People can find out in as little as 15 minutes if they’re paying too much for their auto insurance. There’s even a little green gecko to tell them so.

Determining if you’re paying too much for software, though, might be a more complex task. Failure to understand and manage your licenses can lead to staggering costs, and even risk to your organization.

A recent survey by Flexera Software, a software licensing solutions provider, reveals that a large percentage of companies are out of compliance with their software licenses, meaning they have more software installed than to which they’re entitled. The study also found that 93% of organizations claimed to be spending on software they’re under-utilizing—so-called “shelfware.” This kind of waste is the most common expense, and according to Flexera, “is running rampant in enterprises.”

(Related: What will enterprises be doing in 2016?)

“Clients have waste and own more software than they need, and with other software, they’re using more than they’ve paid for,” said Ed Rossi, vice president of product management at Flexera. “The ways that software can be installed and distributed are difficult to track.”

There are a number of reasons why organizations pay for software that ends up not being used, and most of them come down to a lack of software asset and licensing management, Rossi said. Say a person leaves his job. In a development shop, this could mean an IDE instance or a build tool is sitting idle while the company searches for a replacement for the developer. But when one is hired, the company will often provide a newer, updated computer on which to work, and then license more tools while still paying for the other instances.

Or, Rossi pointed out, when companies add server capacity, they could be doubling the use of software without knowing it due to the complexity of much of today’s licensing. “This,” he said, “is exacerbated by virtualization. You can easily lose track of licensing associated with that.”

Flexera’s survey focuses on proprietary, commercial software, and does not look at open-source licensing, which Rossi said “has its own unique challenges.”

So, he said, does the growing trend of cloud-hosted software, even as he acknowledged that the vast majority of licensing today remains perpetual and on-premises. “There is more subscription and Software-as-a-Service being seen,” he said. “This can address in theory the problem of compliance. With SaaS, you have monitoring. You pay for 100 users, and the 101st user can’t log in.”

But the other side of that coin is buying a SaaS product for 100 users, but only 60 employees are using it. “If you don’t make use of what you licensed, you’ll never recover that money. With software you own, you know you’ll install and get value and benefits of the product,” said Rossi.

He made a point to say that asset management can be an important part of an organization’s cybersecurity strategy. By ensuring that only licensed software can be installed and executed, it cuts down on the risk of malicious attackers finding software that can be exploited from the outside.

So what’s the bottom line on all of this? According to Flexera’s 10th “Key Trends in Software Pricing & Licensing” report, for 2016, enterprises are paying as much as 25% more than they need to, because 25% of what they’re paying for isn’t being utilized.

Rossi did note that vendors are increasing the number of audits they’re doing of their customers to help them save money. That is a change from the old days when over-licensing was overlooked by vendors who were profiting from unused software. But increased audits can be problematic. “It can put a damper on the relationship [between vendor and customer], and it’s taxing in a number of ways. And then, from a straight-up dollar perspective, it’s an unplanned expenditure,” he said, that has not been budgeted.

Where companies really get hit is with “true-up” costs of licensing, which apply when vendors find that companies are using more software than they’ve paid for. “The costs there can exceed US$1 million or more,” Rossi said. The study showed that 20% of respondents admitted to paying more than $1 million, with 2% admitting more than $10 million in true-up costs.”

So it might take more than 15 minutes, and there’s no gecko to guide you, but your enterprise should get a handle on this and find out if you’re spending too much on your software.

The full report is available for download here.