If a company's code is audited (internally or externally), and GPL code is found, you can bet your ass the dev who committed that GPLed code will get a stern talking too, and the company will have to re-write that code.
And that's just for GPL code. Code not under an OSS license could get way worse.
And that's just for GPL code. Code not under an OSS license could get way worse.