Year-over-year tone shift - average net-tone change across Risk Factors and MD&A vs the prior 10-K. This filing is -0.11pp more bearish than last year's.
Why YoY instead of absolute: the LM lexicon has ~6.6× more negative words than positive (legal/risk-disclosure language is heavy on hedging), so every 10-K reads bearish on raw tone. Year-over-year change strips that bias and surfaces the actual shift in management's framing.
Tone shift by section
The two components the gauge averages: how Risk Factors and MD&A each shifted in net tone versus last year's 10-K. The headline above is their average, so a green needle over a soft section just means the other section carried it.
Risk Factors
-0.09pp
Flat
Net-tone change vs last year's 10-K.
MD&A
-0.13pp
Flat
Net-tone change vs last year's 10-K.
Per-snippet highlights
Sentence-level sentiment highlighting with category and subcategory filters is coming once the snippet-scoring pipeline lands. For now, dig into the actual section text on the Sections tab.
Language change vs prior 10-K
Risk Factors (Item 1A) - words with the biggest YoY frequency increase
Negative rising
concern+8
doubt+5
loss+3
losses+3
weakness+2
Positive rising
able+2
effective+2
assure+1
collaborative+1
Risk Factors (Item 1A)
26,386 words
Item 1A. Risk Factors
Risks Related to Our Business and Industry
We have a history of losses, may not be able to achieve or sustain profitability in the future and expect to incur significant losses for the foreseeable future.
We have incurred net losses in all periods since our inception, and we expect we will continue to incur net losses for the foreseeable future. We had an accumulated deficit of $546.1 million as of December 31, 2022 and experienced losses from continuing operations of $80.1 million and $54.2 million for the years ended December 31, 2022 and 2021, respectively. Because the market for our products and services is rapidly evolving, it is difficult for us to predict the future results of our operations. Our growth efforts may prove more expensive than we currently anticipate, and we may not succeed in increasing our revenues sufficiently, or at all, to offset expenses. In addition to the expected costs to grow our business, we also expect to continue to incur significant legal, accounting and other expenses as a public company. Revenue growth may or revenue may for a number of possible reasons, including demand for our products or services,
Language change vs prior 10-K
MD&A (Item 7) - words with the biggest YoY frequency increase
Negative rising
impairment+9
abandonment+8
loss+5
concern+5
doubt+3
Positive rising
effective+1
gain+1
MD&A (Item 7)
10,836 words
Item 7. Management’s Discussion and Analysis of Financial Condition and Results of Operations
The following discussion and analysis provides information we believe is relevant to an assessment and understanding of our results of operations, financial condition, liquidity and cash flows for the periods presented. This discussion should be read in conjunction with our audited consolidated financial statements and related notes contained elsewhere in this Annual Report. This discussion contains forward-looking statements that are based upon our current expectations, including with respect to our future revenues and operating results. Our actual results may differ materially from those anticipated in such forward-looking statements as a result of various factors, including those set forth under “Risk Factors” and “Cautionary Statement Regarding Forward-Looking Statements” contained elsewhere in this Annual Report. We operate on a calendar year basis. Thus, references to 2022, for example, refer to Appgate’s year ended December 31, 2022. Capitalized terms used in this section and not defined herein have the respective meanings given to such terms elsewhere in this Annual Report. Numbers and percentages presented throughout this discussion and analysis may not always add up to equivalent totals and/or to 100% due to rounding.
Overview of Our Business
We believe we are defining a new category of Zero Trust access for enterprises and governments. Our Zero Trust platform is designed to protect against increasingly through , identity-centric, context-aware solutions. Our pure-play focus on Zero Trust has us to deliver the ranked current Zero Trust Network Access offering as determined by the Forrester New Wave™: Zero Trust Network Access, Q3 2021.
increasing competition, a decrease in the growth of, or a demand shift in, our overall market, or a failure to capitalize on growth opportunities. Any failure to increase our revenue as we grow our business could prevent us from achieving or maintaining profitability or maintaining or increasing cash flow on a consistent basis. If we fail to increase our revenue to offset our operating expenses, we may not achieve or sustain profitability in the future.
Our failure to become and remain profitable may depress the market price of our common stock and could impair our ability to raise capital, expand our business, diversify our product offerings or continue our operations. If we continue to sufferlosses as we have in the past, investors may not receive any return on their investment and may lose their entire investment.
We believe our long-term value as a company will be greater if we focus on growth, which may negatively impact our losses in the near term.
Part of our business strategy is to primarily focus on our long-term growth. As a result, our losses may be greater in the near term than it would be if our strategy were to maximize short-term profitability. Significant expenditures on sales and marketing efforts, and expenditures on growing our Zero Trust solutions and expanding our research and development, each of which we intend to continue to invest in, may not ultimately grow our business or cause long-term profitability. If we are ultimately unable to achieveprofitability at the level anticipated by industry or financial analysts and our stockholders, our stock price may decline.
We face significant competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.
The market for cybersecurity solutions is competitive and characterized by rapid changes in technology, customer requirements, industry standards and frequent introductions of new and improvements of existing products and services. Our business model of delivering security products through the Zero Trust model has not yet gained widespread market traction as the Zero Trust model is still an emerging solution. Moreover, we compete with many established network and cybersecurity vendors, as well as new entrants. As customer requirements evolve, and as new products, services and technologies are introduced, if we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in revenue or our growth rate that could materially and adversely affect our business and results of operations.
Our competitors and potential competitors include:
• independent security vendors and providers, such as Zscaler, Inc. and Netskope, Inc.;
• large networking and security vendors, such as Cisco Systems, Inc. and Palo Alto Networks, Inc.;
• cloud providers who include similar security offerings within their platforms, such as Microsoft Corporation and Google LLC;
• anti-fraud and risk-based authentication providers, such as Outseer (RSA Security LLC), Broadcom Inc. (which acquired CA Technologies), Guardian Analytics, Inc. and BioCatch Ltd.;
• digital threat protection providers such as Outseer (RSA Security LLC), PhishLabs, Inc. and ZeroFox, Inc.; and
• other providers of cybersecurity services that offer, or may leverage related technologies to introduce, products that compete with or are alternatives to our Zero Trust solutions.
Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
• greater name recognition, longer operating histories and larger customer bases;
• larger sales and marketing budgets and resources;
• broader distribution and established relationships with channel partners and customers;
• greater customer support resources;
• greater resources to make acquisitions and enter into strategic partnerships;
• lower labor and research and development costs;
• larger and more mature intellectual property rights portfolios; and
• substantially greater financial, technical and other resources.
In addition, our competitors may develop technology solutions with architectures similar to our products. Our larger competitors have substantially broader and more diverse product and services offerings, which may allow them to leverage
their relationships based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products or services, including through selling at zero or negative margins, offering concessions, bundling products or maintaining closed technology platforms. Many competitors that specialize in providing protection from a single type of security threat may be able to deliver these targeted security products to the market more quickly than we can or to convince organizations that these limited products meet their needs.
Conditions in our market could change rapidly and significantly as a result of technological advancements, partnering or acquisitions by our competitors or continuing market consolidation. Start-up companies that innovate and large competitors that are making significant investments in research and development may invent similar or superior products, services and technologies that compete with our Zero Trust and other solutions. Some of our current or potential competitors have made or could make acquisitions of businesses or establish cooperative relationships that may allow them to offer more directly competitive and comprehensive solutions than were previously offered and adapt more quickly to new technologies and customer needs. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, increased net losses and loss of market share. Any failure to meet and address these factors could materially harm our business and operating results.
Our operating results may fluctuate significantly, which could make our future results difficult to predict and could cause our operating results to fall below expectations.
Our operating results may fluctuate from quarter to quarter as a result of a number of factors, many of which are outside of our control and may be difficult to predict. Some of the factors that may cause our results of operations to fluctuate from quarter to quarter include:
• broad market acceptance and the level of demand for our products and services;
• our ability to attract new customers, particularly large enterprises;
• our ability to retain customers and expand their usage of our Zero Trust solutions, particularly our largest customers;
• our ability to successfully expand internationally and penetrate key markets;
• the effectiveness of our sales and marketing programs;
• the length of our sales cycle, including the timing of renewals;
• technological changes and the timing and success of new service introductions by us or our competitors or any other change in the competitive landscape of our market;
• increases in and timing of operating expenses that we may incur to grow and expand our operations and to remain competitive;
• pricing pressure as a result of competition or otherwise;
• the quality and level of our execution of our business strategy and operating plan;
• adverselitigation judgments, settlements or other litigation-related costs;
• a possible downturn in cybersecurity spending due to a macroeconomic downturn;
• changes in the legislative or regulatory environment; and
• general economic conditions in either domestic or international markets, including geopolitical uncertainty and instability and global health crises and pandemics, such as COVID-19, and governmental responses thereto.
In addition, we generally experience seasonality in terms of when we enter into agreements with customers. We typically enter into a higher percentage of agreements with new customers, as well as renewal agreements with existing customers, in the first and fourth quarters of our fiscal year. This seasonality is reflected to a much lesser extent, and sometimes is not immediately apparent, in revenue, due to the fact that we generally recognize subscription revenue with respect to term-based and perpetual licenses up-front, which is generally one to three years. We expect that seasonality will continue to affect our operating results in the future and may reduce our ability to predict cash flow and optimize the timing of our operating expenses.
Any one or more of the factors above may result in significant fluctuations in our results of operations. As a result, our historical operating results are not a reliable indicator of future performance.
Additionally, the variability and unpredictability of our quarterly results of operations or other operating metrics could result in our failure to meet our expectations or those of industry or financial analysts. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could fall substantially.
Future acquisitions, strategic investments, partnerships or alliances could be difficult to identify and integrate, divert the attention of key management personnel, disrupt our business, dilute stockholder value and adversely affect our operating results, financial condition and prospects.
Our business strategy may, from time to time, include acquiring other complementary solutions, technologies or businesses. We have in the past acquired, and may in the future acquire, businesses that we believe will complement or augment our existing business. In order to expand our security offerings and features, we also may enter into relationships with other businesses, which could involve preferred or exclusive licenses, additional channels of distribution or investments in other companies. Negotiating these transactions can be time-consuming, difficult and costly, and our ability to close these transactions may be subject to third-party approvals, such as government regulatory approvals, which are beyond our control. Consequently, we cannot assure you that these transactions, once undertaken and announced, will close.
These kinds of acquisitions or investments may result in unforeseen operating difficulties and expenditures. In particular, we may encounter difficulties assimilating or integrating the businesses, technologies, products and services, personnel or operations of companies that we may acquire, particularly if the key personnel of an acquired business choose not to work for us. We may have difficulty retaining the customers of any acquired business or using or continuing the development of the acquired technologies. Acquisitions may also disrupt our ongoing business, divert our resources and require significant management attention that would otherwise be available for development of our business. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquisition transaction, including accounting charges. Any acquisition or investment could expose us to unknown liabilities. Moreover, we cannot assure you that the anticipated benefits of any acquisition or investment would be realized or that we would not be exposed to unknown liabilities. In connection with these types of transactions, we may:
• issue additional equity securities that would dilute our stockholders;
• use cash that we may need in the future to operate our business;
• incur debt on terms unfavorable to us or that we are unable to repay;
• incur large charges or substantial liabilities;
• encounter difficulties integrating diverse business cultures;
• incur impairments; and
• become subject to adverse tax consequences, substantial depreciation or deferred compensation charges.
These challenges related to acquisitions or investments could adversely affect our business, operating results, financial condition and prospects.
Falsepositive or falsenegative detection of risk, application tampering, viruses, spyware, vulnerabilityexploits, data patterns, or URL categories could adversely affect our business.
Our risk level determinations of application integrity, web-injections, potential vulnerabilityexploits, data leaks, or phishing and pharming URL categories may falsely report and alert on fraud risk threats that do not actually exist or fail to detect legitimate threats. Appgate determines risk threats using classifiers, analyzers, and machine learning model features in our products, which attempt to identify indicators of fraud risk and other threats both based on known indicators and characteristics or unknown anomalies which indicate that a particular item may be a threat. Due to customer configurable risk and threat tolerance thresholds, our customers may perceive falsepositive detections or falsenegativemissed detections as system unreliability, thereby adversely impacting market acceptance of our products. If our products are used by customers to restrict consumer access to applications based on falsely determining fraud risk, this could adversely affect end-customers’ user experience and result in damage to our reputation, negative publicity and decreased sales.
If our software does not interoperate with our customers’ network and security infrastructure or with third-party products, websites or services, our products may become less competitive and our results of operations may be harmed.
Our products and services must interoperate with our customers’ existing network and security infrastructure. These complex systems are developed, delivered and maintained by the customer and a myriad of vendors and service providers. As a result, the components of our customers’ infrastructure have different specifications, rapidly evolve, utilize multiple protocol standards, include multiple versions and generations of products and may be highly customized. We must be able to interoperate and provide our security products and services to customers with highly complex and customized networks, which requires careful planning and execution between our customers, our customer support teams and our channel partners. Further, when new or updated elements of our customers’ infrastructure or new industry standards or protocols
are introduced, we may have to update or enhance our software to allow us to continue to provide service to customers. Any changes in such technologies that degrade the functionality of our products or give preferential treatment to competitive services could adversely affect adoption and usage of our products and services. Our competitors or other vendors may refuse to work with us to allow their products to interoperate with our solutions, which could make it difficult for our software to function properly in customer networks that include these third-party products.
We may not deliver or maintain interoperability quickly or cost-effectively, or at all. These efforts require capital investment and engineering resources. If we fail to maintain compatibility of our products and services with our customers’ network and security infrastructures, our customers may not be able to fully utilize our solutions, and we may, among other consequences, lose or fail to increase our market share and experience reduced demand for our services, which would materially harm our business, operating results and financial condition.
If we fail to develop or introduce new enhancements to our products on a timely basis, our ability to attract and retain customers, remain competitive and grow our business could be impaired. Our current research and development efforts may not produce successful products that result in significant revenue, cost savings or other benefits in the near future, if at all.
The industry in which we compete is characterized by rapid technological change, frequent introductions of new products and services, evolving industry standards and changing regulations, as well as changing customer security needs, technology requirements and preferences. Our ability to attract new customers and increase revenue from existing customers will depend in significant part on our ability to anticipate and respond effectively to these changes on a timely basis and continue to introduce enhancements to our products and services.
The success of our products depends on our continued investment in our research and development organization to increase the functionality, reliability, availability and scalability of our existing solutions. Our investments in research and development may not result in significant design improvements, marketable products, subscriptions, or features, or may result in products or services that are more expensive than anticipated. Additionally, we may not achieve the cost savings or the anticipated performance improvements we expect, and we may take longer to generate revenue, or generate less revenue, than we anticipate. Our future plans include significant investments in research and development and related product and service opportunities. We believe that we must continue to dedicate a significant amount of resources to our research and development efforts to maintain our competitive position. However, we may not receive significant revenue from these investments in the near future, if at all, or these investments may not yield the expected benefits, either of which could adversely affect our business and operating results.
The success of any enhancement depends on several factors, including the timely completion and market acceptance of the enhancement. Any new product or service that we develop might not be introduced in a timely or cost-effective manner and might not achieve the broad market acceptance necessary to generate significant revenue. If new technologies emerge that deliver competitive products and services at lower prices, more efficiently, more conveniently or more securely, these technologies could adversely impact our ability to compete effectively. Any delay or failure in the introduction of enhancements could materially harm our business, results of operations and financial condition.
We rely on third-party hosting and cloud computing providers, like Amazon Web Services (AWS) and Microsoft Azure, to operate certain aspects of our business. A significant portion of our product traffic is hosted by a limited number of vendors, and any failure, disruption or significant interruption in our network or hosting and cloud services could adversely impact our operations and harm our business.
Our technology infrastructure is critical to the performance of our products and to user satisfaction, as well as our corporate functions. Our products and company systems run on a complex distributed system, or what is commonly known as cloud computing. We own, operate and maintain elements of this system, but significant elements of this system are operated by third-parties that we do not control and which would require significant time and expense to replace. We expect this dependence on third-parties to continue. We have sufferedinterruptions in service in the past, including when releasing new software versions or bug fixes, and if any such interruption were significant and/or prolonged it could adversely affect our business, financial condition, results of operations or reputation.
In particular, a significant portion, if not almost all, of our product traffic, data storage, data processing and other computing services and systems is hosted by AWS and Microsoft Azure. AWS and Azure provide us with computing and storage capacity pursuant to agreements that continue until terminated by either party. The agreements require AWS and
Azure to provide us their standard computing and storage capacity and related support in exchange for timely payment by us. We have experienced, and may in the future experience, disruptions, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors and capacity constraints. If a particular application is unavailable when users attempt to access it or navigation through a product is slower than they expect, users may stop using the application and may be less likely to return to the application as often, if at all.
Any failure, disruption or interference with our use of hosted cloud computing services and systems provided by third-parties, like AWS or Azure, could adversely impact our business, financial condition or results of operations. In addition, since many of the technical specialists responsible for managing disruptions to our technology infrastructure are working from home, the time required to remedy any interruption may increase. To the extent we do not effectively respond to any such interruptions, upgrade our systems as needed and continually develop our technology and network architecture to accommodate traffic, our business, financial condition or results of operations could be adversely affected. Furthermore, our disaster recovery systems and those of third-parties with which we do business may not function as intended or may fail to adequately protect our critical business information in the event of a significant business interruption, which may cause interruption in service of our products, security breaches or the loss of data or functionality, leading to a negative effect on our business, financial condition or results of operations.
In addition, we depend on the ability of our users to access the internet. Currently, this access is provided by companies that have significant market power in the broadband and internet access marketplace, including incumbent telephone companies, cable companies, mobile communications companies, government-owned service providers, device manufacturers and operating system providers, any of whom could take actions that degrade, disrupt or increase the cost of user access to our products or services, which would, in turn, negatively impact our business. The adoption or repeal of any laws or regulations that adversely affect the growth, popularity or use of the internet, including laws or practices limiting internet neutrality, could decrease the demand for, or the usage of, our products and services, increase our cost of doing business and adversely affect our results of operations.
If we are not able to maintain and enhance our brand, our business and results of operations may be adversely affected.
We believe that maintaining and enhancing our reputation as a provider of high-quality cybersecurity solutions is critical to our relationship with our existing customers and channel partners and our ability to attract new customers and channel partners. Furthermore, we believe that the importance of brand recognition will increase as competition in our market increases. The successful promotion of our brand will depend on several factors, including our marketing efforts, our ability to continue to develop high-quality features and enhancements for our technology solutions and our ability to successfully differentiate our solutions from competitive products and services. Our brand promotion activities may not be successful or yield increased revenue. In addition, independent industry or financial analysts often provide reviews of our products and services, as well as products and services of our competitors, and perception of our Zero Trust solutions in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products and services, our brand may be adversely affected. In addition, we have been named as a “Leader” in the Forrester New Wave™ for Zero Trust Network Access (Q3 2021) report. Our failure to maintain our “Leader” status in the future may also adversely affect our brand. Additionally, the performance of our channel partners may affect our brand and reputation if customers do not have a positive experience with our channel partners’ services. The promotion of our brand requires us to make substantial expenditures, and we anticipate that the expenditures will increase as our market becomes more competitive, we expand into new markets and more sales are generated through our channel partners. To the extent that these activities yield increased revenue, this revenue may not offset the expenses we incur. If we do not successfully maintain and enhance our brand, our business may not grow, we may have reduced pricing power relative to competitors and we could lose customers or fail to attract potential customers, all of which would materially and adversely affect our business, results of operations and financial condition.
Our business and growth partially depend on the success of our relationships with our existing channel partners and adding new channel partners over time.
We currently derive a portion of our revenue from sales through our channel partner network, and we expect future revenue growth will also be driven through this network. Not only does our joint sales approach require additional investment to grow and train our sales force, but we believe that continued growth in our business is dependent upon identifying, developing and maintaining strategic relationships with our existing and potential channel partners, including global systems integrators and managed service providers that will in turn drive substantial revenue and provide additional value-added services to our customers. Our agreements with our channel partners are generally non-exclusive, meaning our channel partners may offer customers the products of several different companies, including products that compete with
our technology solutions. In general, our channel partners may also cease marketing or reselling our products and services with limited or no notice and without penalty. If our channel partners do not effectively market and sell subscriptions to our products and services, choose to promote our competitors’ products or fail to meet the needs of our customers, our ability to grow our business and sell subscriptions to our products and services may be adversely affected. In addition, our channel partner structure could subject us to lawsuits or reputational harm if, for example, a channel partner misrepresents the functionality of our products and services to customers or violates applicable laws or our corporate policies. Further, in circumstances where we do not enter into a direct agreement with end customers, we cannot be sure that on every occasion each channel partner has required end customers to agree to our standard terms which are protective of our solutions and technology, nor that the channel partners will enforce each failure by an end customer to comply with such terms. Our ability to achieve revenue growth in the future will depend in large part on our success in maintaining successful relationships with our channel partners, identifying additional channel partners and training our channel partners to independently sell and deploy our products and services. If we are unable to maintain our relationships with our existing channel partners or develop successful relationships with new channel partners or if our channel partners fail to perform, our business, financial position and results of operations could be materially and adversely affected.
Our business depends, in part, on sales to government organizations, and significant changes in the contracting or fiscal policies of such government organizations could have an adverse effect on our business and operating results.
Our future growth depends, in part, on increasing sales to government organizations. Demand from government organizations is often unpredictable, subject to budgetary uncertainty and typically involves long sales cycles. We have made significant investments to address the government sector, but we cannot assure you that these investments will be successful, or that we will be able to maintain or grow our revenue from the government sector. Although we anticipate that they may increase in the future, sales to governmental organizations have not accounted for, and may never account for, a significant portion of our revenue. Sales to governmental organizations are subject to a number of challenges and risks that may adversely impact our business. Sales to such government entities include the following risks:
• selling to governmental agencies can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that such efforts will generate a sale;
• government certification requirements applicable to our solutions may change and, in doing so, restrict our ability to sell into the governmental sector until we have attained the revised certification;
• government demand and payment for our solutions may be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delaysadversely affecting public sector demand for our solutions;
• governments routinely investigate and audit government contractors’ administrative processes and compliance with contractual obligations, and any unfavorable audit or investigation, or adverse finding following a claim from a whistleblower, could result in the government refusing to continue buying our solutions, which would adversely impact our revenue and operating results, and/or fines or civil or criminal liability if the audit or investigation were to uncoverimproper or illegal activities; and
• governments may require certain products to be manufactured, produced, hosted or accessed solely in their country or in other relatively high-cost locations, and we may not produce or host all products in locations that meet these requirements, affecting our ability to sell these products to governmental agencies.
The occurrence of any of the foregoing could cause governmental organizations to delay or refrain from purchasing our solutions in the future or otherwise have an adverse effect on our business, operating results and financial condition.
Our international operations expose us to risks, and failure to manage those risks could materially and adversely impact our business.
Historically, we have derived a significant portion of our revenue from outside the United States. For the years ended December 31, 2022 and 2021, we derived approximately 49% and 52%, respectively, of our revenue from our international customers. As of December 31, 2022, approximately 71% of our full-time employees were located outside of the United States. We are continuing to adapt to and develop strategies to address international markets and our growth strategy includes expansion into target geographies, such as the Middle East, Africa, Japan and the Asia-Pacific regions, but there is no guarantee that such efforts will be successful. We expect that our international activities will continue to grow in the future, as we continue to pursue opportunities in international markets. These international operations will require significant management attention and financial resources and are subject to substantial risks, including:
• political, economic and social uncertainty;
• unexpected costs for the localization of our services, including translation into foreign languages and adaptation for local practices and regulatory requirements;
• greaterdifficulty in enforcing contracts and accounts receivable collection, and longer collection periods;
• reduced or uncertain protection for intellectual property rights in some countries;
• greater risk of unexpected changes in regulatory practices, tariffs and tax laws and treaties;
• greater risk of a failure of foreign employees, partners, distributors and resellers to comply with both U.S. and foreign laws, including antitrust regulations, anti-bribery laws, export and import control laws, and any applicable trade regulations ensuring fair trade practices;
• requirements to comply with foreign privacy, data protection and information security laws and regulations and the risks and costs of noncompliance;
• increased expenses incurred in establishing and maintaining office space and equipment for our international operations;
• greaterdifficulty in identifying, attracting and retaining local qualified personnel, and the costs and expenses associated with such activities;
• differing employment practices and labor relations issues;
• difficulties in managing and staffing international offices and increased travel, infrastructure and legal compliance costs associated with multiple international locations; and
• fluctuations in exchange rates between the U.S. dollar and foreign currencies in markets where we do business, including but not limited to, the British Pound and Euro, and related impact on sales cycles.
As we continue to develop and grow our business globally, our success will depend, in part, on our ability to anticipate and effectively manage these risks. The expansion of our existing international operations and entry into additional international markets will require management attention and financial resources. Our failure to successfully manage our international operations and the associated risks could limit the future growth of our business.
We have grown rapidly in recent periods. If we fail to effectively manage our growth, our business, financial condition and results of operations would be harmed.
Our growth may place a significant strain on our management and our administrative, operational and financial infrastructure. Our organizational structure is becoming more complex as we improve our administrative, operational and financial infrastructure as well as our reporting systems and procedures. Our success will depend in part on our ability to manage this growth effectively, which will require that we continue to improve our administrative, operational, financial and management systems and controls by, among other things:
• effectively attracting, training and integrating, including collaborating with, employees;
• further improving our key business applications, processes and security and IT infrastructure to support our business needs;
• enhancing our information and communication systems to ensure that our employees and offices around the world are well coordinated and can effectively communicate with each other and our growing base of channel partners, customers and users; and
• appropriately documenting and testing our security and IT systems and business processes.
These and other improvements in our systems and controls may require significant capital expenditures and the allocation of management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of our software and key business systems and comply with the rules and regulations applicable to public companies could be impaired, the quality of our products and services could suffer and we may not be able to adequately address competitive challenges. Failure to manage any future growth effectively could result in increased costs, disrupt our existing customer relationships, reduce demand for or limit us to smaller deployments of our products and services, or harm our business performance and operating results.
In addition, as we expand our business, it is important that we continue to maintain a high level of customer service and satisfaction. As our customer base continues to grow, we will need to expand our account management, customer service and other personnel to provide personalized account management and customer service. If we are not able to continue to provide high levels of customer service, our reputation, as well as our business, results of operations and financial condition, could be harmed.
In addition, we believe that our corporate culture has been a contributor to our success, which we believe fosters innovation, teamwork and an emphasis on customer-focused results. We also believe that our culture creates an
environment that drives and perpetuates our strategy and cost-effective distribution approach. As we grow and develop the infrastructure of a public company, we may find it difficult to maintain our corporate culture. Any failure to preserve our culture could harm our future success, including our ability to retain and recruit personnel, innovate and operate effectively and execute on our business strategy. If we experience any of these effects in connection with future growth, it could materially impair our ability to attract new customers, retain existing customers and expand their use of our Zero Trust solutions, all of which would materially and adversely affect our business, financial condition and results of operations.
Our sales cycles can be long and unpredictable, and our sales efforts can require considerable time and expense.
The timing of our sales and related revenue recognition is difficult to predict because of the length and unpredictability of the sales cycle for our products and services, particularly with respect to large organizations. Our sales efforts typically involve educating our prospective customers about the uses, benefits and the value proposition of our products and services, and often include a detailed Proof of Concept (POC) deployment in the prospect’s environment. Customers often view the subscription to our products as a significant decision as part of a strategic transformation initiative and, as a result, frequently require considerable time to evaluate, test and qualify our Zero Trust solutions prior to entering into or expanding a relationship with us. Large enterprises and government entities in particular often undertake a significant evaluation process that further lengthens the sales cycle.
Our sales force develops relationships directly with our customers, and together with our channel account teams, works with our channel partners on account penetration, account coordination, sales and overall market development. We spend substantial time and resources on our sales efforts, especially with larger customers, without any assurance that our efforts will produce a sale. Product purchases are frequently subject to budget constraints, multiple approvals and unanticipated administrative, processing and other delays. As a result, it is difficult to predict whether and when a sale will be completed and when revenue from a sale will be recognized.
The failure of our efforts to secure sales after investing resources in a lengthy sales process could materially and adversely affect our business and operating results.
The sales prices of our solutions may decrease, or the mix of our sales may change, which may increase our losses and adversely impact our financial results.
We have limited experience with respect to determining the optimal prices for our solutions. As the market for our solutions matures, or as new competitors introduce new products or services that are similar to or compete with ours, we may be unable to attract new customers at the same price or based on the same pricing model as we have used historically. Further, competition continues to increase in the market segments in which we participate, and we expect competition to further increase in the future, thereby leading to increased pricing pressures. Larger competitors with more diverse product and service offerings may reduce the price of products or services that compete with ours or may bundle them with other products and services. This could lead customers to demand greater price concessions or additional functionality at the same price levels. As a result, in the future we may be required to reduce our prices or provide more features without corresponding increases in price, which would adversely affect our business, operating results, and financial condition.
We provide service level commitments under some of our customer contracts. If we fail to meet these contractual commitments, we could be obligated to provide credits for future service and our business could suffer.
Certain of our customer agreements contain service level commitments, which contain specifications regarding the availability and performance of our products and services. Any failure of or disruption to our infrastructure could impact the performance of our products and the availability of services to customers. If we are unable to meet our stated service level commitments or if we suffer extended periods of poor performance or unavailability of our products, we may be contractually obligated to provide affected customers with service credits for future subscriptions, and, in certain cases, refunds. To date, there has not been a material failure to meet our service level commitments, and we do not currently have any material liabilities accrued on our balance sheet for such commitments. Our revenue, other results of operations and financial condition could be harmed if we suffer performance issues or downtime that exceeds the service level commitments under our agreements with our customers.
Our business is subject to the risks of warranty claims, product returns and product defects from real or perceived defects in our solutions or their misuse by our customers or third parties and indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement and other losses.
We may be subject to liability claims for damages related to errors or defects in our solutions. A material liability claim or other occurrence that harms our reputation or decreases market acceptance of our solutions will harm our business and operating results. Although we generally have limitation of liability provisions in our terms and conditions of sale, they may not fully or effectively protect us from claims as a result of federal, state or local laws or ordinances, or unfavorable judicial decisions in the United States or other countries. The sale and support of our solutions also entails the risk of product liability claims.
Additionally, we typically provide indemnification to customers for certain lossessuffered or expenses incurred as a result of third-party claims arising from our infringement of a third party’s intellectual property. We also provide unlimited liability for certain breaches of confidentiality, as defined in our terms of service. We also provide limited liability in the event of certain breaches of our terms of service. Certain of these contractual provisions survive termination or expiration of the applicable agreement.
If our customers or other third parties we do business with make intellectual property rights or other indemnification claimsagainst us, we will incur significant legal expenses and may have to pay damages, license fees and/or stop using technology found to be in violation of the third party’s rights. We may also have to seek a license for the technology. Such license may not be available on reasonable terms, if at all, and may significantly increase our operating expenses or may require us to restrict our business activities and limit our ability to deliver certain solutions or features. We may also be required to develop alternative non-infringing technology, which could require significant effort and expense and/or cause us to alter our solutions, which could harm our business. Large indemnity obligations, whether for intellectual property or in certain limited circumstances, other claims, would harm our business, operating results and financial condition.
Additionally, our solutions may be used by our customers and other third parties who obtain access to our solutions for purposes other than for which our solutions were intended.
Under certain circumstances our employees may have access to our customers’ solutions. An employee may take advantage of such access to conduct malicious activities. Any such misuse of our solutions could result in negative press coverage and negatively affect our reputation, which could result in harm to our business, reputation and operating results.
We maintain insurance to protect against certain claims associated with the use of our solutions, but our insurance coverage may not adequately cover any claim asserted against us. In addition, even claims that ultimately are unsuccessful could result in our expenditure of funds in litigation, divert management’s time and other resources, and harm our business and reputation.
If organizations do not adopt a Zero Trust model for cybersecurity, our ability to grow our business and operating results may be adversely affected.
Cybersecurity technologies are still evolving, and it is difficult to precisely predict customer demand and adoption rates for our services generally. We believe that our Zero Trust model for cybersecurity offers superior protection to our customers, who are becoming increasingly aware of the importance of implementing cybersecurity measures beyond a perimeter-centric model to secure access to their network. Following the 2020 SolarWinds attack, guidance was released by the National Institute of Standards and Technology, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency recommending a Zero Trust framework. Subsequently, in May 2021, President Joe Biden issued an Executive Order explicitly calling for the adoption of a Zero Trust Architecture by the federal government to improve the nation’s response to “persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” The federal government continues to lead the industry in setting standards with the September 2021 release of a Zero Trust maturity model and Zero Trust strategy documents. We also believe that our products and services represent a major shift from perimeter-centric cybersecurity models.
However, traditional perimeter-centric cybersecurity models are entrenched in the infrastructure of many of our potential customers, particularly large enterprises, because of their prior investment in and the familiarity of their IT personnel with such cybersecurity solutions. As a result, our sales process often involves extensive efforts to educate our customers on the benefits and capabilities of Zero Trust solutions, particularly as we continue to pursue customer relationships with large
organizations. Even with these efforts, we cannot predict market acceptance of our products and services, or the development of competing products or services based on other technologies. If we fail to achieve market acceptance of our products and services or are unable to keep pace with industry changes, our ability to grow our business and our operating results will be materially and adversely affected.
If we are unable to attract new customers or if our existing customers do not renew their subscriptions for our services or add additional users and services to their subscriptions the future results of our operations could be harmed.
Our growth is substantially dependent on adding new customers and expanding our relationships with existing customers. Potential clients that use legacy products and services may believe that these products and services are sufficient to meet their security needs or that our offerings only serve the needs of a portion of the enterprise security market. Accordingly, these organizations may continue allocating their information technology budgets for legacy products and services and may not adopt our security offerings. Further, many organizations have invested substantial personnel and financial resources to design and operate their networks and have established deep relationships with other providers of networking and security products. As a result, these organizations may prefer to purchase from their existing suppliers rather than add or switch to a new supplier such as us regardless of product performance, features, or greater services offerings. They may also be more willing to incrementally add solutions to their existing security infrastructure from existing suppliers rather than to replace some or all of their existing security infrastructure with our solutions. In addition, numerous other factors, many of which are out of our control, may now or in the future impact our ability to add new customers, including our failure to expand, retain and motivate our sales and marketing personnel, our failure to develop or expand relationships with our channel partners or to attract new channel partners, failure by us to help our customers to successfully deploy our software and expertise, negative media or industry or financial analyst commentary regarding us or our solutions, litigation and deteriorating general economic conditions. Our success in attracting new customers also depends on our ability to develop innovative, high-quality, and appealing new products, including alternatives to products introduced by our competitors, and to effectively communicate and market the benefits of such new products. Our ability to attract new customers also depends on the effectiveness of our sales and marketing efforts. We plan to dedicate significant resources to sales and marketing programs and to expand our sales and marketing capabilities to target additional potential customers, but there is no guarantee that we will be successful in attracting and maintaining additional customers. Furthermore, our ability to achieve growth will partially depend on our success in hiring, integrating, training and retaining a sufficient number of sales personnel to support our growth. If we are unable to find efficient ways to deploy our sales and marketing programs, are unable to hire and train a sufficient number of effective sales personnel, or our efforts to attract new customers are not successful, our revenue and rate of revenue growth may decline, we may not achieveprofitability and the future results of our operations could be materially harmed.
Our growth is also partially dependent on our customers renewing their subscriptions for our products when existing contract terms expire and expanding our commercial relationships with our existing customers. Our customers have no obligation to renew their subscriptions for our services after the expiration of their contractual subscription period, which is typically one to three years, and in the normal course of business, some customers have elected not to renew. In addition, in certain cases, customers may cancel their subscriptions without cause either at any time or upon advance written notice (typically ranging from 30 days to 60 days), typically subject to an early terminationpenalty for unused services. In addition, our customers may renew for fewer users, renew for shorter contract lengths or switch to a lower-cost suite. If our customers do not renew their subscription services, if our revenues decline or if we fail to grow our business, we could incur impairmentlosses on our assets. Our customer retention and expansion may decline or fluctuate as a result of a number of factors, including our customers’ satisfaction with our services, our customers’ ability to adopt our solutions correctly, our prices and pricing plans, our customers’ spending levels, decreases in the number of users to which our customers deploy our solutions, mergers and acquisitions involving our customers, competition and deteriorating general economic conditions.
Our future success also depends in part on the rate at which our current customers add additional users to their subscriptions or expand to utilize additional products, which is driven by a number of factors, including customer satisfaction with our services, customer security and networking issues and requirements, including demand for our products and services, general economic conditions and customer reaction to the price per additional user or of additional services. If our efforts to expand our relationship with our existing customers are not successful, our business may materially suffer.
Our business is subject to the risks of hurricanes, earthquakes, fire, floods and other natural catastrophic events, and to interruption by man-made problems such as power disruptions, computer viruses, data security breaches or terrorism affecting our operations or the operations of our third-party cloud service providers.
Our success depends, in part, on our ability to maintain the integrity of our systems and infrastructure, including website, information and related systems. We also currently host some of our products and serve our customers from third-party cloud service providers. While we have electronic access to the components and infrastructure of our software that are hosted by these third parties, we do not control the operation of these environments. Consequently, we may be subject to service disruptions as well as failures to provide adequate support for reasons that are outside of our direct control. Our corporate headquarters are located in Coral Gables, FL, a region known for hurricane activity. A significant natural disaster, such as a hurricane, fire, flood or public health emergency, such as COVID-19, or a significant man-made problem, such as acts of terrorism and other geopolitical unrest, occurring at our headquarters, at one of our other facilities or where a key channel partner, data center or third-party cloud service provider, component supplier or other third-party provider is located, could adversely affect our business, results of operations and financial condition. Although we maintain incident management and disaster response plans, disaster recovery planning by its nature cannot be sufficient for all eventualities. Though it is difficult to determine what, if any, harm may directly result from any specific interruption or attack, any failure to maintain performance, reliability, security and availability of our products and services to the satisfaction of our users may materially harm our reputation and our ability to retain existing customers and attract new customers.
If the delivery of our services to our customers is interrupted or delayed for any reason, our business could suffer.
Any interruption or delay in the delivery of our services may negatively impact our customers. Certain of our products are deployed via the internet, and our customers’ access to network resources is dependent on the continuous availability of the internet and our services to utilize such products. If an interruption in our services were to occur, our customers’ users could lose access to network resources (including private on-premises resources, public cloud IaaS-deployed resources, or public cloud SaaS resources, depending on customer configuration) until such disruption is resolved or customers deploy disaster recovery options that allow them to remediate the problem. The adverse effects of any service interruptions on our reputation and financial condition may be disproportionately heightened due to the nature of our business and the fact that our customers expect continuous and uninterrupted access to resources and may have a low tolerance for interruptions of any duration. While we do not consider them to have been material, we have experienced, and may in the future experience, service disruptions and other performance problems due to a variety of factors.
The following factors, many of which are beyond our control, can affect the delivery and availability of our services and the performance of our products:
• the development and maintenance of the infrastructure of the internet;
• the performance and availability of cloud service providers or third-party telecommunications services with the necessary speed, data capacity and security for providing reliable internet access and services;
• decisions by the owners and operators of the cloud infrastructures or data centers where our infrastructure is deployed to terminate our contracts, discontinue services to us, shut down operations or facilities, increase prices, change service levels, limit bandwidth, declare bankruptcy or prioritize the traffic of other parties;
• the occurrence of earthquakes, floods, fires, pandemics, power loss, system failures, physical or electronic break-ins, acts of war or terrorism, human error or interference (including by disgruntled employees, former employees or contractors) and other catastrophic events;
• cyberattacks, including ransomware, denial of service attacks, targeted at us, our cloud service providers, data centers or the infrastructure of the internet;
• failure by us to maintain and update our infrastructure to meet customer requirements;
• errors, defects or performance problems in our software, including third-party software incorporated in our software, which we use to operate our products;
• improper classification of websites or known-bad phishing domains by our vendors who provide us with lists of malicious sites;
• improper deployment or configuration of our services;
• the failure of our redundancy systems, in the event of a service disruption at one of our cloud service providers, to provide failover to other regions in our cloud service provider environment network; and
• the failure of our disaster recovery and business continuity arrangements.
The occurrence of any of these factors, or if we are unable to efficiently and cost-effectively fix such errors or other problems that may be identified, could damage our reputation, negatively impact our relationship with our customers or otherwise materially harm our business, results of operations and financial condition.
A network or data security incidentagainst us, whether actual, alleged, or perceived, could harm our reputation, create liability, and regulatory exposure, and adversely impact our business, operating results, and financial condition.
Increasingly, companies are subject to a wide variety of attacks on their networks on an ongoing basis, including traditional computer hackers, malicious code (such as viruses and worms), distributed denial-of-service attacks, sophisticated attacks conducted or sponsored by nation-states, advanced persistentthreat intrusions, ransomware, software supply chain attacks, and theft or misuse of intellectual property or business or personal data, including by disgruntled employees, former employees or contractors. Cybersecurity companies face particularly intense attack efforts, and we have faced and will continue to face cyber threats and attacks from a variety of sources. Although we have implemented security measures to prevent such attacks, our networks and systems may be breached due to the actions of outside parties, employee error, malfeasance, a combination of these, or otherwise, and as a result, an unauthorized party may obtain access to our systems, networks, or data. We may face difficulties or delays in identifying or otherwise responding to any attacks or actual or potential security breaches or threats. A breach in our data security or an attack against our platform could impact our networks or the networks of our customers that are secured by our platform, creating system disruptions or slowdowns and providing access to malicious parties to information stored on our networks or the networks of our customers, resulting in data being publicly disclosed, altered, lost, or stolen, which could subject us to liability and adversely impact our financial condition.
In addition, any actual, alleged or perceived security breach in our systems or networks, or any other actual, alleged or perceived data security incident we suffer, could result in damage to our reputation, negative publicity, loss of customers and sales, loss of competitive advantages over our competitors, increased costs to remedy any problems and otherwise respond to any incident, regulatory investigations and enforcement actions, costlylitigation, and other liability. We would also be exposed to a risk of loss or litigation and potential liability under laws, regulations and contracts that protect the privacy and security of personal information.
In addition, we may incur significant financial and operational costs to investigate, remediate, eliminate and put in place additional tools and devices designed to prevent actual or perceived security breaches and other security incidents, as well as costs to comply with any notification obligations resulting from any security incidents. Any of these negative outcomes could adversely impact the market perception of our platform and customer and investor confidence in our company, and would adversely impact our business, operating results, and financial condition.
The actual or perceived failure of our technology solutions to prevent a security breach or address targeted security threats could harm our reputation and adversely impact our business, financial condition and results of operations.
Our Zero Trust solutions may fail to prevent security breaches for any number of reasons. Our products are complex and may be misconfigured by customers or contain performance or functional issues that are not detected until after deployment. We also provide frequent solution updates and enhancements, which increase the possibility of errors, and our reporting, tracking, monitoring and quality assurance procedures may not be sufficient to ensure we detect any such defects in a timely manner. The performance of our products can be negatively impacted by our failure to enhance, expand or update our products, errors or defects in our software, improper deployment or configuration of our services and many other factors.
In addition, because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, there is a risk that a cyber threat could emerge that our services are unable to detect or prevent until after some of our customers are impacted. Moreover, as our services are adopted by an increasing number of enterprises, it is possible that the individuals and organizations behind cyber threats will focus on finding ways to defeat our services. If this happens, our products could be targeted by attacks specifically designed to disrupt our Zero Trust model and create the perception that our technology is not capable of providing superior cybersecurity, which, in turn, could have a serious impact on our reputation as a provider of cybersecurity solutions. Further, if a high-profile security breach occurs with respect to another similar cybersecurity services provider, our customers and potential customers may lose trust in cybersecurity solutions generally, and with respect to Zero Trust security in particular, which could materially and adversely impact our ability to retain existing customers or attract new customers.
No security solution, including our Zero Trust solutions, can address all possible security threats or block all methods of penetrating a network or otherwise perpetrating a security incident. Our customers must rely on complex network and security infrastructures, which include products and services from multiple vendors, to secure their networks. If any of our customers becomes infected with malware or experiences a security breach, they could be disappointed with our services or products, regardless of whether our services or products are intended to block the attack or would have blocked the attack if the customer had properly configured our product or engaged our services in time. Additionally, if any enterprises that are publicly known to use our services or products are the subject of a cyberattack that becomes publicized, our current or potential customers may look to our competitors for alternatives to our services.
From time to time, industry or financial analysts and research firms evaluate our solutions against other security products. Our services may fail to prevent threats in any particular test for a number of reasons, including misconfiguration. To the extent potential customers, industry or financial analysts or testing firms believe that the occurrence of a failure to prevent any particular threat is a flaw or indicates that our services do not provide significant value, our reputation and business could be materially harmed.
Any real or perceived flaws in our products or services, any real or perceived security breaches or other security incidents of our customers or loss of compliance attestations required by customer contracts, could result in:
• a loss of existing or potential customers or channel partners;
• delayed or lost sales and harm to our financial condition and results of operations;
• a delay in attaining, or the failure to attain, market acceptance;
• the expenditure of significant financial resources in efforts to analyze, correct, eliminate, remediate or work around errors or defects, to address and eliminate vulnerabilities and to address any applicable legal or contractual obligations relating to any actual or perceived security breach;
• negative publicity and damage to our reputation and brand; and
• legal claims and demands (including for stolen assets or information, repair of system damages, and compensation to customers and business partners), litigation, regulatory inquiries or investigations and other liability.
Any of the above results could materially and adversely affect our business, financial condition and results of operations.
Additionally, with product effectiveness a critical competitive factor in our industry, we make public statements, including on our website, in marketing materials and elsewhere, describing the effectiveness of our products and the performance of our solutions. As a result, we may face claims, including claims of unfair or deceptive trade practices, brought by the U.S. Federal Trade Commission, state, local, or foreign regulators, and private litigants.
Risks Related to Our People
We rely on our key technical, sales and management personnel to grow our business, and the loss of one or more key employees or the inability to attract and retain qualified personnel could harm our business.
Our future success is substantially dependent on our ability to attract, retain and motivate the members of our management team and other key employees throughout our organization. We rely on our leadership team in the areas of operations, security, marketing, sales, support, research and development and general and administrative functions. Although we have entered into employment agreements and other arrangements with certain of our key personnel, our employees, including our executive officers, may terminate their employment with us at any time. We do not maintain key person life insurance policies on any of our employees. The loss of one or more of our executive officers or key employees could seriouslyharm our business.
To execute our growth plan, we must attract and retain highly qualified personnel. Competition for these personnel is intense, especially for experienced sales professionals and for engineers experienced in designing and developing cybersecurity applications and security software. We have from time to time experienced, and we expect to continue to experience, difficulty in hiring and retaining employees with appropriate qualifications. For example, in recent years, recruiting, hiring and retaining employees with expertise in the cybersecurity industry has become increasingly difficult as the demand for cybersecurity professionals has increased as a result of the recent cybersecurity attacks on global corporations and governments. Many of the companies with which we compete for experienced personnel have greater resources than we have, which provides those companies an advantage in, among other things, recruiting and retaining foreign employees on Visas for work in the U.S. In addition, job candidates and existing employees often consider the value of the equity awards they receive in connection with their employment. Volatility or lack of performance in our stock
price may also affect our ability to attract and retain our key employees. Any failure to successfully attract, integrate or retain qualified personnel to fulfill our current or future needs could materially and adversely affect our business, operating results and financial condition.
Our ability to maintain customer satisfaction depends in part on the quality of our customer support, including the quality of the support provided on our behalf by certain channel partners. Failure to maintain high-quality customer support could have an adverse effect on our business, financial condition and results of operations.
If we do not provide adequate support to our customers, our ability to renew subscriptions, increase the number of users and sell additional services to customers will be adversely affected. We believe that successfully delivering our Zero Trust solutions often require a high level of customer support and engagement. We or our channel partners must successfully assist our customers in deploying our Zero Trust solutions, resolving performance issues, and addressing interoperability challenges with a customer’s existing network and security infrastructure. Many enterprises, particularly large organizations, have very complex networks and require high levels of focused support, including premium support offerings, to fully realize the benefits of our products and services. We believe our service is of high quality and a key competitive advantage. Any failure by us to maintain the expected level of support could reduce customer satisfaction and hurt our customer retention, particularly with respect to our large enterprise customers. Additionally, if our channel partners do not provide support to the satisfaction of our customers, we may be required to provide this level of support to those customers, which would require us to hire additional personnel and to invest in additional resources. We may not be able to hire such resources fast enough to keep up with demand, particularly if the sales of our products and services exceed our internal forecasts. To the extent that we or our channel partners are unsuccessful in hiring, training and retaining adequate support resources, our ability and the ability of our channel partners to provide adequate and timely support to our customers will be negatively impacted, and our customers’ satisfaction with our products or services could be adversely affected. Furthermore, as we sell our solutions internationally, our support organization faces additional challenges, including those associated with delivering support, training and documentation in languages other than English. Any failure to maintain high-quality customer support, or a market perception that we do not maintain high-quality support, could materially harm our reputation, adversely affect our ability to sell our solutions to existing and prospective customers and could harm our business, financial condition and results of operations.
Risks Related to Our Intellectual Property
It may be difficult to enforce our intellectual property rights, which could enable others to copy or use aspects of our solutions without compensating us.
We believe our intellectual property is a key competitive advantage. We rely on a combination of patent, copyright, trademark and trade secret laws, as well as confidentiality procedures and contractual provisions, to establish and protect our intellectual property rights, all of which provide only limited protection. The efforts we have taken to protect our intellectual property rights may not be sufficient or effective, and our patents, trademarks and copyrights may be held invalid or unenforceable. Moreover, we cannot assure you that any patents will be issued with respect to our currently pending patent applications in a manner that gives us adequate defensive protection or competitive advantages, or that any patents issued to us will not be challenged, invalidated or circumvented. We have filed for patents in the United States and in certain non-U.S. jurisdictions, but such protections may not be available in all countries in which we operate or in which we seek to enforce our intellectual property rights or may be difficult to enforce in practice. For example, many foreign countries have compulsory licensing laws under which a patent owner must grant licenses to third parties. In addition, many countries limit the enforceability of patents against certain third parties, including government agencies or government contractors. In these countries, patents may provide limited or no benefit. Moreover, we may need to expend additional resources to defend our intellectual property rights in these countries, and our inability to do so could impair our business or adversely affect our international expansion. Our currently issued patents and any patents that may be issued in the future with respect to pending or future patent applications may not provide sufficiently broad protection, or they may not prove to be enforceable in actions againstalleged infringers. Additionally, the U.S. Patent and Trademark Office and various foreign governmental patent agencies require compliance with a number of procedural, documentary, fee payment and other similar provisions during the patent application process and to maintain issued patents. There are situations in which noncompliance can result in abandonment or lapse of the patent or patent application, resulting in partial or complete loss of patent rights in the relevant jurisdiction. If this occurs, it could materially harm our business, operating results, financial condition and prospects. Likewise, we have applied for trademark registrations in the U.S. and certain non-U.S. jurisdictions, but have not applied to register our trademarks in every country in which we currently conduct business or may expand in the future. Third parties may register our marks in those countries and prevent us from doing so.
We may not be effective in policing unauthorized use of our intellectual property rights, as we do not take active measures to monitor for infringement of our patents or trademarks, and even if we do detect violations, litigation may be necessary to enforce our intellectual property rights. In addition, our intellectual property may be stolen, including by cybercrimes, and we may not be able to identify the perpetrators or prevent the exploitation of our intellectual property by our competitors or others. Protecting against the unauthorized use of our intellectual property rights, technology and other proprietary rights is expensive and difficult, particularly outside of the United States. Any enforcement efforts we undertake, including litigation, could be time-consuming and expensive and could divert management’s attention, either of which could harm our business, operating results and financial condition. Further, attempts to enforce our rights against third parties could also provoke these third parties to assert their own intellectual property or other rights against us, or result in a holding that invalidates or narrows the scope of our rights, in whole or in part. The inability to adequately protect and enforce our intellectual property and other proprietary rights could seriouslyharm our business, operating results, financial condition and prospects. Even if we are able to secure our intellectual property rights, we cannot assure you that such rights will provide us with competitive advantages or distinguish our services from those of our competitors or that our competitors will not independently develop similar technology, duplicate any of our technology, or design around our patents.
We incorporate technology from third parties into our products, and our inability to obtain or maintain rights to the technology could harm our business.
We license software and other technology from third parties that we incorporate into or integrate with, our products. We cannot be certain that our licensors are not infringing the intellectual property rights of third parties or that our licensors have sufficient rights to the licensed intellectual property in all jurisdictions in which we may sell our services. In addition, many licenses are non-exclusive, and therefore our competitors may have access to the same technology licensed to us. Some of our agreements with our licensors may be terminated for convenience by them, or otherwise provide for a limited term. If we are unable to continue to license any of this technology for any reason, our ability to develop and sell our services containing such technology could be harmed. Similarly, if we are unable to license necessary technology from third parties now or in the future, we may be forced to acquire or develop alternative technology, which we may be unable to do in a commercially feasible manner or at all, and we may be required to use alternative technology of lower quality or performance standards. This could limit and delay our ability to offer new or competitive products and services. As a result, our business and results of operations could be significantly harmed.
Some of our technology incorporates “open source” software, and we license some of our software through open source projects, which could negatively affect our ability to sell our products and subject us to possible litigation.
Some of our solutions incorporate software licensed by third parties under open source licenses, including open source software embedded in software we receive from third-party commercial software vendors. Use of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide support, updates or warranties or other contractual protections regarding infringementclaims or the quality of the code. In addition, the wide availability of open source software used in our solutions could expose us to security vulnerabilities. Furthermore, the terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or commercialize our solutions. As a result, we could be subject to lawsuits by parties claiming ownership of what we believe to be open source software. Litigation could be costly for us to defend, have a negative effect on our results of operations and financial condition or require us to devote additional research and development resources to change our solutions. In addition, by the terms of some open source licenses, under certain conditions we could be required to release the source code of our proprietary software, and to make our proprietary software available under open source licenses, including authorizing further modification and redistribution. In the event that portions of our proprietary software are determined to be subject to such requirements by an open source license, we could be required to publicly release the affected portions of our source code, re-engineer all or a portion of our products or services or otherwise be limited in the licensing of our services, each of which provide an advantage to our competitors or other entrants to the market, create security vulnerabilities in our solutions and could reduce or eliminate the value of our services. Further, if we are held to have breached or otherwise failed to comply with the terms of an open source software license, we could be required to release certain of our proprietary source code under open source licenses, pay monetary damages, seek licenses from third parties to continue offering our services on terms that are not economically feasible or be subject to injunctions that could require us to discontinue the sale of our services if re-engineering could not be accomplished on a timely basis. Many of the risks associated with use of open source software cannot be eliminated and could negatively affect our business. Moreover, we cannot assure you that our processes for controlling our use of open source software in our products will be effective. Responding to any infringement or noncompliance claim by an open source vendor, regardless of its validity, or
discovering open source software code in our software could harm our business, operating results and financial condition by, among other things:
• resulting in time-consuming and costlylitigation;
• diverting management’s time and attention from developing our business;
• requiring us to pay monetary damages or enter into royalty and licensing agreements that we would not normally find acceptable;
• causing delays in the deployment of our products or service offerings to our customers;
• requiring us to stop offering certain services on or features of our products;
• requiring us to redesign certain components of our software using alternative non-infringing or non-open source technology, which could require significant effort and expense;
• requiring us to disclose our software source code and the detailed program commands for our software; and
• requiring us to satisfy indemnification obligations to our customers.
Claims by others that we infringe their proprietary technology or other rights, or other lawsuits asserted against us, could result in significant costs and substantially harm our business, financial condition, results of operations and prospects.
A number of companies in our industry hold a large number of patents and also protect their copyright, trade secret and other intellectual property rights, and companies in the networking and security industry frequently enter into litigation based on allegations of patent infringement or other violations of intellectual property rights. In addition, patent holding companies seek to monetize patents they previously developed, have purchased or otherwise obtained. Many companies, including our competitors, may now, and in the future, have significantly larger and more mature patent, copyright, trademark and trade secret portfolios than we have, which they may use to assert claims of infringement, misappropriation and other violations of intellectual property rights against us. In addition, future litigation may involve non-practicing entities or other patent owners who have no relevant product offerings or revenue and against whom our own patents may therefore provide little or no deterrence or protection. As we face increasing competition and gain an increasingly higher profile, including as a result of becoming a public company, the possibility of intellectual property rights claimsagainst us grows. Third parties have asserted in the past and may in the future assert claims of infringement of intellectual property rights against us and these claims, even without merit, could harm our business, including by increasing our costs, reducing our revenue, creating customer concerns that result in delayed or reduced sales, distracting our management from the running of our business and requiring us to cease use of important intellectual property. In addition, because patent applications can take years to issue and are often afforded confidentiality for some period of time, there may currently be pending applications, unknown to us, that later result in issued patents that could cover one or more of our services. Moreover, in a patent infringement claim against us, we may assert, as a defense, that we do not infringe the relevant patent claims, that the patent is invalid or both. The strength of our defenses will depend on the patents asserted, the interpretation of these patents, and our ability to invalidate the asserted patents. However, we could be unsuccessful in advancing non-infringement and/or invalidityarguments in our defense. In the United States, issued patents enjoy a presumption of validity, and the party challenging the validity of a patent claim must present clear and convincing evidence of invalidity, which is a high burden of proof. Conversely, the patent owner need only prove infringement by a preponderance of the evidence, which is a lower burden of proof. Furthermore, because of the substantial amount of discovery required in connection with patent and other intellectual property rights litigation, there is a risk that some of our confidential information could be compromised by the discovery process.
As the number of products and competitors in our market increases and overlaps occur, claims of infringement, misappropriation and other violations of intellectual property rights may increase. Our insurance may not cover intellectual property rights infringementclaims. Third parties may in the future also assert infringementclaimsagainst our customers or channel partners, with whom our agreements may obligate us to indemnify against these claims. In addition, to the extent we hire personnel from competitors, we may be subject to allegations that such employees have divulged proprietary or other confidential information to us.
From time to time, the U.S. Supreme Court, other U.S. federal courts and the U.S. Patent and Trademark Appeals Board, and their foreign counterparts, have made and may continue to make changes to the interpretation of patent laws in their respective jurisdictions. We cannot predict future changes to the interpretation of existing patent laws or whether U.S. or foreign legislative bodies will amend such laws in the future. Any changes may lead to uncertainties or increased costs and risks surrounding the outcome of third-party infringementclaims brought against us and the actual or enhanceddamages, including treble damages, that may be awarded in connection with any such current or future claims and could have a material adverse effect on our business and financial condition.
We are unable to predict the likelihood of success in defendingagainst future infringementclaims. In the event that we fail to successfullydefend ourselves against an infringement claim, a successful claimant could secure a judgment or otherwise require payment of legal fees, settlement payments, ongoing royalties or other costs or damages; or we may agree to a settlement that prevents us from offering certain services or features; or we may be required to obtain a license, which may not be available on reasonable terms, or at all, to use the relevant technology. If we are prevented from using certain technology or intellectual property, we may be required to develop alternative, non-infringing technology, which could require significant time, during which we could be unable to continue to offer our affected services or features, effort and expense and may ultimately not be successful. Any of these outcomes could result in a material adverse effect on our business. Even if we were to prevail, third-party infringement lawsuits could be costly and time-consuming, divert the attention of our management and key personnel from our business operations, deter channel partners from selling or licensing our services and dissuade potential customers from purchasing our services, which would also materially harm our business. In addition, any public announcements of the results of any proceedings in third-party infringement lawsuits could be negatively perceived by industry or financial analysts and investors and could cause our stock price to experience volatility or decline. Further, the expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our results of operations. Any of these events could materially and adverselyharm our business, financial condition and results of operations.
Risks Related to Legal and Regulatory Matters
Failure to comply with laws and regulations applicable to our business could subject us to fines and penalties and could also cause us to lose customers in the public sector or negatively impact our ability to contract with the public sector.
Our business is subject to regulation by various federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing privacy and data protection laws and regulations, government contract laws, employment and labor laws, workplace safety, anti-bribery laws, import and export controls, federal securities laws and tax laws and regulations. In certain jurisdictions, these regulatory requirements may be more stringent than in the United States. These laws and regulations impose added costs on our business. Noncompliance with applicable regulations or requirements could subject us to:
• investigations, enforcement actions and sanctions;
• mandatory changes to our Zero Trust solutions;
• disgorgement of profits, fines and damages;
• civil and criminalpenalties or injunctions;
• claims for damages by our customers or channel partners;
• termination of contracts;
• loss of intellectual property rights; and
• temporary or permanent debarment from sales to government organizations.
If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminallitigation, our business, operating results and financial condition could be adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could materially harm our business, operating results and financial condition.
We endeavor to properly classify employees as exempt versus non-exempt, as well as employee versus independent contractor, under applicable law. Although there are no pending or threatened material claims or investigationsagainst us asserting that some employees or independent contractors are improperly classified, the possibility exists that some of our current or former employees or independent contractors could have been incorrectly classified.
In addition, we must comply with laws and regulations relating to the formation, administration and performance of contracts with the public sector, including U.S. federal, state and local governmental organizations, which affect how we
and our channel partners do business with governmental agencies. Selling our solutions to the U.S. government, whether directly or through channel partners, also subjects us to certain regulatory and contractual requirements. Failure to comply with these requirements by either us or our channel partners could subject us to investigations, fines and other penalties, which could have an adverse effect on our business, operating results, financial condition and prospects. As an example, the U.S. Department of Justice, or DOJ, and the General Services Administration, or GSA, have in the past pursued claimsagainst and financial settlements with IT vendors under the FalseClaims Act and other statutes related to pricing and discount practices and compliance with certain provisions of GSA contracts for sales to the federal government. The DOJ and GSA continue to actively pursue such claims. Violations of certain regulatory and contractual requirements could also result in us being suspended or debarred from future government contracting. Any of these outcomes could have a material adverse effect on our revenue, operating results, financial condition and prospects.
We are also subject to the U.S. Foreign Corrupt Practices Act of 1977, the U.K. Bribery Act 2010 and other anti-corruption, anti-bribery, anti-money laundering and similar laws in the United States and other countries in which we conduct activities. Anti-corruption and anti-bribery laws, which have been enforced aggressively and are interpreted broadly, prohibit companies and their employees and agents from promising, authorizing, making or offering improper payments or other benefits to government officials and others in the private sector. We leverage third parties, including channel partners, to sell subscriptions to our products and conduct our business abroad. We and these third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities and we may be held liable for the corrupt or other illegal activities of these third-party business partners and intermediaries, our employees, representatives, contractors, channel partners and agents, even if we do not explicitly authorize such activities. While we have policies and procedures to address compliance with such laws, we cannot assure you that all of our employees and agents will not take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase. Noncompliance with these laws could subject us to investigations, severecriminal or civil sanctions, settlements, prosecution, loss of export privileges, suspension or debarment from U.S. government contracts, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminalpenalties or injunctions, whistleblower complaints, adverse media coverage and other consequences. Any investigations, actions or sanctions could materially harm our reputation, business, results of operations and financial condition.
These laws and regulations impose added costs on our business, and failure to comply with these or other applicable regulations and requirements could lead to claims for damages from our channel partners or customers, penalties, termination of contracts, loss of exclusive rights in our intellectual property and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business and operating results.
We and our directors, officers and affiliates have in the past and may in the future become involved in litigation and other proceedings that may adversely affect us.
From time to time, we and our directors, officers and affiliates have been subject to claims, suits and other proceedings. Regardless of the outcome, legal proceedings can have an adverse impact on us because of legal costs and diversion of management attention and resources, and could cause us to incur significant expenses or liability, adversely affect our brand recognition or require us to change our business practices. The expense of litigation and the timing of this expense from period to period are difficult to estimate, subject to change and could adversely affect our business, operating results and financial condition. It is possible that a resolution of one or more such proceedings could result in substantial damages, settlement costs, fines and penalties that would adversely affect our business, financial condition, operating results or cash flows in a particular period. These proceedings could also result in reputational harm, sanctions, consent decrees or orders requiring a change in our business practices. Additionally, our directors, officers and affiliates, or their respective affiliated entities, are currently and may in the future be the subject of claims, suits, litigation and government investigation in their individual capacities or in connection with other business ventures, which could adversely impact our reputation or public perception of our company, irrespective of the merits of any such proceeding. Because of the potential risks, expenses and uncertainties of litigation, we may, from time to time, settle disputes, even where we have meritoriousclaims or defenses, by agreeing to settlement agreements. Because litigation is inherently unpredictable, we cannot assure you that the results of any of these actions will not have a material adverse effect on our business, financial condition, operating results and prospects. Any of these consequences could adversely affect our business, operating results and financial condition.
We could be subject to securities class action litigation. In the past, securities class action litigation has often been instituted against companies following periods of volatility in the market price of a company’s securities.
This type of litigation, if instituted, could result in substantial costs and a diversion of management’s attention and resources, which could adversely affect our business, operating results, or financial condition. Additionally, the dramatic increase in the cost of directors’ and officers’ liability insurance may cause us to opt for lower overall policy limits or to forgo insurance that we may otherwise rely on to cover significant defense costs, settlements, and damages awarded to plaintiffs.
If we were not able to satisfy data protection, security, privacy and other government- and industry-specific requirements or regulations, our business, results of operations and financial condition could be harmed.
Personal privacy, data protection and information security are significant issues in the United States, Europe and in other jurisdictions where we offer our cybersecurity solutions. The regulatory framework for privacy, data protection, and cybersecurity matters is rapidly evolving and is likely to remain uncertain for the foreseeable future. Our handling of data is subject to a variety of laws and regulations, including regulation by various government agencies. Evolving and changing definitions of personal data and personal information, within the E.U., the United States, and elsewhere, may limit or inhibit our ability to operate or expand our business, including limiting strategic partnerships that may involve the sharing or uses of personal data and personal information, and may require significant expenditures and efforts in order to comply.
The U.S. federal government, and various state and foreign governments, have adopted or proposed limitations on the collection, distribution, use and storage of information relating to individuals. Such laws and regulations may require companies to implement privacy and security policies, permit customers to access, correct and delete information stored or maintained by such companies, inform individuals of security breaches that affect their information, and, in some cases, obtain individuals’ consent to use information for certain purposes. Laws and regulations outside the United States, and particularly in Europe, often are more restrictive than those in the United States. In addition, some foreign governments require that certain information collected in a country be retained within that country. We also may find it necessary or desirable to join industry or other self-regulatory bodies or other information security or data protection-related organizations that require compliance with their rules pertaining to information security and data protection. We also may be bound by additional, more stringent contractual obligations relating to our collection, use and disclosure of personal, financial and other data.
We also expect that there will continue to be new proposed laws, regulations and industry standards concerning privacy, data protection and information security in the United States, the European Union and other jurisdictions in which we operate or may operate, and we cannot yet determine the impact such future laws, regulations and standards may have on our business. For example, the European Union implemented the General Data Protection Regulation in May 2018, which imposes stringent data protection requirements and provides for significant penalties for noncompliance. In addition, data protection laws in Europe impose requirements with respect to the cross-border transfer of certain personal data. We historically relied upon data transfer mechanisms such as the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield frameworks, and the use of certain standard contractual clauses approved by the European Commission, to address these requirements. In July 2020, the CJEU, Europe’s highest court, held that the EU-U.S. Privacy Shield was invalid, and imposed additional obligations in connection with the use of contractual clauses governing cross-border transfers of personal data. As a result, we may need to implement different or additional measures to establish or maintain legitimate means for the transfer and receipt of personal data from the European Union to the U.S. In addition, due to the UK’s departure from the European Union, we are subject to requirements for personal data transfers to and from the UK, which continue to evolve following Brexit. If the measures we implement are later determined to be insufficient, we may face enforcement actions by data protection authorities.
In addition, California adopted the California Consumer Privacy Act in 2018, which took effect in January 2020 and seeks to provide California consumers with increased privacy rights and protections for their personal information. The 2018 Act was further modified by the California Privacy Rights Act, which became effective January 1, 2023. Similar laws in Virginia took effect on January 1, 2023, in Colorado and Connecticut take effect on July 1, 2023 and in Utah take effect on December 31, 2023. We expect that existing laws, regulations and standards may be interpreted in new manners in the future. Future laws, regulations, standards and other obligations, and changes in the interpretation of existing laws, regulations, standards and other obligations could require us to modify our solutions, restrict our business operations, increase our costs and impair our ability to maintain and grow our customer base and increase our revenue.
Although we work to comply with applicable laws and regulations, industry standards, contractual obligations and other legal obligations, those laws, regulations, standards and obligations are evolving and may be modified, interpreted and applied in an inconsistent manner from one jurisdiction to another, and may conflict with one another. In addition, they may conflict with other requirements or legal obligations that apply to our business or the security features and services
that our customers expect from our solutions and may require us to make changes to our solutions or other practices in an effort to comply with them. As such, we cannot assure ongoing compliance with all such laws, regulations, standards and obligations. Any failure or perceived failure by us to comply with applicable laws, regulations, standards or obligations, or any actual or suspected security breach or other security incident, whether or not resulting in unauthorized access to, or acquisition, release or transfer of information relating to individuals or other data, may result in governmental investigations, enforcement actions and other proceedings, private litigation, fines and penalties or adverse publicity, and could cause our customers to lose trust in us, which could have an adverse effect on our reputation and business. Any inability to adequately address privacy and security concerns, even if unfounded, or comply with applicable laws, regulations, standards and obligations, could result in additional cost and liability to us, damage our reputation, inhibit sales, and materially and adversely affect our business and operating results.
Claims for indemnification by our directors and officers may reduce our available funds to satisfysuccessful third-party claimsagainst us and may reduce the amount of money available to us.
Our A&R Charter and A&R Bylaws provide that we will indemnify our directors and officers, in each case, to the fullest extent permitted by Delaware law. Our A&R Charter also allows our Board to indemnify other employees. This indemnification will extend to the payment of judgments in actions against officers and directors and to reimbursement of amounts paid in settlement of such claims or actions and may apply to judgments in favor of the Company or amounts paid in settlement to the Company. This indemnification will also extend to the payment of attorneys’ fees and expenses of officers and directors in suits against them where the officer or director acted in good faith and in a manner he or she reasonably believed to be in, or not opposed to, the best interests of the Company, and, with respect to any criminal action or proceeding, he or she had no reasonable cause to believe his or her conduct was unlawful. This right of indemnification is not exclusive of any right to which the officer or director may be entitled as a matter of law and shall extend and apply to the estates of deceased officers and directors.
Risks Related to Financial, Tax and Accounting Matters
Management has performed an analysis of our ability to continue as a going concern, and has determined that, based on our current financial position, there is a substantial doubt about our ability to continue as a going concern. In addition, our independent registered public accounting firm has raised substantial doubt as to our ability to continue as a going concern.
Based on its assessment, management has raised substantial doubt about our ability to continue as a going concern. The Company had cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility of $11.5 million and $3.5 million, respectively, at December 31, 2022, a loss from continuing operations of $80.1 million for the year ended December 31, 2022, and an accumulated deficit of $546.1 million at December 31, 2022. Current economic and market conditions have put pressure on our growth plans. The Company’s ability to continue as a going concern is dependent on its ability to obtain additional capital. The Company believes that its current level of cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility are not sufficient to continue investing in growth, while at the same time meeting its obligations as they become due. These conditions raise substantial doubt regarding our ability to continue as a going concern. In an effort to alleviate these conditions, management is currently evaluating various cost reduction and other alternatives and may seek to raise additional funds through the issuance of equity, mezzanine or debt securities, through arrangements with strategic partners, through obtaining credit from financial institutions or otherwise.
Our independent registered public accounting firm has included in its audit report for the year ended December 31, 2022, an explanatory paragraph expressing substantial doubt as to our ability to continue as a going concern. A going concern opinion in the report of our independent registered public accounting firm could impair our ability to finance our operations through public or private equity offerings or debt financings, or a combination of one or more of these funding sources. Any additional equity or equity-linked debt financing could be extremely dilutive to our current stockholders. Additional capital may not be available on reasonable terms, or at all, and we may be required to terminate or significantly curtail our operations, or enter into arrangements with collaborative partners or others that may require us to relinquish rights to certain aspects of our product candidates, or potential markets that we would not otherwise relinquish. If we are unable to obtain capital, our business would be jeopardized, and we may not be able to continue operations.
If we fail to maintain effective disclosure controls and internal control over financial reporting, our ability to produce timely and accurate financial statements or comply with applicable regulations could be impaired.
As a public company, we are subject to the reporting requirements of the Exchange Act and the Sarbanes-Oxley Act of 2002 (the “Sarbanes-Oxley Act”). We expect that the requirements of these rules and regulations will continue to increase our legal, accounting, and financial compliance costs, make some activities more difficult, time-consuming, and costly, and place significant strain on our personnel, systems, and resources.
The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. We are continuing to develop and refine our disclosure controls and other procedures that are designed to ensure that information required to be disclosed by us in the reports that we will file with the SEC is recorded, processed, summarized, and reported within the time periods specified in SEC rules and forms and that information required to be disclosed in reports under the Exchange Act is accumulated and communicated to our principal executive and financial officers and Board of Directors.
We are required to comply with Section 404 of the Sarbanes-Oxley Act, which requires annual management assessments of the effectiveness of our internal control over financial reporting as of year-end. In particular, we are required to perform system and process evaluation and testing of our internal controls over financial reporting to allow management to report on the effectiveness of our internal controls over financial reporting, as required by Section 404(a) of the Sarbanes-Oxley Act (the “404 Assessment”). We cannot assure you that we will at all times in the future be able to report that our internal controls are effective.
Our current controls and any new controls that we develop may become ineffective because of changes in conditions in our business. Further, weaknesses in our disclosure controls and internal control over financial reporting may be identified in the future. Any failure to develop or maintain effective controls or any challenges encountered in their implementation or improvement could harm our results of operations or cause us to not meet our reporting obligations and may result in a restatement of our financial statements for prior periods. Any failure to implement and maintain effective internal control over financial reporting also could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that we may be required to include in our future periodic reports filed with the SEC. Ineffective disclosure controls and procedures and internal control over financial reporting could also cause investors to lose confidence in our reported financials and other information, which may have a negative effect on the trading price of our common stock. In addition, if we are unable to continue to meet these requirements, we may not be able to remain listed on any national securities exchange on which our common stock may be listed in the future.
Our independent registered public accounting firm is not required to attest to the effectiveness of our internal control over financial reporting until after we are no longer a smaller reporting company as defined under Regulation S-K promulgated by the SEC. At such time, our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our internal control over financial reporting is documented, designed, or operating. Any failure to maintain effective disclosure controls and internal control over financial reporting could have an adverse effect on our business and results of operations and could cause an adverse effect on the trading price of our securities.
We have previously identified material weaknesses in our internal control over financial reporting. These material weaknesses could continue to adversely affect our ability to report our results of operations and financial condition accurately and in a timely manner.
On November 8, 2022, our Board of Directors, after meeting with management to consider the relevant facts and circumstances, determined that the Company’s financial statements as of and for the years ended December 31, 2021 and 2020, the interim periods within those years, and the Company’s financial statements for the interim periods ended March 31, 2022 and June 30, 2022 should no longer be relied upon because of errors in such financial statements.
Although our management had not yet conducted a 404 Assessment as of December 31, 2021, as part of the restatement process in connection with our financials as of and for the year ended December 31, 2021, we identified material weaknesses in our internal control over financial reporting. Our management identified (i) errors in our accounting relating to our controls over the estimation of the relationship between the term license and the support and maintenance for establishing their respective stand-alone sales prices in multi-year contracts related to revenue for our sales of software through multi-year term-based license agreements, (ii) errors in our accounting relating to our controls related to recognition of commission expense and (iii) inadequate management review controls over our financial statement
disclosures with respect certain calculations (collectively, the “10-K Material Weaknesses”). Furthermore, in connection with the preparation of the restatement of our quarterly financials for the three months ended March 31, 2022, our management identified an additional material weakness in internal control over financial reporting, as we did not design and maintain effective controls related to the evaluation of awards under our 2021 Plan (the “10-Q Material Weakness”).
In addition, in connection with the preparation of Legacy Appgate’s consolidated financial statements as of and for the year ended December 31, 2020, Legacy Appgate’s management and its independent registered public accounting firm identified material weaknesses in internal control over financial reporting with respect to the design of our information technology general controls related to user access and change management as well as certain financial reporting transaction level controls including account reconciliations, related party transactions and journal entries (the “Legacy Appgate Material Weaknesses”).
A material weakness is a deficiency, or a combination of control deficiencies, in internal control over financial reporting such that there is a reasonable possibility that a material misstatement of the company’s annual or interim financial statements will not be prevented or detected on a timely basis. For further detail of the 10-K Material Weaknesses, the 10-Q Material Weakness and the Legacy Appgate Material Weaknesses and the Company’s plans for their remediation, see Part II, Item 9A of this Annual Report.
There can be no assurance that other material weaknesses will not arise in the future. Any material weaknesses in our internal control over financial reporting could cause us to fail to meet our future reporting obligations or could result in material misstatements in our financial statements, which in turn could have an adverse effect on our reputation, financial condition and our ability to timely and properly comply with our reporting obligations under the Exchange Act. Any material weakness could also adversely affect the results of the periodic management evaluations and, to the extent we are no longer a smaller reporting company, the annual auditor attestation reports regarding the effectiveness of our internal control over financial reporting that will be required under Section 404 of the Sarbanes-Oxley Act. Internal control deficiencies could also cause investors to lose confidence in our reported financial information which could have an adverse effect on the trading price of our securities.
Being a public company requires that we incur significant costs, diverts our resources and management’s attention and may affect our ability to attract and retain executive management and qualified Board members.
As a public company, we are subject to the reporting and corporate governance requirements of the Exchange Act, and other applicable securities rules and regulations, including the Sarbanes-Oxley Act and the Dodd-Frank Wall Street Reform and Consumer Protection Act. Compliance with these rules and regulations requires us to incur significant legal and financial compliance costs, makes some activities more difficult, time-consuming or costly and increases demand on our systems and resources. Among other things, the Exchange Act requires that we file annual, quarterly and current reports with respect to our business and results of operations and maintain effective disclosure controls and procedures and internal control over financial reporting. In order to improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, additional resources and management oversight are required. As a result, management’s attention is at times diverted from other business concerns, which could harm our business, financial condition, results of operations and prospects. Although we have hired additional personnel to help comply with these requirements, we may need to further expand our legal and finance departments in the future, which will increase our costs and expenses. In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time-consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment may result in increased general and administrative expense and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies, regulatory authorities may initiate legal proceedings against us and our business and prospects may be harmed.
As a result of disclosure of information in the filings required of a public company, our business and financial condition have become more visible, which could result in threatened or actual litigation, including by competitors and other third parties. If such claims are successful, our business, financial condition, results of operations and prospects could be harmed, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve them, could divert the resources of our management and harm our business, financial
condition, results of operations and prospects. These factors could also make it more difficult for us to attract and retain qualified employees, executive officers and members of our Board.
Our ability to use our net operating loss carryforwards and certain other tax attributes may be limited.
As of December 31, 2022, we had aggregate U.S. federal and state net operating loss carryforwards of $233.2 million and $107.3 million, respectively, which may be available to offset future taxable income for U.S. income tax purposes. If not utilized, $72.9 million of the federal net operating loss carryforwards will begin to expire in 2035 with the remainder carried forward indefinitely, and $72.7 million of the state net operating loss carryforwards will begin to expire in 2023 with the remainder carried forward indefinitely. We also had foreign net operating loss carryforwards of $6.0 million, which do not expire. Realization of these net operating loss carryforwards depends on future income, and there is a risk that certain of our existing carryforwards could expire unused and be unavailable to offset future income tax liabilities, which could adversely affect our operating results and financial condition. In addition, under Sections 382 and 383 of the Code, if a corporation undergoes an “ownership change,” generally defined as a greater than 50% change (by value) in ownership by “5 percent shareholders” over a rolling three-year period, the corporation’s ability to use its pre-change net operating loss carryovers and other pre-change tax attributes to offset its post-change income or taxes may be limited. Similar rules apply under U.S. state tax laws. We have experienced ownership changes in the past and we may experience an ownership change in the future as a result of shifts in our stock ownership. As a result, if we earn net taxable income, our ability to use our pre-change U.S. net operating loss carryforwards to offset U.S. federal taxable income may be subject to limitations, which could potentially result in increased future tax liability to us. In addition to the net operating loss carryforwards discussed above, as a result of past acquisitions and the Merger, we have an additional $12.9 million of federal net operating loss carryforwards. Management has not concluded on the realizability of these NOLs or whether they may be limited by Code Section 382 or 383. Any determination that all or a portion of any such NOLs is not realizable or may be limited by Code Section 382 or 383, would lessen the amount available to us.
We could be subject to additional tax liabilities and United States federal income tax reform could adversely affect us.
We are subject to U.S. federal, state, local and sales taxes in the United States and foreign income taxes, withholding taxes and transaction taxes in numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for income taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. In addition, our future income tax obligations could be adversely affected by changes in, or interpretations of, tax laws in the United States or in other jurisdictions in which we operate. For example, in December 2017, the United States adopted new tax law legislation commonly referred to as the U.S. Tax Cuts and Jobs Act of 2017 (the “Tax Act”) (as modified by the Coronavirus Aid, Relief, and Economic Security Act), which significantly reforms the Code. The Tax Act, among other things, includes changes to U.S. federal tax rates, imposes significant additional limitations on the deductibility of interest and the use of net operating losses generated in tax years beginning after December 31, 2017, allows for the expensing of certain capital expenditures, and puts into effect the migration from a “worldwide” system of taxation to a largely territorial system. Further changes to U.S. tax laws, including limitations on the ability of taxpayers to claim and utilize foreign tax credits, as well as changes to U.S. tax laws that may be enacted in the future, could impact the tax treatment of our foreign earnings. Due to expansion of our international business activities, any changes in the U.S. taxation of such activities may increase our worldwide effective tax rate and adversely affect our operating results and financial condition. The enactment of legislation implementing changes in the U.S. taxation of international business activities or the adoption of other tax reform policies could adversely impact our operating results and financial condition.
We could be required to collect additional sales, use, value added, digital services, or other similar taxes or be subject to other liabilities that may increase the costs our customers would have to pay for our solutions and adversely affect our business, operating results, and financial condition.
We collect sales, use, value added, digital services, and other similar taxes in a number of jurisdictions. One or more U.S. states or countries may seek to impose incremental or new sales, use, value added, digital services, or other tax collection obligations on us. Further, an increasing number of U.S. states have considered or adopted laws that attempt to impose tax collection obligations on out-of-state companies. Additionally, the Supreme Court of the United States ruled in South Dakota v. Wayfair, Inc. et al, or Wayfair, that online sellers can be required to collect sales and use tax despite not having a physical presence in the state of the customer. In response to Wayfair, or otherwise, U.S. states or local governments may adopt, or begin to enforce, laws requiring us to calculate, collect, and remit taxes on sales in their jurisdictions. A successful assertion by one or more U.S. states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial liabilities, including taxes on past sales, as well as interest and penalties. Furthermore, certain jurisdictions, such as the U.K. and France, have introduced a digital services tax, which is generally a tax on gross revenue generated from users or customers located in
those jurisdictions, and other jurisdictions have enacted or are considering enacting similar laws. A successful assertion by a U.S. state or local government, or other country or jurisdiction that we should have been or should be collecting additional sales, use, value added, digital services or other similar taxes could, among other things, result in substantial tax payments, create significant administrative burdens for us, discourage potential customers from subscribing to our solutions due to the incremental cost of any such sales or other related taxes, or otherwise harm our business.
Our corporate structure and intercompany arrangements are subject to the tax laws of various jurisdictions, and we could be obligated to pay additional taxes, which would harm our results of operations.
Our corporate structure and associated transfer pricing policies contemplate the business flows and future growth into the international markets, and consider the functions, risks and assets of the various entities involved in the intercompany transactions. The amount of taxes we pay in different jurisdictions may depend on the application of the tax laws of the various jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies, and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. For example, certain jurisdictions have introduced a digital services tax, which is generally a tax on gross revenue generated from users or customers located in those jurisdictions, and other jurisdictions are considering enacting similar laws. The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for pricing intercompany transactions pursuant to the intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a challenge or disagreement were to occur, and our position was not sustained, or if there are changes in tax laws or the way existing tax laws are interpreted or applied, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. Our financial statements could fail to reflect adequate reserves to cover such a contingency.
Our revenue recognition policy and other factors may distort our financial results in any given period and make them difficult to predict.
Under accounting standards update No. 2014-09 (Topic 606), Revenue from Contracts with Customers (“ASC 606”), we recognize revenue when our customer obtains control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services. We sell and deliver our solutions as term-based license subscriptions, perpetual licenses and software-as-a-service (“SaaS”), together with related support services. For those term-based and perpetual license arrangements, we generally recognize both revenue upfront when the distinct license is made available to the customer, as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. For SaaS arrangements that do not contain variable consideration, and for support and maintenance, we recognize revenue ratably over the contract period as the Company satisfies its performance obligation, beginning on the date the Company makes its service available to the customer. Because of this revenue recognition methodology, a single, large term-based or perpetual license in a given period may distort our operating results for that period. In contrast, the impact of agreements that are recognized ratably may take years to be fully reflected in our financial statements. Consequently, a significant increase or decline in our subscription SaaS and support and maintenance contracts in any one quarter will not be fully reflected in the results for that quarter, but will affect our revenue in future quarters. This also makes it challenging to forecast our revenue for future periods, as both the mix of solutions, solution packages and services we will sell in a given period, as well as the size of contracts, is difficult to predict.
Furthermore, the presentation of our financial results requires us to make estimates and assumptions that may affect revenue recognition. In some instances, we could reasonably use different estimates and assumptions, and changes in estimates are likely to occur from period to period. See “Item 8. Financial Statements and Supplementary Data — Note 1. Business and Summary of Significant Accounting Policies — Revenue Recognition .” Given the foregoing factors, our actual results could differ significantly from our estimates, comparing our revenue and operating results on a period-to-period basis may not be meaningful, and our past results may not be indicative of our future performance.
If our estimates or judgments relating to our critical accounting policies prove to be incorrect or financial reporting standards or interpretations change, our results of operations could be adversely affected.
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and in our consolidated financial statements and related notes included elsewhere in this Annual Report. The results of
these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to the determination of revenue recognition, and more specifically, the estimation and allocation of the transaction price to each performance obligation based on a relative standalone selling price, allowance for doubtful accounts, valuation and impairment of intangible assets and goodwill, impairment of other long-lived assets, useful lives of property and equipment and definite-lived intangible assets and the period of benefit generated from our deferred contract acquisition costs. Our results of operations may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our results of operations to fall below the expectations of industry or financial analysts and investors, resulting in a decline in the trading price of our common stock.
Additionally, we regularly monitor our compliance with applicable financial reporting standards and review new pronouncements and drafts thereof that are relevant to us. As a result of new standards, changes to existing standards and changes in their interpretation, we might be required to change our accounting policies, alter our operational policies and implement new or enhance existing systems so that they reflect new or amended financial reporting standards, or we may be required to restate our published financial statements. Such changes to existing standards or changes in their interpretation may have an adverse effect on our reputation, business, financial position and profit/loss, or cause an adversedeviation from our revenue and operating profit target, which may negatively impact our financial results.
We are exposed to fluctuations in currency exchange rates, which could negatively affect our business, operating results and financial condition.
Our sales contracts are primarily denominated in U.S. dollars, and therefore our revenue is not subject to significant foreign currency risk. However, strengthening of the U.S. dollar increases the real cost of our solutions to our customers outside of the United States, which could lead to delays in the purchase of our solutions and the lengthening of our sales cycle. If the U.S. dollar continues to strengthen, this could adversely affect our financial condition and operating results. In addition, increased international sales in the future, including through our channel partners and other partnerships, may result in greater foreign currency denominated sales, increasing our foreign currency risk. Our operating expenses incurred outside the U.S. are primarily denominated in the currency of the country in which such expenses are incurred. As our business continues to grow globally, our exposure to currency exchange rates may increase, which could negatively affect our business, operating results and financial condition. We do not currently hedge against the risks associated with currency fluctuations but may do so in the future.
We may require additional capital to expand our operations and invest in new solutions, and failure to do so could reduce our ability to compete and could harm our business and financial condition.
We may need to raise additional funds in the future to fund our operating expenses, make capital purchases and acquire or invest in business or technology, and we may not be able to obtain those funds on favorable terms, or at all. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in additional debt financing, the holders of our debt would have priority over the holders of our common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness or our ability to pay any dividends on our common stock, though we do not intend to pay dividends in the foreseeable future. We may also be required to take other actions, any of which could harm our business and operating results. If we need to access the capital markets, there can be no assurance that financing may be available on attractive terms, if at all. If we are unable to obtain adequate financing, or financing on terms satisfactory to us, when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly limited, and our business, operating results, financial condition and prospects could be materially and adversely affected. See also “We have indebtedness, which may increase risk to our business and your investment in us.”
Our Company may have undisclosed liabilities and any such liabilities could negatively impact our revenues, business, prospects, financial condition and results of operations.
Before the Closing, Legacy Appgate conducted due diligence on the Company customary and appropriate for a transaction similar to the Merger. However, the due diligence process may not reveal all material liabilities of our Company currently existing or which may be asserted in the future against our Company relating to its activities before the Closing. In addition, the Merger Agreement contains representations with respect to the absence of any liabilities. However, there can be no assurance that our Company will not have any liabilities upon Closing that we are unaware of or that we will be successful in enforcing any indemnification provisions or that such indemnification provisions will be adequate to
reimburse us. Any such liabilities of our Company that survived the Closing could negatively impact our revenues, business, prospects, financial condition and results of operations.
Risks Related to the Ownership of Our Common Stock
The market price of our common stock has been volatile and may continue to be volatile, and you could lose all or part of your investment.
Prior to the closing of the Merger, there was no public trading market for shares of Legacy Appgate’s common stock, and shares of Newtown Lane were thinly traded. Following the Merger through March 24, 2023, our common stock has been volatile, with our opening/closing price ranging from a high of $21.25 to a low of $1.21. It is possible that neither an active nor liquid trading market for our common stock will develop, and, if such a market does develop, it is possible that such market will not be sustained, which could make it difficult for you to sell your shares of common stock at an attractive price or at all.
Many factors, many of which are outside our control, may cause the market price for shares of our common stock to fluctuate significantly, including those described elsewhere in this “Risk Factors” section, as well as the following:
• actual or anticipated changes or fluctuations in our operating results;
• the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;
• announcements by us or our competitors of new products or new or terminated significant contracts, commercial relationships or capital commitments;
• industry or financial analyst or investor reaction to our press releases, other public announcements and filings with the SEC;
• rumors and market speculation involving us or other companies in our industry;
• price and volume fluctuations in the overall stock market from time to time;
• volume fluctuations in the trading of our common stock from time to time;
• changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;
• the sales of shares of our common stock by us or our stockholders;
• failure of industry or financial analysts to maintain coverage of us, changes in financial estimates by any analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
• actual or anticipated developments in our business or our competitors’ businesses or the competitive landscape generally;
• litigation involving us, our industry or both, or investigations by regulators into our operations or those of our competitors;
• developments or disputes concerning our intellectual property rights or our solutions, or third-party proprietary rights;
• announced or completed acquisitions of businesses or technologies by us or our competitors;
• actual or perceived privacy, data protection, or information security incidents or breaches;
• new laws or regulations or new interpretations of existing laws or regulations applicable to our business;
• any major changes in our management or our Board;
• general economic conditions and slow or negative growth of our markets; and
• other events or factors, including those resulting from war, incidents of terrorism, global pandemics or responses to these events.
In addition, the stock market in general, and the market for technology companies in particular, has experienced price and volume fluctuations that have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry factors may affect the market price of our common stock, regardless of our actual operating performance.
Our common stock is currently thinly traded, liquidity is limited, and we may be unable to obtain listing of our common stock on a more liquid market.
Our common stock is currently thinly traded and quoted on the OTC Markets, which provide significantly less liquidity than a national securities exchange such as the NYSE or Nasdaq. In addition, approximately 95.9% of our common stock is held by affiliates who are subject to certain trading restrictions with respect to their common stock. Without a large public float, our common stock is less liquid than the stock of companies with broader public ownership, and, as a result, the trading prices of our common stock may be more volatile.
For the foregoing reasons, purchasers of our common stock may be subject to price volatility risk given the price of our common stock may change dramatically from a relatively small trading volume, which may also make our common stock more vulnerable to price manipulation attempts. We cannot predict the prices at which our common stock will trade in the future, if at all.
As a former shell company, resales of shares of our restricted common stock in reliance on Rule 144 of the Securities Act are subject to the requirements of Rule 144(i).
We previously were a “shell company” and, as such, sales of our securities pursuant to Rule 144 under the Securities Act of 1933, as amended, cannot be made unless, among other things, at the time of a proposed sale, we are subject to the reporting requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, as amended, and have filed all reports and other materials required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 as amended, as applicable, during the preceding 12 months, other than Form 8-K reports. Because, as a former shell company, the reporting requirements of Rule 144(i) will apply regardless of holding period, restrictive legends on certificates for shares of our common stock cannot be removed except in connection with an actual sale that is subject to an effective registration statement under, or an applicable exemption from the registration requirements of, the Securities Act. Because our unregistered securities cannot be sold pursuant to Rule 144 unless we continue to meet such requirements, any unregistered securities we issue will have limited liquidity unless we continue to comply with such requirements.
SIS Holdings can control our business and affairs and may have conflicts of interest with us in the future.
As of the date of this Annual Report, SIS Holdings, through which, among others, BC Partners and Medina Capital (the “Investors”) hold an indirect interest in our common stock, collectively own approximately 89% of our common stock. As a result, so long as the Investors and/or their affiliates remain our controlling stockholders they will be able to control, directly or indirectly, and subject to applicable law, all matters affecting us, including:
• any determination with respect to our business direction and policies, including the appointment and removal of officers and directors;
• any determinations with respect to mergers, business combinations or disposition of assets;
• compensation and benefit programs and other human resources policy decisions;
• the payment of dividends on our common stock; and
• determinations with respect to tax matters.
In addition, the Investors are in the business of making investments in companies and may from time to time acquire and hold interests in businesses that compete directly or indirectly with us. One or more of the Investors may also pursue acquisition opportunities that may be complementary to our business and, as a result, those acquisition opportunities may not be available to us. So long as the Investors, or their respective affiliates, continue to own a significant amount of the outstanding shares of our common stock, even if such amount is less than 50%, the Investors will continue to be able to strongly influence us. Certain of our directors are affiliates of the Investors, and our A&R Charter provides that, subject to certain limitations, none of our directors or officers, or any of their affiliates, will have any duty to refrain from (i) engaging in a corporate opportunity in the same or similar lines of business in which we or our affiliates now engage or propose to engage or (ii) otherwise competing with us or our affiliates.
If we list our common stock on the NYSE or Nasdaq, we will be considered a “controlled company” within the meaning of the rules of the NYSE or Nasdaq stock market, as applicable, and, as a result, will qualify for exemptions from certain corporate governance requirements.
The OTC Markets do not prescribe corporate governance requirements for companies that trade on those markets. We intend to apply to list our common stock on either the NYSE or Nasdaq stock market. As of the date of this Annual Report, SIS Holdings, through which the other Investors hold an indirect interest in our common stock, owns approximately 89% of our common stock. As a result, we are considered as a “controlled company” within the meaning of the corporate governance standards of the NYSE and Nasdaq. Under these rules, a listed company of which more than 50% of the voting power is held by an individual, group or another company is a “controlled company” and may elect not to comply with certain corporate governance requirements, including:
• the requirement that a majority of the board of directors consist of independent directors;
• the requirement that our nominating and corporate governance committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities;
• the requirement that our compensation committee be composed entirely of independent directors with a written charter addressing the committee’s purpose and responsibilities; and
• the requirement for an annual performance evaluation of our corporate governance and compensation committees.
While SIS Holdings controls a majority of the voting power of our outstanding common stock, we may elect to rely on these exemptions and, as a result, may not have a majority of independent directors on our Board. When established, our nominating and corporate governance and compensation committees may also not consist entirely of independent directors. Accordingly, holders of our common stock do not have the same protections afforded to stockholders of companies that are subject to all of the corporate governance requirements of the NYSE or Nasdaq.
Future sales, or the perception of future sales, by us or our existing stockholders in the public market following the Merger could cause the market price for our common stock to decline.
The sale of substantial amounts of shares of our common stock in the public market, or the perception that such sales could occur, could harm the prevailing market price of shares of our common stock. These sales, or the possibility that these sales may occur, also might make it more difficult for us to sell equity securities in the future at a time and at a price that we deem appropriate or to raise additional funds through future offerings of other securities.
In addition, certain holders of our common stock and the Convertible Senior Notes are entitled to rights with respect to registration of their shares under the Securities Act pursuant to certain registration rights agreements. If these holders of our common stock and/or the Convertible Senior Notes, by exercising their registration rights, sell a large number of shares, they could adversely affect the market price for our common stock.
We may also issue our shares of common stock or securities convertible into shares of our common stock from time to time in connection with a financing, acquisition, investments or otherwise. Any such issuance could result in substantial dilution to our existing stockholders and cause the market price of our common stock to decline.
We do not intend to pay dividends in the foreseeable future. As a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.
We have never declared or paid any cash dividends on our common stock. We currently intend to retain all available funds and any future earnings for use in the operation of our business and do not anticipate paying any dividends on our common stock in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our Board. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.
If industry or financial analysts do not publish research about our business, or if they issue inaccurate or unfavorable research regarding our common stock, our stock price and trading volume could decline.
The trading market for our common stock is influenced by, among other things, the research and reports that industry or financial analysts publish about us or our business. We do not control these analysts, or the content and opinions included in their reports. We may be slow to attract research coverage and the analysts who publish information about our common stock will have had relatively little experience with our company, which could affect their ability to accurately forecast our results and make it more likely that we fail to meet their estimates. If we are unable to attract research coverage, this could limit investor interest in our securities and result in decreased trading liquidity. Further, if any of the analysts who cover us issues an inaccurate or unfavorable opinion regarding our stock price, our stock price would likely decline and it could cause our trading liquidity to decline. In addition, the stock prices of many companies in the technology industry have declined significantly after those companies have failed to meet, or significantly exceed, the expectations of analysts. If our financial results fail to meet, or significantly exceed, the expectations of analysts or public investors, analysts could downgrade our common stock or publish unfavorable research about us. If one or more of these analysts cease coverage of our company or fail to publish reports on us regularly, our visibility in the financial markets could decrease, which in turn could cause our stock price or trading liquidity to decline.
If our operating and financial performance in any given period do not meet or exceed the guidance that we provide to the public, the market price of our common stock may decline.
We may, but are not obligated to, provide public guidance on our expected operating and financial results for future periods. If we elect to issue such guidance, it will be composed of forward-looking statements subject to the risks and uncertainties described in this Annual Report. Our actual results may not always be in line with or exceed any guidance we have provided, especially in times of economic uncertainty. If, in the future, our operating or financial results for a particular period do not meet any guidance we provide or the expectations of investment analysts, or if we reduce our guidance for future periods, the market price of our common stock may decline.
Our A&R Charter designates specific courts as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit our stockholders’ abilities to obtain a favorable judicial forum for disputes with us or our directors, officers or employees.
Our A&R Charter provides that, unless we consent in writing to the selection of an alternative forum, the sole and exclusive forum, to the fullest extent permitted by law, for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our current or former directors, officers or other employees or stockholders to us or our stockholders, creditors or other constituents, or a claim of aiding and abetting any such breach of fiduciary duty, (3) any action asserting a claim against us or any of our directors or officers or other employees or stockholders arising pursuant to, or any action to interpret, apply, enforce any right, obligation or remedy under or determine the validity of, any provision of the DGCL or our A&R Charter or A&R Bylaws or as to which the DGCL confers jurisdiction on the Court of Chancery of the State of Delaware, (4) any action asserting a claim that is governed by the internal affairs doctrine, or (5) any other action asserting an “internal corporate claim” under the DGCL shall be the Court of Chancery of the State of Delaware (or, if and only if the Court of Chancery does not have subject matter jurisdiction, another state court sitting in the State of Delaware or, if and only if neither the Court of Chancery nor any state court sitting in the State of Delaware has subject matter jurisdiction, then the federal district court for the District of Delaware) (the “Delaware Forum Provision”). Notwithstanding the foregoing, our A&R Charter provides that the Delaware Forum Provision will not apply to any actions arising under the Securities Act or the Exchange Act. Section 27 of the Exchange Act creates exclusive federal jurisdiction over all suits brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. Our A&R Charter further provides that unless we consent in writing to the selection of an alternative forum, the federal district court for the District of Delaware shall, to the fullest extent permitted by law, be the sole and exclusive forum for resolving any complaint asserting a cause of action arising
under the Securities Act (the “Federal Forum Provision”). We note, however, that there is uncertainty as to whether a court would enforce this provision and that investors cannot waive compliance with the federal securities laws and the rules and regulations thereunder. Section 22 of the Securities Act creates concurrent jurisdiction for state and federal courts over all suits brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder.
The Delaware Forum Provision and the Federal Forum Provision may limit a stockholder’s ability to bring a claim in a judicial forum that it finds favorable for disputes with us or our directors, officers or other employees, which may discourage lawsuits against us and our directors, officers and other employees. Alternatively, if a court were to find the Delaware Forum Provision or the Federal Forum Provision to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving such action in other jurisdictions, which could harm our business, financial condition or results of operations. Any person or entity purchasing or otherwise acquiring any interest in our shares of capital stock shall be deemed to have notice of and consented to the Delaware Forum Provision and the Federal Forum Provision, but will not be deemed to have waived our compliance with the federal securities laws and the rules and regulations thereunder.
We may issue preferred stock whose terms could adversely affect the voting power or value of our common stock.
Our A&R Charter authorizes us to issue, without the approval of our stockholders, one or more classes or series of preferred stock having such designations, preferences, limitations and relative rights, including preferences over our common stock with respect to dividends and distributions, as our Board may determine. The terms of one or more classes or series of preferred stock could adversely impact the voting power or value of our common stock. For example, we might grant holders of preferred stock the right to elect some number of our directors in all events or on the happening of specified events or the right to veto specified transactions. Similarly, the repurchase or redemption rights or liquidation preferences we might assign to holders of preferred stock could affect the residual value of the common stock.
Anti-takeover provisions in our governing documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management or directors and limit the market price of our common stock.
Our A&R Charter, A&R Bylaws and Delaware law contain provisions that could have the effect of rendering more difficult, delaying or preventing an acquisition deemed undesirable by our Board. Among other things, our A&R Charter and/or A&R Bylaws include the following provisions:
• a staggered board, which means that our Board is classified into three classes of directors with staggered three-year terms and, from and after a Trigger Event (as defined in the A&R Charter), directors are only able to be removed from office for cause and only upon the affirmative vote of the holders of at least 66 2/3% in voting power of all of the then outstanding shares of our common stock entitled to vote thereon;
• limitations on convening special stockholder meetings, which could make it difficult for our stockholders to adopt desired governance changes;
• a prohibition on stockholder action by written consent from and after the Trigger Event;
• a forum selection clause, which means certain litigationagainst us can only be brought in Delaware;
• from and after the Trigger Event, require the affirmative vote of holders of at least 75% of the voting power of all of the then outstanding shares of common stock to amend provisions of the A&R Charter relating to the management of our business, the Board, stockholder action by written consent, competition and corporate opportunities, Section 203 of the DGCL, forum selection and the liability of our directors, or to amend, alter, rescind or repeal our A&R Bylaws;
• the authorization of undesignated preferred stock, the terms of which may be established and shares of which may be issued without further action by our stockholders; and
• advance notice procedures, which apply for stockholders to nominate candidates for election as directors or to bring matters before an annual meeting of stockholders.
These provisions, alone or together, could delay or prevent hostile takeovers and changes in control or changes in our management. We have opted out of Section 203 of the DGCL. However, our A&R Charter contains similar provisions providing that we many not engage in certain “business combinations” with any “interested stockholder” for a three-year period following the time that the stockholder became an interested stockholder, unless (i) prior to the time such stockholder became an interested stockholder, the Board approved the transaction that resulted in such stockholder becoming an interested stockholder, (ii) upon consummation of the transaction that resulted in such stockholder becoming an interested stockholder, the interested stockholder owned at least 85% of the common stock or (iii) following Board approval, the business combination receives the approval of the holders of at least two-thirds of our outstanding common stock not held by such interested stockholder at an annual or special meeting of stockholders. Our A&R Charter provides that the Investors and their respective affiliates, and any of their respective direct or indirect transferees and any group as to which such persons are a party, do not constitute “interested stockholders” for purposes of this provision.
In addition, our A&R Charter provides that the federal district courts of the United States will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act but that the forum selection provision will not apply to claims brought to enforce a duty or liability created by the Exchange Act.
Any provision of our A&R Charter, A&R Bylaws or Delaware law that has the effect of delaying, preventing or deterring a change in control could limit the opportunity for our stockholders to receive a premium for their shares of our common stock and could also affect the price that some investors are willing to pay for our common stock.
Risks Related to Our Outstanding Indebtedness
We have indebtedness, which may increase risk to our business and your investment in us.
Concurrently with the execution of the Merger Agreement, Legacy Appgate entered into the Note Purchase Agreement with the Noteholders and the Note Issuance Agreement with Legacy Appgate’s wholly owned domestic subsidiaries and Magnetar (the Note Purchase Agreement and the Note Issuance Agreement, as amended, collectively, the “Note Agreements”). Pursuant to the Note Agreements, Legacy Appgate issued and sold to the Noteholders $50.0 million aggregate principal amount of Initial Convertible Senior Notes on February 9, 2021 and agreed to issue and sell to the Noteholders $25.0 million aggregate principal amount of Additional Convertible Senior Notes on the date of the consummation of the Merger. Interest on the Convertible Senior Notes is payable either entirely in cash or entirely in kind (“PIK Interest”), or a combination of cash and PIK Interest at our option. The Convertible Senior Notes bear interest at the annual rate of 5.0% with respect to interest payments made in cash and 5.5% with respect to PIK Interest. In connection with the consummation of the Merger, Legacy Appgate issued the Additional Convertible Senior Notes and Newtown Lane entered into a Supplemental Agreement, providing for the assumption or guarantee by Newtown Lane of all of Legacy Appgate’s obligations under the Note Agreements and the substitution of the Company’s common stock for Legacy Appgate’s capital stock thereunder in all respects. In addition, on February 1, 2023, Legacy Appgate issued approximately $2.1 million in PIK Notes with respect to a single interest payment date. For additional details on the Convertible Senior Notes see “Item 7—Management’s Discussion and Analysis of Financial Condition and Results of Operations—Liquidity and Capital Resources.”
In addition, on April 26, 2022, Legacy Appgate, the Company, certain subsidiaries of Legacy Appgate and SIS Holdings entered into the Revolving Credit Agreement. The Revolving Credit Agreement provides for a $50.0 million unsecured, revolving credit facility and will mature, on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of Appgate in an aggregate amount equal to $50.0 million or more or (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest will accrue on amounts drawn under the Revolving Credit Agreement at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subordinated to the Convertible Senior Notes. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries.
Our ability to make scheduled payments of the principal of, to pay cash interest on, the Convertible Senior Notes and the Revolving Credit Facility, or to refinance the Convertible Senior Notes or the Revolving Credit Facility, or any other indebtedness we may incur, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not generate cash flow from operations in the future sufficient to service our debt and make necessary capital expenditures. The Note Agreements and the Revolving Credit Agreement contain customary restrictive covenants that limit our ability to engage in activities that may be in our long-term best interest. Those covenants include restrictions on our ability to, among other things, incur additional debt and issue
disqualified stock; create liens; pay dividends, acquire shares of capital stock, or make certain investments; issue guarantees; sell certain assets and enter into transactions with affiliates. The Note Issuance Agreement and Revolving Credit Agreement also each contain a financial covenant that requires that we maintain liquidity of not less than $10.0 million as of the last day of any calendar month. Our failure to comply with any of those covenants could result in an event of default which, if not cured or waived, could result in the acceleration of our debt issued under the Note Agreements or Revolving Credit Facility. Any such event of default or acceleration could have an adverse effect on the trading price of our common stock. Furthermore, the terms of any future debt we may incur could have further additional restrictive covenants. We may not be able to maintain compliance with these covenants in the future, and in the event that we are not able to maintain compliance, we cannot assure you that we will be able to obtain waivers from the lenders or amend the covenants.
If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or obtaining additional debt financing or equity capital on terms that may be onerous or highly dilutive. Pursuant to the Note Purchase Agreement, Magnetar has certain rights of first offer to purchase no less than 25% of the amount issued by us in certain debt financings, subject to certain exceptions and certain preemptive rights in connection with equity issuances by us, subject to certain exceptions, which may make obtaining additional debt financing or raising equity capital more difficult. Our ability to refinance any future indebtedness will depend on the capital markets, contractual restrictions and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations. In addition, any of our future debt agreements may contain restrictive covenants that may prohibit us from adopting any of these alternatives. Our failure to comply with these covenants could result in an event of default which, if not cured or waived, could result in the acceleration of our debt.
We may not have the ability to raise the funds necessary to repurchase the Convertible Senior Notes for cash upon occurrence of certain events, and conversion of the Convertible Senior Notes may affect the value of our common stock by causing dilution to our existing stockholders.
Holders of the Convertible Senior Notes have the right to require us to repurchase their Convertible Senior Notes upon the occurrence of (i) a fundamental change (as defined in the Note Issuance Agreement) at a repurchase price equal to 100% of the principal amount of the Convertible Senior Notes to be repurchased, plus accrued and unpaid interest, if any, or (ii) upon a change of control (as defined in the Note Issuance Agreement) at a repurchase price equal to 102% of the principal amount of the Convertible Senior Notes to be repurchased, plus accrued and unpaid interest, if any. We may not have enough available cash or be able to obtain financing at the time we are required to make such repurchases of Convertible Senior Notes. In addition, our ability to repurchase the Convertible Senior Notes or to pay cash upon conversions of the Convertible Senior Notes may be limited by law, by regulatory authority or by agreements governing our future indebtedness. Our failure to repurchase Convertible Senior Notes at a time when the repurchase is required by the Note Issuance Agreement would constitute a default under the Note Issuance Agreement. A default under the Note Issuance Agreement or the fundamental change itself could also lead to a default under the Revolving Credit Agreement and/or agreements governing our future indebtedness. If the repayment of the related indebtedness were to be accelerated after any applicable notice or grace periods, we may not have sufficient funds to repay the indebtedness and repurchase the Convertible Senior Notes or make cash interest or principal payments.
In addition, our indebtedness, combined with our other financial obligations and contractual commitments, could have other important consequences. For example, it could:
• make us more vulnerable to adverse changes in general U.S. and worldwide economic, industry and competitive conditions and adverse changes in government regulation;
• limit our flexibility in planning for, or reacting to, changes in our business and our industry;
• place us at a disadvantage compared to our competitors who have less debt;
• limit our ability to borrow additional amounts to fund acquisitions, for working capital and for other general corporate purposes; and
• make an acquisition of our company less attractive or more difficult.
Any of these factors could harm our business, results of operations and financial condition. In addition, if we incur additional indebtedness, the risks related to our business and our ability to service or repay our indebtedness would increase.
Subject to certain exceptions, prior to maturity, each holder of Convertible Senior Notes shall have the option to convert all or any portion of such Convertible Senior Notes into our common stock in accordance with the terms of the Note Issuance Agreement. If holders of our Convertible Senior Notes elect to convert their notes, we may be obligated to deliver them a significant number of shares of our common stock, which would cause dilution to our existing stockholders.
damaging
breaches
innovative
enabled
highest
This new Zero Trust paradigm is needed today because enterprises are undergoing digital transformation as they seek to automate operations, generate new revenue streams, transition business models and deliver a seamless customer experience. Simultaneously, the number and sophistication of cyberattacks have increased dramatically, as has their costs and frequency. This combination of more vulnerable networks and more malicious activity has created a cybersecurity crisis, changing the threat landscape organizations face. As a result, enterprises require security access solutions that proactively ensure the right user has authorized access to the right resources at the right time.
We believe that our Zero Trust solutions secure an enterprise’s exponentially increased attack surface, which occurs as a result of their digital transformation journey. We also offer digital threat protection and risk-based authentication tools to identify and eliminate attacks before they occur, across social media, phishing attacks, bogus websites, and malicious mobile apps.
We sell our solutions primarily through a recurring revenue license model or subscription, and we employ a ‘land and expand’ strategy to generate incremental revenue through the addition of new users and the sale of additional products. Our annual recurring revenue (“ARR”) was $33.7 million and $31.1 million at December 31, 2022 and 2021, respectively. Our dollar-based net retention rates were 96% and 114% at December 31, 2022 and 2021, respectively. Our number of customers generating over $100,000 ARR increased 3% from December 31, 2021 to December 31, 2022, driven by elevated C-suite and board level dialogue and customer prioritization of a Zero Trust posture. See “— Key Business Metrics” for additional information regarding ARR and dollar-based net retention rate.
We have achieved revenue of over $40.0 million in both 2022 and 2021. We continue to invest in growing our business and, as a result, we incurred losses from continuing operations of $80.1 million and $54.2 million for 2022 and 2021, respectively.
Factors Affecting Our Business
Reduction in Force
On July 25, 2022, we substantially completed a reduction in force (the “Reduction”) of approximately 22% of our workforce. In connection with the Reduction, we incurred approximately $1.8 million of costs and expenses, primarily comprising severance and termination-related costs, which we recognized in the third quarter of 2022.
On February 2, 2023, we substantially completed a reduction in force (the “February Reduction”) of approximately 8% of our workforce. In connection with the February Reduction, we incurred approximately $0.5 million of costs and expenses, primarily comprising severance and termination-related costs, which we recognized in the first quarter of 2023.
Merger with Newtown Lane
On October 12, 2021, Legacy Appgate successfully completed its merger with a direct, wholly owned subsidiary of Newtown Lane. Upon closing of the Merger, Newtown Lane changed its name to Appgate, Inc., and our common stock is now quoted on the OTC Markets under the symbol “APGT.” The Merger has been accounted for as a reverse capitalization, and the historical financial statements contained in this Annual Report are those of: (1) except for the equity, which was retroactively restated following applicable accounting guidance, Legacy Appgate with respect to all periods prior to consummation of the Merger, and (2) those of us, inclusive of Newtown Lane for the period subsequent to the Merger. We expensed $3.1 million in transaction costs during 2021 in connection with the Merger.
Public Company Costs
Following the consummation of the Merger, we became a public company, which required hiring of additional staff and implementation of processes and procedures to address public company regulatory requirements and customary practices. We expect to continue to incur substantial annual expenses for, among other things, directors’ and officers’ liability insurance, director fees and additional internal and external costs for investor relations, accounting, audit, legal, corporate secretary and other functions.
Formation and Cyxtera Spin-Off
Prior to December 31, 2019, Legacy Appgate was wholly owned by Cyxtera. On December 31, 2019, Cyxtera consummated several transactions (the “Cyxtera Spin-Off”), following which Legacy Appgate became a stand-alone entity. The transactions separated Cyxtera’s data center business from Legacy Appgate’s cybersecurity business. Upon consummation of the Cyxtera Spin-Off, Legacy Appgate and Cyxtera Management, Inc., a wholly-owned subsidiary of Cyxtera (the “Management Company”) entered into a transition services agreement (the “Transition Services Agreement”), pursuant to which the Management Company provided certain transition services to Legacy Appgate, and Legacy Appgate provided certain transition services to the Management Company. The term under the Transition Services Agreement commenced on January 1, 2020 and ended on June 30, 2021. Substantially all of the obligations under the Transition Services Agreement ceased on December 31, 2020.
During 2021, the Management Company charged Legacy Appgate $0.1 million for services rendered under the Transition Services Agreement. Such costs are included in general and administrative expenses in our consolidated statement of operations.
During 2021, Legacy Appgate charged the Management Company $0.1 million for services provided to the Management Company and its affiliates by Legacy Appgate under the Transition Services Agreement. Income for these services is included in other expense, net in our consolidated statement of operations.
On February 8, 2021, Legacy Appgate made a payment of $1.0 million to Cyxtera as settlement in full of trade balances with Cyxtera and its subsidiaries and other amounts due to / from under the Intercompany Master Services Agreement (as defined below) and the Transition Services Agreement, which trade balances and other amounts totaled $2.6 million.
Because the Management Company was an affiliate under common control with Legacy Appgate at the time of repayment, the settlement of these amounts was recognized as a capital contribution of $1.6 million.
Promissory Notes
On March 31, 2019, Legacy Appgate issued promissory notes to each of Cyxtera and the Management Company (together, the “Promissory Notes”), which had a combined initial aggregate principal amount of $95.2 million and provided for additional borrowings during the term of the Promissory Notes for additional amounts not to exceed approximately $52.5 million in the aggregate. Interest accrued on the unpaid principal balance of the Promissory Notes at a rate per annum equal to 3% and was payable upon the maturity of the Promissory Notes. Each Promissory Note had an initial maturity date of March 30, 2020, which was extended until March 30, 2021 by amendments entered into effective as of March 30, 2020.
On February 8, 2021, Legacy Appgate repaid Cyxtera $20.6 million, representing the entirety of the then outstanding principal and interest under the Promissory Note issued to Cyxtera, and Legacy Appgate made a partial repayment of $99.0 million to the Management Company on the then outstanding principal and interest of $133.6 million under the Promissory Note issued to the Management Company. On that same date, the Management Company issued Legacy Appgate a payoff letter, extinguishing the balance remaining unpaid following such repayment. Because Cyxtera was Legacy Appgate’s direct parent at the time of issuance of the Promissory Notes and an affiliate under common control with Legacy Appgate at the time of repayment, Legacy Appgate accounted for the note extinguishment of $34.6 million as a capital contribution in 2021.
Sale of Brainspace
On September 30, 2020, Legacy Appgate adopted a plan for the sale of Brainspace Corporation (“Brainspace”), a formerly wholly owned subsidiary of Legacy Appgate, which met the criteria for discontinued operations under Accounting Standards Codification (“ASC”) Topic 205-20, Presentation of Financial Statements — Discontinued Operations — see Note 5 to our consolidated financial statements for discontinued operations disclosures included elsewhere in this Annual Report. On December 17, 2020, Legacy Appgate entered into a securities purchase agreement with respect to the sale of 100% of the outstanding equity interests of Brainspace for cash consideration of $125.0 million, and the sale transaction closed on January 20, 2021. Brainspace offered a comprehensive and advanced data analytics platform for investigations, eDiscovery, intelligence mining, and compliance. Unless otherwise stated, all discussion of Legacy Appgate’s results of operations included in this discussion and analysis focus on continuing operations and exclude the discontinued Brainspace operations.
Key Business Metrics
Our management reviews a number of key performance indicators, each as described below, to evaluate our business, measure our performance, identify trends affecting our business, formulate business plans and make strategic decisions.
Annual Recurring Revenue
ARR is a performance indicator that management believes provides more visibility into the growth of our revenue generated by recurring business. Our management believes ARR is a key metric to measure our business because it is driven by our ability to acquire new subscription customers and to maintain and expand our relationship with existing subscription customers. ARR also mitigates fluctuations due to seasonality, contract term, sales mix, and revenue recognition timing resulting from revenue recognition methodologies under GAAP. We define ARR as the annualized value of SaaS, subscription, and term-based license and maintenance contracts from our recurring software products in effect at the end of a given period. ARR should be viewed independently of revenue and deferred revenue as it is an operating measure and is not intended to be combined with or to replace GAAP revenue or deferred revenue, as they can be impacted by contract start and end dates and renewal rates. ARR is not intended to be a replacement or forecast of revenue or deferred revenue.
The table below sets forth our ARR as of the end of the years indicated below (in thousands):
ARR
Change $
Change %
Total Customers and Number of Customers with ARR above $100,000
Our management believes that our ability to increase our number of customers is an indicator of our market penetration, the growth of our business, and our potential future business opportunities. Over time, larger customers have constituted a greater share of our total revenue, which has contributed to an increase in ARR. Our management believes there are significant upsell and cross-sell opportunities within our customer base by expanding the number of use cases. Historically, we have consistently increased our number of customers and customers with ARR above $100,000 and expect this trend to continue as a result of the growing demand for our cybersecurity solutions. Our management defines a customer as a distinct organization that has entered into a distinct agreement to access our software products for which the term has not ended or with which we are negotiating a renewal contract or the purchase of our professional services.
The below table sets forth our total customers and customers with ARR above $100,000 as of the end of the years indicated below:
Total customers
Customers with ARR above $100,000
We stopped offering our Compliance Sheriff product which accounted for less than 5% of our total revenue for 2021. Total Compliance Sheriff-only customers included in our total customer count as of December 31, 2021 was 45. As a result, the change in our customer count from December 31, 2021 to December 31, 2022 reflected in this Annual Report is not indicative of our customer growth given our one-time voluntary sunsetting of our Compliance Sheriff product and its respective customers.
Dollar-Based Net Retention Rate
Our management believes that our ability to retain and grow the ARR generated from our existing subscription customers is an indicator of the long-term value of our subscription customer relationships and future business opportunities. We track our performance in this area by measuring our dollar-based net retention rate, which reflects customer renewals, expansion, contraction, and customer attrition within our ARR base. We calculate dollar-based net retention rate by dividing the numerator by the denominator as set forth below:
• Denominator: As of the end of a reporting period, ARR as of the last day of the comparable reporting period in the prior year.
• Numerator: ARR for that same cohort of customers as of the end of the reporting period in the current year, including any expansion and net of any contraction and customer attrition over the trailing 12 months, excluding ARR from new subscription customers in the current period.
Our dollar-based net retention rate was 96% and 114% at December 31, 2022 and 2021, respectively.
Key Components of Results of Operations
Revenue
We recognize revenue under ASC 606, Revenue from Contracts with Customers (“ASC 606”). Under ASC 606, we recognize revenue when our customers obtain control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services.
We primarily sell our software through on-premise term-based license agreements, perpetual license agreements and SaaS subscriptions, which allow our customers to use our SaaS services without taking possession of the software. Our products offer substantially the same functionality whether our customers receive them through a perpetual license, a term-based license or a SaaS arrangement. Our agreements with customers for software licenses may include maintenance contracts and may also include professional services contracts. Maintenance revenues consist of fees for providing unspecified software updates and technical support for our products for a specified term, which is typically one to three years. We offer a portfolio of professional services and extended support contract options to assist our customers with integration, optimization, training and ongoing advanced technical support. We also generate revenue from threat advisory services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, architecture review and source code review.
Subscription . Our term-based license arrangements that do not contain variable consideration include both upfront revenue recognition when the distinct license is made available to the customer as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. Revenue on our SaaS arrangements that do not contain variable consideration, is recognized ratably over the contract period as we satisfy the performance obligation, beginning on the date the service is made available to our customers.
Subscription revenue represented approximately 81% and 80% of our revenue for 2022 and 2021, respectively. We ex pect that a majority of our revenue will continue to be from subscriptions for the foreseeable future, and we expect that subscription revenue as a percentage of total revenue will increase over time. Changes in period-over-period subscription revenue growth are primarily impacted by the following factors:
• the type of new and renewed subscriptions (i.e., term-based or SaaS); and
• the duration of new and renewed term-based subscriptions.
While the number of new and increased subscriptions during a period impacts our subscription revenue growth, the type and duration of those subscriptions have a significantly greater impact on the amount and timing of revenue recognized in a period. Subscription revenue from the software license components of term-based licenses is generally recognized at the beginning of the subscription term, while subscription revenue from SaaS and support and maintenance is generally recognized ratably over the subscription term. As a result, our revenue may fluctuate due to the timing and type of the software license components of term-based licensing transactions. In addition, keeping other factors constant, when the percentage of subscription term-based licenses to total subscriptions sold or renewed in a period increases relative to the prior period, revenue growth will generally increase. Conversely, when the percentage of subscription SaaS and support and maintenance to total subscriptions sold or renewed in a period increases, revenue growth will generally decrease, as compared to a prior period. Additionally, a multi-year subscription term-based license will generally result in greater revenue recognition up front relative to a one-year subscription term-based license. Therefore, keeping other factors constant, revenue growth will generally also trend higher in a period where the percentage of multi-year subscription term-based licenses to total subscription term-based licenses increases.
Perpetual licenses . Our perpetual license arrangements generally include both upfront revenue recognition when the distinct license is made available to the customer as well as revenue recognized ratably over the contract period for support and maintenance based on the stand-ready nature of these elements. Revenue related to support and maintenance is included as part of subscription revenue. We expect that perpetual license revenue as a percentage of total revenue will decrease over time.
For 2022 and 2021, approximately 4% and 5%, respectively, of our revenue was from perpetual licenses.
Services and other . Our services-related performance obligations predominantly relate to the provision of consulting and threat advisory services, and to a lesser extent, training and software installation. Software installation services are distinct from subscriptions and do not result in significant customization of the software. Our services are generally priced on a time and materials basis, which is generally invoiced monthly and for which revenue is recognized as the services are performed. Revenue from our training services and sponsorship fees is recognized on the date the services are complete. Over time, we expect services revenue to remain relatively stable as a percentage of total revenue.
For each of 2022 and 2021, approximately 15% of our revenue was from services and other.
Concentrations . The following table summarizes revenue by country and main geography in which we operate, including in the United States and Canada (“US&C”), Latin America (“LATAM”), Europe, the Middle East and Africa (“EMEA”), and Asia Pacific (“APAC”), based on the billing address of customers (including, for the avoidance of doubt, resellers and managed service providers) who have contracted with us (in thousands).
Revenues by country (a):
United States
Colombia
Other
Total
Revenues by main geography:
LATAM
EMEA
APAC
Total
(a) Only the United States and Colombia represented 10% or more of our total revenue in either period presented.
No single customer (including, for the avoidance of doubt, resellers and managed service providers) accounted for 10% or more of our total revenue in either period presented.
Cost of Revenue
Cost of revenue consists primarily of employee compensation costs for employees associated with supporting our licensing arrangements and service arrangements, certain third-party expenses and the amortization of developed technology assets. Employee compensation and related costs include cash compensation and benefits to employees, equity-based compensation, costs of third-party contractors and associated overhead costs. Third-party expenses consist of cloud infrastructure costs, other expenses directly associated with our customer support, including, in limited instances, equipment purchased for resale. We expect cost of revenue to increase in absolute dollars.
Gross Profit and Gross Margin
Gross profit, or revenue less cost of revenue, and gross margin, or gross profit as a percentage of revenue, have been and will continue to be affected by various factors, including the timing of our acquisition of new customers and renewals of and follow-on sales to existing customers, the average sales price of our services, mix of services offered in our solutions, including new product introductions, the extent to which we expand our customer support and operations and the extent to which we can increase the efficiency of our technology and infrastructure through technological improvements. We currently expect gross profit to increase in absolute dollars and gross margin to increase slightly over the long term, although our gross profit and gross margin could fluctuate from period to period depending on the interplay of all the above factors.
Operating Expenses
Our operating expenses consist of sales and marketing, research and development, and general and administrative expenses. Personnel costs are the most significant component of operating expenses and consist of salaries, benefits, bonuses, equity-based compensation expense and, with respect to sales and marketing expenses, sales commissions that are recognized as expenses. Operating expenses also include overhead costs for facilities, IT, depreciation expense and amortization expense.
Sales and Marketing
Sales and marketing expenses consist primarily of employee compensation and related expenses, including salaries, bonuses and benefits for our sales and marketing employees, sales commissions that are recognized as expenses over the
period of benefit, equity-based compensation expense, marketing and channel programs, travel and entertainment expenses, expenses for conferences and events and allocated overhead costs. We capitalize our sales commissions and associated payroll taxes and recognize them as expenses over the estimated period of benefit. The amount recognized in our sales and marketing expenses reflects the amortization of cost previously deferred as attributable to each period presented in our consolidated financial statements, as described in Note 1 — Business and Summary of Significant Accounting Policies to our audited consolidated financial statements included in Part II, Item 8 of this Annual Report - “Financial Statements and Supplementary Data”. Advertising expenses are charged to sales and marketing expense in the audited consolidated statements of operations as incurred.
We intend to continue to invest in our sales and marketing organization to drive additional revenue, further penetrate the market and expand our global customer base. As a result, we expect our sales and marketing expenses to be our largest operating expense category for the foreseeable future. In particular, we plan to continue to invest in our sales force, broadening our brand awareness and expanding and deepening our channel partner relationships. However, we currently expect sales and marketing expenses to decrease as a percentage of our revenue over the long term, although our sales and marketing expenses may fluctuate as a percentage of revenue from period to period due to the timing and extent of these expenses.
Research and Development
Research and development costs to develop software to be sold, leased or marketed are expensed as incurred up to the point of technological feasibility for the related software product. We have not capitalized development costs for software to be sold, leased or marketed to date, as the software development process is essentially completed concurrent with the establishment of technological feasibility. As such, these costs are expensed as incurred and recognized in research and development costs in the audited consolidated statements of operations.
Software developed for internal use, with no substantive plans to market such software at the time of development, is capitalized and included in property and equipment, net in the audited consolidated balance sheets. Costs incurred during the preliminary planning and evaluation and post implementation stages of the project are expensed as incurred. Costs incurred during the application development stage of the project are capitalized.
Our research and development expenses support our efforts to add new features to our existing offerings and to ensure the reliability, availability and scalability of our solutions. Our research and development teams employ software engineers in the design and the related development, testing, certification and support of our solutions. Accordingly, the majority of our research and development expenses result from employee-related costs, including salaries, bonuses and benefits and costs associated with technology tools used by our engineers.
We intend to continue to make investments in research and development to extend the features of our existing offerings and technology capabilities.
General and Administrative
General and administrative expenses consist primarily of employee-related costs, including salaries and bonuses, equity-based compensation expense and employee benefit costs for our finance, legal, human resources and administrative personnel, as well as professional fees for external legal services, accounting and other related consulting services. Litigation-related expenses, if any, include professional fees and related costs incurred by us in defending or settling significant claims that our management deem not to be in the ordinary course of our business and, if applicable, accruals related to estimated losses in connection with these claims. We expect that our general and administrative expenses will increase in absolute dollars for the foreseeable future, as we incur increased compliance costs and other related costs necessary to operate as a public company. However, we currently expect our general and administrative expenses to decrease as a percentage of revenue over the long term, although our general and administrative expenses may fluctuate as a percentage of revenue from period to period due to the timing and extent of these expenses.
Transaction Costs
In June 2022, we expensed $2.1 million of transaction costs in connection with a contemplated registered offering of equity securities. In 2021, transaction costs expensed in connection with the Merger totaled $3.1 million.
Depreciation and Amortization
Acquired intangible assets consist of identifiable intangible assets, including trademarks and tradenames and customer relationships resulting from business combinations. Acquired finite-lived intangible assets are initially recorded at fair value and are amortized on a straight-line basis over their estimated useful lives. Amortization expense for trademarks and tradenames and customer relationships is recorded primarily within depreciation and amortization in the consolidated statements of operations.
Change in Fair Value of Embedded Derivative Liability
We have recognized an embedded derivative liability associated to the Convertible Senior Notes. The embedded derivative is recognized at fair value and is subsequently remeasured at its estimated fair value on a recurring basis at the end of each reporting period, with changes in estimated fair value recognized as change in fair value of embedded derivative liability in our consolidated statements of operations.
Interest Expense
Interest expense consists primarily of interest incurred on our obligations under the Convertible Senior Notes and the Revolving Credit Facility and through February 8, 2021, obligations of Legacy Appgate under the Promissory Notes. See “ — Promissory Notes” above and “ — Liquidity and Capital Resources ” below.
Income Tax
Through December 31, 2019, the operations of Legacy Appgate were included in the consolidated U.S. federal, state, local and foreign income tax returns filed by Cyxtera, where applicable.
Our income taxes, as presented in the consolidated financial statements, may not be indicative of the income taxes we will generate in the future. In jurisdictions where Legacy Appgate was included in the tax returns filed by Cyxtera, any income taxes payable/receivable resulting from the related income tax provisions have been reflected in the balance sheets of each separate entity’s provision.
Benefit (provision) for income taxes consists primarily of income taxes related to U.S. federal and state income taxes and income taxes in foreign jurisdictions in which we conduct business.
Results of Operations
The following table sets forth our consolidated results of operations for the periods presented (in thousands). The period-to-period comparisons of our historical results are not necessarily indicative of the results that may be expected in the future. The results of operations data have been derived from our audited consolidated financial statements included elsewhere in this Annual Report.
Variance %
Revenue
Cost of revenue, exclusive of amortization shown below
Amortization expense
Total cost of revenue
Gross profit
Operating expenses:
Sales and marketing
Research and development
General and administrative
Transaction costs
Depreciation and amortization
Loss on abandonment of assets
Total operating expenses
Loss from continuing operations
Change in fair value of embedded derivative liability
Interest expense, net
Other expenses, net
Loss from continuing operations before income taxes
Income tax expense of continuing operations
Net loss from continuing operations
Net income from discontinued operations, net of tax
Net loss
nm = not meaningful
Revenue
Revenue from continuing operations were as follows for 2022 and 2021:
Variance %
Subscription revenue
Perpetual licenses
Services and other
Total
Revenue decreased by $0.4 million, or 1%, during 2022 compared to 2021 . The overall decrease in revenue was primarily attributable to a net decrease in customer count from 652 customers at December 31, 2021 to 647 customers at December 31, 2022 given, in part, to our one-time voluntary sunsetting of our Compliance Sheriff product and its respective customers, combined with decreased revenue from perpetual licenses and services and other as further explained below. These decreases were partially offset by an increase in subscription term-based licenses.
Perpetual licenses revenue accounted for 4% and 5% of our revenue in 2022 and 2021, respectively. Perpetual licenses revenue decreased $0.4 million during 2022 compared to 2021 . This decrease in perpetual license revenue was driven by higher sale and deployment of new perpetual licenses in 2021 that did not reoccur in 2022 . We ex pect this trend to continue as demand for term-based license and SaaS subscriptions continue to grow over time.
Subscription revenue accounted for 81% and 80% of our total revenue in 2022 and 2021, respectively. Subscription revenue increased $0.2 million, or 1%, in 2022 when compared to 2021. This increase in subscription revenue was driven by $1.3 million in revenue from sales to existing customers partially offset by a decrease of $1.1 million in revenue from sales to new customers. Almost the entirety of the revenue from existing customers was from one-year subscription term-based licenses. Our net-dollar retention rate was 96% at December 31, 2022. Approximately $0.9 million, or 81%, of the decrease in revenue from new customers was from multi-year subscription term-based licenses, with the remaining $0.2 million, or 19%, from one-year subscription term-based licenses.
Services and other revenue accounted for 15% of our revenue in each of 2022 and 2021. Services and other revenue decreased $0.2 million, or 3%, in 2022 when compared to 2021. This decrease in services and other revenue was primarily the result of an overall decrease in service hours billed to customers during 2022 when compared to 2021.
Cost of Revenue
Total cost of revenue from continuing operations increased by $1.3 million, or 6%, during 2022 compared to 2021. The increase in total cost of revenue was primarily due to an increase of $2.0 million in other cost of revenue, partially offset by a decrease in amortization of developed technology of $0.7 million. The increase in other cost of revenue was primarily as a result of an increase in personnel costs from higher average headcount during 2022, and, to a lesser extent, from an increase in subscription and hosting costs and contracted services. Operations headcount increased by 13 positions from 132 at December 31, 2021 to 145 at December 31, 2022. The decrease in amortization of developed technology is related to the abandonment of the Compliance Sheriff related developed technology in 2022.
Gross Profit
Gross profit totaled $20.8 million for 2022 , a decrease of $1.7 million, or 7%, as compared to 2021 . This decrease was the result of the factors described above under “Revenue” and “Cost of Revenue”.
Operating Expenses
Total operating expenses from continuing operations increased by $24.2 million , or 32%, for 2022 as compared to 2021 . The factors that contributed to the increase in operating expenses are detailed below.
Sales and marketing expenses increased by $5.4 million, or 14%, for 2022 as compared to 2021. This increase was primarily the result of an increase in personnel costs from higher headcount on both the sales and marketing teams, and to a lesser extent, higher investment in marketing and advertising costs since completion of the Merger. While sales and marketing headcount has recently decreased as described above, prior to the Reduction, there was overall higher headcount in both the sales and marketing teams in 2022 as compared to 2021 .
Research and development increased $2.4 million, or 22%, for 2022 as compared to 2021. This increase was primarily the result of an increase in personnel costs from higher headcount. Research and development headcount increased by 6 positions from 120 at December 31, 2021 to 126 at December 31, 2022.
General and administrative expenses increased by $15.8 million, or 86%, for 2022 as compared to 2021. This increase was primarily the result of equity-based compensation expense recognized during 2022 in connection with the 2021 Plan, and an increase in personnel costs from higher headcount throughout 2021 and 2022 prior to the Reduction. General and administrative headcount decreased by 11 positions from 76 at December 31, 2021 to 65 at December 31, 2022.
Transaction costs. In June 2022, we expensed $2.1 million of transaction costs related to a contemplated registered equity offering. Transaction costs expensed in connection with the Merger totaled $3.1 million in 2021.
Depreciation and amortization expense remained relatively flat for 2022 as compared to 2021. While there was an increase in depreciation and amortization primarily due to depreciation and amortization on purchases of property and equipment during 2021, we had lower amortization expense related to intangibles following the abandonment of the Compliance Sheriff related intangibles in 2022.
Loss on abandonment of assets. We stopped offering our Compliance Sheriff product and, as a result, recorded a loss on abandonment of the related intangible assets of $1.7 million in 2022.
Change in Fair Value of Embedded Derivative Liability
During 2022, we recognized a gain of $58.8 million in connection with the embedded derivative associated with the conversion feature under the Convertible Senior Notes, while we recognized a loss of $78.5 million in 2021. Refer to Note 7 to the audited consolidated financial statements in this Annual Report for a discussion of the key inputs affecting the value of the derivative.
Interest Expense, Net
Interest expense, net increased by $3.3 million for 2022 as compared to 2021. The increase in interest expense, net was primarily attributable to the change in the mix of our debt during 2021 and 2022. As described above, the Promissory Notes were repaid in part with the balance extinguished, in each case on February 8, 2021. On February 9, 2021, Legacy Appgate issued the Initial Convertible Senior Notes, which are described below, and in connection with the closing of the Merger on October 12, 2021, issued the Additional Convertible Senior Notes. Additionally, on April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into the Revolving Credit Agreement which provides for the Revolving Credit Facility. Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date. During 2022, we borrowed $46.5 million under the Revolving Credit Facility, all of which remained outstanding as of December 31, 2022.
Other Expenses, Net
Other expenses, net remained flat at $0.5 million in 2022 as compared to 2021.
Income Tax Expense
Our effective tax rate for 2022 and 2021 was (6.2)% and (1.8)%, respectively. The effective tax rate for 2022 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, share-based compensation write-off, and foreign withholding taxes. The effective tax rate for 2021 differs from the U.S. Federal income tax rate of 21% primarily due to changes in the valuation allowance, the change in the fair value of our embedded derivative liability that is not tax deductible, state taxes, and foreign withholding taxes.
Non-GAAP Financial Measures
In addition to our results determined in accordance with GAAP, we believe the following non-GAAP financial measures are useful to investors in evaluating our operating performance.
These non-GAAP financial measures are presented for supplemental informational purposes only and should not be considered a substitute for financial information presented in accordance with GAAP and may be different from similarly titled non-GAAP measures used by other companies. A reconciliation is provided below for each non-GAAP financial measure to the most directly comparable financial measure determined in accordance with GAAP. Investors are encouraged to review the related GAAP financial measures and the reconciliation of these non-GAAP financial measures to their most directly comparable GAAP financial measures.
Non-GAAP Gross Profit and Gross Margin
Non-GAAP gross profit and non-GAAP gross margin are supplemental measures of operating performance that are not determined in accordance with GAAP and do not represent, and should not be considered as, an alternative to gross profit and gross margin, the most directly comparable financial measures determined in accordance with GAAP. We define non-GAAP gross profit as gross profit, adjusted to add back non-cash equity-based compensation expense and developed technology amortization expense and define non-GAAP gross margin as non-GAAP gross profit as a percentage of revenue.
We use non-GAAP gross profit and non-GAAP gross margin to understand and evaluate our core operating performance and trends, to prepare and approve our annual budget, and to develop short-term and long-term operating plans. We believe that non-GAAP gross profit and non-GAAP gross margin are useful measures to our management and to our investors because they provide consistency and comparability with past financial performance and between periods, as the metrics
generally eliminate the effects of the variability of amortization expense of intangibles and non-cash equity-based compensation expense from period to period, which may fluctuate for reasons unrelated to overall operating performance. We believe that the use of these measures enables our management to more effectively evaluate our performance period-over-period and relative to our competitors, some of which use similar non-GAAP financial measures to supplement their GAAP results. Non-GAAP gross profit and non-GAAP gross margin have limitations as analytical tools, and you should not consider them in isolation, or as a substitute for analysis of our results as reported under GAAP. Because of these limitations, non-GAAP gross profit and non-GAAP gross margin should not be considered as a replacement for gross profit and gross margin, as determined in accordance with GAAP, or as a measure of our profitability.
A reconciliation of our non-GAAP gross profit and non-GAAP gross margin to gross profit and gross margin, the most directly comparable financial measures determined in accordance with GAAP, for 2022 and 2021, is as follows (in thousands):
GAAP revenue
GAAP gross profit
Add: amortization expense
Add: equity-based compensation
Non-GAAP gross profit
GAAP gross margin
Non-GAAP gross margin
Non-GAAP Loss from Operations and Non-GAAP Operating Margin
We define non-GAAP loss from operations as GAAP loss from continuing operations excluding amortization expense of acquired intangible assets, loss on abandonment of assets, non-cash equity-based compensation expense, and transaction costs. We define non-GAAP operating margin as non-GAAP loss from continuing operations as a percentage of revenue.
A reconciliation of our non-GAAP loss from operations and non-GAAP operating margin to loss from continuing operations and operating margin, the most directly comparable financial measures determined in accordance with GAAP, for 2022 and 2021, is as follows (in thousands) :
GAAP revenue
GAAP loss from continuing operations
Add: amortization expense
Add: loss on abandonment of assets
Add: equity-based compensation
Add: transaction costs
Non-GAAP loss from operations
GAAP operating margin
Non-GAAP operating margin
Free Cash Flow and Free Cash Flow Margin
Free cash flow is a non-GAAP financial measure that we define as net cash provided by (used in) operating activities of continuing operations less cash used for purchases of property and equipment and repayment of finance leases. We believe that free cash flow is a useful indicator of liquidity that provides information to management and investors, even if negative, as it provides useful information about the amount of cash generated (or consumed) by our operating activities that is available (or not available) to be used for other strategic initiatives. For example, if free cash flow is negative, we may need to access cash reserves or other sources of capital to invest in strategic initiatives. While we believe that free cash flow is useful in evaluating our business, free cash flow is a non-GAAP financial measure that has limitations as an analytical tool, and free cash flow should not be considered as an alternative to, or substitute for, net cash provided by (used in) operating activities in accordance with GAAP. The utility of free cash flow as a measure of our liquidity is limited as it does not represent the total increase or decrease in our cash balance for any given period and does not reflect our future contractual commitments. In addition, other companies, including companies in our industry, may calculate free cash flow differently or not at all, which reduces the usefulness of free cash flow as a tool for comparing our results to those of other companies.
Net cash, cash equivalents and restricted cash used in operating activities of continuing operations
Less:
Purchases of property and equipment
Repayment of finance leases
Free cash flow
As a percentage of revenue:
GAAP revenue
Net cash, cash equivalents and restricted cash used in operating activities of continuing operations
Less:
Purchases of property and equipment
Repayment of finance leases
Free cash flow
Liquidity and Capital Resources
As of December 31, 2022, we had cash and cash equivalents and remaining borrowing capacity under the Revolving Credit Facility of $11.5 million and of $3.5 million, respectively. Historically, Legacy Appgate’s principal source of liquidity was borrowing availability under the Promissory Notes and cash generated from Legacy Appgate’s operations. As discussed above, on February 8, 2021, Legacy Appgate repaid Cyxtera the full amount of the Promissory Note issued to Cyxtera and made a partial repayment on the then accumulated principal and interest under the Promissory Note issued to the Management Company. On that same date, the Management Company issued a payoff letter to Legacy Appgate extinguishing the balance remaining unpaid of $34.6 million following such repayment. The payoff letter resulted in the full settlement and extinguishment of the Promissory Note held by the Management Company.
We have generated significant operating losses and negative cash flows from operations as reflected in our accumulated deficit and consolidated statements of cash flows. We expect to continue to incur operating losses and negative cash flows from operations for the foreseeable future. Currently, our principal sources of liquidity are the proceeds from the issuance of the Convertible Senior Notes, our borrowings and remaining borrowing capacity under the Revolving Credit Facility and cash generated from our operations, which have enabled us to make continued investments to support the growth of our business. As a result of our recurring losses from operations and current liquidity, management is of the opinion that there is a substantial doubt as to the Company’s ability to continue as a going concern. The audited consolidated financial statements included herein have been prepared assuming that we will continue as a going concern and do not include adjustments that might result from the outcome of this uncertainty. If we are unable to raise the requisite funds, we will need to curtail or cease operations. See Note 1 to the audited consolidated financial statements for more information and Part I, Item 1A, “Risk Factors—Management has performed an analysis of our ability to continue as a going concern, and
has determined that, based on our current financial position, there is a substantial doubt about our ability to continue as a going concern. In addition, our independent registered public accounting firm has raised substantial doubt as to our ability to continue as a going concern in this Annual Report.”
We have based our estimates as to how long we expect we will be able to fund our operations on assumptions that may prove to be wrong. In the long-term, we will be required to obtain additional financing to fund our current planned operations, which may consist of borrowings under the Revolving Credit Facility or an alternative financing arrangement, which may not be available to us on acceptable terms, or at all. Our failure to raise capital as and when needed may have a negative impact on our financial condition and our ability to pursue our business strategy. If we do raise additional capital through public or private equity offerings, the ownership interest of our existing stockholders will be diluted. If we raise additional capital through debt financing, we may be subject to covenants limiting or restricting our ability to take specific actions, such as incurring additional debt, making capital expenditures or declaring dividends.
Debt
As of December 31, 2022, we had $121.5 million in aggregate principal amount of debt outstanding: $75.0 million under the Convertible Senior Notes and $46.5 million under the Revolving Credit Facility. As of December 31, 2021, we had $75.0 million in aggregate principal amount of debt outstanding, all of which was under the Convertible Senior Notes.
Convertible Senior Notes
On February 9, 2021, Legacy Appgate issued the Initial Convertible Senior Notes to various funds managed by Magnetar. In connection with the closing of the Merger, Legacy Appgate issued the Additional Convertible Senior Notes. The Convertible Senior Notes are subject to the terms and conditions of the Note Issuance Agreement and Note Purchase Agreement.
We received net proceeds of $72.8 million from the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes, after deducting fees and expenses of $2.2 million. We recorded these fees and expenses as debt issuance costs that will be amortized over the term of the Convertible Senior Notes.
The Convertible Senior Notes are senior, unsecured obligations of Legacy Appgate, and the payment of the principal and interest is unconditionally guaranteed, jointly and severally by Legacy Appgate’s U.S. subsidiaries and, as of the closing of the Merger, also by the Company. The Convertible Senior Notes mature on February 9, 2024, unless earlier converted, redeemed, or repurchased.
Interest on the Convertible Senior Notes is payable either entirely in cash or entirely in kind (“PIK Interest”), or a combination of cash and PIK Interest at Appgate’s discretion. The Convertible Senior Notes bear interest at the annual rate of 5% with respect to interest payments made in cash and 5.50% with respect to PIK Interest, with interest payable semi-annually on February 1 and August 1 of each year, commencing on August 1, 2021. PIK Notes issued or issuable in respect of PIK Interest have the same terms and conditions as the Convertible Senior Notes. On February 1, 2023, Legacy Appgate issued approximately $2.1 million in PIK Notes with respect to a single interest payment date. The Note Issuance Agreement includes certain affirmative and financial covenants we are required to satisfy.
Revolving Credit Agreement
On April 26, 2022, Legacy Appgate, Appgate, the other guarantors party thereto and SIS Holdings entered into the Revolving Credit Agreement which provides for a $50.0 million unsecured, revolving credit facility, or the “Revolving Credit Facility”. This indebtedness is contractually subordinated to the Convertible Senior Notes and matures, on the earlier to occur of (a) June 30, 2023, (b) the closing of a registered offering of Capital Stock (as defined in the Revolving Credit Agreement) of the Company in an aggregate amount equal to $50.0 million or more and (c) the date of which the Loans (as defined in the Revolving Credit Agreement) are accelerated upon an Event of Default (as defined in the Revolving Credit Agreement). Interest accrues on amounts drawn under the Revolving Credit Facility at a rate of 10.0% per annum, payable in cash on the Final Maturity Date (as defined in the Revolving Credit Agreement). The Revolving Credit Agreement is subject to customary terms, covenants and conditions. All obligations under the Revolving Credit Agreement are guaranteed by Appgate and Legacy Appgate’s domestic subsidiaries. As of December 31, 2022, we had $46.5 million in aggregate principal amount of debt outstanding under the Revolving Credit Facility.
Promissory Notes
On March 31, 2019, Legacy Appgate issued the Promissory Notes to each of Cyxtera and the Management Company. As discussed above and in our audited consolidated financial statements included elsewhere in Part II, Item 8 of this Annual Report - “Financial Statements and Supplementary Data”, on February 8, 2021 , Legacy Appgate repaid Cyxtera the full amount on the then outstanding principal and interest of $20.6 million under the Promissory Note issued to Cyxtera and made a partial repayment of $99.0 million to the Management Company on the then outstanding principal and interest of $133.6 million under the Promissory Note issued to the Management Company. On that same date, the Management Company issued a payoff letter to Legacy Appgate extinguishing the balance remaining unpaid following such repayment. Because Cyxtera was Legacy Appgate’s direct parent at the time of issuance of the Promissory Notes and an affiliate under common control with Legacy Appgate at the time of repayment, we recognized the note extinguishment of $34.6 million as a capital contribution in 2021.
Other Contractual Obligations and Commitments
In addition to our debt obligations under the Convertible Senior Notes, the Revolving Credit Facility, and lease obligations under several operating lease arrangements, Appgate has other contractual commitments. Refer to Note 10 — Leases and Note 11 — Debt , to our audited consolidated financial statements included elsewhere in this Annual Report for additional information on maturities. Refer to Note 12 — Commitments and Contingencies to our audited consolidated financial statements included elsewhere in this Annual Report for additional information regarding cash amounts committed under other contractual obligations.
Cash Flow
Cash Flows for 2022 and 2021. The following table sets forth our historical cash flows for the periods indicated (in thousands):
Net cash, cash equivalents and restricted cash used in operating activities
Net cash, cash equivalents and restricted cash (used in) provided by investing activities
Net cash, cash equivalents and restricted cash provided by (used in) financing activities of continuing operations
Operating Activities
Our largest source of operating cash is cash collections from customers for sales of licenses and services. Our primary uses of cash from operating activities are for employee-related expenditures, marketing expenses and third-party hosting costs.
Net cash used in operating activities during 2022 was $58.5 million, which resulted from a net loss of $30.1 million, non-cash charges of $24.9 million and net cash outflow of $3.6 million from changes in assets and liabilities. Non-cash charges primarily consisted of a $58.8 million change in the fair value of our embedded derivative liability, $14.7 million in equity-based compensation, $9.3 million of depreciation and amortization, $6.0 million of amortization of deferred contract acquisition costs, and $1.7 million loss on abandonment of assets following our decision to stop offering our Compliance Sheriff product. The net cash outflow from changes in assets and liabilities was primarily due to more cash used in working capital, primarily driven by higher employee-related expenses in 2022 as discussed above under “Results of Operations,” and higher costs associated to the Merger and related initiatives, increases in deferred contract acquisition costs, and a decrease in deferred revenue, partially offset by increased collections.
Net cash used in operating activities during 2021 was $52.1 million, which resulted from a net loss of $73.1 million, adjusted for the net income from discontinued operations, net of tax of $65.7 million, net cash provided by operating activities of discontinued operations of $0.8 million, non-cash charges of $97.6 million and net cash outflow of $11.6 million from changes in assets and liabilities. Non-cash charges primarily consisted of a $78.5 million change in the fair value of our embedded derivative liability, $9.9 million of depreciation and amortization, $5.3 million of amortization of deferred contract acquisition costs, and $3.5 million in equity-based compensation. The net cash outflow from changes in assets and liabilities was primarily due to more cash used in working capital, primarily driven by higher headcount in 2021 as discussed above under “Results of Operations,” and higher costs associated to the Merger and related initiatives,
increases in contract assets and deferred contract acquisition costs, and a decrease in deferred revenue, partially offset by increased collections.
Investing Activities
During 2022, we used cash in our investing activities of $0.6 million as compared to cash provided by investing activities of $124.1 million during 2021. The change in cash flows from investing activities during 2022 when compared to 2021 was primarily due to receipt of $125.0 million in net proceeds from the sale of Brainspace in January 2021.
Financing Activities
During 2022, we borrowed $46.5 million under the Revolving Credit Facility. We did not have any other cash movement in financing activities during 2022. During 2021, we used $48.4 million of cash in financing activities, primarily for the repayment of $119.6 million to Cyxtera and/or the Management Company in February 2021 as settlement and extinguishment of the Promissory Notes, net of gross proceeds of $75.0 million received from the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes. In 2022, we paid $2.2 million in debt issuance costs in connection with the issuance of the Initial Convertible Senior Notes and Additional Convertible Senior Notes and spent $1.5 million on the recapitalization of the Company following the Merger (see Note 2).
Critical Accounting Estimates
The discussion and analysis of our financial condition and results of operations are based upon our consolidated financial statements, which have been prepared in accordance with GAAP. The preparation of these financial statements requires management to make estimates and judgments that affect the reported amounts of assets and liabilities, revenue and expenses and related disclosures of contingent assets and liabilities at the date of our financial statements. We evaluate our estimates and assumptions on an ongoing basis. The estimates and assumptions used by management are based on historical experience and other factors, which are believed to be reasonable under the circumstances. Actual results may differ from these estimates under different assumptions or conditions, impacting our reported results of operations and financial condition.
Critical accounting policies are those that we consider the most important to the portrayal of our financial condition and results of operations because they require our most difficult, subjective, or complex judgments, often as a result of the need to make estimates about the effect of matters that are inherently uncertain. Based on this definition, we have identified the following critical accounting estimates: revenue from contracts with customers, accounting for income taxes, and accounting for goodwill and intangible assets. These critical accounting estimates are addressed below. In addition, we have other key accounting estimates that are described in Note 1 – Business and Summary of Significant Accounting Policies to our audited consolidated financial statements included elsewhere in this Annual Report.
Revenue Recognition
We recognize revenue under ASC 606. Under ASC 606, we recognize revenue when our customers obtain control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services.
We primarily sell our software through on-premise term-based license agreements, perpetual license agreements and SaaS subscriptions, which allow our customers to use our SaaS services without taking possession of the software. Our products offer substantially the same functionality whether our customers receive them through a perpetual, or term-based license or a SaaS arrangement. Our agreements with customers for software licenses may include maintenance contracts and may also include professional services contracts. Maintenance revenues consist of fees for providing unspecified software updates and technical support for our products for a specified term, which is typically one to three years. We offer a portfolio of professional services and extended support contract options to assist our customers with integration, optimization, training and ongoing advanced technical support. We also generate revenue from threat advisory services, including penetration testing, application assessments, vulnerability analysis, reverse engineering, architecture review and source code review.
If a contract contains a single performance obligation, the entire transaction price is allocated to the single performance obligation. For contracts that contain multiple distinct performance obligations, we allocate the transaction price to each performance obligation based on a relative standalone selling price (“SSP”). We determine the transaction price with reference to the SSP of the various performance obligations inherent within a contract. The SSP is determined based on the prices at which we separately sell these products, assuming the majority of these fall within a pricing range. In instances
where SSP is not directly observable, such as when we do not sell the software license separately, we derive the SSP utilizing market conditions and other factors, including customer type, market conditions and pricing objectives, historical sales data, and negotiated discounts from price lists, if any, that can require significant judgement.
Derivatives
We have concluded that the conversion feature under the Convertible Senior Notes requires bifurcation from the debt host agreement in accordance with ASC 815. Accordingly, we recognize a derivative liability at fair value for this instrument in our consolidated balance sheet and adjust the carrying value of the liability to fair value at each reporting period until the conversion feature underlying the instrument is exercised, redeemed, cancelled or expires. The changes in fair value are recorded as other expense in our consolidated statement of operations. The derivative is valued using Level 3 inputs which are highly subjective and require a high degree of judgment. Refer to Note 7 to our consolidated financial statements included elsewhere in this Annual Report for disclosures regarding those significant unobservable inputs and how a change in those significant unobservable inputs to a different amount might produce a significantly higher or lower derivative value at the reporting date.
Income Taxes
Through December 31, 2019, the operations of Legacy Appgate were included in the consolidated U.S. federal, state, local and foreign income tax returns, filed by Cyxtera, where applicable.
We account for income taxes using the asset and liability method. Deferred income taxes are recognized by applying the enacted statutory tax rates applicable to future years to differences between the carrying amounts of existing assets and liabilities and their respective tax bases and net operating loss and tax credit carryforwards. The effect on deferred tax assets and liabilities of a change in tax rates is recognized in the period that includes the enactment date. The measurement of deferred tax assets is reduced, if necessary, by a valuation allowance to amounts that are more likely than not to be realized. In addition, certain Federal and state NOL carryforward assets are reduced by a valuation allowance and/or may be limited by Code Section 382 or 383.
We use an estimate of the annual effective income tax rate at each interim period based on the facts and circumstances available at that time, while the actual effective income tax rate is calculated at year-end.
See Note 18 – Income Taxes to our audited consolidated financial statements included elsewhere in this Annual Report for additional information about accounting for income taxes.
Goodwill and Other Long-Lived Assets, including Acquired Intangible Assets
Goodwill represents the excess of the fair value of purchase consideration in a business combination over the fair value of net tangible and intangible assets acquired. Goodwill amounts are not amortized, but rather tested for impairment at least annually or more often if circumstances indicate that the carrying value may not be recoverable. Upon the Cyxtera Spin-Off, Legacy Appgate’s opening carve-out consolidated financial statements included the goodwill balances carried over from Cyxtera in connection with Cyxtera’s acquisition of the entities that formed Legacy Appgate, less impairments. We perform annual impairment tests of goodwill on October 1st of each year or whenever an indicator of impairment exists. We did not record any impairment of goodwill in 2022 or 2021.
Our annual impairment tests of goodwill may be completed through qualitative assessments. We may elect to bypass the qualitative assessment and proceed directly to a quantitative impairment test, for any reporting unit, in any period. We can resume the qualitative assessment for any reporting unit in any subsequent period. Under a qualitative approach, our impairment review for goodwill consists of an assessment of whether it is more-likely-than-not that a reporting unit’s fair value is less than its carrying amount. If we elect to bypass the qualitative assessment for any reporting units, or if a qualitative assessment indicates it is more-likely-than-not that the estimated carrying value of a reporting unit exceeds its fair value, we perform a quantitative goodwill impairment test that requires us to estimate the fair value of the reporting unit. If the fair value of the reporting unit is less than its carrying amount, we will measure any goodwill impairmentloss as the amount by which the carrying amount of a reporting unit exceeds its fair value, not to exceed the total amount of goodwill allocated to that reporting unit. We use an income approach and a market approach, when available, to estimate a reporting unit’s fair value, which discounts the reporting unit’s projected cash flows using a discount rate we determine from a market participant's perspective under the income approach or utilizing similar publicly traded companies as
guidelines for determining fair value under the market approach. We make significant assumptions when estimating a reporting unit’s projected cash flows, including revenue, driven primarily by sales growth, operating expenses, capital expenditures and income tax rates, among others.
We completed our impairment reviews for goodwill as of October 1, 2022 and 2021 and no impairment resulted. The estimates and assumptions we use to estimate fair values when performing quantitative assessments are highly subjective judgments based on our experience and knowledge of our operations. Significant changes in the assumptions used in our analysis could result in an impairment charge related to goodwill. Circumstances that could result in changes to future estimates and assumptions include, but are not limited to, expectations of sales growth, which can be caused by a variety of factors, increases in income tax rates and increases in discount rates.
Acquired intangible assets consist of identifiable intangible assets, including developed technology, trademarks and tradenames, and customer relationships, resulting from business combinations. Acquired finite-lived intangible assets are initially recorded at fair value and are amortized on a straight-line basis over their estimated useful lives. Amortization expense of trademarks and tradenames, and customer relationships is recorded primarily within depreciation and amortization in our consolidated statements of operations. Amortization expense of developed technology is recorded within cost of revenue in our consolidated statements of operations.
Long-lived assets, such as property and equipment and acquired intangible assets, are reviewed for impairment whenever events or changes in circumstances indicate that their carrying amounts may not be recoverable. We measure the recoverability of these assets by comparing the carrying amounts to the future undiscounted cash flows that these assets are expected to generate. If the total of the future undiscounted cash flows are less than the carrying amount of an asset, we record an impairment charge for the amount by which the carrying amount of the asset exceeds the fair value. When assessing the recoverability of our long-lived assets, we make assumptions regarding estimated future cash flows and other factors. Some of these assumptions involve a high degree of judgment and also bear a significant impact on the assessment conclusions. Included among these assumptions are estimating undiscounted future cash flows, including the projection of sales and revenue, operating expenses, and capital requirements, among others. We formulate estimates from historical experience and assumptions of future performance, based on business plans and forecasts, recent economic and business trends, and competitive conditions. In the event that our estimates or related assumptions change in the future, we may be required to record an impairment charge. We did not record any impairment of long-lived assets in 2022 or 2021.
Recent Accounting Pronouncements
Recently issued accounting pronouncements are described in Note 1 of our audited consolidated financial statements included elsewhere in this Annual Report.
