OEM copies aren't just sent to big companies. They are sent in bulk to distributors who then sell it to small companies. Small companies are allowed to sell copies to consumer when they make a significant purchase. This is why using OEM keys is completely harmless. Microsoft have no way of tracking the key, and no way telling whether the owner of key purchased it legitimately. The most Microsoft can do is put a disclaimer on the package.