company, which the inspector will carry out by inspecting the documentation which the company possesses, such as public documents, or certificates from the register of business entities.
  • After checking the basic information, the inspector will proceed to determine the number of computers that the company possesses and keeps in its business facilities. This is done based on the inventory list for the previous year and physical insight into the number of computers.
  • Additionally, all installed software is listed in order to control the entry of software into a ledger account, based on which the number and type of installed software on all computers is determined.

In the event the taxpayer possesses a great number of computers, the inspectors may selectively list the installed software only on certain, randomly selected computers. If it is determined that there is an unlicensed software on any of them, every software which the company possesses shall be checked.

  • Depending on the type of software and the software developer, the tax inspector goes on to determine the legality of the software. This procedure depends on the rules prescribed by each software developer, hence, it can differ accordingly, depending on the computer program in question.

For example, when it comes to the Windows operating system, the following is checked:

  • the original package of purchased software;
  • the existence of COA on the chassis of the computer or the FPP box, if the operating system wasn’t purchased simultaneously with the computer;
  • the existence of a volume licensing agreement and comparison of the number of purchased licenses listed in the agreement with the number of installed programs on the computers;
  • invoice for purchased software.

In case the inspector does not find immediate proof necessary to determine a particular fact, the inspector will provide an opportunity to the supervised entity to state the facts and circumstances of importance.

The Powers of Inspector in Case of Established Irregularities

Where certain irregularities and illegalities in the use of software are found, the inspector may impose some of the administrative measures to the subjects of inspection supervision, in accordance with the powers prescribed by the Law on Inspection Supervision. These measures may include:

1) Prevention measures, such as:

  • warnings of legal obligations and sanctions for non-compliance,
  • ordering the undertaking of certain actions or restraining from harmful actions,
  • indicating the possibility of negative consequences;

2) Measures for eliminating illegalities in accordance with special laws – these measures are imposed by a special decision by the inspector in case the supervised entity fails to remove the irregularities found during the inspection supervision within the given deadline. Such a possibility is at the inspector’s disposal for 60 days, starting from the day when the taxpayer was delivered the record about completed supervision. In case the taxpayer fails to take action as instructed within the additional 15 days from the day of determination, the supervision inspector shall file a report for an economic offense or misdemeanor report, in accordance with the Economic Offenses Act, i.e., the Law on Misdemeanors;

3) Special measures of orders, prohibitions, and confiscation, for example:

  • prohibition of business operations,
  • prohibition to carry out activities,
  • confiscating items, documents, and goods;

4) Measures for the protection of rights of third parties, with the purpose of introducing third parties with the findings of the inspection, issued measures, and other relevant data.

So, in the event it is determined that you have committed anything illegal regarding software use, the inspector has a wide range of powers at their disposal to use. In addition to the abovementioned, a possible criminal, misdemeanor, or economic offense proceedings initiated as a result of the conducted inspection supervision, may result in imposing some of the aforementioned fines.

What Happens with Data Safety during the Inspection Supervision?

In light of the issues we deal with in this blog, it is inevitable to ask the following question: how safe is the inspection control from the aspect of business entities that are supervised?

On one side, all data that is being kept on the computers of the supervised entities becomes available to the inspector, which may pose numerous risks for confidential or other important data. The explanation of the Tax Administration about the supervision of illegal software does not include any kind of information which would guarantee that the inspector during control does not invade the privacy of the supervised entities to a greater extent than necessary.

Even though the general principle of proportionality can be considered applicable in that case, we believe that companies do not wish to leave their valuable information unprotected from unauthorized disclosure, modifications, or destroying.

Not only that, the question is how safe is the control that the inspector will carry out on the computers of the business entity that is the subject of control? Is there a possibility that this could damage the operating system, transmit viruses, or otherwise disrupt the established flow of information to the controlled entity, and thereby damage its business?

These questions should be answered in order to make the entire procedure of software legality control transparent and clear to taxpayers. It is certain that clarifying the existing doubts would contribute to greater engagement of business entities in terms of self-checking and would also increase their motivation to cooperate with the competent authorities. We hope that the competent authorities will soon see the need to provide answers to these questions.

[1] Source: Official website of the Tax Administration of the Republic of Serbia, available at

Latest Post


Stay in the loop with the most important updates