Annual Report and Accounts 2017
Corero Network Security plc
A leader in real-time,
high performance,
DDoS protection.
C
o
r
e
r
o
N
e
t
w
o
r
k
S
e
c
u
r
i
t
y
p
l
c
A
n
n
u
a
l
R
e
p
o
r
t
a
n
d
A
c
c
o
u
n
t
s
2
0
1
7
�Corero Network Security is a leader in real-time, high-performance
Distributed Denial of Service (“DDoS”) defence solutions. Service
providers, cloud providers and digital enterprises rely on Corero’s award
winning SmartWall® Network Threat Defense System (“SmartWall”)
technology to eliminate the DDoS threat to their environment through
automatic attack detection and mitigation, coupled with network
visibility, analytics and reporting.
What is a DDoS attack?
The impact of DDoS attacks
A Distributed Denial of Service
attack is a cyber-threat, in which
multiple computer systems
attack a target, such as a server,
website or other network asset,
and cause a denial of service for
users of the targeted resource.
The flood of incoming messages,
connection requests or
malformed packets to the target
system, forces it to slow down or
shut down, thereby denying
service to legitimate users or
systems. DDoS attacks are a
threat to service availability,
network security, brand
reputation and ultimately lead to
lost revenues.
Attackers are continuing to
leverage DDoS attacks as part of
their cyber-threat arsenal to
either disrupt business
operations or provide a
smokescreen while they access
sensitive corporate information,
and they are doing it in
increasingly creative ways that
circumvent traditional security
solutions or reduce the previous
effectiveness of DDoS scrubbing
centres.
49%
of companies discovered
a virus following a DDoS
attack
$250,000
(per hour)
revenue at risk in the
face of a DDoS attack*
27%
increase in breach incidents
experienced in concert
with DDoS attacks
90%
of organisations report
some form of breach or
associated activity with
DDoS attacks
(Source: Neustar Global DDoS Attacks & Cyber Security Insights Report October 2017)
* As estimated by 49% of over 1,000 respondents in a Neustar survey
Why is there a need for businesses to address DDoS threats?
• Availability and security of Internet services and applications is essential
for digital / online businesses
• Downtime or compromise equates to:
• Lost revenues and additional operational costs
• Unhappy customers with increased costs for retention of existing
customers and acquisition of new customers
• Brand and reputation damage
• Legal liability and fines
�t
r
o
p
e
R
c
i
g
e
t
a
r
t
S
e
c
n
a
n
r
e
v
o
G
01
Highlights
Customer wins across the SmartWall target markets – service providers,
cloud providers and digital enterprises.
Revenue
Reduced EBITDA loss*
Net cash
$8.5mas contribution from
legacy products
reduced as expected
(2016: $8.8 million)
$5.1m(2016: $6.4 million)
Loss per share
3.1c
(2016: 9.0 cents)
SmartWall revenue growth
Recurring** revenue growth
43%
over the prior year
SmartWall
Legacy
125%
over the prior year
SmartWall
’
0
0
0
$
–
e
u
n
e
v
e
R
9,000
7,000
5,000
3,000
1,000
4,000
3,000
2,000
1,000
’
0
0
0
$
–
e
u
n
e
v
e
r
g
n
i
r
r
u
c
e
R
2015
2016
2017
2015
2016
2017
Operating highlights
• Strong performance of flagship
SmartWall product
• Signed partnerships with global
blue-chip technology companies to
accelerate revenue growth strategy
• Juniper Networks, McAfee, Gigamon
• Existing customer add-on orders up
320% over the prior year
• New technology launched following
two-year development programme
• High customer delight with >95%
• Added 100Gbps capacity product
renewal rates for support and services
• Launched vNTD virtual software
• First two $1.0 million customers
appliance
• Encouraging uptake of DDoS
protection as-a-service (launched in
late 2016)
For more information
www.corero.com
*
comprises the operating loss less unrealised foreign exchange differences on an intercompany loan,
depreciation, amortisation and impairment of goodwill. The Directors consider EBITDA to be a better meas-
ure of profitability as it excludes non cash items. The 2016 EBITDA has been adjusted to be on a consistent
basis.
** Recurring revenue comprises maintenance, support services and aaS recognised revenue.
$1.4mat 31 December 2017
(2016: $2.9 million)
Contents
Overview
01 Highlights
02 Corero at a glance
03 What we do
05 Our proposition
Strategic Report
06 Chief Executive’s strategic update
10 Market overview
12
Our business model
14 Our strategy
17
18
Principal risks and uncertainties
Financial review
Governance
20 Board of Directors
22
23
Chairman’s Introduction
Corporate Governance Report
26 Directors’ Report
29
Statement of Director’s Responsibilities
Financial statements
30 Independent Auditor’s Report
34
35
36
37
38
39
Consolidated Statement of
Comprehensive Income
Consolidated Statement of Financial Position
Company Statement of Financial Position
Consolidated Statement of Cash Flows
Consolidated Statement of Changes in Equity
Company Statement of Changes in Equity
40 Notes to the Financial Statements
Corporate Directory
64
Corporate Directory
Financial StatementsCorporate Directory
�02
Corero at a glance
Corero is dedicated to improving the
security and availability of the Internet
through the deployment of innovative
DDoS mitigation solutions.
DDoS attacks continue to rise in size, frequency
and complexity, impacting the security and availability
of the Internet.
35%
increase in attacks
per quarter
8attacks per
customer per day
71%
attacks 10 minutes
or less
96%
attacks 5Gbps
or less
(Source: Corero DDoS Trends Report
Q2-Q3 2017)
Service providers, cloud providers and Internet
connected businesses require real-time protection
against this evolving threat landscape. The Corero
SmartWall family of products can be deployed in
various topologies (in-line or scrubbing).
These solutions are designed to
provide real-time attack mitigation
with continuous threat visibility,
enabling the monetisation of DDoS
protection as-a-service offering for
service providers.
The Corero SmartWall protects against
the latest breed of DDoS attacks in
seconds not minutes, including
volumetric and multi-vector attacks.
The SmartWall family of products utilises
modern DDoS mitigation architecture to
automatically and surgically remove
DDoS attack traffic, while allowing good
user traffic to flow uninterrupted.
Corero’s key operational centres are in
Marlborough, Massachusetts in the USA
and Edinburgh in the UK, with the
Company’s registered office in Uxbridge
in the UK.
The goal of the Corero real-time DDoS
mitigation solution is to protect the
customer’s service availability and
ultimately revenues and brand
reputations from harmful DDoS attacks.
The Corero solutions are among the
highest performing in the industry, while
providing the most automated DDoS
protection at unprecedented scale with
the lowest total cost of ownership to
the customer.
Corero Network Security plcAnnual Report & Accounts 2017
�03
What we do: Automatic Real-time DDoS Protection
Raw Internet
SmartWall®
Good Traffic Allowed
Attack Traffic Blocked
Protected
Network
t
r
o
p
e
R
c
i
g
e
t
a
r
t
S
Revenue-protecting
real-time DDoS
mitigation product
optimised for service
providers and cloud
providers
Available for rapid
deployment within
the provider’s own
infrastructure
delivering
compelling ROI
Revenue and
reputation-
protecting real-time
DDoS mitigation
product for digital
enterprises
Solves for the
scalability & accuracy
demands of both
service cloud providers
and digital enterprise
businesses
Corero’s product
mitigates attacks in
less than one second,
unlike competing
technologies which
mitigate attacks in
c.20 minutes
Product Overview
Corero has a market leading
SmartWall product portfolio
endorsed by 90 customers,
recommended by NSS Labs (the
world’s leading independent product
testing laboratory) and selected by
Juniper Networks as a Juniper
Technology Alliance Partner. This
product portfolio has been further
enhanced for 2018 with the
deliverables from a two-year
development program.
NTD120
1RU @ 1/10/20 Gbps
1RU @ 40/80 Gbps
4RU @ 160/320 Gbps
NTD1100
NEW
n x 10 or 20Gbps
vNTD (Virtual Appliance)
NEW
N
KVM
N
N
N
N
N
N
vmware
n x m Gbps
1RU @ 100 Gbps
10RU @ 1tbps
n x 100 Gbps
Why We believe in a safe Internet protected from cyber-attacks. We strive to eliminate the threat of DDoS attacks.How We do this by combining our patents, algorithms, more than a decade of cyber-security experience and our threat analytics.WhatOur SmartWall product detects and mitigates DDoS attacks in seconds (or less) allowing our customers to stay open for business (during an attack). Financial StatementsGovernanceCorporate Directory
�04
Corero is a leader in real-time, high-
performance, scalable DDoS defence
solutions for Service Providers, Cloud
Providers and Digital Enterprises.
Automatic Real-time DDoS Protection
Corero protects organisations’ online
systems, information, data, revenues
and brand reputations against the
growing cyber-threat of DDoS attacks
with dedicated technology for real-time
mitigation of DDoS attacks in seconds
versus minutes, allowing good user
traffic to flow uninterrupted.
When an organisation selects Corero to
protect their assets in the face of DDoS
attacks they strengthen their Internet
facing security defences and ensure
service availability.
Corero customers can utilise this DDoS
protection for their own business
needs and Service Provider and Cloud
Provider customers can monetise a
DDoS protection service to their
customers enabled through the
Corero Service Portal.
Corero Customer – single large attack
100,000
75,000
50,000
s
p
b
M
25,000
0
5:30am
6:00am
6:30am
Friday February 9, 2018
Corero Customer – multiple attacks over 24 hour period
100,000
75,000
s
p
b
M
50,000
25,000
0
8:00am
12:00pm
4:00pm
8:00pm
Thursday February 8, 2018
Blocked
Allowed
Corero Network Security plcAnnual Report & Accounts 2017�Our proposition
What we do
Corero provides dedicated technology for
real-time mitigation of DDoS attacks in
seconds versus minutes, allowing good user
traffic to flow uninterrupted.
Corero enables revenue protection, customer
retention and competitive differentiation in
the face of DDoS attacks, for Internet Service
Provider, Cloud Provider and Digital Enterprise
customers.
The Corero solutions are among the highest
performing in the industry, while providing
the most automatic security coverage at
unprecedented scale with the lowest total
cost of ownership to the customer.
Corero enables Service Providers and Cloud
Providers to protect their infrastructure from
DDoS attacks and to deliver high value DDoS
protection services to their customers,
allowing for incremental service revenues.
Corero protects Digital Enterprises from DDoS
attacks thereby ensuring availability and
security of Internet services and applications
essential for digital / on-line businesses and in
the process:
• Protecting revenues by avoiding downtime
and avoiding additional post DDoS attack
remediation costs
• Keeping customers happy and avoiding
increased costs for retention of existing
customers and acquisition of new customers
• Protecting brand and reputation damage
• Avoiding the risk of non-compliance, legal
liability and fines.
05
How we do it
With varied deployment topologies (in-line or scrubbing)
the SmartWall family of solutions utilise modern DDoS
mitigation architecture to automatically and surgically
remove DDoS attack traffic.
t
r
o
p
e
R
c
i
g
e
t
a
r
t
S
Protection is provided in cost effective scaling increments
from 1Gbps to 10Gbps and 100Gbps, to support
bandwidth and inspection requirements.
The SmartWall technology provides configurable policies
to selectively enable a broad range of specific protection
mechanisms to defend critical network assets against
DDoS attack traffic.
The Corero SmartProtect program allows for monthly
subscription procurement options to acquire SmartWall
technology.
The Corero Service Portal allows for provider and tenant
visibility for traffic and attack dashboards. Providers can
assign subscriber/tenant service levels and distribute
reporting and analytics to showcase the value of the
protection they are receiving.
Robust reporting and analytics, powered by Splunk,
transforms sophisticated DDoS event data into easily
consumable dashboards.
The Corero SecureWatch® service is a tiered offering
comprised of configuration optimisation, monitoring and
mitigation response services. These services, delivered by
the Corero Security Operations Centre, are customised to
meet the security policy requirements and business goals
of each SmartWall customer that engages in a
SecureWatch service plan.
Financial StatementsGovernanceCorporate Directory
�06
Chief Executive’s strategic update
Corero is well positioned to deliver on its goal
of being the leading player in the real-time
DDoS mitigation market with SmartWall
solution validation from over 90 customers.
Results
Corero revenue for the year ended 31
December 2017 was $8.5 million (2016:
$8.8 million) with SmartWall revenue up
43% over the prior year whilst legacy
product revenues declined as expected.
Smartwall recurring revenue increased
to $3.4 million (2016: $1.5 million). The
EBITDA loss reduced to $5.1 million
(2016: EBITDA loss $6.4 million).
Revenue and the EBITDA loss for the year
ending 31 December 2017 was impacted
by delays in world-wide implementation
schedules for a large digital enterprise
customer win in Q3 2017 and an existing
customer’s ongoing deployment (with
the majority of the revenue from these
two customers now expected in the first
half of 2018).
Market dynamics
Cyber-security risks are growing, both in
their prevalence and in their disruptive
potential. Another growing trend is the
use of cyber-attacks to target critical
infrastructure and strategic industrial
sectors, raising fears that attackers
could trigger a breakdown in systems
that are essential to modern society. The
World Economic Forum Global Risks
Landscape for 2018 ranks cyber-attacks
as the third most likely risk in its top 10
risk analysis, behind extreme weather
events and natural disasters.
The head of the National Cyber Security
Centre (“NCSC”), Ciaran Martin, recently
commented that while the UK is fortunate
to have avoided a so-called category one
cyber-attack so far, it is only a matter of
time before a catastrophic cyber-attack is
launched on its critical infrastructure or
election setup.
A recent report from Neustar revealed
that many businesses viewed unsecured
Internet of Things (“IoT”) devices as a
major concern. This is hardly surprising,
given the recent developments in IoT
botnets and the huge potential for
unsecured IoT devices to be turned into
a botnet army and used by hackers to
launch DDoS attacks.
IoT devices still suffer from basic
security vulnerabilities and it is
precisely this lack of security that
makes them so attractive to hackers.
But it’s not just a password problem
anymore. Attackers understand that
manufacturers and users are waking
up to the problem of passwords on IoT
devices, and so are seeking more
complex ways to access them. As this
trend continues, and hackers become
increasingly inventive when searching
for new devices and ways to enlist
them, there is really no limit to the size
and scale of future DDoS attacks
driven by IoT botnets. Any device that
has an Internet connection and a
processor can be exploited. In an ideal
world, all devices should be forced to
go through some sort of network
configuration before being used,
rather than being exploitable from a
default position.
Businesses and government
departments can protect their networks
from DDoS attacks fuelled by IoT-driven
botnets by deploying a real-time,
automated solution at the network edge,
which can instantaneously detect and
mitigate DDoS activity, thereby
eliminating threats from entering a
network. As with all DDoS threats, clear
visibility is a crucial step in detecting and
defending against attacks. The Corero
SmartWall solution is this real-time
automated solution providing rich
actionable analytics.
As organisations develop their
businesses to harness the benefits and
power of technology, we are seeing
companies reassess their security
architecture, including DDoS protection,
as traditional approaches will not be
sufficient to protect enterprises.
Government regulations
Corero welcomes the investment and
attention that governments are
committing to the cyber-security of
Critical National Infrastructure (“CNI”),
particularly recent guidance from the US
Government which sets out detailed
recommendations on how to boost
resilience and ensure suitable
protections and mitigation systems are
deployed. Corero recently submitted a
response to the Joint Committee on the
National Security Strategy’s inquiry
‘Cyber Security: UK National Security in a
Digital World’ and recommended the
following actions are taken:
Corero Network Security plcAnnual Report & Accounts 2017�07
“We were driven to seek out a DDoS mitigation solution due to the increasing
severity and frequency of DDoS attacks against our hosted client base.
DDoS attacks can create service interruptions for customers and create
unpredictable work efforts for the engineers tasked with resolving them.”
Larry Patterson, Chief Technology Officer
and Co-founder, Atomic Data
• DDoS attacks on CNI, particularly
frequent low-volume and short
duration attacks, must be a priority
area for Government;
• Government must take advantage of
opportunities, such as that provided by
the implementation of the NIS
Directive, to fulfil its ambition of
becoming ‘the safest place in the
world to live and work online’;
• The implementation of the Directive
on Security of Network and
Information Systems (“NIS Directive”)
should not be treated as a tick box
exercise but instead should be grasped
as an opportunity for the UK to lead
the world in the strength of its
cyber-security regulatory framework;
• Government should look at
international best practice and adopt a
more attack-specific and specialist-led
approach towards cyber-security,
moving away from generic wide-
ranging statements;
• Government must set out and
rigorously enforce detailed cyber-
security requirements for operators
of critical national infrastructure; and
• Government should clarify
Departmental cyber-security
responsibilities and allocate further
resource to the NCSC.
Operating performance against strategy
Our performance against our 2017 strategic objectives is summarised below:
• Establish SmartWall as the leading solution for real-time DDoS mitigation:
Continued progress in growing our customer base to 90 customers and the
addition of a number of high profile customers including Corero’s first US
federal government customer, two one million dollar customers, first
Australian customer and first potentially significant revenue share contract
with a Tier 1 service provider.
• Improve Smartwall DDoS defence technology:
SmartWall software releases in 2017 have added new attack defence and
improved forensics and analytics capabilities.
• New products to address the evolving requirements of the target market:
Corero further enhanced its market leading SmartWall product portfolio in
2017 with the deliverables from a two-year development program with a new
SmartWall 100Gbps capable product to capture growth in customer demand
for 100Gbps connectivity and SmartWall virtual software appliance to capture
demand for hybrid on-premises / Cloud DDoS mitigation deployments. Corero
announced the first sales of the 100Gbps product (totalling $0.4 million) in
early January 2018.
• Target market focus:
Customer wins in 2017 have continued to validate the target market for
real-time, automatic DDoS mitigation solutions; namely service providers,
cloud providers and digital enterprises.
• Expand routes to market:
Corero’s strategy is to work with leading IT and network technology vendors to
make DDoS mitigation an integral component of any well-engineered Internet
facing network design thereby increasing our go-to-market opportunities. In
2017, Corero signed agreements with major global technology companies
including Juniper Networks, Gigamon, and McAfee. The technology alliance
partnership with Juniper Networks, a US based multinational corporation that
develops and markets networking and security products, has provided benefits
in 2017 with the opportunity for Corero to expand its market reach by
leveraging Juniper Networks’ global footprint.
• Develop sales models to attract new target customers:
The DDoS protection as-a-service model launched in late 2016 has gained
traction in 2017 with 16 customers by the year end. In addition, the Service
Portal, a turnkey solution for service provider customers to manage the
delivery of DDoS mitigation services to their customers, has been an
important competitive differentiator.
Strategic Report Financial StatementsGovernanceCorporate Directory�08
Chief Executive’s strategic update continued
• Corero go-to-market partner
recruitment and enablement efforts
with partners is expected to
contribute to revenue in 2018; and
• investment in channel sales
development to grow Corero’s routes
to market in 2018.
This gives us confidence Corero will
deliver revenue growth in 2018.
Ashley Stephenson
Chief Executive Officer
4 April 2018
Fund raise
On 5 April 2018, Corero will announce a
conditional placing and subscription to
raise £4.0 million ($5.2 million) (“Equity
Fund Raise”). In addition, Corero is in
advanced discussions with a UK bank to
provide a term loan of £3.0 million ($4.2
million) (“Bank Loan”), contingent on the
Equity Fund Raise. The Bank Loan is
expected to be finalised and drawn
down following the completion of the
Equity Fund Raise.
Outlook
Corero enters 2018 with the
foundations in place for continued
acceleration of SmartWall revenue
growth as a result of:
• strong market demand from the
growing awareness of the threat and
impact of DDoS attacks, and increased
risk associated with the projected
growth of IoT deployments;
• pending regulations in the US, UK and
Europe, including the NIS Directive
which comes into force for all EU
member states on the 9th May 2018,
are expected to positively impact
demand for DDoS mitigation
investment in 2018 particularly by
Digital Enterprises (including critical
national infrastructure providers);
“Corero enters 2018 with confidence following a year of strong growth in SmartWall revenue
with proof points of multiple $1.0 million plus customers, a growing catalogue of industry
awards and several disruptive contract wins against competitors. In addition, Corero also
expanded its ecosystem of world class partners and introduced an enhanced product
portfolio. We are excited about the prospects for the future of the business.”
Ashley Stephenson
Chief Executive Officer
Corero Network Security plcAnnual Report & Accounts 2017�KEY INSIGHT
09
IoT Botnets should be a grave concern
Despite its advantages, the Internet of Things comes with a host of security
challenges. IoT devices are usually poorly managed, patched and secured. They
are thus prime targets for hacker infiltration and takeover, aside from the
personal privacy and security concerns that result from these security gaps.
The big danger is that these connected devices
can be harnessed by hackers for a variety of
nefarious purposes; in many cases hackers
use them to form a botnet to carry out
DDoS attacks.
Strategic Report Financial StatementsGovernanceCorporate Directory�10
Market overview
DDoS attacks are accelerating in purpose,
sophistication, complexity, scale and frequency.
A wide range of critical cyber-security
issues face every Internet connected
enterprise or organisation. These threats
include denial of service, hacking, breach,
phishing, fraud, data theft and
exfiltration. These threat vectors present
themselves via the essential Internet
connections that are required to support
the online business.
Today, the vast majority of the leading
Internet service providers sell raw
Internet transit capacity. This capacity,
usually sold via 1Gbps, 10Gbps and
increasingly 100Gbps transport
connections, carries good customer
traffic and malicious bad traffic without
discrimination. If an enterprise data
centre or hosting facility connects to
these raw transit providers they will be
exposed to Internet borne cyber-threats
and the enterprise’s information security
posture should be prepared to detect
and protect against the associated
malicious intent.
Corero has focused on one specific
category of these cyber-threats
encompassing denial of service and has
developed a real time DDoS detection
and mitigation solution that can provide
automatic detection and protection
against DDoS attacks. In contrast to
legacy approaches to DDoS mitigation
which often require tens of minutes to
detect and react, the Corero solution can
block DDoS attack traffic in seconds
eliminating critical service latency
and downtime.
Both businesses and public-sector
organisations are vulnerable to DDoS
attacks and recent years have seen some
of the world’s best-known companies fall
victim, with notable UK examples
including TalkTalk, the BBC and HSBC.
Similarly, the vulnerability of Government
services was highlighted in October 2016
when Dyn, a company that provides DNS
services to some of the world’s largest
digital brands, was subject to a DDoS
attack resulting in downtime for a range
of Government services.
The broad range of motivations for
executing a DDoS attack, coupled with
the relative ease with which they can be
performed, means that they are carried
out by a variety of actors, including
criminal gangs, activists, terrorist groups
and nation state “bad actors”. Aside from
those who are focused purely on
disrupting services, many of those who
carry out DDoS attacks do so as a form
of extortion or as a smokescreen to steal
data, map other vulnerabilities, or plant
malware or ransomware.
“Attacks are increasing, both in prevalence and disruptive potential. In addition,
cybercriminals have an exponentially increasing number of potential targets
because the use of cloud services continues to accelerate and the Internet of Things
is expected to expand from an estimated 8.4 billion devices in 2017 to a projected
20.4 billion in 2020.”
The Global Risks Report 2018, 13th Edition, World Economic Forum
Corero Network Security plcAnnual Report & Accounts 2017�t
r
o
p
e
R
c
i
g
e
t
a
r
t
S
11
Average Attack
per customer
Low volume, short
duration attacks
Market
opportunity
Attacks per day
8
35%
Increase in attacks
per quarter
QUARTERLY
Q4 2016
Q1 2017
Q2 2017
Q3 2017
Our Customers
Corero’s customers are delighted with
our ability to protect their brand and
revenues in the face of DDoS attacks.
Because of this we have an extremely
high renewal rate.
While the frequency of attacks is
concerning, the size of and duration of
attacks are also important to highlight.
Approximately 96% of mitigated DDoS
attacks were less than 5Gbps in volume,
in both Q2 and Q3 2017.
Corero is targeting a high growth
security market; the market for DDoS
prevention appliances is forecast by IHS
Markit Technology research, a leading
analyst, to reach $1.4 billion by 2021 with
a CAGR of 15.6% in the period to 2021.
The average duration is also cause for
concern. 65% of attacks in Q2 2017
lasted 10 minutes or less, and in Q3,
71% were 10 minutes or less.
DDoS market drivers
10 minutes or less
71%
96%
Attacks 5Gbps or less
Average Size of DDoS Attacks
• DDoS attacks represent the dominant
threat observed by the vast majority of
service providers. (Source: NetScout
Arbor’s 13th Annual Worldwide
Security Report, October 2017)
• Attack sizes have generally risen, but
half average less than 10Gbps which
reveals determined targeting. (Source:
Neustar Global DDoS Attacks & Cyber
Security Insights Report, October 2017)
• Service providers deployment of in-line
DDoS detection/mitigation systems
grew in 2017, an ongoing trend driven
by the increased use of best practice
hybrid DDoS defence solutions.
(Source: NetScout Arbor’s 13th
Annual Worldwide Security Report,
October 2017)
Size
Q4 2016 Q4 2016 Q4 2016 Q4 2016
<1G
1G – 5G
5G – 10G
>10G
79%
18%
4%
1%
80%
15%
4%
2%
82%
15%
2%
1%
81%
15%
3%
1%
Average Duration of DDoS Attacks
• DDoS attacks ranked as the third most
costly form of cyber-attack (behind
malware and web-based attacks) with
companies spending on average $1.6
million on DDoS attacks (Source:
Ponemon Institute 2017 Cost of
cyber-crime Study).
Minutes Q4 2016 Q4 2016 Q4 2016 Q4 2016
>95%
Renewal rate
0 – 5
6 – 10
11 – 20
21 – 30
31 – 60
>60
57%
17%
7%
11%
4%
5%
56%
16%
6%
12%
5%
5%
51%
14%
13%
7%
8%
7%
58%
13%
11%
6%
6%
6%
Source: Corero DDoS Trends Report Q2-Q3 2017.
Strategic Report Financial StatementsGovernanceCorporate Directory
�12
Our business model
The Corero business model comprises the
development, marketing and sale of network
security products and services to provide
customers with protection from DDoS attacks.
Price
Cost effective entry
point, leadership
price/performance
We apply our
sources of
competitive
advantage…
Automatic
Mitigation
Goal 99% no cus-
tomer intervention
required
Scalability
Modular and
distributed, pay
as you grow
Real-time
Immediate
protection
– seconds vs
minutes
Accuracy
Lowest false positive
rates, eliminate
collateral damage
“Investing in the Corero SmartWall TDS
system is the best solution to more
effectively monitor and mitigate DDoS
threats automatically, in-line and in
real-time. We plan to use the new DDoS
mitigation capabilities to create new
service offerings that would benefit
customers with enhanced service level
agreements supported by further
secured core networks.”
Tim Berelsman, CEO CNI Independents
Sales order intake for the year ended
31 December 2017
22%
38%
40%
Service providers
Digital enterprises
Cloud providers
Corero Network Security plcAnnual Report & Accounts 2017�13
To our
chosen target
markets…
Direct sales
Channel
partners
(distributors
and resellers)
System
integrator
partners
GTM partners
Service
Providers
To create
value
Cloud
Providers
Digital
Enterprises
Routes to Market
Corero has, in 2017, focused on
developing and expanding its routes
to market which include:
• Corero sales team: selling directly and
indirectly with value added distributor
and reseller partners in its chosen
markets of North America, Europe, and
Australia;
• Go-to-market (“GTM”) partners:
“meet-in-the-market” relationships
with leading IT and network technology
vendors to leverage these partner’s
customer and geographic
market reach; and
• System integrator partners:
relationships with leading
systems integrators to leverage
their customer and geographic
market reach.
Corero sells the SmartWall technology to
customers in the form of either (a) an
appliance sale and perpetual software
license plus annual SecureWatch services,
(b) as a software subscription for its
virtual appliance software, or (c)
as-a-service which enables the customer
to utilise the technology on a subscription
or revenue share basis (without owning
the appliance and software).
SecureWatch services include:
• Updates delivered to the Corero
appliances and software instances in
customer networks to provide
proactive on-going protection from the
latest DDoS threats; and
• 24x7x365 monitoring and support
services including DDoS attack
mitigation services delivered by the
Corero Security Operations Centre.
Strategic Report Financial StatementsGovernanceCorporate Directory�14
Our strategy
The Corero strategy is to develop software
and provide services to protect against a
continuously evolving DDoS threat landscape
that threatens any Internet connected business,
or the providers that serve them.
Maintain competitive
advantage in real-time
DDoS mitigation
New DDoS attack defences
Additional forensics and analytics
capabilities
Product
Go To
Market
At Corero, our most deeply ingrained
shared value is “Customer Delight”.
Far from being a marketing gimmick,
delivering on customer delight simply
makes good business sense. This
becomes ever more true with our
increasing levels of recurring business
being driven by our support and service
renewals in our growing base of
SmartWall customers and DDoS
Protection as-a-Service business model.
Our experience is that delighted
customers renew their subscriptions,
they buy more products as their
businesses grow, and they are happy to
share their positive experiences with
their industry colleagues.
We measure Customer Delight using our
Delight-o-Meter. The science behind this
tool is consistent with that promoted by
Bain Consulting’s Net Promoter Score®
(“NPS”). At Corero, we do not explicitly
track NPS as each customer relationship
is important to us. As such, we
frequently take a Delight-o-Meter
reading (scaled from 0 to 10). Our
readings are consistently high. This
delight is reflected in our world-class
renewal rates.
Delighted customers are also an
important contributor to finding
new customers for Corero’s products
and services.
Our Customer Journey typically begins
with “Strangers” being enticed to follow
our published content (e.g. research,
press releases, blogs) such that they
become “Followers”. Our marketing
automation investments allow us to
identify these Followers and to qualify
them as “Prospects”. In turn, the efforts
of our direct and channel sales teams are
focussed upon persuading these
Prospects to become “Customers”.
Whilst a new customer order is always a
cause for celebration, this event is the
starting point for what we hope will
become a lasting relationship. Our goal is
to deliver a delighted customer who is
happy to be an “Advocate” for us in the
market. Our Advocates who inform other
Strangers close the virtuous circle of our
Customer Journey. Many of Corero’s
sales wins in 2017 came via
such referrals.
Advocates
CUSTOMER
SERVICES
LED
Strangers
MARKETING
LED
Followers
Customers
SALES
LED
Prospects
Expand routes to market Generate first $ revenues from GTM partnersLeverage the channel to broaden end-user customer reachExplore licensing opportunities for the SmartWall virtual appliance softwareGrow customer base Sell the new SmartWall NTD1100 100Gbps and TDS220 virtual appliance softwareDevelop the digital enterprise market opportunity through targeted system integrator and GTM partner leverageContinue to focus on customer delight Superior customer service and supportTarget world class support and services renewal rates of >90%Corero Network Security plcAnnual Report & Accounts 2017
�KEY INSIGHT
1515
RDoS
Ransom Denial of Service (“RDoS”) made a significant comeback in Q3 2017.
A widespread wave of RDoS threats from the Phantom Squad hacker group
kicked off in September. These threats targeted companies throughout the
US, Europe and Asia with targets spanning a number of industries – banking,
hosting providers, online gaming and SaaS organisations.
This extortion campaign launched messages
demanding Bitcoin payment, with a threat to
execute attacks on September 30 unless the
demands were met. Most solutions focus on
recovery from such attacks rather than
defeating or blocking them.
Strategic Report Financial StatementsGovernanceCorporate Directory�16
KEY INSIGHT
Regulations and compliance
• Freedom of Information data reveals lack of
cyber-resilience among Critical National
Infrastructure (“CNI”) organisations
Over a third of CNI organisations in the UK
(39%) have not completed basic cyber-security
standards issued by the UK government,
according to data revealed to Corero in August
2017 under the Freedom of Information Act by
163 CNI organisations in the UK, including fire
and rescue services, police forces, ambulance
trusts, NHS trusts, energy suppliers and transport
organisations (out of a total of 338 requests). It
suggests that some of these organisations could
be liable for fines of up to £17m, or 4% of global
turnover, under the UK government’s proposals
to implement the EU’s Network and Information
Systems (“NIS”) directive.
• CNI organisations could be ignoring 90% of
the DDoS attacks on their networks by not
mitigating short duration DDoS attacks, which
are frequently used by hackers to distract from
data theft attempts
This research suggests that CNI organisations are
not as cyber-resilient as they should be, and must
take proactive steps in deploying dedicated, real-
time mitigation and visibility solutions to stay
ahead of the threat.
DDoS attacks against national infrastructure
have the potential to inflict significant, real-life
disruption and prevent access to critical services
that are vital to the functioning of our economy
and society.
Boards and IT professionals of CNI organisations
will be worrying about the implications of the
NIS Directive, which will come into effect in
May 2018. It could mean monetary fines for CNI
organisations that experience service outages
due to a cyber-attack.
Over a third of CNI organisations in the UK (39%)
have not completed basic cyber-security standards.
Corero Network Security plcAnnual Report & Accounts 2017�17
Principal risks and uncertainties
Sales
growth
Market
awareness
Technology
change and
innovation
People
Corero is an emerging player
in the DDoS prevention
market and competes with
much larger organisations.
If Corero is not successful in
connecting with the market
and raising its profile this will
compromise growth plans.
To raise market awareness
of Corero and its DDoS
mitigation solutions, the
Group will invest in targeted
public relations and
marketing.
The DDoS mitigation market
is competitive and
characterised by constant
changes in technology,
customer requirements
and frequent new product
introductions and
improvements. Cyber-
security and DDoS attacks
are constantly evolving and
changing as attackers
develop new methods and
tools to evade defences. To
be a market leader and to
grow, Corero needs to be
focused on its chosen market
and deliver continuous
innovation by adding new
DDoS attack defences.
Retaining and recruiting
people with the necessary
skills and experience. To grow
and address the challenges
resulting from technology
change and innovation in the
DDoS mitigation market, the
Company needs to retain and
recruit the required sales,
business development, and
technical product
development skills. Corero
operates in a high growth
market with new players
emerging. If Corero is unable
to recruit and retain the right
skills this will compromise
growth plans.
Corero’s business success
depends on growing
SmartWall product and
Secure Watch Service sales to
new customers in its target
market of service providers,
cloud providers and digital
enterprises. If Corero is not
successful in identifying
customer prospects with a
business need Corero can
solve, or developing
go-to-market partner and
channel partner relationships
which generate revenue, this
will compromise growth
plans and success.
To be successful Corero will:
• Focus its lead generation
and sales resources, and
product development, on
its target markets
• Develop relationships with
go-to-market partners,
channel partners and
system integrators to
expand its routes to market.
Corero is dependent on revenue growth to deliver on its strategy. Lower sales growth will reduce the Company’s cash resources
which could impact the investment in product development.
Strategic Report Financial StatementsGovernanceCorporate Directory
�18
Financial review
Corero ended the year strongly, with a record
final quarter SmartWall order intake.
SmartWall revenue of $7.9 million grew
43% over the prior year, with the
contribution from legacy product
revenue only $0.6 million (2016:
SmartWall revenue of $5.5 million and
legacy product revenue of $3.3 million).
Revenue for the year ending
31 December 2017 was however
impacted by delays in world-wide
implementation schedules for a large
digital enterprise customer win in Q3
2017 and an existing customer’s ongoing
deployment (with the majority of the
revenue from these two customers now
expected in the first half of 2018).
SmartWall order intake for the year
ending 31 December 2017 was $9.3
million, with 50% representing recurring
revenue in the form of support, services,
and as-a-service contracts (2016:
SmartWall order intake was $6.7 million
including recurring revenue order intake
of $2.6 million).
The loss for the year after taxation
amounted to $8.6 million (2016:
$17.2 million including an impairment
to goodwill acquired of $9.0 million)
and includes:
• Unrealised exchange loss of $0.6
million (2016: gain $1.2 million) arising
on an intercompany loan;
• Finance costs of $0.004 million (2016:
$0.006 million).
Review of performance &
performance indicators
The Directors monitor a number of
metrics, both financial and non-financial,
on a monthly basis.
The most important financial metrics are
as follows:
• Sales order intake: $9.3 million for
the year ended 31 December 2017
(2016: $7.1 million);
• Gross margin: 75% for the year ended
31 December 2017 (2016: 76%). The
2016 revenue included support
revenue of $3.3 million from the
legacy product (the recognition of
support revenue from multi-year
contracts). Support revenue gross
margins are high, with margins of
c.100%. The equivalent revenue in
2017 was $0.6 million;
• Operating expenses (gross of
research and development costs
capitalised and before unrealised
foreign exchange differences on an
intercompany loan, depreciation
and amortisation): $13.7 million for
the year ended 31 December 2017
(2016: $15.6 million gross of
research and development costs
capitalised and before unrealised
foreign exchange differences on an
intercompany loan, depreciation,
amortisation and impairment of
goodwill). Following the mid-year
completion of the SmartWall
NTD1100 and vNTD virtual software
appliance development, Corero
optimised its development
resources by reducing the size of
the development team in the US
and increasing the Edinburgh based
team with the additional benefit of
grant funding for the increased
Edinburgh investment. In addition,
lower management bonuses were
awarded in 2017 versus 2016, and a
provision relating to an indemnity
provided in relation to the sale of
Corero Business Systems in 2013
was released in 2017;
• Research and development $2.2
million (2016: $2.5 million) was spent
on the continuing development of
the SmartWall product portfolio.
These costs relate to (i) the
SmartWall NTD120 – 1/10/20 Gbps
product, SmartWall NTD1100 –
100Gbps product and the virtual
software appliance, and (ii) the
Smartwall Service Portal which is
sold as an add-on for Service
provider and Cloud provider
customers; and
• Cash and cash equivalents:
$1.4 million at 31 December 2017
(2016: $2.9 million).
The order intake in 2017 comprised $9.3
million of SmartWall orders, an increase of
38% over the prior year (2016: $6.7 million).
The average perpetual license order
value in 2017 was $250,000 (2016:
$200,000), and the average as-a-service
contract value was $40,000 per annum
(2016: $40,000 per annum).
The 2017 operating loss of $8.7 million
(2016: $17.3 million) includes
amortisation of capitalised
development expenditure of $2.4
million (2016: $2.3 million). The 2016
operating loss included an impairment
to goodwill of $9.0 million.
Cash and Treasury
The closing cash balance was $1.4 million
(2016: $2.9 million). Corero had no debt
at 31 December 2017 (2016: $0).
The net reduction in cash from
operating activities in the year ended
31 December 2017 was $6.0 million
(2016: $5.5 million). In the year ending
31 December 2017, the Company raised
$7.0 million (before expenses), of which
the Chairman contributed $4.4 million,
to fund the further development of the
SmartWall product and sales and
marketing activities.
On 5 April 2018, Corero will announce a
conditional placing and subscription to
raise £4.0 million ($5.2 million). In
addition, Corero is in advanced
discussions with a UK bank to provide a
term loan of £3.0 million ($4.2 million),
contingent on the Equity Fund Raise. The
Bank Loan is expected to be finalised and
drawn down following the completion of
the Equity Fund Raise.
The Strategic Report on pages 6 to 19 is
signed by order of the Board.
Duncan Swallow
Company Secretary
4 April 2018
Corero Network Security plcAnnual Report & Accounts 2017�19
“The drivers and target customers for the DDoS market are an ever-widening and
diversifying group as enterprises invest in products for on-premises and hybrid
deployments and as service providers upgrade capacity because of massive attacks,
network upgrades, and demand from customers for managed DDoS services.”
IHS Markit Technology research, DDoS Prevention Appliances,
Biannual Market Tracker, November 2017
Financial highlights
Revenue
SmartWall revenue
$8.5m
(2016: $8.8 million)
EBITDA loss before unrealised
foreign exchange differences
on an intercompany loan,
depreciation, amortisation,
impairment of goodwill and
financing
$5.1m
(2016: $6.4million)
43%
Increase over the prior year, whilst
legacy product revenues declined
as expected.
Group’s net assets at
31 December 2017
$17.5m
(2016: $18.2 million)
Loss per share
3.1c
(2016: 9.0 cents)
“SmartWall revenue increased 43% over the prior year,
whilst legacy product revenue reduced as expected.”
Andrew Miller
Chief Financial Officer
Strategic Report Financial StatementsGovernanceCorporate Directory�20
Board of Directors
Jens Montanana
Non-Executive Chairman
Age: 57
Appointed: 9 August 2010
Richard Last
Independent Non-Executive Director
Age: 60
Appointed: 22 May 2008
Ashley Stephenson
Chief Executive Officer
Age: 58
Appointed: 6 September 2013
Jens is the founder and CEO of Datatec
Limited, established in 1986. Between 1989
and 1993 Jens served as Managing Director
and Vice-President of US Robotics (UK)
Limited, a wholly owned subsidiary of US
Robotics Inc., which was acquired by 3Com.
In 1993, he co-founded US start-up Xedia
Corporation in Boston, an early pioneer of
network switching and one of the market
leaders in IP bandwidth management,
which was subsequently sold to Lucent
Corporation in 1999 for $246 million. In
1994, Jens became CEO of Datatec Limited
which listed on the Johannesburg Stock
Exchange in 1994 and on AIM in 2006.
He has previously served on the boards
and sub-committees of various public
companies. Jens is Chairman of the Corero
Remuneration Committee.
Richard is Chairman of ITE Group plc
and the British Smaller Technology
Companies VCT 2 plc both of which are
quoted on the London Stock Exchange.
He is also Chairman of a number of AIM
listed companies including: Gamma
Communications plc, a UK
telecommunications service provider;
Tribal Group plc, a technology group;
Arcontech Group plc, a provider of IT
solutions for the financial services sector;
Lighthouse Group plc, a financial services
Group. Richard is also a Director of a
number of private companies. Richard
is a Fellow of the Institute of Chartered
Accountants in England and Wales
(“FCA”). Richard is Chairman of the
Corero Audit Committee.
Ashley is an IT industry executive and
Internet technology entrepreneur, with
operating experience in the United States,
Europe and Asia. Previously, he was CEO
of Reva Systems, acquired by ODIN, and
Xedia Corporation, acquired by Lucent. He
has provided strategic advisory services
to a number of leading multi-national IT
companies including technology vendors,
distributors and services companies.
Ashley began his career at IBM Research &
Development in the UK. He is a graduate
of Imperial College, London with a degree
in Physics and an Associate of the Royal
College of Science.
Corero Network Security plcAnnual Report & Accounts 2017
�21
Andrew Lloyd
President and Executive Vice
President Sales & Marketing
Age: 52
Appointed: 3 January 2017*
Andrew has been involved in the IT software
and systems sector for more than 30 years.
His career has included roles in early stage
companies, high-growth pre-IPO ventures
such as Workplace Systems, as well as large
corporations such as Computer Associates
and Oracle. Andrew has a BSc (Hons),
Electronic and Electrical Engineering from
Heriot-Watt University, Scotland.
* Andrew Lloyd was appointed an Executive
Director on 3 January 2017. He was
previously a Non-Executive Director
(appointed 19 November 2012).
Andrew Miller
Chief Financial Officer
Age: 54
Appointed: 9 August 2010
Duncan Swallow
Company Secretary
Age: 53
Appointed: 1 November 2007
Duncan is responsible for the Company
secretarial function and is also the Group
Financial Controller. Prior to joining the
Company, Duncan was Divisional Financial
Controller for CCH, a Wolters Kluwer
business, specialising in providing
books, online information, software,
CPD and fee protection to tax and
accounting professionals. He is a
fellow of the Association of Chartered
Certified Accountants.
Prior to joining the Company, Andrew was
with the Datatec Limited group in a number
of roles between 2000 and 2009 including
the Logicalis Group Operations Director and
Corporate Finance and Strategy Director.
He led the Logicalis acquisition strategy,
acquiring and integrating 12 companies in
the US, UK, Europe and South America.
Prior to this, Andrew gained considerable
corporate finance experience in London
with Standard Bank, West Deutsche
Landesbank and Coopers & Lybrand.
He trained and qualified as a Chartered
Accountant and has a bachelor’s degree
in Commerce from the University of
Natal, South Africa.
Strategic Report Financial StatementsGovernanceCorporate Directory
�22
Chairman’s Introduction
Corero is well placed for continued
SmartWall revenue growth.
Overview
The cyber-security and DDoS market
growth fundamentals remain very strong,
fuelled by rampant cyber-crime and a
growing awareness of the significant threat
posed by cyber-attacks, including DDoS, as
well as pending regulations.
Corero has a market leading SmartWall
product portfolio which has been further
enhanced in 2017 with new SmartWall
100Gbps and virtual appliance software
products.
Our employees and values
Successful companies have a strong culture
and deeply rooted shared values.
In common with most intellectual property
businesses, at Corero, we know that the
skills, experiences and passion of our
employees are genuinely what make our
products and services work. The Corero
culture has been shaped by our decade-
long experience in the United States and
our more recent expansion in Europe.
Corero’s team in Scotland is especially
diverse; we have team members from seven
European nations based in Edinburgh.
With a growing business, the level of team
diversity and multi-site operations, we have
recognised the importance of our culture
and values. During the year, we invested in
bringing the whole company to Scotland for
a meeting that we called “The Gathering”.
At The Gathering, the team agreed Corero’s
values and refined the definition of these
values. Corero’s agreed values are:
• Integrity
• Customer delight
• Innovation
• Open and honest communications
• Empowerment
More recently, Corero invested in an online
tool, known as Kudos, which is being used to
acknowledge, reinforce and measure the
values-supporting behaviours and actions
taken by team members.
Board changes
The notice of AGM will include a resolution
to reappoint Jens Montanana and Andrew
Miller who retire by rotation in accordance
with the Company’s Articles of Association.
Looking ahead
With its market leading SmartWall product
and the significant investment made in the
SmartWall technology, and the strategy of
expanding Corero’s routes to market
through channels and go to market partners,
the business is well placed to deliver on its
strategic goals and become a leading player
in the DDoS mitigation market.
I would like to give special thanks to our
institutional and private investors for their
continued support of the Company’s
strategy and funding requirements.
Finally, thank you to all our employees for
their hard work and commitment.
Jens Montanana
Chairman
29 March 2018
“I am confident the business will deliver on its strategic goals
and become a leading player in the DDoS mitigation market.”
Jens Montanana
Chairman
Corero Network Security plcAnnual Report & Accounts 2017�23
Corporate Governance Report
Corero has taken note of the UK Corporate
Governance Code (“the UK Code”)
published in April 2016. The UK Code and
associated guidance can be found on the
Financial Reporting Council website at
www.frc.org.uk/corporate/ukcgcode.cfm.
The rules of the London Stock Exchange do
not require companies that have securities
traded on AIM to formally comply with the
UK Code and the Company does not seek to
formally comply nor give a statement of
compliance. However, the Board is
accountable to the Company’s shareholders
for good governance and has sought to
apply those principles of corporate
governance commensurate with the
Company’s size. The Company’s approach
is set out below.
The Board
Corero recognises its responsibility to
provide entrepreneurial and responsible
leadership to the Group within a
framework of prudent and effective
controls (described below) allowing
assessment and management of the key
issues and risks impacting the business.
The Board sets Corero’s overall strategic
direction, reviews management
performance and ensures that the Group
has the necessary financial and human
resources in place to meet its objectives.
The Board is satisfied that the necessary
controls and resources exist within the
Group to enable these responsibilities to
be met.
Operational management of the Group is
delegated to the Chief Executive Officer.
The Board of Directors comprises the
Non-Executive Chairman, three Executive
Directors and one Non-Executive Director
whose Board and Committee responsibilities
as at 4 April 2018 are set out below:
The composition of the Board of Directors is
reviewed regularly. Appropriate training,
briefings, and induction are available to all
Directors on appointment and subsequently
as necessary, taking into account existing
qualifications and experience.
Executive Directors’ normal retirement age
is 60 and Non-Executive Directors’ normal
retirement age is 65. One third of all
Directors are subject to annual
reappointment by shareholders as well as
any Director appointed by the Board in the
period since the last AGM. Jens Montanana
and Andrew Miller will be offering
themselves for re-election at the
forthcoming AGM.
The Board of Directors meets on average
once a quarter and additional meetings are
held each year to review and approve the
Group’s strategy and financial plans for the
coming year. Each Director is provided with
sufficient information to enable them to
consider matters in good time for meetings
and enable them to discharge their duties
properly.
All Directors have access to the advice and
services of the Company Secretary. There is
also a procedure in place for any Director to
take independent professional advice if
necessary, at the Company’s expense.
The Board also ensures that the principal
goal of the Company is to create
shareholder value, while having regard to
other stakeholder interests and takes
responsibility for setting the Company’s
values and standards.
There is a documented schedule of matters
reserved for the Board, the most significant
of which are:
Jens Montanana
Chairman
Member
Chairman
Board
Audit
Remuneration
Ashley Stephenson
Andrew Lloyd
Andrew Miller
Richard Last
Member
Member
Member
Member
Chairman
Member
• responsibility for the overall strategy and
management of the Group;
• approval of strategic plans and budgets
and any material changes to them;
• approval of the acquisition or disposal of
subsidiaries and major investments,
projects and contracts;
• oversight of the Group’s operations
ensuring competent and prudent
management, sound planning and
management of adequate accounting and
other records;
• changes relating to the Group’s capital
structure;
• final approval of the annual and interim
financial statements and accounting
policies;
• approval of the dividend policy;
• ensuring an appropriate system of
internal control and risk management is in
place;
• approval of changes to the structure, size
and composition of the Board;
• review of the management structure and
senior management responsibilities;
• with the assistance of the Remuneration
Committee, approval of remuneration
policies across the Group;
• delegation of the Board’s powers and
authorities;
• consideration of the independence of the
Non-Executive Directors; and
• receiving reports on the views of the
Company’s shareholders
In the year ended 31 December 2017, the
Board received monthly briefings on the
Group’s performance (including detailed
commentary and analysis), key issues and
risks affecting the Group’s business.
Strategic Report Financial StatementsGovernanceCorporate Directory�24
Corporate Governance Report continued
The Company maintains liability insurance
for its Directors and Officers. The Company
has also entered into indemnity
agreements with the Directors, in terms
of which the Company has indemnified its
Directors, subject to the Companies Act
limitations, against any liability arising out
of the exercise of the Directors’ powers,
duties and responsibilities as a Director
or Officer.
In the year ended 31 December 2017 the
Board met on 5 scheduled occasions;
further meetings and conference calls
were held as and when necessary. Details
of Directors’ attendance at scheduled
meetings in the year to 31 December 2017
is shown in the table below:
Jens Montanana
Ashley Stephenson
Andrew Miller
Richard Last
Andrew Lloyd
Meetings
attended
5/5
5/5
4/5*
5/5
5/5
* Andrew Miller was unable to attend one scheduled
Board meeting due to illness.
Board Committees
The Company has an Audit Committee and
Remuneration Committee, details of which
are set out below.
Audit Committee
The Audit Committee members comprise
Richard Last, who is the Committee
Chairman, and Jens Montanana, and meets
twice a year. The Group Chief Financial
Officer and Group Financial Controller, and
the Company’s external auditors attend the
meetings. The Audit Committee considers
the adequacy and effectiveness of the risk
management and control systems of the
Group. It reviews the scope and results of
the external audit, its cost effectiveness
and the objectivity of the auditors. It also
reviews, prior to publication, the interim
financial statements, preliminary results
announcement, the annual financial
statements and the other information
included in the annual report.
The Audit Committee met twice in the year
ended 31 December 2017. The attendance
of individual Committee members at Audit
Committee meetings in the year to 31
December 2017 is shown in the table below:
Jens Montanana
Richard Last
Meetings
attended
2/2
2/2
Remuneration Committee
The Remuneration Committee
comprises Jens Montanana, who is the
Committee Chairman, and Richard Last.
The Remuneration Committee meets at
least twice a year and reviews and advises
upon the remuneration and benefits
packages of the Executive Directors.
The remuneration of the Chairman and
Non-Executive Directors is decided upon
by the Board of Directors.
In the year ended 31 December 2017, the
Remuneration Committee Board met on
four scheduled occasions; further meetings
and conference calls were held as and when
necessary. The attendance of individual
Committee members at Remuneration
Committee meetings in the year to 31
December 2017 is shown in the table below:
Jens Montanana
Richard Last
Meetings
attended
4/4
4/4
Nominations Committee
Due to the size of the Board of Directors,
the Directors do not consider there to be
any need for a nominations committee.
Issues that would normally be dealt with by
a nominations committee are handled by
the Board of Directors. The Board of
Directors will review the need for a
nominations committee on a regular basis.
Internal controls
The Directors are responsible for the
Group’s system of internal control and for
reviewing its effectiveness whilst the role
of management is to implement policies on
risk management and control. The Group’s
system of internal control is designed to
manage, rather than eliminate, the risk of
failure to achieve the Group’s business
objectives and can only provide reasonable,
and not absolute, assurance against
material misstatement or loss.
The Board continually reviews the
effectiveness of other internal controls,
including financial, operational, compliance
controls and risk management. There were
no specific reports tabled during the year
ended 31 December 2017.
The Group operates a risk management
process, which is embedded in normal
management and governance processes.
As part of the annual and budgeting
process, the Group documents the
significant risks identified, the probability
of those risks occurring, their potential
impact and the plans for managing and
mitigating each of those risks.
The Group operates a series of controls to
meet its needs. These controls include, but
are not limited to, the annual strategic
planning and budgeting process, a clearly
defined organisational structure with
authorisation limits, reviews by senior
management of monthly financial and
operating information including
comparisons with budgets, monthly
treasury and cash flow reports and
forecasts to the Board.
Corero Network Security plcAnnual Report & Accounts 2017�25
None of the Non-Executive Directors has a
service agreement. Letters of appointment
for Jens Montanana and Richard Last are for
12 month terms and provide that the
appointment may be terminated by either
party giving to the other not less than
three months’ notice.
The Audit Committee receives reports
from management and observations from
the external auditors concerning the
system of internal control and any
material control weaknesses. Significant
risk issues, if any, are referred to the Board
of Directors for consideration.
The Board of Directors makes an annual
assessment of the effectiveness of the
Group’s internal control system, including
financial, operational and compliance
controls, before making this statement.
The Board of Directors also considers issues
included in reports received during the
year, how the risks have changed during
the year and reviews any reports prepared
on internal controls by management and
any issues identified by external auditors.
The Board of Directors does not believe
it is currently appropriate to establish a
separate, independent internal audit
function, given the size of the Group.
Remuneration report
The Remuneration Committee’s principal
function is to set remuneration of the
Group’s Executive Directors and
management to ensure they are fairly
compensated.
Basic salaries are set to ensure high quality
Executive Directors and management are
attracted and retained by the Group. They
reflect the knowledge, skill and experience
of each individual Director. Bonuses are
non-pensionable and only payable if the
Remuneration Committee assesses the
Director’s achievements as worthy of
the award.
The Remuneration Committee is also
responsible for ensuring the Group’s share
option schemes are operated properly.
Details of Directors’ share options at
31 December 2017 are disclosed in note 25
of the financial statements.
Details of Directors’ remuneration for the
year ended 31 December 2017 is set out in
note 22 of the financial statements. Jens
Montanana has elected to waive the fees
payable to him for the financial year ended
31 December 2017.
Ashley Stephenson, Executive Director, has
a service agreement which provides for the
payment of six months’ base salary if the
agreement is terminated by the Company
without cause.
Andrew Lloyd, Executive Director, has an
employment agreement which can be
terminated by either party on not less than
three months’ written notice increasing by
one month at the end of each complete 12
month period of continuous employment
provided that the notice period shall not
exceed six months in total. The agreement
contains provisions for early termination in
certain circumstances.
Andrew Miller, Executive Director, has an
employment agreement which can be
terminated by either party on not less than
three months’ written notice increasing by
one month at the end of each complete 12
month period of continuous employment
provided that the notice period shall not
exceed six months in total. The agreement
contains provisions for early termination in
certain circumstances.
“Despite continued discussions about nation state attackers, security professionals
believe that criminal extortionists are the most likely group to inflict a DDoS attack
against their organisations, with 38% expecting attacks to be financially motivated.
By contrast, just 11% believe that hostile nations would be behind a DDoS attack
against their organisation.”
Corero survey conducted at InfoSecurity 2017
Strategic Report Financial StatementsGovernanceCorporate Directory�26
Directors’ Report
Group results
The Group’s Statement of Comprehensive
Income on page 34 shows a loss for the year
of $8.6 million (2016: $17.2 million).
Going concern
The financial position and cash flows are
described in the Financial Review on pages
18 and 19. An indication of likely future
developments affecting the Company is
included in the Strategic Report on pages
6 to 19.
On 5 April 2018, Corero will announce a
conditional placing and subscription to raise
£4.0 million ($5.2 million). In addition,
Corero is in advanced discussions with a UK
bank to provide a term loan of £3.0 million
($4.2 million), contingent on the Equity Fund
Raise. The Bank Loan is expected to be
finalised and drawn down following the
completion of the Equity Fund Raise.
A circular containing a notice of General
Meeting will be sent to shareholders on
5 April 2018. At the General Meeting to be
convened on 26 April 2018, Corero
shareholders will be asked to approve the
Equity Fund Raise. Since the participants in
the Equity Fund Raise include shareholders
which at 4 April 2018 held more than 75% of
the Company’s issued shares, it is
anticipated that the resolutions to approve
the Equity Fund Raise will be duly passed.
The Board are confident that the Equity
Fund Raise and Bank Loan will be completed
successfully.
The Directors believe that on the basis of a
successful Equity Fund Raise and draw down
of the Bank Loan, that the Company and the
Group have, or have access to, the necessary
financial resources to continue operating
for the foreseeable future.
The Directors are of the opinion that the
Group and Company has adequate working
capital to continue as a going concern for
the foreseeable future and, in particular, for
a period of at least 12 months from the date
of approval of these financial statements.
On this basis, the Directors have therefore
concluded that it is appropriate to prepare
the financial statements on a going concern
basis. However, in the absence of certainty
that the Equity Fund Raise and Bank Loan
will successfully complete as anticipated, a
material uncertainty exists which may cast
significant doubt over the Group’s and
Company’s ability to continue as a going
concern. The financial statements do not
include the adjustments that would result if
the Group and Company was unable to
continue as a going concern. Further details
are included within note 2 to the financial
statements on page 40.
Dividends
The Directors have not recommended a
dividend (2016: $nil).
Share capital
The issued share capital of the Company,
together with details of movements in the
Company’s issued share capital during the
financial period are shown in note 20 to the
financial statements.
As at the date of this report, 315,417,642
ordinary shares of 1p each (“ordinary
shares”) were in issue and fully paid with an
aggregate nominal value of $3.2 million.
The market price of the ordinary shares at
31 December 2017 was 6.75p and the shares
traded in the range 5.05p to 12.875p during
the year.
Issue of shares
At the AGM held on 20 June 2017,
shareholders granted authority to the
Board under the Articles and section 551
of the Companies Act 2006 (the ‘Act’) to
exercise all powers of the Company to allot
relevant securities up to an aggregate
nominal amount of £678,058.
Also at the AGM held on 20 June 2017,
shareholders granted authority to the
Board under the Articles and section 570(1)
of the Act to exercise all powers of the
Company to allot equity securities wholly
for cash up to an aggregate nominal
amount of £203,418 without application of
the statutory pre-emption rights contained
in section 561 (1) of the Act.
Substantial shareholdings
The Company has been notified of the
following holdings that are 3% or more
of the Group’s ordinary share capital as
at 4 April 2018:
Ordinary shares of 1 pence each
Jens Montanana*
Miton UK Microcap Trust PLC
Richard John Koch
Herald Investment Management
Sabvest Capital Holdings Limited
Peter Kennedy Gain**
Number
138,000,000
28,185,555
26,370,500
25,006,406
20,500,000
17,433,333
%
43.8
8.9
8.4
7.9
6.5
5.5
* of which 25,987,889 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 94,258,302 are held in the name of The New Millennium
Technology Trust of which Jens Montanana is a beneficiary.
** of which 4,900,000 shares are held in the name of Draper Gain Investments Ltd.
Corero Network Security plcAnnual Report & Accounts 2017�Directors’ shareholdings
Jens Montanana
Ashley Stephenson
Andrew Miller
Richard Last
Andrew Lloyd
4 April 2018
31 December 2017
31 December 2016
Number
%
Number
%
Number
138,000,000
43.8
138,000,000
43.8
69,303,990
35,000
1,091,437
1,316,667
300,000
0.0
0.4
0.4
0.1
38,000
1,091,437
1,316,667
300,000
0.0
0.4
0.4
0.1
38,000
891,437
1,316,667
–
27
%
34.1
0.0
0.4
0.7
–
Directors’ indemnities
The Company has qualifying third party
indemnity provisions in place for the benefit
of its Directors. These remain in force at the
date of this report.
Directors and Directors’
interests
The Directors who served in office during
the year and up to the date of this report
and their interests in the Company’s shares
were as above.
The biographical details of the current
Directors of the Company are given on
pages 20 and 21.
Jens Montanana, Ashley Stephenson,
Andrew Miller, Richard Last and Andrew
Lloyd hold share options, details of
which are shown in note 25 to the
financial statements.
Financial risk management
objectives and policies
The Group’s business activities expose it to
a variety of financial risks. The policies for
managing these risks are described below:
• Liquidity risk – arises from the Group’s
management of working capital and
finance charges. It is a risk that the Group
will encounter difficulty in meeting its
financial obligations as they fall due.
Liquidity risk is managed by the finance
function. Budgets are agreed by the Board
annually in advance, enabling the Group’s
cash flow requirements to be anticipated.
• Credit risk – arises from cash and cash
equivalents and from credit exposures
to the Group’s customers including
outstanding receivables and committed
transactions. Credit risk is managed with
regular reports of exposures reviewed by
management. The Group does not set
individual credit limits but will seek to
ensure that customers enter into legally
enforceable contracts that include
settlement terms that demonstrate
the customers’ commitment to
the transaction and minimise this
risk exposure.
The amounts of trade receivables presented
in the Statement of Financial Position are
shown net of allowances for doubtful
accounts estimated by management based
on prior experience and their assessment
of the current economic environment
(note 14).
The Group has no significant concentration
of credit risk, with exposure spread over a
number of customers.
The credit risk on liquid funds and financial
instruments is limited because the
counterparties are banks with acceptable
credit ratings assigned by international
credit rating agencies.
• Cash flow interest rate risk – the Group’s
policy is to minimise interest rate cash
flow risk exposure on its financing. The
Group’s policy is to balance the risk in
relation to cash balances held by
spreading these across a number of
financial institutions as opposed to
maximising interest income
• Currency risk – there is no material
impact on the Group’s profit or loss for
the year from exchange rate movements,
as foreign currency transactions are
entered into by Group companies whose
functional currency is aligned with the
currencies in which it transacts. An
exchange rate risk does arise in relation
to equity fund raises which are in GBP,
given the Company’s AIM listing, to the
extent these funds are required to
support US dollar denominated funding
requirements. The Group has not hedged
such GBP fund raises in the past but will
review this policy based on the expected
timing of US dollar and GBP operational
funding requirements.
The principal risk which applies to the
parent Company’s financial statements is
the risk that the returns generated by the
subsidiaries might not support the carrying
value of the cost of the investments in
subsidiaries. The carrying value is tested at
least annually for impairment and, if
necessary, impaired.
Capital management
The Group monitors its available capital,
which it considers to be all components of
equity against its expected requirements.
The Group’s objectives when maintaining
capital are to safeguard the entity’s ability
to continue as a going concern, so that it
can continue to provide returns for
shareholders and benefits for other
stakeholders, and to ensure that sufficient
funds can be raised for investing activities.
In order to maintain or adjust the capital
structure, the Company may return capital
to shareholders, issue new shares, or sell
assets. The Group does not review its
capital requirements according to any
specified targets or ratios.
Strategic Report Financial StatementsGovernanceCorporate Directory�28
Directors’ Report continued
Treasury management
The objectives of Group treasury policies
are to ensure that adequate financial
resources are available for development of
the business while at the same time
managing financial risks. Financial
instruments are used to reduce financial
risk exposures arising from the Group’s
business activities and not for speculative
purposes.
The Group’s treasury activities are managed
by the Group Financial Controller who
reports to the Board on the implementation
of Group treasury policy.
Environment
The Group’s activities are primarily office
based and as such the Directors believe that
there is no significant environmental impact
arising from the Group’s activities. The
Group complies with local WEEE regulations.
No environmental performance indicators
are therefore included within this report.
The Group’s environmental policy states:
“We endeavour to recycle appropriate
materials where possible and to efficiently
use natural resources and energy supplies
so as to minimise our environmental
impact. We will comply with the relevant
statutes and legislation. Furthermore,
employees are encouraged to be
environmentally aware. Company
cars are not provided.”
Research and development
The development of computer software is
an integral part of the Group’s business and
the Group continues to develop its core
software in response to user demand, and
particularly the changing IT security threat
landscape, and changes in software
technology. During the year the Group
enhanced its existing products and
developed new products. A capital
investment of $2.2 million (2016: $2.5
million) was made during the year.
Amortisation of $2.4 million (2016: $2.3
million) and costs not capitalised of $1.5
million (2016: £2.4 million) were charged to
the Statement of Comprehensive Income
during the year.
Employees
The quality and commitment of the
Group’s employees has played a major
role in the Company’s progress. This has
been demonstrated in many ways,
including strong customer satisfaction,
the development of new product
offerings and the flexibility employees
have shown in adapting to changing
business requirements. The Group
operates sales commission, incentive
bonus plans and share option plans to
provide incentives for achievements
which add value to the business.
Post balance sheet event
On 5 April 2018 Corero will announce a
conditional placing and subscription to raise
£4.0 million ($5.6 million) before expenses.
This Equity Fund Raise is subject to
shareholder approval at a general meeting
of the Company on 26 April 2018.
Annual General Meeting
A circular including the notice convening
the AGM together with the details of the
business to be considered will be sent to
shareholders in due course.
Auditors
In so far as each Director is aware:
• there is no relevant audit information
of which the Company’s auditors are
unaware; and
• the Directors have taken all the steps
that they ought to have taken to make
themselves aware of any relevant audit
information and to establish that the
Company’s auditors are aware of that
information.
By order of the Board
Duncan Swallow
Company Secretary
4 April 2018
“According to Gartner, the cyber-security industry will break another record in 2017 for
spending—analysts predict organizations worldwide will shell out $90 billion. Despite
this increased spending, the cost of cyber-crime continues to outpace investments in
enterprise security and risk products; in 2016, cyber-crime cost the worldwide economy
$450 billion. Cyber-crime is a dark industry, and it is making money hand over fist by
probing for weaknesses in enterprise security infrastructure.”
NSS Labs, January 2018
Corero Network Security plcAnnual Report & Accounts 2017�29
Statement of Directors’ Responsibilities
The Directors are responsible for preparing
the Annual Report and Financial Statements
in accordance with applicable law and
regulations.
• prepare the financial statements on
the going concern basis unless it is
inappropriate to presume that the
Group will continue in business.
The Directors are responsible for keeping
adequate accounting records that are
sufficient to show and explain the Group’s
transactions and disclose with reasonable
accuracy at any time the financial position
of the Group and enable them to ensure
that the financial statements comply with
the Companies Act 2006. They are also
responsible for safeguarding the assets of
the Group and hence for taking reasonable
steps for the prevention and detection of
fraud and other irregularities.
The Directors are responsible for ensuring
the annual report and the financial
statements are made available on a
website. Financial statements are published
on the Company’s website in accordance
with legislation in the United Kingdom
governing the preparation and
dissemination of financial statements,
which may vary from legislation in other
jurisdictions. The maintenance and integrity
of the Company’s website is the
responsibility of the Directors. The
Directors’ responsibility also extends
to the ongoing integrity of the financial
statements contained therein.
Company law requires the Directors to
prepare financial statements for each
financial year. Under that law the Directors
have elected to prepare the Group and
Company financial statements in
accordance with International Financial
Reporting Standards as adopted by the
European Union (“IFRSs”). The Directors
have chosen to prepare the Company
financial statements in accordance with
FRS101. Under company law the Directors
must not approve the financial statements
unless they give a true and fair view of the
state of affairs of the Group and parent
company and of the profit or loss of the
Group for that period. The Directors are
also required to prepare financial
statements in accordance with the rules of
the London Stock Exchange for companies
trading securities on the AIM. In preparing
these financial statements, the Directors
are required to:
• select suitable accounting policies and
then apply them consistently;
• make judgements and estimates that are
reasonable and prudent;
• state whether they have been prepared in
accordance with IFRSs as adopted by the
European Union, subject to any material
departures disclosed and explained in the
financial statements; and
Strategic Report Financial StatementsGovernanceCorporate Directory�30
Independent Auditor’s Report
to the members of Corero Network Security plc
Opinion
We have audited the financial statements of Corero Network Security plc (the ‘parent company’) and its subsidiaries (the ‘Group’) for the
year ended 31 December 2017 which comprise the consolidated statement of comprehensive income, the consolidated statement of
financial position, the company statement of financial position, the consolidated statement of cash flows, the consolidated statement of
changes in equity, the company statement of changes in equity and notes to the financial statements, including a summary of significant
accounting policies.
The financial reporting framework that has been applied in the preparation of the Group financial statements is applicable law and
International Financial Reporting Standards (“IFRSs”) as adopted by the European Union. The financial reporting framework that
has been applied in the preparation of the parent company financial statements is applicable law and United Kingdom Accounting
Standards, including Financial Reporting Standard 101 Reduced Disclosure Framework (United Kingdom Generally Accepted
Accounting Practice).
In our opinion:
•
•
•
•
the financial statements give a true and fair view of the state
of the Group’s and of the parent company’s affairs as at 31 December 2017 and of the Group’s loss for the year then ended;
the Group financial statements have been properly prepared in accordance with IFRSs as adopted by the European Union;
the parent company financial statements have been properly prepared in accordance with United Kingdom Generally
Accepted Accounting Practice; and
the financial statements have been prepared in accordance with the requirements of the Companies Act 2006.
Basis for opinion
We conducted our audit in accordance with International Standards on Auditing (UK) (“ISAs (UK)”) and applicable law.
Our responsibilities under those standards are further described in the Auditor’s responsibilities for the audit of the financial
statements section of our report. We are independent of the Group and the parent company in accordance with the ethical
requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied
to listed entities, and we have fulfilled our other ethical responsibilities in accordance with these requirements. We believe that
the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.
Material uncertainty related to going concern
We draw attention to note 2 in the financial statements which states that the Group and the parent company is reliant on
securing additional funding, which it has planned to secure by means of an Equity Fund Raise and Bank Loan. The planned Equity
Fund Raise is subject to Corero shareholder approval at a General Meeting which will be convened after the date of these
financial statements and may or may not be forthcoming. In addition, the Company has received a credit approved Bank Loan
offer, which is subject to final agreement of loan documentation and is contingent on the Equity Fund Raise. If finalised it will
only be drawn down after the date of these financial statements.
These events or conditions indicate that material uncertainties exist that may cast significant doubt on the Group and the
parent company’s ability to continue as a going concern. Our opinion is not modified in respect of this matter.
Given the conditions and uncertainties noted above we considered going concern to be a key audit matter. We have performed
the following work as part of our audit:
• we reviewed the terms of the Bank Loan and Equity Fund Raise documents to understand the conditions attached to both
the Bank Loan and Equity Fund Raise;
• we reviewed the Bank Loan covenant terms and whether these are likely to be met based upon cash flow forecasts;
• we considered whether the terms of the Bank Loan and Equity Fund Raise are in line with the disclosures in the financial
statements; and
• we reviewed and challenged the Directors’ forecasts used to assess the Group’s and Company’s ability to meet its financial
obligations as they fall due for a period of at least 12 months from the date of approval of the financial statements, taking in
to account the additional funding expected to be received.
Use of our report
This report is made solely to the parent company’s members, as a body, in accordance with Chapter 3 of Part 16 of the
Companies Act 2006. Our audit work has been undertaken so that we might state to the parent company’s members those
matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law,
we do not accept or assume responsibility to anyone other than the parent company and the parent company’s members as a
body, for our audit work, for this report, or for the opinions we have formed.
Corero Network Security plcAnnual Report & Accounts 2017�31
Key audit matters
In addition to the matter described in the material uncertainty related to going concern section, key audit matters are those
matters that, in our professional judgment, were of most significance in our audit of the financial statements of the current
period and include the most significant assessed risks of material misstatement (whether or not due to fraud) we identified,
including those which had the greatest effect on: the overall audit strategy, the allocation of resources in the audit; and
directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial
statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.
Key audit matter
How we addressed the Key Audit Matter in the Audit
Revenue recognition
See accounting policy at note 2.5.
The Group generates revenue primarily from the
sale of hardware and associated software and
related maintenance and support contracts. It does
this through arrangements with direct end-users,
either through the sale of hardware and a software
licence or by selling the software as-a-service, as
well as to distributors.
We considered there to be a significant audit risk
arising from the allocation of the value of the
transaction between the multiple elements or
deliverables included in the sale as well as the
timing of revenue recognition with regard to proper
deferral of support revenues.
Goodwill and intangible asset impairment risk
See accounting policy at note 2.12 and note 8.
In accordance with IAS 36, goodwill is tested for
impairment annually and other non-current tangible
assets with finite lives are tested for impairment
whenever an indicator of impairment arises.
Management performed an impairment review over
its sole cash generating unit (“CGU”) – Corero
Network Security (“CNS”) – as at 31 December 2017
using a discounted cash flow model to calculate fair
value less costs to sell. The impairment review
necessitates significant management judgement
over the timing and degree of certainty attaching to
future net cash flows and the rate at which those
cash flows should be discounted to present value.
The recoverable amount of the Group’s CNS CGU
was assessed as being higher than its carrying value
at the reporting date.
Management concluded that the goodwill and
intangible assets were not impaired at the
reporting date.
Our audit procedures included assessing the appropriateness of the
revenue recognition policy in accordance with IAS 18.
We gained an understanding of the detail of the Group’s
methodology in determining the fair value of the different
deliverables in multiple element arrangements as set out in note 2.5
and interrogated the approach, comparing the quantitative
measures by which BESP was determined to actual pricing practices
used by the company, to ensure it provided a suitable basis on which
to recognise revenues.
For each type of revenue, we selected a sample of contracts for
testing. We assessed whether the revenue recognised was calculated
in accordance with the Group’s accounting policy.
We also tested the accuracy of the deferred income balance, which
arises most commonly on deferred maintenance and support income,
and tested a sample of transactions around the year end to ensure that
they were recorded in the correct period.
Finally, in relation to the Group’s SaaS revenues, a sample of
contracts was obtained, and the revenue recognition in relation to
these contracts was confirmed as appropriate.
Our work on the impairment reviews prepared by management had a
dual focus: firstly, to ensure the model was mechanically accurate and
prepared in accordance with the detailed requirements of IAS36 and
secondly, to ensure that the assumptions regarding future cash flows
and the rate at which they had been discounted were appropriate to
the Group’s circumstances.
We used specialists in order to assist with our interrogation of the model
and to support our assessment of the treatment of future tax savings
arising from available losses. This work also included comparison to
industry data, historic trading, and macro-economic factors.
Our audit procedures relating to the review of operating cash flows
included verification of the existence of selected future sales
opportunities which are expected to drive growth in 2018, as well as a
comparison of previous performance to expectations.
We took into account previous shortfalls against sales targets and
discussed key sensitivities with those charges with governance.
Fundamental to this evaluation was a comparison of the forecasts in
the impairment review to recent financial performance and budgets
approved by the Board, verifying that the sensitivities prepared by
management were sufficiently challenging.
We also examined development cost intangible assets and property,
plant and equipment to determine that there no additional
impairment indicators in respect of specific assets within the CGU.
Strategic Report Financial StatementsGovernanceCorporate Directory�32
Independent Auditor’s Report continued
to the members of Corero Network Security plc
Our application of materiality
We apply the concept of materiality both in planning and performing our audit, and in evaluating the effect of misstatements. For
planning, we consider materiality to be the magnitude by which misstatements, including omissions, could influence the economic
decisions of reasonable users that are taken on the basis of the financial statements. In order to reduce to an appropriately low
level the probability that any misstatements exceed materiality, we use a lower materiality level, performance materiality, to
determine the extent of testing needed. Importantly, misstatements below these levels will not necessarily be evaluated as
immaterial as we also take account of the nature of identified misstatements, and the particular circumstances of their occurrence,
when evaluating their effect on the financial statements as a whole.
Level of materiality applied and rationale
We consider EBITDA to be the most appropriate performance measure for the basis of materiality in respect of the audit of the
Group as this measure reflects the Group’s profitability excluding the impact of non-operating charges. EBITDA is calculated for
this purpose as Operating Loss adjusted for depreciation and amortisation. Using this benchmark, we set materiality at
$291,000 (2016: $255,000) being 5% of EBITDA.
Materiality in respect of the audit of the parent company has been set at $145,000, based on 50% of Group materiality.
Performance materiality was set at 75% of materiality for both the Group and parent company audits. In setting the level of
performance materiality we considered a number of factors including the expected total value of known and likely
misstatements (based on past experience and other factors) and management’s attitude towards proposed adjustments.
Component materiality
We set materiality for the Corero Network Security, Inc. component of the Group based on 90% of Group materiality as it makes up all
of the Group’s external revenue generating activities. UK components were audited to a lower materiality of between 10% and 50% of
Group materiality. In the audit of each component, we further applied a performance materiality level of 75% of the component
materiality level to our testing to ensure that the risk of errors exceeding component materiality was appropriately mitigated.
Agreement with the Audit Committee
We agreed with the Audit Committee that we would report to the Committee all audit differences individually in excess of
$14,000 (2016: £13,000). We also agreed to report differences below this threshold that, in our view, warranted reporting on
qualitative grounds.
An overview of the scope of our audit
Our Group audit was scoped by obtaining an understanding of the Group and its environment, including the Group’s system of
internal control, and assessing the risks of material misstatement in the financial statements at the Group level.
We obtained an understanding of the entity-level controls of the Group as a whole which assisted us in identifying and assessing
risks of material misstatement due to fraud or error, as well as assisting us in determining the most appropriate audit strategy.
A full scope audit was performed for each component included in the consolidation. All audit work was undertaken by the
Group audit team.
Other information
The directors are responsible for the other information. The other information comprises the information included in the
annual report, other than the financial statements and our auditor’s report thereon. Our opinion on the financial statements
does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any
form of assurance conclusion thereon.
In connection with our audit of the financial statements, our responsibility is to read the other information and, in doing so,
consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in
the audit or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material
misstatements, we are required to determine whether there is a material misstatement in the financial statements or a material
misstatement of the other information. If, based on the work we have performed, we conclude that there is a material
misstatement of this other information, we are required to report that fact. We have nothing to report in this regard.
Opinions on other matters prescribed by the Companies Act 2006
In our opinion, based on the work undertaken in the course of the audit:
•
•
the information given in the strategic report and the directors’ report for the financial year for which the financial
statements are prepared is consistent with the financial statements; and
the strategic report and the directors’ report have been prepared in accordance with applicable legal requirements.
Corero Network Security plcAnnual Report & Accounts 2017�33
Matters on which we are required to report by exception
In the light of the knowledge and understanding of the Group and the parent company and its environment obtained in the
course of the audit, we have not identified material misstatements in the strategic report or the directors’ report.
We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires us to report
to you if, in our opinion:
• adequate accounting records have not been kept by the parent company, or returns adequate for our audit have not been
received from branches not visited by us; or
•
the parent company financial statements are not in agreement with the accounting records and returns; or
• certain disclosures of directors’ remuneration specified by law are not made; or
• we have not received all the information and explanations we require for our audit.
Responsibilities of directors
As explained more fully in the directors’ responsibilities statement, the directors are responsible for the preparation of the
financial statements and for being satisfied that they give a true and fair view, and for such internal control as the directors
determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether
due to fraud or error.
In preparing the financial statements, the directors are responsible for assessing the Group’s and the parent company’s ability
to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of
accounting unless the directors either intend to liquidate the Group or the parent company or to cease operations, or have no
realistic alternative but to do so.
Auditor’s responsibilities for the audit of the financial statements
Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material
misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is
a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a
material misstatement when it exists.
Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably
be expected to influence the economic decisions of users taken on the basis of these financial statements.
A further description of our responsibilities for the audit of the financial statements is located on the Financial Reporting
Council’s website at: www.frc.org.uk/auditorsresponsibilities. This description forms part of our auditor’s report.
Julian Frost (Senior Statutory Auditor)
For and on behalf of BDO LLP, Statutory Auditor
London
4 April 2018
BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127).
Strategic Report Financial StatementsGovernanceCorporate Directory�34
Consolidated Statement of Comprehensive Income
for the year ended 31 December 2017
Revenue
Cost of sales
Gross profit
Operating expenses before highlighted items
Depreciation* and amortisation of intangible assets
Impairment of goodwill
Operating expenses
Operating loss
Finance income
Finance costs
Loss before taxation
Taxation
Loss for the year
Other comprehensive expense
Items that will or may be reclassified to profit and loss:
Difference on translation of UK functional currency entities
Total comprehensive expense for the year
Total loss for the year attributable to:
Equity holders of the parent
Total
Total comprehensive expense for the year attributable to:
Equity holders of the parent
Total
Basic and diluted loss per share
Basic and diluted loss per share
* DDoS as-a-service depreciation charged to cost of sales
The notes on pages 40 to 63 form part of these financial statements.
Total
2017
$’000
8,531
(2,126)
6,405
(12,157)
(2,938)
–
(15,095)
(8,690)
5
(4)
(8,689)
116
(8,573)
805
(7,768)
(8,573)
(8,573)
(7,768)
(7,768)
2017
Cents
(3.1)
Total
2016
$’000
8,772
(2,071)
6,701
(11,847)
(3,128)
(8,992)
(23,967)
(17,266)
9
(6)
(17,263)
85
(17,178)
(2,355)
(19,533)
(17,178)
(17,178)
(19,533)
(19,533)
2016
Cents
(9.0)
Note
4
9,10,11
8
6
7
Corero Network Security plcAnnual Report & Accounts 2017
�Consolidated Statement of Financial Position
as at 31 December 2017
35
Assets
Non-current assets
Goodwill
Acquired intangible assets
Capitalised development expenditure
Property, plant and equipment
Trade and other receivables
Current assets
Inventories
Trade and other receivables
Cash and cash equivalents
Liabilities
Current Liabilities
Trade and other payables
Deferred income
Net current assets
Non-current liabilities
Deferred income
Net assets
Total equity attributable to owners of the parent
Ordinary share capital
Capital redemption reserve
Share premium
Share options reserve
Translation reserve
Retained earnings
Total equity
Note
2017
$’000
2016
$’000
8
9
10
11
14
13
14
15
18
18
20
21
8,991
37
7,664
770
76
17,538
94
2,955
1,365
4,414
(1,305)
(2,896)
(4,201)
213
(287)
(287)
17,464
4,556
7,051
73,239
322
(1,318)
(66,386)
17,464
8,991
82
7,901
970
80
18,024
65
2,227
2,940
5,232
(1,728)
(2,457)
(4,185)
1,047
(855)
(855)
18,216
3,119
7,051
67,681
301
(2,123)
(57,813)
18,216
These financial statements were approved by the Board of Directors on 4 April 2018 and signed on their behalf.
Andrew Miller
Director
The notes on pages 40 to 63 form part of these financial statements.
Strategic Report Financial StatementsGovernanceCorporate Directory�36
Company Statement of Financial Position (Company number 02662978)
as at 31 December 2017
Assets
Non-current assets
Investments in subsidiaries
Trade and other receivables
Current assets
Cash and cash equivalents
Net assets
Equity
Ordinary share capital
Capital redemption reserve
Share premium
Share options reserve
Translation reserve
Retained earnings
Total equity
Note
12
14
20
21
2017
$’000
2016
$’000
21,015
7,043
28,058
21,137
5,409
26,546
680
2,504
28,738
29,050
4,556
7,051
73,239
322
(10,019)
(46,411)
28.,738
3,119
7,051
67,681
301
(13,157)
(35,945)
29,050
The Company financial statements were prepared in accordance with Financial Reporting Standard 101 Reduced Disclosure
Framework. The Company has taken advantage of the following disclosure exemptions:
The requirements of IAS 7 Statement of Cash Flows, IFRS 7 Financial Instruments: Disclosures and IAS 24 Related Party
Disclosures.
The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in
these financial statements. The parent Company’s loss for the year was $10.5 million (2016: loss $20.0 million).
These financial statements were approved by the Board of Directors on 4 April 2018 and signed on their behalf.
Andrew Miller
Director
The notes on pages 40 to 63 form part of these financial statements.
Corero Network Security plcAnnual Report & Accounts 2017�Consolidated Statement of Cash Flows
for the year ended 31 December 2017
Cash flows from operating activities
Note
9
8
10
11
6
25
9
10
11
Loss for the year
Adjustments for non-cash movements:
Amortisation of acquired intangible assets
Impairment loss on intangible assets
Amortisation and impairment of capitalised development expenditure
Depreciation
Loss on sale of property, plant and equipment
Finance income
Finance expense
Taxation
Qualifying research and development expenditure tax credit
Share-based payment charge
Decrease in inventories and as-a-service assets
(Increase)/decrease in trade and other receivables
Decrease in payables
Net cash used in operating activities
Cash flows from investing activities
Purchase of intangible assets
Capitalised development expenditure
Purchase of property, plant and equipment
Net cash used in investing activities
Cash flows from financing activities
Net proceeds from issue of ordinary share capital
Finance income
Finance expense
Net cash from financing activities
Effects of exchange rates on cash and cash equivalents
Net (decrease)/increase in cash and cash equivalents
Cash and cash equivalents at 1 January
Cash and cash equivalents at 31 December
The notes on pages 40 to 63 form part of these financial statements.
37
2016
$’000
(17,178)
325
8,992
2,252
551
9
(9)
6
(85)
–
19
596
1,605
(2,623)
(5,540)
(32)
(2,533)
(644)
(3,209)
Group
2017
$’000
(8,573)
55
–
2,408
548
–
(5)
4
(116)
116
21
127
(33)
(596)
(6,044)
(10)
(2,171)
(497)
(2,678)
6,995
11,392
5
(4)
9
(6)
6,996
11,395
151
(1,575)
2,940
1,365
(2,412)
234
2,706
2,940
Strategic Report Financial StatementsGovernanceCorporate Directory�38
Consolidated Statement of Changes in Equity
for the year ended 31 December 2017
Share
capital
$’000
2,573
Capital
redemption
reserve
$’000
Share
premium
account
$’000
Share
options
reserve
$’000
7,051
56,835
282
–
–
–
–
546
546
–
–
–
–
–
–
–
–
–
–
10,846
10,846
–
–
–
19
–
–
–
–
–
–
1,437
1,437
4,556
–
–
–
–
–
–
7,051
–
–
–
–
5,558
5,558
73,239
–
–
–
21
–
21
Total
attributable
to equity
holders of
the parent
$’000
Translation
reserve
$’000
Retained
earnings
$’000
232
–
(40,635)
(17,178)
(2,355)
–
26,338
(17,178)
(2,355)
(2,355)
(17,178)
(19,533)
–
–
–
–
–
–
–
805
(8,573)
–
805
(8,573)
(7,768)
19
11,392
11,392
18,216
(8,573)
805
21
6,995
7,016
17,464
–
–
–
–
–
–
322
(1,318)
(66,386)
3,119
7,051
67,681
301
(2,123)
(57,813)
1 January 2016
Loss for the year
Other comprehensive income
Total comprehensive
expense for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Total contributions by and
distributions to owners
31 December 2016 and
1 January 2017
Loss for the year
Other comprehensive income
Total comprehensive
expense for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Total contributions by and
distributions to owners
31 December 2017
The share capital comprises the nominal values of all shares issued.
The capital redemption reserve comprises the amount transferred from deferred shares on redemption of the deferred shares.
The share premium account comprises the amounts subscribed for share capital in excess of the nominal value.
The share options reserve represents the cost to the Group of share options.
The translation reserve arises on retranslating the net assets of UK operations into US dollars.
The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere.
The notes on pages 40 to 63 form part of these financial statements.
Corero Network Security plcAnnual Report & Accounts 2017�Company Statement of Changes in Equity
for the year ended 31 December 2017
Share
capital
$’000
2,573
Capital
redemption
reserve
$’000
Share
premium
account
$’000
Share
options
reserve
$’000
Translation
reserve
$’000
Retained
earnings
$’000
7,051
56,835
282
(3,755)
(15,970)
1 January 2016
Loss for the year
Other comprehensive income
Total comprehensive
expense for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Total contributions by and
distributions to owners
31 December 2016 and
1 January 2017
Loss for the year
Other comprehensive income
Total comprehensive
expense for the year
Contributions by and
distributions to owners
Share-based payments
Issue of share capital
Total contributions by and
distributions to owners
31 December 2017
–
–
–
–
546
546
–
–
–
–
–
–
–
–
–
–
10,846
10,846
–
–
–
19
–
19
–
–
–
–
1,437
1,437
4,556
–
–
–
–
–
–
–
–
–
–
5,558
5,558
–
–
–
21
–
21
39
Total
equity
$’000
47,016
(19,975)
(9,402)
19
11,392
11,411
29,050
(10,466)
3,138
–
(19,975)
(9,402)
–
(9,402)
(19,975)
(29,377)
–
–
–
–
–
–
–
(10,466)
3,138
–
3,138
(10,466)
(7,328)
–
–
–
–
–
–
21
6,995
7,016
The notes on pages 40 to 63 form part of these financial statements.
7,051
73,239
322
(10,019)
(46,411)
28,738
3,119
7,051
67,681
301
(13,157)
(35,945)
Strategic Report Financial StatementsGovernanceCorporate Directory�40
Notes to the Financial Statements
1. General information
Presentation currency
These consolidated financial statements are presented in US dollars (“$”) which represents the presentation currency of
the Group.
The average $-GBP sterling (“GBP”) exchange rate, used for the conversion of the Statement of Comprehensive Income, for
the 12 months ended 31 December 2017 was 1.29 (2016: 1.36). The closing $-GBP exchange rate, used for the conversion of the
Group’s assets and liabilities, at 31 December 2017 was 1.35 (2016: 1.23).
Corero Network Security plc is a public limited company incorporated in the United Kingdom under the Companies Act 2006
and registered in England and Wales. The functional currency of the Company is GBP.
2. Significant accounting policies
2.1 Basis of preparation
The Group financial statements have been prepared in accordance with EU endorsed International Financial Reporting
Standards (“IFRS”), International Financial Reporting Interpretations Committee (“IFRIC”) interpretations and those parts of
the Companies Act 2006 applicable to companies reporting under IFRS. The parent Company financial statements have been
prepared in accordance with FRS 101 (Financial Reporting Standard 101) ‘Reduced Disclosure Framework’.
2.2 Going Concern
The financial statements have been prepared on a going concern basis.
The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 31 December
2019. These include cash of £4.0 million ($5.6 million) to be raised by the proposed Equity Fund Raise to be announced by the
Company on 5 April 2018 and Bank Loan of £3.0 million ($4.2 million) which is expected to be drawn down following the
completion of the Equity Fund Raise. The cash flow projections have been subjected to sensitivity analysis at the revenue,
cost and combined revenue and cost levels. The cash flow projections show that the Group and Company will maintain a
positive cash balance until at least December 2019.
A circular containing a notice of General Meeting will be sent to shareholders on 5 April 2018. At the General Meeting to be
convened on 16 April 2018, Corero shareholders will be asked to approve the Equity Fund Raise. Since the participants in the
Equity Fund Raise include shareholders which at 4 April 2018 held more than 50% of the Company’s issued shares, it is
anticipated that the resolutions to approve the Equity Fund Raise will be duly passed.
The Board are confident that the Equity Fund Raise will be completed successfully.
On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going
concern basis. However, in the absence of certainty that the Equity Fund Raise and Bank Loan will successfully complete as
anticipated, a material uncertainty exists which may cast significant doubt over the Group’s and Company’s ability to continue
as a going concern. The financial statements do not include the adjustments that would result if the Group and Company was
unable to continue as a going concern.
2.3 Basis of consolidation
The consolidated financial statements incorporate the results, assets, liabilities and cash flows of the Company and each of its
subsidiaries for the financial year ended 31 December 2017.
Subsidiaries are entities controlled by the Group. Control is deemed to exist when the Group has all of the following elements
a) power over the subsidiary, b) exposure or rights to variable returns from that subsidiary, c) ability to use its power to affect
the amount of the return from the subsidiary. The results, assets, liabilities and cash flows of subsidiaries are included in the
consolidated financial statements from the date control commences until the date that control ceases.
Where necessary, adjustments are made to the financial statements of subsidiaries to bring the accounting policies used into
line with those used by the Group.
Intra-group balances and transactions are eliminated on consolidation.
2.4 Business combinations
The acquisition method is used to account for all acquisitions. The cost of an acquisition is measured at the fair values, on the
date of exchange, of assets given, liabilities incurred or assumed, and equity instruments issued.
At the date of acquisition, the identifiable assets and liabilities and contingent liabilities of a subsidiary are measured at their fair
values. Any excess of the cost of acquisition over the fair values of the identifiable net assets acquired is recognised as goodwill.
Corero Network Security plcAnnual Report & Accounts 2017�41
2.5 Revenue
Revenue is measured at the fair value of the consideration received or receivable and represents the amounts receivable for
services provided in the normal course of business, net of all related discounts and sales tax.
The Group has adopted the following policy in respect of revenue recognition:
1. Hardware and Software Products
When a sales arrangement contains multiple elements, such as combined hardware and software products, licenses and/or
services, the Group allocates revenue to each element based on a selling price hierarchy, having evaluated each deliverable in
an arrangement to determine whether they represent separate units of accounting. A deliverable constitutes a separate unit
of accounting when it has standalone value.
The selling price for a deliverable is based on its vendor specific objective evidence (“VSOE”) if available, third party evidence
(“TPE”) if VSOE is not available, or best estimated selling price (“BESP”) if neither VSOE nor TPE is available. In multiple element
arrangements where more-than-incidental software deliverables are included, revenue is allocated to each separate unit,
accounting for each of the non-software deliverables and to the software deliverables as a group using the relative selling
prices of each of the deliverables in the arrangement based on the aforementioned selling price hierarchy.
The Group establishes the VSOE of selling price using the price charged for a deliverable when sold separately. The TPE of selling
price is established by evaluating similar and interchangeable competitor products or services in standalone sales to similarly
situated customers. As Corero’s hardware product with embedded software is generally not sold on a standalone basis, the
Company determined that VSOE cannot be obtained. Management has also determined that third party pricing for similar
products sold separately is not obtainable or reliable so TPE cannot be used, therefore BESP is used (note 3).
2. DDoS Protection as-a-Service contracts
Revenue is recognised on a straight line basis over the life of the agreement.
3. Consulting and Professional Services
Revenue from the provision of consultancy and professional services is recognised as the work is performed.
4. Maintenance and Support Services
Revenue is recognised on a straight line basis over the life of the agreement.
2.6 Government grants
Government grants are recognised at fair value when there is reasonable assurance that the Group will comply with the
conditions attaching to them and the grant will be received. Grants related to purchase of assets are treated as deferred income
and allocated to the Statement of Comprehensive Income over the useful lives of the related assets while grants related to
expenses are netted off against the related item of expenditure in the Statement of Comprehensive Income – Profit and Loss.
2.7 Cost of sales
Cost of sales includes all direct costs associated with revenue generation, including goods directly related to revenue, services
delivery, operation costs, DDoS as-a-service depreciation and amounts charged by external third parties for services. Examples
of such costs would include, but not be limited to, royalties and third party hardware and software costs.
2.8 Foreign currencies
Transactions in foreign currencies are translated at the exchange rate ruling at the date of each transaction. Foreign currency
monetary assets and liabilities are retranslated using the exchange rates at the reporting date. Gains and losses arising from
changes in exchange rates after the date of the transaction are recognised in profit or loss in the Statement of
Comprehensive Income.
Non-monetary assets and liabilities that are measured in terms of historical cost in a foreign currency are translated at the
exchange rate at the date of the original transaction.
In the consolidated financial statements, the net assets of the Group’s UK operations are translated from GBP into US dollars at
the exchange rate at the reporting date. Income and expense items are translated into US dollars at the average exchange rates
for the period. The resulting exchange differences are recognised in the translation reserve.
Strategic Report Financial StatementsGovernanceCorporate Directory�42
Notes to the Financial Statements continued
2. Significant accounting policies continued
2.9 Intangible assets
Internally generated intangible assets
The Group’s internally generated intangible asset relates to its development expenditure.
Development expenditure is capitalised only when it is probable that future economic benefit will result from the project and
the following criteria are met:
•
the technical feasibility of the product has been ascertained;
• adequate, technical, financial and other resources are available to complete and sell or use the intangible asset;
•
•
•
the Group can demonstrate how the intangible asset will generate future economic benefits and the ability to use or sell the
intangible asset can be demonstrated;
it is the intention of management to complete the intangible asset and use it or sell it; and
the development costs can be measured reliably.
Expenditure not meeting these criteria is expensed in the Statement of Comprehensive Income – Profit and Loss.
After initial recognition, internally generated intangible assets are carried at cost less accumulated amortisation and any
impairment losses. Amortisation is charged once the asset is capable of generating economic benefits.
Acquired intangible assets
Identifiable intangible assets acquired as part of a business combination are initially recognised separately from goodwill,
irrespective of whether the assets have been recognised by the acquiree before the business combination. An intangible asset
is considered identifiable only if it is separable or if it arises from contractual or other legal rights, regardless of whether those
rights are transferable or separable from the entity or from other rights and obligations.
Intangible assets acquired as part of a business combination and recognised by the Group are computer software, customer
contracts and the related customer relationships.
Purchased computer software is carried at cost less accumulated amortisation and any impairment losses.
Customer contracts and the related customer relationships are carried at cost less accumulated amortisation and any impairment losses.
Amortisation
Intangible assets are amortised on a straight line basis, to reduce their carrying value to zero over their estimated useful lives.
The following useful lives were applied during the year:
• Computer software acquired – 3 years straight line
• Capitalised development expenditure – 5 years straight line
• Amortisation costs are included within operating expenses in the Statement of Comprehensive Income.
• Methods of amortisation and useful lives are reviewed, and if necessary adjusted, at each reporting date.
2.10 Property, plant and equipment
Depreciation commences when an asset is available for use. Depreciation is calculated so as to write off the cost or value of an
asset, net of anticipated disposal proceeds, over the useful life of that asset as follows:
• Leasehold improvements – period of the lease straight line
• Computer equipment, evaluation units and DDoS Protection as-a-service units – 3 years straight line
• Fixtures and fittings – 5 years straight line
Property, plant and equipment is stated at cost less accumulated depreciation and any impairment losses. Cost comprises the
purchase cost of property, plant and equipment together with any directly attributable costs. Evaluation units are used by
customers during proof of concept trials. Evaluation units are stated at cost less accumulated depreciation. When an evaluation
unit is retained by a customer as part of a sale the net book value of the evaluation unit is charged to cost of sales. DDoS
as-a-service depreciation is charged to cost of sales.
Subsequent costs are included in an assets carrying value or are recognised as a separate asset when it is probable that future
economic benefits associated with the additional expenditure will flow to the Group and the cost of the item can be measured
reliably. All other costs are charged to the Statement of Comprehensive Income – Profit and Loss as incurred.
Methods of depreciation, residual values and useful lives are reviewed, and if necessary adjusted, at each balance sheet date.
The gain or loss arising from the disposal or retirement of an item of property, plant and equipment is determined as the
difference between the net disposal proceeds and the carrying amount of the item, and is included in the Statement of
Comprehensive Income – Profit and Loss.
Corero Network Security plcAnnual Report & Accounts 2017�43
2.11 Inventory
Inventory is stated at the lower of cost or net realisable value. Cost is computed using standard cost, which approximates actual
cost, on a first-in, first-out basis. Rapid technological change and new product introductions and enhancements could result in
excess or obsolete inventory, the value of which may not be recoverable.
To minimise this risk, the Group evaluates inventory levels and expected usage on a periodic basis and records valuation
allowances as required.
2.12 Impairment
At each reporting date, the Group assesses whether there is any indication that its assets have been impaired. If any such
indication exists, the recoverable amount of the asset is estimated in order to determine the extent of any impairment. If it is
not possible to estimate the recoverable amount of the individual asset, the recoverable amount of the cash-generating unit to
which the asset belongs is determined.
The recoverable amount of an asset or a cash-generating unit is the higher of its fair value less costs to sell and its value in use.
The recoverable amount is calculated using the present value of the future cash flows expected to be derived from an asset or
cash-generating unit. This present value is derived using a cost of capital rate that reflects current market assessments of the
time value of money and of the risks specific to the asset for which future cash flow estimates have not been adjusted. If the
recoverable amount of an asset is less than its carrying amount, the carrying amount of the asset is reduced to its recoverable
amount. That reduction is recognised as an impairment loss.
An impairment loss relating to assets carried at cost less any accumulated depreciation or amortisation is recognised
immediately in the Statement of Comprehensive Income – Profit and Loss.
Goodwill acquired in a business combination is, from the acquisition date, allocated to each of the cash-generating units or
groups of cash-generating units that are expected to benefit from the synergies of the combination.
Goodwill is tested for impairment at least annually, and whenever there is an indication that the asset may be impaired.
An impairment loss is recognised for cash-generating units if the recoverable amount of the unit is less than the carrying
amount of the unit. The impairment loss is allocated to reduce the carrying amount of the assets of the unit by first reducing
the carrying amount of any goodwill allocated to the cash-generating unit, and then reducing the carrying amounts of the other
assets of the unit pro rata.
If an impairment loss subsequently reverses, the carrying amount of the asset is increased to the revised estimate of its
recoverable amount but limited to the carrying amount that would have been determined had no impairment loss been
recognised in prior years.
A reversal of an impairment loss is recognised in the Statement of Comprehensive Income - Profit and Loss. Impairment losses
on goodwill are not subsequently reversed.
2.13 Leases
Where substantially all of the risks and rewards incidental to ownership of a leased asset are transferred to the Company (a
“finance lease”), the asset is treated as if it had been purchased outright. The amount initially recognised as an asset is the lower
of the fair value of the leased property and the present value of the minimum lease payments payable over the term of the
lease. The corresponding lease commitment is shown as a liability. Lease payments are analysed between capital and interest.
The interest element is charged to the Statement of Comprehensive Income – Profit and Loss over the period of the lease and is
calculated so that it represents a constant proportion of the lease liability. The capital element reduces the balance owed to
the lessor.
Where substantially all of the risks and rewards incidental to ownership are not transferred to the Company (an “operating
lease”), the total rentals payable under the lease are charged to the Statement of Comprehensive Income – Profit and Loss on a
straight-line basis over the lease term. The aggregate benefit of lease incentives are recognised as a reduction of the rental
expense over the lease term on a straight-line basis.
2.14 Investments in subsidiaries
In the Company’s separate financial statements, investments in subsidiaries are carried at cost less any impairment provisions.
2.15 Taxation
The tax expense represents the sum of current tax and deferred tax.
Strategic Report Financial StatementsGovernanceCorporate Directory�44
Notes to the Financial Statements continued
2. Significant accounting policies continued
Current tax
Current tax is based on taxable profit for the year and is calculated using tax rates enacted or substantively enacted at the
reporting date. Taxable profit differs from accounting profit either because items are taxable or deductible in periods different
to those in which they are recognised in the financial statements, or because they are never taxable or deductible.
Deferred tax
Deferred tax on temporary differences at the reporting date between the tax bases of assets and liabilities and their carrying
amounts for financial reporting purposes is accounted for using the balance sheet liability method.
Using the balance sheet liability method, deferred tax liabilities are recognised in full for all taxable temporary differences and
deferred tax assets are recognised to the extent that it is probable that taxable profits will be available against which deductible
temporary differences can be utilised. However, if the temporary difference arises from the initial recognition of goodwill or the
initial recognition of an asset or liability in a transaction other than a business combination, that at the time of the transaction
affects neither accounting nor taxable profit, it is not recognised as deferred tax asset or liability.
Deferred taxation is measured at the tax rates that are expected to apply when the asset is realised, or the liability settled,
based on tax rates and laws enacted or substantively enacted at the reporting date.
2.16 Provisions
A provision is recognised when, as a result of a past event, the Group has a legal or constructive obligation, it is probable that an
outflow of resources embodying economic benefits will be required to settle the obligation and a reliable estimate of the
amount of such an obligation can be made.
Provisions are measured at the best estimate of the expenditure required to settle the obligation at the reporting date. When
the effect is material, the expected future cash flows required to settle the obligation are discounted at the pre-tax rate that
reflects the current market assessments of the time value of money and the risks specific to the obligation.
2.17 Post-retirement benefits
The Group makes contributions in respect of certain employees to defined contribution pension plans under which it is required
to pay fixed contributions to group and personal pension funds.
Contributions to the schemes are based on a proportion of the employees’ earnings and are charged to the Statement of
Comprehensive Income – Profit and Loss when incurred. The Group has no obligation beyond these contributions.
2.18 Financial instruments
The Group classifies financial instruments, or their component parts, on initial recognition as a financial asset, a financial liability
or an equity instrument in accordance with the substance of the contractual arrangement.
Financial assets and financial liabilities are recognised in the Group’s Statement of Financial Position when the Group becomes
party to the contractual provisions of the instrument.
The particular recognition and measurement methods adopted for the Group’s financial instruments are disclosed below:
Trade and other receivables
Trade and other receivables are stated at their fair value at time of initial recognition, reflecting, where material, the time value of
money. A provision for impairment of trade receivables is established when there is evidence that the Group will not be able to
collect all amounts due according to the original terms of these receivables. The amount of the provision is the difference between
the carrying value and the present value of estimated future cash flows, discounted at the original effective interest rate.
Cash and cash equivalents
Cash and cash equivalents include cash in hand and deposits on call with banks.
Trade and other payables
Trade and other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they
are accounted for at amortised cost.
2.19 Equity instruments
An equity instrument is any contract that evidences a residual interest in the assets of the Company after deducting all its
liabilities. Equity instruments issued by the Company are recorded at the proceeds received, net of directly attributable issue costs.
Corero Network Security plcAnnual Report & Accounts 2017�45
2.20 Employee share option schemes
The Group operates an equity-settled share-based compensation plan. The fair value of the employees’ services received in
exchange for the grant of share options is measured at grant date and recognised as an expense on a straight line basis over the
vesting period, based on the Group’s estimate of shares that will eventually vest. Fair value is determined by reference to the
Black-Scholes option pricing model.
At each reporting date, the Group revises its estimate of the number of options that are expected to become exercisable.
When share options are exercised, the proceeds received, net of any transaction costs, are credited to share capital (nominal
value) and share premium.
2.21 Receivables-backed working capital facility
The Group has use of a receivables-backed working capital facility. Trade receivables are recognised as the Group retains the
significant risks and benefits. The related funding is shown as a financial liability and accounted for on an amortised cost basis.
2.22 Standards and Interpretations not yet effective
The following standards and interpretations that have been issued but are not yet effective have not been applied by the Group
in these financial statements:
IFRS 9 – Financial Instruments. Effective date, periods beginning after 1 January 2018
IFRS 15 – Revenue from Contracts with Customers. Effective date, periods beginning after 1 January 2018
IFRS 16 – Leases. Effective date, periods beginning after 1 January 2019
The effect on the financial statements of the application of the standards and interpretations that are expected to have a
significant impact or are relevant to the Group, is:
IFRS 15 – Revenue from Contracts with Customers
The standard requires an analysis of 5 key steps:
1.
Identify the contract with the customer;
2.
Identify the performance obligations in the contract;
3. Determine the transaction price;
4. Allocate the transaction price to the separate performance obligations; and
5. Recognise revenue when (or as) each performance obligation is satisfied.
The Management have applied the 5 steps to each of the sources of revenue and concluded that no change will be required to
the current revenue recognition. The standard also requires consideration of the incremental costs of obtaining a contract
including sales commission. Sales commission relating to the deferred element of a sale will be capitalised and amortised over 5
years which has been assessed as the period of a customer relationship. The value of deferred commission at 31 December 2017
not deferred was $0.16 million. The Group will adopt the Retrospective Method of adoption for IFRS 15 in the 2018 Financial
Statements and restate the operating expenses for the effect of deferred commissions. No changes will be made to the
reported revenues.
Management are in the process of evaluating IFRS 9 and 16 and will report on the impact once known.
3. Critical accounting judgements and key sources of estimation uncertainty
3.1 Critical judgements in applying the Group’s accounting policies
In the process of applying the Group accounting policies, the following judgements have had a significant effect on the amounts
recognised in the financial statements:
Internally generated research and development costs
Management monitors progress of internal research and development projects. Judgement is required in distinguishing the
research phase from the development phase. Development costs are recognised as an asset when all criteria are met and a
project has passed the feasibility phase, whereas research costs are expensed as incurred. Management monitors whether the
recognition requirements for development costs continue to be met. This is necessary as the economic success of any product
development is uncertain.
3.2 Key accounting estimates and assumptions
Key assumptions concerning the future and other key sources of estimation uncertainty that have a significant risk of causing a
material adjustment to the carrying amounts of assets and liabilities within the next financial year are as follows:
Strategic Report Financial StatementsGovernanceCorporate Directory�46
Notes to the Financial Statements continued
3. Critical accounting judgements and key sources of estimation uncertainty continued
Impairment of intangible assets and property, plant and equipment
The Group tests goodwill at least annually for impairment, and whenever there is an indication that the asset may be impaired.
All other intangible assets and property, plant and equipment are tested for impairment when indicators of impairment exist.
Impairment is determined with reference to the higher of fair value less costs to sell and value in use. Fair value less costs to sell
is estimated using discounted future cash flows. Significant assumptions are made in estimating future cash flows about future
events including future market conditions, future growth rates and appropriate discount rates. Changes in these assumptions
could affect the outcome of impairment reviews. Details of the main assumptions used in the assessment of the carrying value
of the Group’s cash generating unit is set out in note 8.
Impairment of investments and intercompany balances (applies to the Company Financial Statements only)
The Directors have reviewed the carrying value of the intercompany balances and cost of investments in subsidiaries of the
Company with reference to current and future trading conditions. The investment and intercompany balances between the
Company and Corero Network Security, Inc. and Corero Network Security (UK) Limited have been reviewed with reference to
a valuation based on a discounted free cash flow which the Directors consider to be an appropriate valuation methodology,
in conjunction with the goodwill impairment review.
Going Concern
The Directors have reviewed the future profit and cash flow projections in conjunction with the current economic climate
in order to express an opinion on the adequacy of working capital and the ability to continue as a going concern for the
foreseeable future. The methodology contained in the projections is detailed in the note 2.2.
Best Estimated Selling Price – Revenue Recognition
On a quarterly basis the Group analyses the selling prices for each deal compared to the current BESP. Analysis includes
grouping similar deals based on qualitative factors such as customer profile, size, and region followed by quantitative
comparison to the then current BESP. BESP fair value prices are adjusted for future quarters if management identifies a
pattern of variances, greater than 10%, between actual selling prices versus the then current BESP.
4. Segment reporting
Business segments
The Group is managed according to one business unit, Corero Network Security, which makes up the Group’s reportable
operating segment. This business unit forms the basis on which the Group reports its primary segment information to the
Board, which management consider to be the Chief Operating Decision maker for the purposes of IFRS 8 Operating Segments.
The Group’s revenues from external customers and its non-current assets are divided into the following countries:
USA
UK
Belgium
Other European countries
Australia
APAC
UAE
Total
2017
Revenue
$’000
5,660
1,866
2017
Non-current
assets
$’000
17,360
178
–
596
395
–
14
–
–
–
–
–
2016
Revenue
$’000
5,151
2,135
507
788
–
45
146
2016
Non-current
assets
$’000
17,890
134
–
–
–
–
–
8,531
17,538
8,772
18,024
Revenues from external customers are identified on the basis of invoicing systems and adjusted to take into account the
difference between invoiced amounts and deferred revenue adjustments required by IFRS.
The revenue is analysed as follows for each revenue category:
Hardware and licence revenue
DDoS Protection as-a-service revenue
Maintenance and support services revenue
Total
2017
$’000
4,510
323
3,698
8,531
2016
$’000
4,019
–
4,753
8,772
Corero Network Security plcAnnual Report & Accounts 2017�5. Loss for the year
The following items have been included in arriving at the loss for the year before taxation:
DDoS as-a-service depreciation
Unrealised loss/(gain) on intercompany loan
Development expenditure not capitalised
Impairment of goodwill (note 8)
Amortisation of acquired intangible assets (note 9)
Amortisation of capitalised development expenditure (note 10)
Depreciation of property, plant and equipment (note 11)
Operating lease rentals payable
Auditor’s remuneration
Remuneration received by the Company’s auditor for the audit of these Financial
Statements
The audit of the accounts of other group companies
Fees payable to the Company’s auditor for corporate services
Fees payable to the Company’s auditor for taxation compliance services
Fees payable to the Company’s auditor for taxation advisory services
6. Tax on loss on ordinary activities
Current tax credit
Deferred tax credit for the year
Total
47
2016
$’000
–
(1,217)
2,401
8,992
325
2,252
551
325
2017
$’000
74
627
1,486
–
55
2,408
548
319
2017
$’000
2016
$’000
84
23
8
27
3
145
2017
$’000
116
–
116
76
18
9
24
–
127
2016
$’000
–
85
85
The tax assessed on the loss on ordinary activities for the year differs from the weighted average UK corporate rate of tax of
19.25% (2016: 20.0%). The differences are reconciled below:
Total tax reconciliation
Loss before taxation
Theoretical tax credit at UK Corporation tax rate 19.25% (2016: 20.0%)
Effect of:
– expenditure that is not tax deductible
– R&D tax credits
– accelerated capital allowances
– other timing differences
– losses not utilised
– deferred tax credit
Actual taxation credit
(8,689)
(1,673)
53
116
(15)
1
1,634
–
116
(17,263)
(3,453)
1,806
(35)
(11)
(1)
1,694
85
85
Factors affecting future tax charges
As at 31 December 2017, the Group’s cumulative fixed asset timing differences were $426,000 (2016: $62,000) and no deferred
tax asset has been recognised in respect of these items.
In addition, the tax losses at that date amounted to $82.0 million (2016: $72.8 million). This comprised UK tax losses of
$12.5 million and US tax losses of $69.5 million. $9.0 million of the tax losses relate to pre-acquisition US tax losses which can
be offset against taxable profits over 15 years (there is a limit on the utilisation of pre-acquisition tax losses of $0.7 million
per annum and any unused loss may be carried forward to subsequent periods). All other US tax losses will expire in 20 years
from the end of the accounting period in which the loss arose. UK tax losses do not expire.
The deferred tax assets of $2.1 million (2016: $2.1 million) at a rate of 17.0% relating to the UK tax losses and the deferred tax
assets of $14.6 million (2016: $21.3 million) at a rate of 21% relating to the US tax losses and taxable temporary fixed asset
differences have not been recognised due to uncertainties as to the extent and timing of their future recovery.
Strategic Report Financial StatementsGovernanceCorporate Directory�48
Notes to the Financial Statements continued
7. Loss per share
Loss per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted
average number of ordinary shares in issue during the year. The effects of anti-dilutive ordinary shares resulting from the
exercise of share options are excluded from the calculation of the loss per share. Therefore the diluted loss per share is equal to
the loss per share.
2017
weighted
average
number of 1p
shares
Thousand
2017
loss
$’000
2017
loss per
share
Cents
2016
weighted
average
number of 1p
shares
Thousand
2016
loss
$’000
2016
loss per
share
Cents
(8,573)
280,130
(3.1)
(17,178)
189,959
(9.0)
$’000
17,983
17,983
17,983
–
(8,992)
(8,992)
8,991
8,991
17,983
Basic and diluted
loss per share
8. Goodwill
Group
Cost
At 1 January 2016
At 31 December 2016
At 31 December 2017
Impairment
At 1 January 2016
At 31 December 2016
At 31 December 2017
Carrying amount
At 31 December 2017
At 31 December 2016
At 1 January 2016
Goodwill is tested at least annually for impairment and whenever there are indications that goodwill might be impaired.
Goodwill is allocated to the Group’s single cash-generating unit (“CGU”) Corero Network Security (“CNS”).
The recoverable amount for the CNS CGU was determined based on a discounted cash flow calculation to calculate fair values
less costs to sell using cash flow projections over a 10 year period (2016: 10 year period). The discounted cash flow approach is a
level 3 fair value calculation in the IFRS 13 fair value hierarchy. The key assumptions for the discounted cash flow calculation are
those regarding revenue growth and discount rates as summarised in the table below and commented on below:
Forecast cash flow period
Extrapolated cash flow period
Cumulative annual growth rate (“CAGR”) for revenue used for the
forecast/extrapolated periods
Average revenue growth rates used for the forecast/extrapolated periods:
Year 1–2 (forecast period)
Years 3–5 (extrapolated period)
Years 6–10 (extrapolated period)
Revenue growth rate used beyond the extrapolated period
Discount rate
2017
2016
Years 1–2
Years 1–2
Years 3–10
Years 3–10
17.8%
19.6%
36.1%
24.9%
7.4%
2.5%
17.7%
33.1%
28.2%
9.9%
2.5%
16.5%
Corero Network Security plcAnnual Report & Accounts 2017�49
The pre-tax cash flows for the forecast period are derived from the most recent financial budget for the year ending
31 December 2018 and the plan for the year ending 31 December 2019 approved by the Board, with a sensitivity to reflect prior
years forecast inaccuracies (35% applied to the 2018 budget and 40% to the 2019 plan). The extrapolation for the period 2020 to
2027 is based on management estimates (with the key assumptions set out below).
The future pre-tax cash flows are discounted by a WACC of 17.7%.
The key assumptions underlying the cash flow projections and which the recoverable amount is most sensitive to are (i) the
revenue growth rates forecast and extrapolated for the period 2019 to 2023 and (ii) the discount rate.
The cash flow forecasts assume a CAGR revenue growth of 29.3% in the period 2017 to 2022 (36.1% for the period 2017
to 2019) and 7.4% for the period 2022 to 2027 (a CAGR of 17.8% for 10-year forecast period). These growth rates reflect
a sensitivity of 35% applied to the CNS 2018 budget revenues and a sensitivity of 40% applied to the 2019 plan revenues
(and a sensitivity of 17.5% to 2018 operating costs and a sensitivity of 20% to 2019 operating costs) to reflect risk associated
with historic forecast accuracy.
The management of the Group believe these growth rates are appropriate for the forecasts given the expected impact from
the SmartWall sales traction in 2017, the focus on delivering sales growth through channel partners, the expected contribution
from go-to-market partners to expand the opportunities Corero can sell into and the 100Gbps and virtual software products
introduced in late 2017, all of which are expected to deliver a step change in revenue in the forecast period.
These growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future.
According to IDC (one of the leading global IT analyst firms), the global spending on security-related hardware, software and
services was forecast to grow $83.5bn in 2017 (an increase of 10.3% over 2016) and to $119.9bn in 2021 (a CAGR of 9.6% over the
2016-2021 forecast period). (Source: IDC Update to Worldwide Semi-annual Security Spending Guide published 19 October 2017).
The DDoS appliance market is expected to reach $1.4bn by 2021 – a CAGR or 15.6% in the period 2016 to 2021. (Source: IHS
Market Technology research - DDoS Prevention Appliances Worldwide, Biannual Market Tracker (November 2017)).
These security market growth rates contrast with Gartner’s Q4 2017 Worldwide IT Spending Forecast, which shows IT spend will
grow from $3.5 trillion in 2017 to $4.0 trillion in 2021, a CAGR 3.3% over the 2017-2021 forecast period.
The above market growth rates used in the future cash flow assumptions reflect that CNS is in the early stages of the
commercial exploitation of its intellectual property. In addition, the business’ strategy is to continue to develop its product and
solution offerings to remain a market leader in its chosen markets thereby providing the opportunity to generate above market
average growth rates.
The growth rate assumed in the period beyond the 10-year extrapolation period of 2.5% is considered reasonable as historically
IT spend has exceeded GDP growth.
The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk-free interest
rate estimate of 2.48% (based on 10-year US government bonds) (2016: 2.44%), comparable company betas, an equity risk
premium of 7.4% (2016: 7.4%), and small company risk premium of 4.5% (2016: 4.5%). The WACC has been assessed based on
that fact that the Company had no gearing at 31 December 2017. The WACC used in the valuation reflects current market
assessments of the time value of money and the risks specific to CNS.
As stated above, the valuation to support the value in use of the CNS CGU is highly sensitive to changes in cash flow forecasts
and discount rate assumptions, and there is no guarantee that the expected growth will be achieved. If the discount rate is
increased by 50%, which in the assessment of management is reasonably possible, from 17.7% to 26.6%, this would result in an
impairment of goodwill with the result that the goodwill would be fully impaired. If the sensitivity of 35% applied to the CNS
2018 budget and 40% to the 2019 plan revenues (and a sensitivity of 17.5% to CNS Budget 2018 operating costs and 20% to the
2019 Plan operating costs) was increased to 50% for revenue (and a sensitivity of 25% to operating costs), which in the
assessment of management is reasonably possible, this would result in an impairment of goodwill with the result that the
goodwill would be fully impaired.
Apart from the considerations in determining the value in use of the CNS CGU described above, the management of the Group
is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates.
Strategic Report Financial StatementsGovernanceCorporate Directory�50
Notes to the Financial Statements continued
9. Acquired intangible assets
Group
Cost
At 1 January 2016
Additions
At 31 December 2016 and at 1 January 2017
Additions
At 31 December 2017
Amortisation
At 1 January 2016
Charge for year
At 31 December 2016 and at 1 January 2017
Charge for year
At 31 December 2017
Net book value
At 31 December 2017
At 31 December 2016
At 1 January 2016
Company
The Company has no intangible fixed assets (2016: $nil).
10. Capitalised development expenditure
Group
Cost
At 1 January 2016
Additions
At 31 December 2016 and at 1 January 2017
Additions
At 31 December 2017
Amortisation
At 1 January 2016
Charge for year
At 31 December 2016 and at 1 January 2017
Charge for year
At 31 December 2017
Net book value
At 31 December 2017
At 31 December 2016
At 1 January 2016
Company
The Company has no capitalised development expenditure (2016: $nil).
Computer
software
$’000
Customer
relationships
$’000
5,961
32
5,993
10
6,003
(5,648)
(263)
(5,911)
(55)
(5,966)
37
82
313
197
–
197
–
197
(135)
(62)
(197)
–
(197)
–
–
62
Total
$’000
6,158
32
6,190
10
6,200
(5,783)
(325)
(6,108)
(55)
(6,163)
37
82
375
Total
$’000
13,135
2,533
15,668
2,171
17,839
(5,515)
(2,252)
(7,767)
(2,408)
(10,175)
7,664
7,901
7,620
Corero Network Security plcAnnual Report & Accounts 2017�51
11. Property, plant and equipment
Group
Computer
Equipment
$’000
Evaluation
units
$’000
DDoS
as-a-
service
units
$’000
Fixtures
and
Fittings
$’000
Office
Equipment
$’000
Leasehold
Improvements
$’000
Total
$’000
Cost
At 1 January 2016
Additions
Disposals
Foreign currency
translation
At 31 December 2016 and
at 1 January 2017
Additions
Transfers
Disposals
Foreign currency
translation
2,688
243
(841)
(6)
2,084
213
–
–
9
At 31 December 2017
2,306
Depreciation
At 1 January 2016
Charge for year
Disposals
Foreign currency
translation
At 31 December 2016 and
at 1 January 2017
Charge for year
Transfers
Disposals
Foreign currency
translation
(2,240)
(378)
835
1
(1,782)
(223)
–
–
(3)
546
273
–
–
819
149
(187)
(228)
–
553
(115)
(161)
–
–
(276)
(230)
68
76
–
–
62
–
–
62
135
187
(4)
94
43
(67)
(1)
69
–
–
–
1
380
70
–
–
–
–
–
(74)
(68)
–
–
(84)
(8)
67
–
(25)
(13)
–
–
–
At 31 December 2017
(2,008)
(362)
(142)
(38)
Net book value
At 31 December 2017
At 31 December 2016
At 1 January 2016
298
302
448
191
543
431
238
62
–
32
44
10
Company
The Company has no property, plant and equipment (2016: $nil).
131
–
(131)
–
–
–
–
–
–
–
(127)
(1)
128
–
–
–
–
–
–
–
–
–
4
77
23
(77)
(1)
22
–
–
–
1
23
(77)
(3)
77
–
(3)
(8)
–
–
(1)
(12)
11
19
–
3,536
644
(1,116)
(8)
3,056
497
–
(232)
11
3,332
(2,643)
(551)
1,107
1
(2,086)
(548)
–
76
(4)
2,562
770
970
893
Strategic Report Financial StatementsGovernanceCorporate Directory�52
Notes to the Financial Statements continued
12. Investments in subsidiaries
Company
Net book value
At 1 January
Additional investment in Corero Network Security, Inc.
Investment in Corero Network Security (UK) Limited
Provision against investment in subsidiaries
Foreign currency translation
At 31 December
2017
$’000
21,137
4,580
4,064
(10,789)
2,023
21,015
2016
$’000
28,797
5,576
12,038
(20,565)
(4,709)
21,137
The Directors have reviewed the carrying value of the cost of investments in subsidiaries of the Company with reference to
current and future trading conditions and a valuation based on a discounted free cash flow which the Directors consider to be
an appropriate valuation methodology, in conjunction with the goodwill impairment review (note 8) and concluded that an
impairment of the investment balances was required. As at 31 December 2017 the provision against investment in subsidiaries
was $50.2 million (2016: $36.0 million).
Included in the Company’s investment in Corero Network Security, Inc. is a loan note instrument. These loan notes bear interest
at 5% per annum that at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount. In
November 2016 the loan notes repayment date was amended to 31 October 2021, previously 31 October 2016.
Loan note instrument
2017
$’000
7,341
2016
$’000
6,378
The Company owns:
100% of the issued share capital of Corero Network Security, Inc. a company incorporated in Delaware, USA. The company’s
business address is 225 Cedar Hill Street, Marlborough, MA 01752, USA. The principal business of the company consists of the
development and sale of hardware and software security products.
100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and
Wales. The company’s business address is Regus House, Highbridge, Oxford Road, Uxbridge, Middlesex, UB8 1HR. The principal
business of the company consists of providing administration services to the Group.
100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England
and Wales. The company’s business address is 3rd Floor, 53 Hanover Street, Edinburgh, EH2 2PJ. The principal business of the
company consists of providing development and sales and marketing services on behalf of Corero Network Security, Inc.
13. Inventories
Gross inventory
Less: provision for impairment
Net inventory
Net inventory comprises finished goods and raw materials.
Company
The Company holds no inventory (2016: $nil).
Group
2017
$’000
207
(113)
94
Group
2016
$’000
232
(167)
65
Corero Network Security plcAnnual Report & Accounts 2017�53
14. Trade and other receivables
Trade receivables
Less: provision for impairment
Net trade receivables
Amounts owed by subsidiaries
Other debtors
Prepayments and accrued income
Group
2017
$’000
2,181
–
2,181
–
137
713
3,031
Group
2016
$’000
1,495
–
1,495
–
138
674
2,307
Company
2017
$’000
Company
2016
$’000
–
–
–
–
–
–
6,967
5,340
76
–
69
–
7,043
5,409
The banking facility of the Group, summarised in note 16, is secured by assets of Corero Network Security, Inc. Up to 80% of
the trade receivables of Corero Network Security, Inc. included under ‘Group’, can be financed and are therefore secured for
credit enhancements.
None of the Company’s trade and other receivables are secured by collateral or credit enhancements.
Amounts due from Group undertakings are recoverable after more than one year from the reporting date.
The age of trade receivables not impaired but past due are as follows:
Not more than 3 months
Group
2017
$’000
181
181
Group
2016
$’000
345
345
The Directors consider that the carrying amount of trade and other receivables approximates their fair value.
The maturity profile of trade and other receivables is set out in the table below:
In one year or less, or on demand
In more than one year, but not more than five years
Group
2017
$’000
2,955
76
3,031
Group
2016
$’000
2,227
80
2,307
Company
2017
$’000
Company
2016
$’000
–
7,043
7,043
–
5,409
5,409
Balances due in more than one year, but not more than five years, are presented as non-current in the Statement of
Financial Position.
The analysis of trade and other receivables by foreign currency is set out in the table below:
US dollars
UK pound
Group
2017
$’000
2,749
282
3,031
Group
2016
$’000
2,023
284
2,307
Company
2017
$’000
Company
2016
$’000
–
7,043
7,043
–
5,409
5,409
The Group’s foreign currency receivables are denominated in the functional currency of the subsidiaries in which they arise.
There is no impact on the loss for the year from exchange rate movements on such financial instruments.
Strategic Report Financial StatementsGovernanceCorporate Directory�54
Notes to the Financial Statements continued
15. Trade and other payables
Trade payables
Other payables
Accruals
Group
2017
$’000
720
16
569
1,305
Group
2016
$’000
767
23
938
1,728
Company
2017
$’000
Company
2016
$’000
–
–
–
–
–
–
–
–
None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements.
The Directors consider that the carrying amount of trade and other payables approximates its fair value.
90% (2016: 76%) of the trade and other payables are due in less than 3 months.
The analysis of trade and other payables by foreign currency is set out in the table below:
US dollars
UK pound
Group
2017
$’000
903
402
1,305
Group
2016
$’000
1,178
550
1,728
The Group’s foreign currency payables are denominated in the functional currency of the subsidiaries in which they arise. There
is no impact on the loss for the year from exchange rate movements on such financial instruments.
16. Borrowings
The Group and Company borrowings were $nil (2016: $nil).
The accounts receivable financing facility was not utilised at the year end. The facility bears interest at c.16.8% of the financed
value with a limit of US$1.5 million or 80% of the eligible accounts receivable balance. The funding is secured by a first lien on
the corporate assets of Corero Network Security, Inc. and is guaranteed by Corero Network Security plc.
All receipts for financed assets are payable to a lockbox account held with the provider of the financing facility. The accounts
receivable assets are exposed to the risk of non or late payment by customers. There are no restrictions on the use of the
financed accounts receivable assets.
At 31 December 2017, the Group’s liabilities have contractual maturities which are summarised below. These contractual
maturities reflect the payment obligations which may differ from the carrying values of the liabilities at the balance sheet date.
Group
Trade and other payables
Total
In one year or less,
or on demand
2017
$’000
1,305
1,305
2016
$’000
1,728
1,728
Corero Network Security plcAnnual Report & Accounts 2017�17. Financial instruments
The Group’s financial instruments are categorised as shown below:
Group
Financial assets
Loans and Receivables:
Trade and other receivables
Cash
Group
Financial liabilities
Financial liabilities at amortised cost:
Trade and other payables
55
Book Value
2017
$’000
Book Value
2016
$’000
2,268
1,365
3,633
1,576
2,940
4,516
Book Value
2017
$’000
Book Value
2016
$’000
1,305
1,305
1,728
1,728
The Group manages liquidity and credit risk in line with the Financial risk management objectives and policies on page 27.
At the present time the Group does not have significant exposure to foreign exchange or interest rate risk.
There are no differences between the fair values and book values held by the Group.
18. Deferred income
Group
Current
More than one year but less than five years
2017
$’000
2,896
287
3,183
2016
$’000
2,457
855
3,312
The Group’s deferred income balance will be recognised as revenue evenly over the remaining term of the support agreements
in place. Support agreements expire at various times throughout the year with no particular seasonality.
Company
The Company has no deferred income (2016: $nil).
19. Pensions
The Group’s pension arrangements are operated through defined contribution schemes.
Defined contribution schemes
Defined contribution pension costs
2017
$’000
125
2016
$’000
93
Strategic Report Financial StatementsGovernanceCorporate Directory�56
Notes to the Financial Statements continued
20. Share capital
Authorised share capital
The authorised share capital comprises 745,821,970 (2016: 745,821,970) ordinary shares of 1p (1.35c) each.
Issued ordinary share capital
1 January 2016
165,637,416 ordinary shares of 1p each
Issued
37,773,560 ordinary shares of 1p each (1.54c)
6,666 ordinary shares of 1p each (1.32c)
31 December 2016 and at 1 January 2017
203,417,642 ordinary shares of 1p each
Issued
112,000,000 ordinary shares of 1p each (1.28c)
31 December 2017
315,417,642 ordinary shares of 1p each
$’000
2,573
546
–
3,119
1,437
4,556
On 10 May 2016, 37,773,560 ordinary shares with a nominal value of 1p were issued at 22p (34c) per share by way of a
subscription, placing and open offer. On 15 September 2016, 6,666 ordinary shares with a nominal value of 1p were issued at 15p
(20c) per share as the result of the exercise of an option.
On 25 April 2017, 112,000,000 ordinary shares with a nominal value of 1p were issued at 5p (6c) per share by way of a
subscription and placing.
On 5 April 2018 Corero will announce a conditional placing and subscription. This Equity Fund Raise is subject to shareholder
approval at a general meeting of the Company.
21. Share premium
1 January 2016
37,773,560 ordinary shares of 22p each (34c) less issue costs
6,666 ordinary shares of 15p each (20c)
31 December 2016 and at 1 January 2017
112,000,000 ordinary shares of 5p each (6c) less issue costs
31 December 2017
$’000
56,835
10,845
1
67,681
5,558
73,239
Consideration received in excess of the nominal value of the 112,00,000 shares issued on 25 April 2017 as a result of the
subscription and placing has been included in share premium, less registration, commission and professional fees of $193,000.
The amount of such directly attributable costs deducted from share premium in 2016 was $622,000.
Corero Network Security plcAnnual Report & Accounts 2017�57
Total
2017
$’000
7,846
753
125
8,724
Total
2016
$’000
9,337
840
93
10,270
2017
Number
2016
Number
19
32
10
61
19
38
11
68
22. Employees and Directors
Employee expenses during the period
Group
Wages and salaries
Social security costs
Other pension costs (note 19)
Average monthly numbers of employees (including Directors) employed
Sales and marketing
Technical, support and services
Management, operations and administration
Company
The Company has no employees (2016: nil).
Directors, being the Key Management personnel
Executive Directors
Ashley Stephenson
Andrew Lloyd
Andrew Miller
Jens Montanana
Richard Last
Salary
& fees
$’000
270
243
205
34
26
778
Bonus
$’000
Benefits
$’000
Pension
$’000
Subtotal
$’000
Options
$’000
Company
National
Insurance
Contributions
$’000
Total
2017
$’000
Total
2016
$’000
54
31
39
–
–
124
15
–
7
–
–
22
–
12
21
–
–
33
339
286
272
34
26
957
5
9
4
2
1
21
8
33
34
–
2
77
352
328
310
36
29
1,055
351
32
329
39
32
783
Bonus payments of $124,000 were awarded during the period to 31 December 2017 (2016: $63,000).
Andrew Miller has a service contract with a 6 month notice period. A subsidiary company provides for pension contributions
(included in the table above) of 10% of basic salary payable to a personal pension plan.
Andrew Lloyd was appointed an Executive Director on 3 January 2017. He has a service contract with a 3 month notice period. A
subsidiary company provides for pension contributions (included in the table above) of 5% of basic salary payable to the Group’s
defined pension plan.
One Director is accruing benefits from the Group’s defined contribution pension arrangements (2016: $nil). The Company makes
contributions to Andrew Miller’s personal pension scheme.
Post the year end, Jens Montanana notified the Company that he wished to waive his Non-Executive Director fees for the year
ended 31 December 2017 of $34,000. Jens Montanana waived his Non-Executive Director fees for the year ended 31 December
2016 of $35,000.
Strategic Report Financial StatementsGovernanceCorporate Directory�58
Notes to the Financial Statements continued
23. Operating lease commitments
The Group has total future minimum lease payments under non-cancellable operating leases totalling $360,000 (2016:
$593,000) analysed by year of expiry as follows:
Land and building agreements expiring:
Within one year
Within two to five years
Other agreements expiring:
Within one year
Within two to five years
2017
$’000
2016
$’000
83
53
1
223
360
21
215
1
356
593
Other operating leases agreements relate to the costs of a co-location provider.
Company
The Company has no operating lease commitments (2016: $nil).
24. Contingent liabilities
Corero Network Security (UK) Limited was in December 2015 awarded a grant of up to £600,000 for a development project over
three years from Scottish Enterprise. Any monies becoming repayable by Corero Network Security (UK) Limited under the terms
typical for such a grant, including not complying with the grant conditions which include requirements to hire employees in
Scotland, progress on the project is not satisfactory, a change of control, are guaranteed by the Company.
25. Share options
The Company has the following share option schemes:
• Enterprise Management Incentive Scheme for its employees, which has been approved by HMRC, 2010 Executive Enterprise
Management Incentive Scheme, which has been approved by HMRC, 2010 Unapproved Share Option Scheme, and
• Deferred Payment Share Plan
In August 2010, 1,257,000 options were granted to certain Directors and employees under the 2010 Executive Enterprise
Management Incentive scheme and 2010 Unapproved Share Option Scheme. The options granted vested immediately
upon grant.
All other options granted in 2010–2017 have a three year vesting period, vesting one third on the first anniversary of grant, one
third on the second anniversary of grant and one third on the third anniversary of grant. There are no vesting conditions. Shares
acquired on the exercise of an option may not be sold until the expiry of the second anniversary following the date of
option grant.
If an option holder ceases to be in employment or hold office within the Group, options granted shall immediately lapse unless
such cessation is because of the option holder’s death; the option holder’s ill health or disability; the company that employs the
option holder ceasing to be under the control of the Company or such company ceasing to be within the Group; the transfer of
sale of the undertaking or part-undertaking in which the option holder is employed to a person who is neither under the control
of the Company nor within the Group; or any other reason that the Board in its absolute discretion shall determine.
On a cessation of employment or office as set out above, options shall be exercisable to the extent they have vested according
to the terms of the option agreement and the provisions of the relevant share option scheme and must be exercised within 30
days following such cessation unless it is by reason of death whereby the option holder’s personal representatives must exercise
the option within 12 months following the date of the option holder’s death.
On the 18 March 2014, the Enterprise Management Incentive Scheme was extended by 10 years to 20 April 2021.
Corero Network Security plcAnnual Report & Accounts 2017
�59
Share options granted at 31 December 2017 were as follows:
Option
Holders
Date
granted
Expiry
date
Exercise
price
Enterprise Management Incentive Scheme
At
1 January
2017
Granted Exercised
Forfeit/
cancelled
At 31
December
2017
Other
Holders
March 2011
March 2021
40p (65c)
40,000
March 2012
March 2022
54.5p (89c)
25,000
September 2012 September 2022
43p (70c)
110,000
April 2013
April 2023
25p (38c)
85,000
May 2014
May 2024
25p (42c)
40,000
September 2014 September 2024
25p (41c)
10,000
April 2015
April 2025
15p (23c)
750,000
October 2015 September 2025
15p (23c)
57,000
January 2016
January 2026
20p (29c)
1,067,000
May 2016
April 2017
June 2017
May 2026
22.5p (33c)
31,305
April 2027
8p (10c)
June 2027
13.6 (18c)
–
–
–
1,620,569
1,715,305
542,000
September 2017 September 2027
9.1p (12c)
2010 Executive Enterprise Management Incentive Scheme
Andrew Miller
August 2010
August 2020
25p (41c)
476,000
September 2012
March 2022
54.5p (89c)
80,000
April 2013
April 2023
25p (38c)
250,000
May 2014
May 2024
25p (42c)
362,570
–
–
–
–
Andrew Lloyd
April 2017
April 2027
8p (10c)
–
3,124,999
2010 Unapproved Share Option Scheme
Jens
Montanana
August 2010
August 2020
25p (41c)
165,000
March 2012
March 2022
54.5p (89c)
30,000
April 2013
April 2023
25p (38c)
80,000
January 2016
January 2026
20p (29c)
150,000
–
–
–
–
April 2017
April 2027
8p (10c)
–
994,000
Richard Last
March 2012
March 2022
54.5p (89c)
20,000
April 2013
April 2023
25p (38c)
60,000
January 2016
January 2026
20p (29c)
100,000
–
–
–
April 2017
June 2017
April 2027
8p (10c)
June 2027
13.6 (18c)
–
–
450,000
180,000
Andrew Lloyd
April 2013
April 2023
25p (38c)
60,000
May 2014
May 2024
25p (42c)
40,000
January 2016
January 2026
20p (29c)
100,000
–
–
–
April 2017
June 2017
April 2027
8p (10c)
June 2027
13.6 (18c)
–
–
870,001
200,000
Ashley
Stephenson
March 2012
March 2022
54.5p (89c)
180,000
April 2013
April 2023
25p (38c)
400,000
–
–
–
–
–
–
–
–
–
–
–
–
(40,000)
(25,000)
(110,000)
(85,000)
(40,000)
(10,000)
–
–
–
–
–
–
(250,000)
500,000
(57,000)
– (1,067,000)
(31,305)
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
(7,000)
1,613,569
–
–
–
–
–
–
–
–
–
–
–
–
(20,000)
(60,000)
(100,000)
1,715,305
542,000
476,000
80,000
250,000
362,570
3,124,999
165,000
30,000
80,000
150,000
994,000
–
–
–
–
–
450,000
180,000
(60,000)
(40,000)
(100,000)
–
–
–
–
–
870,001
200,000
(180,000)
(400,000)
–
–
Strategic Report Financial StatementsGovernanceCorporate Directory�60
Notes to the Financial Statements continued
25. Share options continued
May 2014
April 2015
May 2024
25p (42c)
1,720,000
April 2025
15p (23c)
200,000
January 2016
January 2026
20p (29c)
700,000
–
–
–
Andrew Miller
April 2017
June 2017
May 2014
April 2015
April 2027
8p (10c)
June 2027
13.6 (18c)
–
2,319,000
– 3,200,000
May 2024
25p (42c)
387,430
April 2025
15p (23c)
300,000
January 2016
January 2026
20p (29c)
500,000
April 2017
April 2027
8p (10c)
–
1,919,000
Other holders
August 2010
August 2020
31p (50c)
308,000
March 2011
March 2021
36p (59c)
54,750
March 2011
March 2021
40p (65c)
290,000
September 2011 September 2021
37.5p (61c)
163,500
March 2012
March 2022
54.5p (89c)
206,250
September 2012 September 2022
43p (70c)
7,000
April 2013
April 2023
25p (38c)
287,000
September 2013 September 2023
25p (40c)
40,000
May 2014
May 2024
25p (42c)
1,054,416
September 2014 September 2024
25p (41c)
120,000
April 2015
April 2025
15p (23c)
343,000
October 2015 September 2025
15p (23c)
277,000
May 2016
May 2026
20p (29c)
1,073,000
September 2016 September 2026
22.5p (33c)
470,500
–
–
–
–
–
–
–
–
–
–
–
–
–
–
April 2017
June 2017
April 2027
8p (10c)
June 2027
13.6 (18c)
September 2017 September 2027
9.1p (12c)
–
–
–
1,239,626
1,371,750
505,000
–
–
–
– (1,720,000)
(200,000)
(700,000)
–
–
–
–
2,319,000
– 3,200,000
–
–
–
–
–
387,430
300,000
500,000
1,919,000
308,000
(54,750)
–
–
290,000
(123,500)
40,000
(66,250)
140,000
(7,000)
–
(187,000)
100,000
(40,000)
–
(383,750)
670,666
(115,000)
5,000
(290,000)
53,000
(172,000)
105,000
(973,000)
100,000
(8,000)
462,500
(343,000)
896,626
(275,000)
1,096,750
–
505,000
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
13,270,721 20,251,250
– (8,340,555)
25,181,416
The closing mid-market price for the Company’s shares at 31 December 2017 was 6.75p (8c) and the high and low for the year
was 12.9p (16c) and 5.1p (6c). There are no performance conditions to be met before share options are exercisable.
No options were exercised and 1,673,500 options were forfeited in the 12 months to 31 December 2017. On 9 June 2017, the
Company announced the cancellation and re-granting of options over Ordinary Shares to certain Directors and employees, with an
option re-grant price of 13.6p (“New Option Grant Price”) being the weighted average price of the Company’s historic investment
rounds). A total of 6,667,055 options were granted on 8 June 2017 at the New Option Grant price in return for the cancellation of
existing option grants. The new options have the same vesting and share sale conditions as the existing share option grants.
The Company also announced that it intended to cancel 2,356,000 options previously granted to Andrew Miller and 425,000
options granted to Jens Montanana and grant an equal number of new options to each of them (the “New Concert Party
Options”) at the New Option Grant Price. Andrew Miller and Jens Montanana are considered to be a “Concert party” under the
City Code on Takeovers and Mergers. Since the terms of the New Concert Party Options are different from existing options
currently held by Andrew Miller and Jens Montanana, the Company will require consent from the Panel on Takeovers and
Mergers (“Panel”) to waive the obligation on them to make a general offer to shareholders under Rule 9 of the Code that could
otherwise arise if the New Concert Party Options were exercised. The Panel’s waiver (if given) will be subject to the approval of
independent shareholders, being shareholders other than Andrew Miller and Jens Montanana, taken on a poll at a general
meeting of the Company. The Company can confirm that it intends, subject to the Panel granting a waiver, to seek approval at
the 2018 AGM for the grant of the New Concert Party Options and to include the required resolution in the notice of AGM.
Corero Network Security plcAnnual Report & Accounts 2017�61
Granted Exercised
Forfeit
At 31
December
2016
Share options granted at 31 December 2016 were as follows:
Option
Holders
Date
granted
Expiry
date
Exercise
price
Enterprise Management Incentive Scheme
Other Holders
March 2011
March 2021
36p (59c)
March 2011
March 2021
40p (65c)
March 2012
March 2022 54.5p (89c)
At
1 January
2016
7,000
40,000
30,000
September 2012 September 2022
43p (70c)
110,000
April 2013
May 2014
April 2023
25p (38c)
May 2024
25p (42c)
95,000
48,000
September 2014
September
2024
25p (41c)
10,000
April 2015
April 2025
15p (23c)
750,000
October 2015 September 2025
15p (23c)
57,000
–
–
–
–
–
–
–
–
–
January 2016
January 2026
20p (29c)
May 2016
May 2026 22.5p (33c)
September 2016 September 2026
15p (20c)
–
500,000
– 1,072,000
–
31,305
2010 Executive Enterprise Management Incentive Scheme
Andrew Miller
August 2010
August 2020
25p (41c)
476,000
September 2012
March 2022 54.5p (89c)
80,000
April 2013
May 2014
April 2023
25p (38c)
250,000
May 2024
25p (42c)
362,570
2010 Unapproved Share Option Scheme
Jens
Montanana
August 2010
August 2020
25p (41c)
165,000
March 2012
March 2022 54.5p (89c)
April 2013
April 2023
25p (38c)
30,000
80,000
–
–
–
–
–
–
–
January 2016
January 2026
20p (29c)
–
150,000
Richard Last
March 2012
March 2022 54.5p (89c)
April 2013
April 2023
25p (38c)
20,000
60,000
–
–
January 2016
January 2026
20p (29c)
–
100,000
Andrew Lloyd
April 2013
May 2014
April 2023
25p (38c)
May 2024
25p (42c)
60,000
40,000
–
–
January 2016
January 2026
20p (29c)
–
100,000
Ashley
Stephenson
March 2012
March 2022 54.5p (89c)
180,000
April 2013
May 2014
April 2015
April 2023
25p (38c)
400,000
May 2024
25p (42c)
1,720,000
April 2025
15p (23c)
200,000
–
–
–
–
January 2016
January 2026
20p (29c)
–
700,000
Andrew Miller
May 2014
April 2015
May 2024
25p (42c)
387,430
April 2025
15p (23c)
300,000
–
–
January 2016
January 2026
20p (29c)
–
500,000
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
(7,000)
–
(5,000)
–
(10,000)
(8,000)
–
40,000
25,000
110,000
85,000
40,000
–
–
–
10,000
750,000
57,000
(500,000)
–
(5,000)
1,067,000
–
31,305
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
476,000
80,000
250,000
362,570
165,000
30,000
80,000
150,000
20,000
60,000
100,000
60,000
40,000
100,000
180,000
400,000
1,720,000
200,000
700,000
387,430
300,000
500,000
Strategic Report Financial StatementsGovernanceCorporate Directory�62
Notes to the Financial Statements continued
25. Share options continued
Option
Holders
Date
granted
Expiry
date
Exercise
price
At
1 January
2016
Other holders
August 2010
August 2020
31p (50c)
308,000
March 2011
March 2011
March 2021
36p (59c)
54,750
March 2021
40p (65c)
290,000
September 2011 September 2021
37.5p (61c)
March 2012
March 2022 54.5p (89c)
September 2012 September 2022
43p (70c)
163,500
216,250
14,500
April 2013
April 2023
25p (38c)
307,000
September 2013 September 2023
25p (40c)
40,000
May 2014
May 2024
25p (42c)
1,432,750
September 2014
September
2024
25p (41c)
440,000
April 2015
April 2025
15p (23c)
1,803,000
October 2015 September 2025
15p (23c)
352,000
Granted Exercised
Forfeit
At 31
December
2016
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
–
308,000
54,750
290,000
163,500
(10,000)
206,250
(7,500)
7,000
(20,000)
287,000
–
40,000
(378,334)
1,054,416
(320,000)
120,000
(6,666)
(1,453,334)
343,000
(75,000)
277,000
(700,000)
–
–
–
1,073,000
470,500
–
–
–
January 2016
January 2026
20p (29c)
May 2016
May 2026 22.5p (33c)
September 2016 September 2026
15p (20c)
–
–
–
700,000
1,073,000
470,500
11,379,750
5,396,805
(6,666)
(3,499,168)
13,270,721
Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from the
Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan.
None of the Directors holding office at the balance sheet date exercised options during the year.
Share-based payments
The Remuneration Committee can grant options to employees of the Group under the Group’s share option schemes.
Options are granted with a fixed exercise price which is equal to the market price at the date of the grant or higher price
determined by the Remuneration Committee. The contracted life is 10 years from the date of grant.
Options are valued using the Black-Scholes option-pricing model.
Options granted
The value of options granted during the year was calculated using the Black-Scholes option pricing model. The following
variables and ranges were used:
Share price at date of grants
Exercise price
Expected volatility
Years to maturity
Risk free interest rate
2017
2016
8p–9p (10c–12c)
13p–21.5p (17c–31c)
8p–13.6p (10c–18c)
15p–22.5p (20c–33c)
0.26%
9.3–9.7
0.39–0.74%
0.2–0.26%
9.0–9.7
0.35–1.18%
Corero Network Security plcAnnual Report & Accounts 2017�The following table provides information on all options outstanding at the end of the year:
Weighted average remaining contractual life
Average remaining contractual life
Options exercisable
Exercise price range
Weighted average share price
Weighted average exercise price
Expected volatility
Risk free rate – 5 year gilt rate
Expected dividend yield
63
6.8 years
6.4 years
4,427,499
8p–55p (10c–68c)
11p (15c)
13p (18c)
0.2%–6.4%
0.35%–2.6%
Nil
Volatility is calculated as the standard deviation of the closing daily share price over a period of 24 months prior to the
grant date.
Operating expenses in the Statement of Comprehensive Income included a charge of $21,000 (2016: $19,000) relating to
employee share-based payments.
26. Related parties and transactions
As part of the subscription and placing on 25 April 2017, Jens Montanana contributed $4.4 million, Andrew Miller contributed
$13,000 and Andrew Lloyd contributed $19,000 (note 21).
As part of the subscription and placing on 10 May 2016, Jens Montanana contributed $1.2 million and Andrew Miller contributed
$22,000 (note 21).
The Directors consider the Group’s key management personnel to be the Board of Directors of the Company whose
compensation is detailed in note 23.
Company key management compensation was $nil (2016: $nil) as the key management are employed by subsidiaries.
Strategic Report Financial StatementsGovernanceCorporate Directory�64
Corero Network Security plc
Annual Report & Accounts 2017
Corporate Directory
Directors
Jens Montanana (Non-Executive Chairman)
Richard Last (Non-Executive Director)
Ashley Stephenson (CEO)
Andrew Lloyd (President and EVP Sales & Marketing)
Andrew Miller (CFO)
Secretary and Registered Office
Duncan Swallow
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
Nominated Adviser and Broker
Cenkos Securities plc
6.7.8 Tokenhouse Yard
London
EC2R 7AS
Auditor
BDO LLP
55 Baker Street
London
W1U 7EU
Solicitors
Dorsey and Whitney LLP
199 Bishopsgate
London
EC2M 3UT
Bankers
Santander
2 The Forbury
Reading
RG1 3EU
Square 1 Bank
406 Blackwell Street
Suite 240
Durham
North Carolina
27701
USA
Registrars
Link Asset Services
The Registry
34 Beckenham Road
Beckenham
Kent
BR3 4TU
Website address
www.corero.com
��Registered Office
Regus House
Highbridge
Oxford Road
Uxbridge
Middlesex
UB8 1HR
C
o
r
e
r
o
N
e
t
w
o
r
k
S
e
c
u
r
i
t
y
p
l
c
A
n
n
u
a
l
R
e
p
o
r
t
a
n
d
A
c
c
o
u
n
t
s
2
0
1
7
�