Cohen & Steers
Annual Report 2021

Download report
Bookmark report

More annual reports from Cohen & Steers:

2023 Report
2022 Report
2021 Report
2020 Report
2018 Report

Plain-text annual report

Annual Report and Accounts 2021 Corero Network Security plc A Leader in real-time, high performance, automatic DDoS cyber defense solutions C o r e r o N e t w o r k S e c u r i t y p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 1 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 01 Corero is dedicated to improving the security and availability of the internet through the deployment of innovative Distributed Denial of Service (DDoS) protection solutions. DDoS Protection Without the Downtime Corero is a leader in real-time, high- performance, automatic DDoS protection: on-premises, as-a-service and in the cloud, with comprehensive visibility, analytics and reporting. We protect thousands of organisations worldwide, across many verticals. Our customers include corporate enterprises, network internet service and communication providers, hosting and data centre providers, co-location providers, network edge providers, and SaaS Enterprises. We are deployed internationally in over 47 countries, and, through our own teams and strategic partners, we continue to expand our global footprint. Contents Overview 01 2021 Highlights 02 At a glance 04 Business Model 06 Our strategy in practice 10 Market overview 11 2021 Corero DDos Threat Intelligence Report 12 Corero Explained 14 How does the technology work? 15 Customer proposition 15 Investor proposition Strategic Report 16 Chief Executive Officer’s Review 18 Financial Review 20 Key Performance Indicators 22 Key Stakeholders 22 Section 172 Statement 24 Principal Risks and Uncertainties 26 Environmental, Social and Governance Report Governance 28 Board of Directors 30 Chairman’s Corporate Governance Introduction 31 QCA Code Compliance 32 Corporate Governance Report 34 Board Performance and Remuneration Policy 35 Board Committee Reports 36 Directors’ Report 39 Statement of Directors’ Responsibilities 40 Independent Auditor’s Report Financial Statements and associated notes 45 Consolidated Income Statement 46 Consolidated Statement of Comprehensive Income 47 Consolidated Statement of Financial Position 48 Company Statement of Financial Position 49 Consolidated Statement of Cash Flows 50 Consolidated Statement of Changes in Equity 51 Company Statement of Changes in Equity 52 Notes to the Financial Statements Corporate Directory 81 Glossary 82 Corporate Directory 2021 Highlights Revenue 24% increase ARR1 31% increase m 5 8 $ . 7 1 0 2 . m 0 0 1 $ 8 1 0 2 m 7 9 $ . 9 1 0 2 . m 9 6 1 $ 0 2 0 2 . m 9 0 2 $ 1 2 0 2 m 0 5 $ . 7 1 0 2 m 8 5 $ . 8 1 0 2 Gross margin 780 basis points increase Net cash 11% increase m 2 7 $ . 9 1 0 2 m 8 9 $ . 0 2 0 2 . m 8 2 1 $ 1 2 0 2 . % 1 5 8 1 2 0 2 m 4 1 $ . 7 1 0 2 m 4 4 $ . 8 1 0 2 m 4 5 $ . 9 1 0 2 m 6 7 $ . 0 2 0 2 m 4 8 $ . 1 2 0 2 % 0 1 8 . 9 1 0 2 % 3 7 7 . 0 2 0 2 % 1 5 7 . 7 1 0 2 % 4 8 7 . 8 1 0 2 EBITDA2 $5.4m increase Profit/(loss) before taxation $5.4m increase m 0 4 $ . 1 2 0 2 m 2 5 $ . - 8 1 0 2 m 7 8 $ . - 7 1 0 2 m 4 1 $ . - 0 2 0 2 m 2 3 $ . - 9 1 0 2 m 7 1 $ . - 8 1 0 2 m 8 5 $ . - 7 1 0 2 m 4 1 $ . 1 2 0 2 m 0 4 $ . - 0 2 0 m 2 6 6 $ . - 9 1 0 2 Operational Highlights • Significant financial and operational progress, leveraging sales and marketing initiatives alongside established Strategic Alliances and Channel Partners • Secured 44 new customers in the period (2020: 42 customers), adding six new countries – Corero now active with customers across 47 countries worldwide — 18 new customers added through Corero’s strategic partnership with Juniper Networks (2020: 17 new customers) • Strong growth supported by an expanding DDoS mitigation marketplace, which continues to be fuelled by the acceleration of digitisation and the ongoing need for business continuity • ARR increased to $12.8 million, underpinning future earnings growth and reinforcing the importance of Corero’s solutions for our customers • The Group continues to prioritise its market coverage, and remains committed to ongoing investment across its technology platform and teams’ expansion to strengthen its market- leading position Financial Highlights • Strong revenue growth in the period: — Revenues increased 24% to $20.9 million (2020: $16.9 million) — Annualised Recurring Revenues1 (“ARR”) up 31% to $12.8 million as at 1 January 2022 (1 January 2021: $9.8 million) — Revenue from DDoS Protection as a Service (DDPaaS) contracts increased to $4.0 million (2020: $2.9 million) • Gross margins of 85% (2020: 77%) • EBITDA2 of $4.0 million (2020: EBITDA loss of $1.4 million) – a transformation of $5.4 million • Adjusted EBITDA3 of $4.1 million (2020: loss of $0.6 million) • Profit before taxation of $1.4 million (2020: loss before taxation of $4.0 million) • Earnings and diluted earnings per share of 0.3 cents (2020: loss per share of 0.8 cents) • Net cash at 31 December 2021 of $8.4 million (2020: $7.6 million) For more information visit corero.com 1 2 3 ARR is defined as the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software subscription and from DDoS Protection-as-a-Service (DDPaaS) contracts Defined as Earnings before Interest, Taxation, Depreciation and Amortisation. The Directors consider EBITDA to be a better measure of profitability as it excludes non-cash items Defined as Earnings before Interest, Taxation, Depreciation (including DDPaaS assets‘ depreciation which is charged to cost of sales) and Amortisation, before share-based payments, and less unrealised foreign exchange differences on an intercompany loan, and PPPL forgiveness – Fully adjusted basis 02 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 03 At a glance Corero is dedicated to improving the security and availability of the internet through the deployment of innovative DDoS protection solutions. We are… Our vision Our vision is to become the world leader in DDoS protection, servicing a significant proportion of our growing target market. Our focus, while maintaining our superior technological performance, is delivering sustainable, long-term value to our stakeholders. Achieved through Our Purpose Our purpose is to best protect the internet from DDoS cyber security attacks. Our Focus Our focus, while maintaining our superior technological performance, is delivering sustainable, long-term value to our stakeholders. Global, Dynamic and Fast-moving what we do • Prevent downtime in the event of a DDoS attack up to 20x faster than our competition How we do it • intelligently automated solution that mitigates DDoS attacks in under a second • Eliminate the need for operator intervention by automatically mitigating over 98% of attacks, saving your organisation time and money • Protect internet availability in real time with up to 50x lower latency than on-demand solutions, keeping you and your customers online with zero interruption why we do it • To make the internet a safer place by protecting your organisation from damaging DDoS attacks and the downtime that comes with it • Customers can benefit from Corero protection because of rapid attack discovery, rapid mitigation, and the ability to customize rules to apply special safeguards Our mission Corero is dedicated to improving the security and availability of the internet through the deployment of innovative Distributed Denial of Service (DDoS) protection services. We call it ‘DDoS Protection without the downtime’ because its real-time, high-performance, automatic DDoS cyber attack protection – something we excel at compared to our competitors. • Most flexible and highly scalable deployment options to meet the needs of any business • Comprehensive visibility with reporting and alerting for clear, actionable intelligence on the DDoS attack activity Responsible business Corero aspires to carry out its business to the highest ethical standards, treating customers, partners, suppliers, and employees in a professional, courteous and honest manner. Corero is committed to promoting sustainability. We aim to lead, follow and to promote good sustainability practice, to carry out our operations in a way which manages and minimises any adverse environmental impacts. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well- being and environmental consequences for the users and customers of those businesses (often in a mission critical way) and the knock-on effects to populations as-a-whole. Our values Values and beliefs underpin the strategy. These are lived to become the culture: Customers First; Technology Leadership & innovation; Operational excellence; integrity; Our People, empowerment & Teamwork Delivered by Our Strategic Goals 1. Increase our international presence 2. Leverage our existing partnerships and develop new ones 3. Intensify our Global, major and Tier One accounts relationships 4. Better monetize our existing services and introduce new services 5. Amplify our demand generation programs 6. Continue to enhance our technological innovation leadership enabled by Our Business Model Please see our business model on pages 4 to 5. Supported by Our Supporters Our supporters are our customers; our partners including strategic alliance partners; our suppliers, our investors and our employees. 04 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 05 Business Model Corero SmartWall real-time, automatic DDoS mitigation protects business continuity, service availability, revenues, and brand reputations from harmful DDoS cyber attacks. A customer driven Business Model: inputs Key solutions Sales channels Customer segments Support, updates, maintenance, monitoring Securewatch Available in physical and virtual for 10G, 100G and cloud Our Culture & values See page 26 Market Overview See page 10 TDS TDD Juniper, GTT and Neustar Strategic Alliances indirect Sales Partners Agents, value-added resellers and distributors TDC Direct Sales Delivers software edge protection for even the largest networks Protects against the largest Cloud attacks Own sales team SaaS enterprises Cloud hosting providers Service Providers Source of Revenue SmartWall TDS and TDC SmartWall TDS (through GTT) DDoS Protection as-a-Service edge providers Revenue share Term Licence Co-location providers Support and services enterprises u s Appliance e n & perpetual e v e software R licence sale SmartWall TDS SmartWall vNTD and SmartWall TDD SmartWall TDS and TDD Outputs Cash for Reinvestment See page 20 Financial Returns for investors See page 20 eSG See page 26 06 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 07 Case study: Santa Rosa Communications Our strategy in practice Corero Smartwall at a glance • Surgically removes DDoS attack traffic automatically, before it reaches critical systems, ensuring optimal performance and maximum availability • Delivers line-rate, in-line DDoS attack protection, from 1 Gbps to 100 Gbps per rack unit, in a solution that scales to terabits per second of protected throughput • Prevents several attacks, from simple volumetric floods, to sophisticated state exhaustion attacks at Layers 3 through 7 • Delivers comprehensive visibility for analysis and forensics – before, during and after attacks Deploys SmartWall to protect customers deep in the heart of Texas The Challenge The growing DDoS attacks experienced would vary in size, intensity and duration. The company would see commodity attacks in the 1-2 Gbps range, on average, a few times a day. In some instances, they would be hit by up to 10 attacks in a single day. Midsize attacks, in the 2-8 Gbps range, would occur almost weekly; and larger attacks would happen every two to four weeks, on average. The incumbent DDoS solution provider, Arbor, said the attacks would last about 15 minutes on average, although they did experience some hour-long attacks reasonably frequently, and multi-hour attacks occasionally. Santa Rosa Communications is a regional ISP serving several communities across Texoma, with an established territory covering Northern Texas and Southern Oklahoma. The company provides residential services such as phone, Internet and television, as well as business-grade voice, Wi-Fi and IT services. With roots in the rural Texas telephone business since the 1950s, Santa Rosa Telephone Cooperative has provided communication services for many years in Wilbarger County. In 1999, the company began construction of its fiber optic network in Seymour, Texas. In 2006, the business began offering fiber-to-the-home technology to provide customers with access to ultrafast Internet speeds; and, in 2019, the company experienced continued growth through the acquisition of two companies: Pinnacle Network Solutions and PCnet, a managed service provider based in Wichita Falls. value-added offering Santa Rosa has enjoyed additional benefits through the Corero deployment. The ability to perform full scrubbing helped the company land several significant new enterprise customers during 2020. “The fact that we scrub all traffic is a key selling point for the business side,” says Tabor. “Customers are benefiting, because they must no longer suffer frequent DDoS attacks if they were targeted, or worse, because they happened to be collateral damage, when another customer was attacked,” he adds. “The Internet is so important to almost everyone now, so when our Internet service works well, very nearly all the time, it really lets customers do what they want in their lives and businesses.” In response to the growing number of attacks, the only available action the Santa Rosa team could take, was to blackhole the traffic, dropping both malicious and legitimate traffic. Being forced into blackholing (RTBH) also prevents legitimate traffic from getting through, resulting in customer downtime and, ultimately, considerable dissatisfaction. “That helped, but was far from the solution we wanted for our customers,” says Tabor. “That could offer some protection, but it sacrificed the victim. It was automatic, but it was not ideal. Once the target was blackholed, we could not see the attack, so after the timer expired we would allow the traffic to flow again, and often find ourselves having to blackhole it again.” we love the visibility and how we can investigate components of an attack. However, at the end of the day, the fact it can solve so many problems for us without intervention is fantastic.” Seth Tabor, CTO at Santa Rosa Communications The Solution Santa Rosa decided enough was enough and set about looking for a solution to address the growing impact of DDoS. After researching the market, they chose and deployed the Corero SmartWall, implementing full inline, always-on, scrubbing for all traffic. “We wanted to protect our entire network and all customers,” says Tabor. “We chose inline for simplicity and unobtrusive reactions.” The company now surgically mitigates DDoS inline at every transit peer, effectively scrubbing all inbound Internet traffic. Tabor says the company does still blackhole, or swing to cloud scrubbing, for the very large attacks which would result in transit saturation, but these are much less common. “Since we started scrubbing all transit peers, DDoS-related trouble is very rare,” says Tabor. “Customer satisfaction is up, and any trouble that remains a mystery, or is directly attributable to DDoS, is way down.” The company has also reduced costs through the implementation, by reducing the number of trouble tickets and dispatches. The team loves how reliable and “hands off” the Corero system is, as well as the visibility and how customers can easily investigate the anatomy of an attack. But there’s an even more favourite feature for Tabor: “At the end of the day, the fact it can solve so many problems for us, without intervention, is fantastic!” 08 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 09 Case study: GARR Chooses Corero for Automated DDoS Protection Our strategy in practice continued Corero Smartwall at a glance • Surgically and automatically removes DDoS attack traffic, before it reaches critical systems, ensuring optimal performance and maximum availability • Delivers line-rate, always-on distributed denial of service attack protection, in a solution that scales to tens of Terabits per second of protected throughput • Prevents impact from even the most sophisticated DDoS attacks ranging from volumetric floods, to state exhaustion attacks, at layers 3 to 7 • Delivers comprehensive visibility for analysis and forensics, before, during and after attacks GARR is the ultra-broadband network dedicated to the Italian research and education community. Its main objective is to provide high-performance connectivity and to develop innovative services for the daily activities of Italian researchers, professors, and students, as well as international research collaborators. The GARR network is an extensive digital infrastructure with about 15,000 km of optical fibre covering the entire Italian territory. It reaches about 4 million users of about 500 organisations and connects more than 1,200 sites, most of which are public institutions (research institutes, universities, research hospitals, cultural institutes, libraries, museums, schools). The GARR network is interconnected with international research networks and across the worldwide Internet. The GARR governance model promotes inclusiveness and involves users in decision-making on the future evolution of the network and digital infrastructures. Unlike with commercial providers, users on the GARR network aren’t just consumers of data, content and services; they are involved in the development of services and solutions, and they share their own resources for the benefit of the scientific community, thus becoming active contributors. Challenge GARR is also known as the Italian Research and Education Network, supporting projects involving scientific and academic cooperation among Universities, Schools, and Public Research Institutions in Italy. Like other national research and education networks, GARR has a combination of research-related traffic, and general Internet traffic. Each “user institution” has its own network, which typically has thousands, or even hundreds of thousands, of individual users. With its more than three million IPv4 public nodes and its pioneering infrastructure that dates back to the early 1990s, the GARR network has always worked to minimize any attacks that were sourced from one of the nodes in their network. GARR carefully researched the available DDoS mitigation solutions, and finally selected Corero’s SmartWall Threat Defense Director solution, because it seamlessly integrates with their existing procedures and organisational structure, and because it works synergistically with GARR’s existing Juniper Network infrastructure. The SmartWall Threat Defense Director couples Corero’s surgically accurate, real-time, automatic DDoS protection with the high-performance packet filtering of GARR’s Juniper MX Series routers. Results for GARR • No need to blackhole or null route all traffic to a DDoS target • Negligible false positives impacting legitimate traffic • Maximum levels of service availability are maintained for users, even in the face of a DDoS event • DDoS attacks are automatically mitigated locally at each of their PoPs, avoiding the need to backhaul traffic across the network for mitigation • Increased staff efficiency resulting from the automatic and accurate protection • Increased user satisfaction resulting from the speed and accuracy of protection “In contrast to other mitigation solutions, based on scrubbing center technology, that would have to reroute attack traffic to a single very expensive device, Corero TDD blocks attacks directly on the Juniper MX nodes we have at all our PoPs, enabling us to block them in a distributed and simple way” said Massimo Carboni, CTO – Head of Infrastructure Department at GARR. This architecture also allows GARR to simply increase the scale of the protection in lockstep with any future network extensions. Another key factor in GARR’s decision was that Corero TDD is more suited to the very high throughput of the GARR network, where other solutions would introduce significant risk of misinterpreting traffic bursts as attacks, resulting in disruptive false positives. Benefits GARR values the automated, hands- off efficiency of the Corero solution, which frees up staff to work on other tasks; “Thanks to the Corero solution, we operate more efficiently, so we estimate that we’re saving about 20% in terms of staff time dedicated to network security,” said Carboni. “It’s clear that no human, or even a team of 10 security analysts, could react quickly enough to manage these sophisticated DDoS attacks,” said Carboni. “For some types of attacks the solution is so fast that we had to review our Acceptable Use Policy and the security incident workflow, because in most attacks no human intervention is needed to tackle the problem.” The Corero solution also delivers comprehensive visibility into attacks with the SecureWatch® Analytics component of its TDD solution, which leverages Splunk software for big data analytics and visualization capabilities that transform security event data into sophisticated dashboards. This information engine enables GARR to create custom dashboards and foster its own statistic and report systems integration “We definitely like having visibility into attacks, knowing not only when and how an attack is happening, but also the ability to follow the mitigation process,” said Carboni. “This provides a higher level of control in security and increases our trust in the solution.” GARR reports that Corero greatly improved the organisation’s end-user experience. GARR users are an active part of the research network and, in the past, they were often unaware of any DDoS attacks, so they considered any downtime or lack of service as a network problem. The DDoS mitigation service is a benefit to all the users. For the future, GARR is considering integrating its Corero SmartWall Analytics with its customer- facing portal, to better communicate with their users about the DDoS attacks they are being targeted with. 10 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 11 Market overview 2021 Corero DDoS Threat Intelligence Report Critical cybersecurity DDoS attacks continue to grow in sophistication, scale and frequency. 29% LIKELIHOOD OF A REPEAT ATTACK WITHIN A WEEK 97% ATTACKS UNDER 10GBPS 82% OF ATTACKS <10 MINUTES 297% INCREASE IN OPENVPN ATTACKS 29% INCREASE IN NUMBER OF ATTACKS PER DAY Cyber threats and DDoS attacks A wide range of critical cybersecurity issues face every internet connected organisation. These threats include DDoS, hacking, breach, phishing, fraud, ransom, data theft and exfiltration. These cyber threats present themselves via the essential internet connections that are required to support the online business. The broad range of motives for executing DDoS attacks, coupled with the relative ease with which attacks can be launched, means that they are easily carried out by a variety of actors, including; criminal gangs, activists, terrorist groups and even nation states. Aside from those who are focused purely on disrupting services, some of those who carry out DDoS attacks do so for extortion via ransom DDoS or as a smokescreen for other cyberattacks designed to steal data, or plant malware. The DDoS Protection Market $3.4bn in 2021 Global DDoS Protection Market expected to reach $6.8bn by 2026 at 15% CAGR* Today, internet service providers typically sell raw internet transit connectivity. This raw internet connectivity, usually sold via 1Gbps, 10Gbps and increasingly 100Gbps transport connections, carries good customer traffic and malicious bad traffic without discrimination. If an enterprise, data centre, or hosting facility connects to these raw transit providers they will be exposed to internet-borne cyber threats and their information security posture must be prepared to detect and protect against any associated malicious intent. Corero focuses on one specific category of these cybersecurity threats encompassing DDoS and has developed a real-time detection and mitigation solution that delivers automatic detection and protection against DDoS attacks. DDoS attacks continue to grow in sophistication, scale and frequency. Businesses and public-sector organisations are equally vulnerable to DDoS attacks and recent years have seen some of the world’s best- known companies fall victim to DDoS attacks with catastrophic impact for their customers. The DDoS protection market is driven by the growing need for enterprise business continuity. Increasingly always-on protection is the only answer to defend against the smaller attacks which dominate. These provide increasing revenue opportunities for Service and Hosting Providers. 6 6 8 2 $ , 0 2 0 2 6 1 9 3 $ , 2 2 0 2 4 2 2 5 $ , 4 2 0 2 1 7 7 6 $ , 6 2 0 2 Global DDoS Protection Market Market Size (USD Millions)* >29,500 Daily Attacks Daily DDoS attacks were recorded during the first half of 2021, this has doubled in the last 24 months** * MarketsandMarkets DDoS protection Global forecast to 2026 ** NetScout H1 2021 report what are the key DDoS market drivers? Rise in multi-vector attacks, increase in number of DDoS attacks across the Internet of Things ('IoT') ecosystem, need of DDoS defense solutions for the 5G ecosystem, and high demand of cloud-based and hybrid DDoS protection and mitigation solutions1. • IoT devices, which are the source of high-intensity DDoS attacks, forecast to grow 18 billion devices by 2022.1 • The increased bandwidth of 5G networks opens avenues for DDoS attackers to induce large DDoS attacks capable of impacting millions of mobile and IoT devices.1 • Communication service providers (‘CSPs’) are increasingly targets of DDoS attacks. 85% of survey respondents say DDoS attacks against their organisations are either increasing or continuing at the same relentless pace and 71% of respondents say they are not or only somewhat capable of launching measures to moderate the impact of DDoS attacks. The increase in IoT devices due to the growth of 5G increases the risk to CSPs.2 1 2 MarketsandMarkets DDoS Global Forecast Report, Forecast to 2026, December 2021 Ponemon Institute The State of DDoS Attacks Against Communication Service Providers, April 2019 every half and full year, Corero looks at the latest trends it is seeing in the DDoS market. The above observations are from our 2021 DDoS Threat intelligence Report. “Once again, we are reporting a net increase in the number of unique DDoS attack vectors seen in the wild and in the level of year-over-year DDoS activity. With each new vector we often see a long tail, measured in years, of subsequent exploitation and related attacks. … At the same time, the novel weaponization and abuse of internet facing applications or devices continues … . It is important to be aware of the evolving threat landscape and not to simply assume that your Service / Hosting Provider has effective counter measures in place to combat the latest DDoS attack vectors and keep your business online. As hackers continue to find new vectors to launch assaults on organisations, the best defense against potential downtime is to utilize real-time protection. Solutions which detect and redirect traffic to the cloud often result in downtime. On-demand, cloud-based scrubbing services cannot practically mitigate the short, frequent attacks that many organisations now face. As organisations plan their strategy for effective DDoS protection, the relationship between time-to- mitigation and potential downtime is a vital consideration.” 2021 Corero DDoS Threat Intelligence Report 12 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 13 Corero Explained Your Questions Answered What is our mission? Corero is dedicated to improving the security and availability of the Internet through the deployment of innovative DDoS protection and mitigation cyber solutions. Step 3 Open devices respond with UPnP ‘reply’ packets to victim’s network because of botnet spoofing victim’s IP addresses. Allows for a 30.8x amplification factor. SSDP Amplification DDoS Attack victim iPS/APT SLB/ADC wAF Step 2 Botnet is told to spoof IP address of victim’s network and sends UPnP ‘discovery’ packets to open devices. Steps in a typical DDoS Cyber Attack Attacker Step 1 Attacker sends command and control attack signals to small botnet. Baby Monitors video Cameras Home/ Office Routers wiFi Access Points Botnet Machine Botnet Machine Botnet Machine Botnet Machine Neustar Neustar, Inc. (‘Neustar’), through Neustar Security Services, is an American technology company that provides real-time information and analytics for the Internet, risk, digital performance and defense, telecommunications, entertainment, and marketing industries, and also provides clearinghouse and directory services to the global communications and Internet industries. Corero has a hybrid DDoS protection solution combining on-premises TDS with the SmartWall Threat Defense Cloud (‘TDC’) service, powered by Neustar, which provides protection against the largest attacks which can saturate an organisation’s internet connections and overwhelm legitimate traffic. where are we located? Corero’s key operational centres are in Marlborough, Massachusetts in the USA and Edinburgh in Scotland, UK, with the Company’s registered office in Amersham in England, UK. what is a DDoS attack? A DDoS attack is a cyber threat, in which multiple computer systems or devices attack a target, such as a server, website or other network asset, and cause a denial of service for users of the targeted resources. The flood of incoming messages, connection requests or malformed packets to the target system causes it to slow down or shut down, thereby denying service to legitimate users or systems. DDoS attacks are a threat to service availability, network security, brand reputation and ultimately lead to lost revenues. Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or provide a smokescreen while they attempt to access sensitive corporate information. Attackers are leveraging increasingly creative ways to circumvent traditional security solutions or reduce the effectiveness of DDoS scrubbing centres. DDoS attacks can be found in a multitude of sizes and are launched for a variety of motivations. They may also be used to extort payments via Ransom DDoS. Today’s cyber criminals do not even have to construct the attacks themselves, they can simply download DDoS malware or rent the botnet they need to accomplish their goal. what damage can a DDoS attack do? High availability of Cloud services and applications are critical for modern businesses and institutions. Any DDoS downtime brings risk: • Lost revenue or loss of control • Operational costs to mitigate or recover from attacks • Increased costs to retain unhappy customers and attract new customers • Brand and reputation damage leading to competitive disadvantage or loss of confidence • Regulatory fines, legal action, resignations what solutions do we have? The goal of the Corero SmartWall real-time DDoS protection solutions are to protect business continuity, service availability, revenues and brand reputations from harmful DDoS attacks. We do this for corporate enterprises, network security providers, hosting and data centre providers, co- location providers, network edge providers, and SaaS enterprises. The SmartWall family of products utilises innovative, patented, technology to automatically and surgically remove DDoS attack traffic, while allowing good traffic to flow uninterrupted. Corero solutions are amongst the highest performing in the industry, while providing the most automated DDoS protection, at unprecedented scale, with the lowest total cost of ownership to the customer. We protect against DDoS attacks in seconds, or less, rather than the minutes or tens of minutes taken by legacy solutions. Corero has a market leading SmartWall Threat Defense System (‘TDS’) solution portfolio endorsed by over 160 direct customers, many of whom are providers using it to protect hundreds, or thousands, of their customers. Our products have been recommended by NSS Labs (a leading independent product testing laboratory). Our SmartWall Threat Defense Director (‘TDD’) delivers edge protection for even the largest provider networks. Powering the silicon filtering capabilities increasingly built into modern edge routers, TDD software scales to tens-of-terabits per second of protection, without the need to deploy additional appliances at the edge or needing to back-haul large volumes of attack traffic to scrubbing centres. what strategic alliances do we have? Juniper Networks Juniper Networks, Inc. (NYSE: JNPR) (‘Juniper’) is one of the world’s largest networking product, solutions and services companies, with revenues of over $4.5bn in 2021. Corero has a global partnership agreement with Juniper enabling Juniper to select Corero as their DDoS protection solution and to sell Corero’s SmartWall Threat Defense Director (‘TDD’) software product in conjunction with its own MX Series routers. Juniper and Corero have developed this integrated solution for large-scale network-edge DDoS defence that leverages powerful filtering capabilities in the latest generation of Juniper’s MX Series routers. GTT Communications GTT Communications, Inc. (NYSE: GTT) (‘GTT’) is a leading global cloud networking provider to multinational clients, with over 600 points of presence (‘POPs’), with revenues of $1.7bn in 2020. GTT operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. GTT customers can purchase IP transit with DDoS protection provided by Corero’s SmartWall TDS’s which are deployed within the GTT network. 14 Corero Network Security plc – Annual Report and Accounts 2021 OveRview Strategic Report Governance Financial Statements Corporate Directory 15 How does the technology work? How do we combat DDoS Attacks? Customer proposition Traditional DDoS providers use net flow sampling, which requires spotting mainstream anomalies, re- directing Internet traffic, to be cleaned in scrubbing centres (which may be overseas, or some distance away) with manual intervention, and then Internet traffic is re-directed back. This is a time-consuming and costly process when the length of an attack might be short – but it takes hold quickly and the impact is high. High availability of cloud services and applications are critical for modern businesses and institutions. Internet traffic providers which use DDoS providers that have this simple generic approach have basic DDoS protection. While this may be adequate for simple and obvious attacks, it may not be for sophisticated, highly engineered attacks. So, for example, Ransom DDoS attacks are real-time, in depth (deep packets) and highly automated. However, Corero uses Deep Packet Inspection (‘DPI’) and processes packets in real-time and on-data path (‘in-line’) with as much automation as possible. Our approach is very scalable to the tens of terabits per second which makes our cost per performance ratio superior in the industry. It can also be used to augment broad upstream netflow based basic protection with an in-line, on-data-path DPI tool on network edges. Corero provides both ‘SmartWall’ and ‘SecureWatch’ solutions. Smartwall Corero’s SmartWall solution is highly automated, detecting and mitigating attacks surgically, without the expensive intervention of security analysts or network operators, who may not even know the network is under attack unless they are monitoring Corero’s dashboard or subscribed to the automated mitigation alerts. With varied deployment topologies (in-line, scrubbing, edge or cloud) Corero’s SmartWall family of solutions utilise innovative, patented technology to automatically and surgically remove the vast majority of DDoS attack traffic. Protection is available in cost-effective scaling increments, from 1Gbps, 10Gbps and 100Gbps to tens-of-terabits, to support the full spectrum of customer bandwidth and inspection requirements. We have combined advances in Intel x86 multicore CPU technology, Data Plane Development Kit (‘DPDK’) software for packet processing acceleration, and high-performance network interface cards (‘NICs’), together with an innovative, patented, and highly efficient software architecture, to develop a new generation of physical and virtual appliances providing breakthrough price/performance for DDoS defense. Threat Defense System (TDS) Physical & Virtual Appliances – On-premises SmartWall appliances perform sampled DPI to generate security metadata from traffic flows. The internal rules-engines examine this metadata to flag offending packet flows in real-time and block attacks. At the same time, the security metadata is streamed to the Corero SecureWatch® Analytics platform, where further analysis, involving correlation with other performance metrics and event data, enables rapid identification of new attack vectors. SecureWatch Analytics can formulate new mitigation rules for these vectors that are distributed out to each SmartWall instance. Securewatch The Corero SecureWatch service is a tiered offering comprised of configuration optimisation, monitoring and mitigation response services. Corero SecureWatch Analytics leverages Splunk’s analytics engine and provides robust reporting to transform sophisticated DDoS event data into easily consumable dashboards accessed via the SecureWatch Analytics web portal. The portal allows customer security operators to monitor and manage incident response, with the ability to conduct sophisticated forensic analysis. The Corero Service Portal enables providers’ customers (or ‘tenants’) to gain visibility into attacks via per-tenant dashboards. Providers can assign tenant service levels and automatically distribute reports which showcase the value of the protection their customers are receiving. Threat Defense Director (TDD) Provider Edge – Sampled Detection 1G 10G 100G 100G -> Multi-Tbps + NTD220 • Standalone 2x1/10G Solution • Easiest for Small Deployments NTD280 • Up to 8x10G Protection • Scales to Terabits/s NTD1100 • 1x100G Protection • Scales to Terabits/s • 100G-40Tbps Edge Protection • Volumetric Attacks • Supports Juniper MX Routers vNTD Software Cloud & Virtualised Protection Speed Attacks mitigated in seconds versus minutes or tens of minutes for competing technologies with zero downtime Scalability Modular and distributed, pay-as-you-grow protection Simplicity Automatic software, plug and play appliances for lowest TCO Flexibility Multiple deployment options: on- premises, hybrid and cloud protection visibility Accurate, forensic-level attack and traffic visibility with SecureWatch Analytics Support World-Class 24x7x365 SOC support with SecureWatch Managed Services Investor proposition Superior Performance High performance, class leading solutions: real time effective DDoS protection and mitigation without disrupting or delaying legitimate network traffic Corero automatically mitigates DDoS attacks in seconds, faster than any other solutions in the market High growth markets This increasingly inter-connected world grows faster and more complex with higher speed connections; higher capacities and meshed networks; the proliferation of IoT and 5G devices; and the continued growth of cloud services Corero market share leaves lots of headroom for key expansion opportunities Time to Market Unlike some technology companies, we have a superior solution already developed and field proven No development cycle with customers Very quick and simple deployment cycles with high software content On-going R&D investment reflects solution refresh and enhancements Customer relationships We enjoy high levels of trust with our customers which translates into high retention rates and long-term relationships Our diverse customer base includes blue chip global customers and we now operate in more than 47 countries High annualised recurring revenues demonstrate such enduring relationships Corero solutions provide continuity of service and allow our customers to generate incremental revenue Proprietary intellectual Property In-house expertise and proprietary knowledge means we can innovate without significant outsourcing dependencies or royalty costs Eight years of DDoS protection software development expertise leveraged to expand feature set and pipeline Scalability – organic and partners We have established and extensive global routes to market through our own direct sales force, agents, resellers, distributors, and strategic partnerships Where appliances are employed for the software solution, manufacturing is outsourced so there are no in- house supply constraints Customer support and service We provide high levels of customer support and service through our sales engineers, SOC and Operations Team – worldwide, 24x7x365 We can provide high levels of compatibility with customer indigenous equipment and systems We have key relationships with global reach and local implementation Attractive business model, performance and world class team We have high gross margins, recurring and repeat business, and improved financial performance and position. Our world class, highly skilled team have decades of experience in Technology/Cyber Security and Go To Market techniques 16 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 17 Chief Executive Officer’s Review 2021 was an extremely productive year for Corero. The strong performance reflects the successful implementation of our growth strategy, with the Group delivering continued sales momentum across our operational footprint. introduction 2021 was an extremely productive year for Corero, culminating in the Group reporting a maiden profit before tax for the year ended 31 December 2021 of $1.4 million (2020: loss of $4.0 million). The strong performance reflects the successful implementation of our growth strategy, with the Group delivering continued sales momentum across our operational footprint. We improved against all financial KPIs in the year, achieving positive EBITDA ahead of market expectations at $4.0 million (2020: negative EBITDA of $1.4 million). In addition, and reflecting the ongoing demand for our products, the Company increased revenues by 24% to $20.9 million in 2021 (2020: $16.9 million). Corero also increased Annualised Recurring Revenues (“ARR”) during the year to $12.8 million as at 1 January 2022 (ARR at 1 January 2021: $9.8 million), which is a strategically important KPI as it provides visibility and an underpin for future earnings. This record performance, driven by our highly talented and dedicated workforce, was achieved despite the ongoing backdrop of the COVID-19 pandemic as well as the well documented global supply chain challenges, which are also creating both opportunities and challenges across our business. The Board of Directors believes that Corero now has the financial and operational platform from which to generate future sustainable growth, with the Company’s: • access to large and high growth end markets; • strong performance of its market-leading technology and global customer service; • proprietary intellectual property that underpins its solutions; • highly scalable revenue model alongside its relatively short time to market for development; and • strong base of existing customers and strategic partnerships. Revenue 24% increase ARR 31% increase m 5 8 $ . 7 1 0 2 . m 0 0 1 $ 8 1 0 2 m 7 9 $ . 9 1 0 2 . m 9 6 1 $ 0 2 0 2 . m 9 0 2 $ 1 2 0 2 m 0 5 $ . 7 1 0 2 m 8 5 $ . 8 1 0 2 m 2 7 $ . 9 1 0 2 m 8 9 $ . 0 2 0 2 . m 8 2 1 $ 1 2 0 2 Lionel Chmilewsky, CEO Strategic progress We made significant operational and financial progress in 2021, placing our customers at the heart of everything that we do, as well as leveraging our routes to market to ultimately grow market share. Key strategic progress included: • increasing our international presence: during 2021, we secured 44 new customers, adding customers in six new countries, with customers in fifteen new countries added over the last two years. Our solutions are now deployed with customers across 47 countries worldwide and across the continents. • Leveraging our existing strategic partnerships and developing new ones: 18 customers were added through our partnership with Juniper in the year and we continue to grow our business with GTT. Furthermore, we made progress in 2021 towards the addition of new and complementary alliances. • intensifying our relationships with global, major and tier one accounts: expanding with large existing customers and adding new ones, with significant traction continued to be achieved in the Hosting Providers, Service Providers and SaaS Enterprise segments. • Better monetising our existing services and introducing new services: we continue to explore and provide service initiatives that enhance the protection and network security visibility for our customers. • amplifying our demand generation programmes: increased advertising and marketing efforts have included thought leadership pieces, webinar and other speaking opportunities and segment targeted campaigns. • continuing to increase our technological innovation leadership: since the start of 2013 we have invested over $33 million to-date in R&D, and in 2021 we introduced 100G adoption enablement, multi-tbps provider edge and flow detect and redirect to deliver our widest portfolio of on-premises, and indeed other solutions for our customers; an offering unrivalled by our competitors. DDoS Market Dynamics DDoS attacks continue to be prevalent as a means of cyber-attack, as camouflage for a ransomware attack and even with Ransom-driven attacks. R&D tax credit of $0.1 million (2020: two years’ equivalent of R&D tax credits of $0.2 million). The reported earnings per share was therefore 0.3 cents (2020: loss per share 0.8 cents). The global DDoS protection market was worth c.$3.4 billion in 2021 and is expected to reach $6.8 billion by 2026 at a CAGR of 15.1%. Within this, c.$1.5 billion is the total addressable market for Corero’s SmartWall solution, with c.$715 million representing our serviceable addressable market. To quantify this, there were nearly 30,000 daily DDoS attacks recorded in the first half of 2021, a doubling in 24 months. The DDoS mitigation marketplace continues to grow apace as a result of the global acceleration of digitisation and the growing need for enterprises to ensure business continuity. This is set to continue with the ongoing proliferation of IoT devices and the roll-out of 5G networks and the increase in cloud services creating a large expansion opportunity for Corero. Financial Summary The Group delivered a profit primarily due to increased revenues coupled with ongoing margin improvement and maintained operating expenses. The Group generated revenues of $20.9 million in 2021 (2020: $16.9 million), with total operating expenses at a similar level before share-based payments of $16.1 million (2020: $16.4 million) while continuing to invest in sales and marketing expansion and R&D efforts. • Operating expenses net of capitalised R&D costs and before depreciation and amortisation of intangible assets and before share-based payments were $13.9 million (2020: $14.1 million). Capitalised R&D costs were $1.8 million (2020: $1.4 million) • Operating expenses include a foreign exchange gain of $0.2 million (2020: foreign exchange loss of $0.3 million) • Depreciation and amortisation of intangible assets decreased during the year to $2.2 million (2020: $2.3 million) • The Company received a $0.6 million credit from the forgiveness of the PPP loan previously received by its US trading subsidiary in 2020 under the US CARES Act (2020: no credit received). The Company delivered its maiden positive EBITDA performance of $4.0 million (2020: EBITDA negative of $1.4 million), a transformation of $5.4 million and Adjusted EBITDA of positive $4.1 million (2020: negative EBITDA of $0.6 million). In addition, Corero has achieved its maiden profit before taxation of $1.4 million (2020: loss before taxation of $4.0 million) including amortisation of capitalised R&D costs of $1.9 million (2020: $1.9 million). Profit after taxation was $1.5 million (2020: loss after taxation of $3.8 million), following a UK In terms of overall position, Corero held net cash of $8.4 million at 31 December 2021 (31 December 2020: $7.6 million), comprising: • Cash at bank of $11.2 million as at 31 December 2021 (2020: $10.1 million); and • Debt of $2.8 million (2020: $2.5 million). In April 2021, the Company entered into a new banking facility for up to £3.0 million (c.$4.1 million), the net proceeds of which are being used for working capital purposes and our on-going investment programme to support our growth strategy ahead. outlook The demand for DDoS mitigation solutions continues to remain strong in all our key territories and markets. The global acceleration of hybrid working and internet usage due to the COVID-19 pandemic, and now with the uncertainty created as a result of current situation in Ukraine with consequent increased DDoS attack activity, continues to accelerate these trends and the need for Corero’s solutions. The Group has minimal exposure to Russia and Ukraine both operationally and from a revenue generation perspective and therefore we expect the conflict to have little direct impact on our business. We also continue to monitor the semiconductor supply chain shortage closely, and encouragingly there are signs that this is beginning to abate globally. 2021 was a milestone year for Corero as we achieved our first profit, supported by strong revenue growth and heightened demand for our products. The Board of Directors believe that there is significant scope to build on this success, leveraging our technologically superior solutions and enhanced customer-centric sales strategy, which is already yielding results. To this end, Corero will continue to invest in people, marketing and its solutions in the current financial year to provide an even wider and stronger platform for growth for the future. In summary, Corero has been building and enhancing its operational and financial platform to deliver sustainable growth given the market opportunities available to our business. This gives us confidence in Corero’s medium to long-term growth prospects. Lionel chmilewsky Chief Executive Officer 25 April 2022 18 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 19 Financial Review Alongside positive $4.0 million EBITDA achievement, I am proud to report that the Company registered a maiden profit before taxation of $1.4 million. This transition to profit represents a considerable milestone for the business. revenue and gross margins Revenue in the year ended 31 December 2021 increased from $16.9 million to $20.9 million, a $4.0 million or 24% improvement to a new record. I am also pleased to report that all revenue categorisations (appliance and licence revenue; DDoS Protection-as-a-Service revenue; maintenance and support services revenue) advanced year-on- year. Revenues of $20.9 million for 2021 are more than twice that of those reported in 2019 of $9.7m. Annualised recurring revenues1 increased in the year with ARR of $12.8 million as at 1 January 2022, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2021: $9.8 million). This measure provides a good indicator as to an underpin for future revenues. Building on H1 2021 gross margin gains, the Company’s overall gross margin significantly improved in the full year with a margin of 85.1% (2020: gross margin of 77.3%). Software license and appliance revenues in particular saw better margin capture while other revenue streams recorded similar margins. EBITDA Profit/(loss) before taxation operating expenses and r&D investment Operating expenses marginally decreased by $0.3 million from $16.4 million to $16.1 million. Underlying operating expenses, excluding depreciation and amortisation, were $0.2 million lower. Despite an increase in sales-related costs, there were some significant decreases in controlled discretionary expenditures, lower headcount- associated expenses during the period, positive foreign exchange swing between the periods of $0.5 million; and reduced travel and accommodation costs due to the COVID-19 pandemic. Underlying operating expenses included a slightly lower depreciation charge between the years of $0.1 million, $0.7 million (2020: $0.6 million) and similar amortisation charge for research and development (‘R&D’) of $1.9 million for both periods. During the year, the Group enhanced its product offerings with new features and functionality, with R&D investment of $1.8 million (2020: $1.4 million). In relation to this on- going investment in R&D to maintain the Group’s competitive edge, we secured UK R&D tax credits of $0.1 million in 2021, relating to the 2020 tax year (2020: $0.2 million, relating to the 2018 and 2019 tax years). Capital expenditures in property plant and equipment were lower year-on-year with $0.4 million of capital investment (2020: $1.0 million), following the higher levels of capex in the two previous years in our assets to facilitate our DDPaaS offerings, both directly ourselves and through our strategic partner, GTT. Share based payments increased from $0.4 million in 2020 to $0.5 million in 2021, reflecting the granting of options to staff and management in the year. In the year ended 31 December 2021, the Company received a $0.6 million credit from the forgiveness of the Paycheck Protection Program Loan (PPPL) previously received by its US trading subsidiary under the US CARES Act (2020: nil). The forgiveness of the PPPL is a non-cash movement and is shown as ‘other income’ in the Group Income Statement. Financing costs were slightly higher in the year at $0.4 million (2020: $0.3 million) due to the overlapping arrangements between old and new loan balances (see Operating cash and cash later section commentary). Borrowings were $2.8 million (2020: $2.5 million of borrowings). Borrowings consisted as at 31 December 2021 of both a new and old facility with the Company’s bankers. In April 2021, the Company entered into a new borrowing facility for up to £3.0 million (c$4.1 million) with its existing banking partner. The new borrowing facility comprises: a drawn £2.0 million term loan facility and a (still) undrawn £1.0 million revolving credit facility; for a three-year term; with terms and conditions at par or better than the existing facility. The net proceeds of this new facility will be used for working capital purposes and the Company’s on-going investment programme to support Corero’s growth strategy. The old loan facility, which stood at $0.4 million as at 31 December 2021, was paid back in full and to timetable in March 2022. Also during the current year, the Company received notification of the forgiveness of the PPP loan of $0.6 million. This is shown as a ‘Other Income’ line item in the Group Income Statement and, give its non-recurring nature is an adjustment in respect of the Adjusted EBITDA calculation. For further details on movements in borrowings please see note 18. Finally, I can report no equity raises were conducted in either 2021 nor in 2020. Neil pritchard Chief Financial Officer 25 April 2022 profitability Building on our EBITDA profit in H1 2021, I am pleased to report positive EBITDA for the business of $4.0 million in FY21. This represents a material change from FY20’s negative EBITDA of $1.4 million (itself a large improvement on the FY19 EBITDA loss of $3.2 million). Adjusted EBITDA for the period was $4.1 million (2020: negative $0.6 million). Further details on these measures are provided in the Key Performance Indicators section on pages 20 to 21. Alongside this considerable positive $4.0 million EBITDA achievement, I am proud to report the Company registered a maiden profit before taxation of $1.4 million (2020: loss before taxation of $4.0 million). This transition to profit represents a considerable milestone and level of successful maturity for the business. With the addition of a UK R&D tax credit of $0.1 million in the period, profit after taxation was $1.5 million (2020: loss after taxation of $3.8 million). Basic and diluted profit per share was 0.3 cents per share (2020: loss per share of 0.8 cents per share). operating cash and cash Overall, net cash from operating activities of $2.8 million was generated by the business (2020: $5.1 million). The comparative period quantum was in part due to an order received from a sizeable customer in the third quarter, the proceeds of which were received towards the end of the fourth quarter of the 2020 year, but the associated outflows for which fell into the first quarter of the 2021 year. In cash flow terms, cash and cash equivalents increased by $1.2 million (2020: $1.8 million). In balance sheet terms, net cash, defined as cash at bank less total borrowings, at 31 December 2021 was $8.4 million (2020: $7.6 million). Gross cash at bank at 31 December 2021 was $11.2 million (2020: $10.1 million). Gross cash Net cash $11.2m +11% $8.4m +11% m 0 4 $ . 1 2 0 2 m 7 8 $ . - 7 1 0 2 m 2 5 $ . - 8 1 0 2 m 4 1 $ . - 0 2 0 2 m 2 3 $ . - 9 1 0 2 m 8 5 $ . - 7 1 0 2 m 7 1 $ . - 8 1 0 2 m 0 4 $ . - 0 2 0 m 2 6 6 $ . - 9 1 0 2 m 4 1 $ . 1 2 0 2 Neil Pritchard, CFO m 4 1 $ . 7 1 0 2 m 0 8 $ . 8 1 0 2 m 3 8 $ . 9 1 0 2 . m 1 0 1 $ 0 2 0 2 . m 2 1 1 $ 1 2 0 2 m 4 1 $ . 7 1 0 2 m 4 4 $ . 8 1 0 2 m 4 5 $ . 9 1 0 2 m 6 7 $ . 0 2 0 2 m 4 8 $ . 1 2 0 2 20 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 21 Key Performance Indicators Revenue represents statutory-recognised revenue from corero solutions. $20.9m +24% performance Revenue for the year ended 31 December 2021 increased by 24% to $20.9 million (2020: $16.9 million). ARR (annualised recurring revenues) $12.8m +31% represents the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software subscription and from DDoS protection-as-a-Service (DDpaaS) contracts. performance Annualised recurring revenues increased in the year with ARR of $12.8 million as at 1 January 2022, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2021: $9.8 million). Gross margin % 85.1% +780 basis points represents statutory gross profit divided by statutory revenue. it measures the group’s underlying profitability before overheads. performance Corero’s overall gross margin of 85.1% significantly increased from 2020 of 77.3%. Software license and appliance revenue saw better margin capture. EBITDA $4.0m +386% represents the classic eBitDa definition: operating profit less depreciation, amortisation and any impairment of goodwill. the Board considers eBitDa to be a useful measure of profitability as it excludes typical non-cash items. For further details please see note 8. performance EBITDA was firmly in positive territory for the first time for Corero in FY21, with a positive EBITDA of $4.0 million representing a material change on FY20’s negative EBITDA of $1.4 million, itself a significant improvement on FY19 with a negative EBITDA of $3.2 million. m 5 8 $ . 7 1 0 2 . m 0 0 1 $ 8 1 0 2 m 7 9 $ . 9 1 0 2 . m 9 6 1 $ 0 2 0 2 . m 9 0 2 $ 1 2 0 2 m 0 5 $ . 7 1 0 2 m 8 5 $ . 8 1 0 2 m 2 7 $ . 9 1 0 2 m 8 9 $ . 0 2 0 2 . m 8 2 1 $ 1 2 0 2 % 1 5 7 . 7 1 0 2 % 4 8 7 . 8 1 0 2 % 0 1 8 . 9 1 0 2 % 3 7 7 . 0 2 0 2 . % 1 5 8 1 2 0 2 m 0 4 $ . 1 2 0 2 m 7 1 $ . - 8 1 0 2 m 8 5 $ . - 7 1 0 2 m 4 1 $ . - 0 2 0 2 m 2 3 $ . - 9 1 0 2 m 2 5 $ . - 8 1 0 2 m 7 8 $ . - 7 1 0 2 m 0 5 $ . - 7 1 0 2 m 7 1 $ . - 8 1 0 2 m 0 4 $ . - 0 2 0 m 2 6 6 $ . - 9 1 0 2 m 4 1 $ . 1 2 0 2 m 1 4 $ . 1 2 0 2 m 6 0 $ . - 0 2 0 m 2 5 2 $ . - 9 1 0 2 m 4 1 $ . 7 1 0 2 m 4 4 $ . 8 1 0 2 m 4 5 $ . 9 1 0 2 m 6 7 $ . 0 2 0 2 m 4 8 $ . 1 2 0 2 Profit before taxation $1.4m +135% For the first time, Corero registered a profit before taxation of $1.4 million (2020: loss before taxation of $4.0 million). This was due to an increase in revenues driving gross margin improvement of $4.7 million, with operating expenses broadly similar. An increased share option charge between the years and higher financing expenses (due to slightly higher borrowings) was more than offset by a credit of $0.6 million from forgiveness of the PPPL (see note 18). Adjusted EBITDA – Fully adjusted basis $4.1m +844% represents the operating profit less forgiveness of the pppL, unrealised foreign exchange differences on an intercompany loan, depreciation (including adjusting for DDaap assets depreciation which is charged to cost of sales), amortisation and any impairment of goodwill, and share based-payment non-cash costs. the Board considers the adjusted eBitDa – Fully adjusted basis to be a further useful measure of profitability as it excludes other significant non-cash items in addition to classic typical eBitDa non-cash items. For further details please see note 8. performance Adjusted EBITDA, like the EBITDA measure, was materially positive for the first time for Corero in the year ended 31 December 2021 at $4.1million (2020: -$0.6 million), representing a $4.7 million increase. Net cash represents cash at bank less total borrowings. $8.4m +11% performance Net cash as at 31 December 2021 was $8.4 million (H1 2021: $5.1 million; 2020: $7.6 million). Net cash is derived from gross cash (cash at bank and in hand) less borrowings. Gross cash at bank as at 31 December 2021 was $11.2 million (2020: $10.1 million). Gross cash at the year end was high from the further improvement in trading. Borrowings were $2.8 million (2020: $2.5 million of borrowings). In April 2021, the Company entered into a new borrowing facility for up to $3.0 million, comprising a drawn £2.0 million term loan and an undrawn £1.0 million Revolving Credit Facility for a three-year term (see note 18). The Group continues to pay down its bank borrowings according to the agreed loan repayment schedules. 22 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 23 Key Stakeholders Section 172 Statement The Directors are aware of their duty under Section 172 of the Companies Act 2006 to act in the way which they consider, in good faith, would be most likely to promote the success of the Company for the benefit of its members as a whole and, in doing so, to have regard (amongst other matters) to the: likely consequences of any decisions in the long-term; interests of the Company’s employees; need to foster the Company’s business relationships with suppliers, customers and others; impact of the Company’s operations on the community and environment; Company’s reputation for high standards of business conduct; and need to act fairly as between members of the Company. The Board reviewed and re-confirmed the Company’s key stakeholder groups during the year. These are set out below along with details of the forms of engagement undertaken by the Board: every day corero is interacting with customers and prospective customers in the business – including in tenders, in technical presentations, in quoting, in invoicing, in deployment, and in after-sales and on-going customer support roles. Why they matter What matters to them corero’s engagement the Board’s engagement Key events in the year Stakeholder: customers Customers are the lifeblood of a successful growing business. Stakeholder: Shareholders Shareholders own the business. They are the providers of capital to grow and invest for future success. Corero customers are concerned with having products and services that protect their online presence and operations from the increasing threat of DDoS attacks. High availability of cloud services and applications are critical for modern businesses and institutions, their revenue streams rely on having internet connectivity protected from the threat of DDoS attacks. Concerned with a broad range of issues including, but not limited to, Corero’s financial and operational performance, strategic execution, investment plans and governance. Stakeholder: partners Partners are an extension of Corero, representing the Corero brand in the market, providing an additional route to market to scale the business. Corero’s partners harness Corero’s innovative technology to deliver customer success through creation of unique joint value propositions. They share insights into what current and future customers want, ultimately impacting product strategy and roadmaps and accelerating business growth through sales and marketing programmes, as well as technical training, often with a greater, and more geographically dispersed sales force. Executive Directors meet with customers throughout the year and feedback issues to the Board. The Board reviews strategy and monitors performance during the year with the aim of meeting customers’ needs more effectively. Receives regular competitor updates to understand Corero’s competitive performance and its strengths and weaknesses as regards meeting customer needs. Every day Corero is interacting with customers and prospective customers – including in tenders, in technical presentations, in quoting, in invoicing, in deployment, and in after-sales and on-going customer support roles. Communications such as annual reports, interim reports and notices of general meetings. Board attendance at the AGM to answer questions. Investor roadshows, Stock Exchange announcements and press releases; www.corero.com. Feedback on investor meetings held by the Chairman. Executive Director meetings with investors in the UK. In conjunction with the Company NOMAD, Corero consulted with major shareholders and key strategic partners during a number of investor roadshows and also an investor online forum. In April 2021 the Company entered into a new borrowing facility with its existing banking partner, the net proceeds of which will be used for working capital purposes and its on-going investment program to support its growth strategy. Partner Code of Conduct define expectations of responsible business and behaviour. Board updates regarding partner relationships, development and engagement. Board engaged in quarterly review of progress of the Corero-Juniper and Corero-GTT engagements. Regular Board reports, including updates on performance and key partner issues, Senior management engaged in quarterly review of progress of the Corero – Juniper and GTT engagements. The Board provides on-going consideration of key strategic partnerships, and whether to change or add to existing relationships. Regular Board member engagement with senior Juniper management. Stakeholder: employees Corero employees are a key resource, dedicated to creating, selling and supporting solutions that protect Corero’s customers from the increasing threat of DDoS attacks. Opportunities for personal development and career progression, a culture of inclusion and diversity, compensation and benefits, and the ability to make a difference within Corero. Various activities and forums to foster participation in Group events, invite opinions, questions and ideas. Regular ‘All Hands’ meetings are held. In pre-COVID-19 times, Non-executive Directors have provided ‘town hall’ meetings for employees at Corero’s key locations to participate in a Q&A session. New style performance appraisal and objective setting processes rolled-out in 2021 have provided formalised reflection, feedback and direction for the following year. The Company has regular ‘All Hands meetings’ via online virtual meetings. 24 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 25 Principal Risks and Uncertainties The Group has a number of principal risks and uncertainties. revenue growth coViD-19 pandemic people Corero’s strategy outlined on page 3 depends on delivering revenue growth to meet these ambitions. Clearly, higher order intake and related revenue growth provides the opportunity for Corero to invest further in its future. Revenue growth, given high cyber security industry salaries, is highly important to deliver profitable growth for the business. Conversely, lower sales growth reduces the Company’s cash resources which could impact the Company’s investment in sales and marketing and product development and its other associated goals. To deliver this order intake and, as a subset, revenue growth then Corero needs to identify, meet and exceed customer needs and desires. If Corero is not successful in identifying customer prospects with a business need Corero can solve, or developing go to market partner and channel partner relationships which generate revenue, this will compromise growth plans and success. The Group seeks to maintain a diverse customer base and over different revenue streams and several target customer verticals. To be successful Corero is: • focussing its lead generation and sales resources, and product development, on its target markets; • working closely with go to market partners to progress sales opportunities and generate revenue; and • developing relationships with new go to market partners and channel partners to expand its routes to market. Market awareness Corero is an emerging player in the DDoS prevention market and competes with much larger, traditional, established organisations. If Corero is not successful in connecting with the market and raising its profile this will compromise growth plans. To raise market awareness of Corero and its DDoS protection solutions, the Company will continue to invest in targeted digital marketing and lead generation programmes, together with its brand marketing programmes. The global COVID-19 pandemic in 2020 and 2021 has brought tragic consequences, uncertainty, and wider market disruption globally. Corero has, to date, not seen short-term adverse impact on the provision of its solutions; indeed, the global increase in remote working and internet usage as a result of COVID-19 restrictions have further emphasised the on-going relevance of Corero’s solutions. Nevertheless, COVID-19 may have a wider, more consequential effect on economies as a whole as the pandemic continues and where tighter fiscal policy follows to pay for governmental support, this may lead to a tougher economic climate in which to operate. The Board will continue to monitor the situation very closely. Operationally, remote working across the Group continues to be fully operational worldwide, as the health and wellbeing of Corero’s workforce is of the utmost importance. There continues to be the possibility of localised virus outbreaks impacting the Company’s supply chain, and we continue to closely monitor for any signs of this and take action as appropriate. Foreign exchange fluctuations Past Corero equity fund raises have been in GBP and its debt is denominated in GBP. To the extent such funds are required to support US dollar denominated funding requirements more generally for the Group, the exchange rate value of GBP to the value of US dollar may vary, either impacting adversely or favourably compared to the denominated funding requirements that can be funded from such fund raises. The Group mitigates this risk by utilising US denominated funds received by the Group’s UK subsidiary to fund the Group’s US subsidiary to the extent such funding is required, with the GBP funding requirements satisfied from the GBP denominated funds generated from GBP equity and debt where possible. Retaining and recruiting people with the necessary skills and experience. To grow and address the challenges resulting from technology change and innovation in the DDoS protection market, the Company needs to retain and recruit the required sales, business development, and software development skills. Corero operates in a high growth cyber security market, and in a thriving DDoS protection sector of that market, with new players emerging. If Corero is unable to recruit and retain the right skills this will compromise growth plans. Consequently, Corero targets paying salaries in the upper quartile for comparable positions and has share options plans to provide an attraction and retention incentive for employees. technology change and innovation The DDoS mitigation market is competitive and characterised by changes in technology, customer requirements and frequent new product introductions and improvements. Cybersecurity and DDoS attacks are constantly evolving and changing as attackers develop new methods and tools to evade defenses. Corero is focused on its chosen markets and delivering continuous innovation by adding new DDoS attack defenses and new machine learning and artificial intelligence capabilities, and striving to provide market leading solutions to secure customers from the threat of DDoS attacks. other non-principal risks and uncertainties There are a multitude of other risks and uncertainties that face companies like Corero, these include: risks and uncertainties associated with local legal requirements, political and geographic risk, the enforceability of laws and contracts, changes in tax laws, terrorist activities, wars and invasions, natural disasters and other types of health epidemics. risk Management The Company operates a risk assessment process, which is embedded in day-to-day management and governance processes. As part of the annual planning and budgeting process, Corero management document the significant risks identified, the probability of those risks occurring, their potential impact and the plans for managing and mitigating each of those risks. The Board reviews the annual risk assessment including an annual assessment of the effectiveness of the Company’s internal control system, comprising financial, operational and compliance controls, to ensure that the Company’s risk management framework identifies and addresses all relevant risks in order to execute and deliver the Company’s strategy. The Directors are responsible for the Company’s system of internal control and for reviewing its effectiveness, whilst the role of management is to implement policies on risk management and control. The Company’s system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Company’s business objectives and can only provide reasonable, and not absolute, assurance against material misstatement or loss. The Company operates a series of controls to meet its needs. These controls include, but are not limited to, the annual strategic planning and budgeting process, a clearly defined organisational structure with authorisation limits, reviews by senior management of monthly financial and operating information including comparisons with budgets, and forecasts to the Board. Given the size of the Company, the Board has concluded it is not appropriate to establish a separate, independent internal audit function. The Board will keep this under review. The Audit, Risk and Compliance Committee (‘ARCC’) reviews the effectiveness of internal controls. The ARCC receives reports from management and observations from the external auditors concerning the system of internal control and any material control weaknesses. Significant risk issues, if any, are referred to the Board for consideration. The Corero Risk Register, auditor’s report, assessment of the effectiveness of the internal control system and key judgements report for the Annual Report and Accounts are tabled and reviewed by the ARCC. 26 corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic report Governance Financial Statements Corporate Directory 27 Environmental, Social and Governance (ESG) Report Corero aspires to carry out its business to the highest ethical standards, treating customers, partners, suppliers and employees in a professional, courteous and honest manner. corero’s culture and Values customer First technology Leadership & innovation operational excellence integrity our people empowerment & team Work We seek to live our culture and values every day, in a dynamic and professional manner. Our defined values are: • Customers First; • Technology Leadership & Innovation; • Operational Excellence; • Integrity; and, • Our People, Empowerment & Team Work. In common with most intellectual property technology businesses, we know that the expertise, experience, and passion of our employees is genuinely what make our products and services market leading. For example, Corero’s Security Operation Centre (‘SOC’) comprises a team of highly experienced security analysts whose role it is to assist our customers’ IT and security teams mitigate the growing number of increasingly sophisticated DDoS attacks. This service and customer support offering is therefore an important competitive differentiator. Customers tell us they value the service levels and our team regularly receives very favourable feedback from our customers. corero’s approach to responsible business in society Corero recognises that long-term success is underpinned by good relations with its key stakeholders, both external (partners, suppliers, customers, shareholders, regulators and others) and internal (employees). As part of Corero’s annual planning and budgeting process, the Company identifies its stakeholders and their respective needs, interests and expectations. In addition, the strategy for engaging with these stakeholder groups is formulated and implemented. We are committed to complying with environmental, social and governance requirements and corero is dedicated to improving the security and availability of the internet for all. Corero values feedback from its stakeholders and proactively endeavours to address any matter identified. Feedback is gathered from: customers and partners relating to Corero’s products and services in an on-going, continuous manner; shareholders, for example through investor relation roadshows; and employees, for example as part of monthly Company updates. employees, diversity and inclusion and employee interaction Our employees are one of Corero’s most important assets and the continued and sustained development of the Company relies on its ability to retain and attract high calibre employees. Corero operates an all-employee share option plan, with awards approved by the Corero Remuneration Committee. We are proud to have so many experienced, and talented employees in our team. The Corero equal opportunities policy ensures that all job applicants and employees are treated fairly, no matter what age, race, colour, gender, religion or beliefs, sexual orientation, marital or partner status, ethnic origin or community, disability, and without favour or prejudice. We are committed to applying this policy throughout all areas of employment, recruitment and selection, training, development and promotion. The Corero equal opportunity policy sets out the Company’s position on equal opportunity in all aspects of employment. The policy has been developed to maintain the following policy objectives: • To provide a safe and welcoming environment, in which individuals are valued, included and respected • To advance equality of opportunity • To eliminate unfair discrimination • To foster good relations between different groups of people We are an increasingly international, multi- cultural, gender diverse and diverse organisation. For example, many of our UK-based software engineers are drawn from local universities but also sponsored on EU skilled-migrant visas. Inclusion is the practice of providing everyone with equal access to opportunities and resources. We believe employees find an environment of understanding and respect at Corero – where voices and opinions are heard and carefully considered – this is made easier by the relatively flat hierarchy and agile nature of the business and the values we share. Employees are regularly informed of matters concerning their interest and the financial factors affecting the Company. The Company uses company-wide forums to communicate matters as well as team and individual meetings. environmental sustainability Corero has identified the following UN Sustainable Development Goals (SDGs) most applicable to its activities listed in the table below. Corero is committed to promoting sustainability. We aim to lead, follow and to promote good sustainability practice, to carry out our operations in a way which manages and minimises any adverse environmental impacts from our activities. For many years Corero has operated a flexible remote working policy before the remote working and lack of in-person meetings characterised and necessitated by the COVID-19 pandemic. We aim to mitigate unnecessary travel, impacting on climate change, in the future. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well-being and environmental consequences for the users and customers of those businesses (sometimes in a mission critical way) and the knock-on effects to populations as-a-whole. Disruptions may emanate from individuals, groups, corporates or state-sponsored actors. Corero is committed to reducing our resource consumption where possible. Furthermore employees are encouraged to be environmentally aware. For example, Corero encourages the reuse or recycling of office waste, including paper, packaging, computer supplies and redundant equipment. Company cars are not provided. Wherever possible we seek to ensure that waste materials are disposed of in an environmentally safe manner and in accordance with regulations. We are seeking to provide materials in a paperless, digital way. ethical business Corero is committed to the fundamental values of integrity, transparency and accountability. We have a zero-tolerance policy with regard to bribery and corruption with reporting mechanisms in place. Corero adopts and enacts an Ethics and Anti- Bribery Policy to record the ethical way in which we conduct business and to make our ethical standards clear to everyone, including those with whom we do business, which includes resellers, agents and distributors as well as our customers. Corero provides training to all its employees on Anti-Bribery and Corruption. Strategic report Sign-off In accordance with Section 414D(1) of The Companies Act 2006, The Strategic Report on pages 16 to 27 is signed by order of the Board. Duncan Swallow Company Secretary 25 April 2022 UN SD goals How corero contributes good Health and Well Being Quality education Decent Work and economic growth peace, Justice and Strong institutions Ensuring healthy lives and promoting well-being at all ages is essential to sustainable development. We are committed to our people and their wellbeing and are proud of our supportive, collaborative culture and strong values. We also provide DDoS protection to many businesses important for the wider workforce. Obtaining a quality education is the foundation to improving people’s lives and sustainable development. Corero’s DDoS protection is favoured by many research and educational network customers as a secure way to deliver and promote their objectives. Sustained and inclusive economic growth can drive progress, create decent jobs for all and improve living standards. Corero’s DDoS protection protects the heightened enabled remote working environment before and during the global COVID-19 pandemic. Conflict, insecurity, weak institutions and limited access to justice remain a great threat to sustainable development. Corero’s solutions provide a key cyber protection for its customers against nefarious activities from individuals, crime and terrorist groups and state-sponsored actors. We provide threat advisory information on attacks to our customers. 28 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 29 Board of Directors Jens Montanana Non-executive Chairman appointed richard Last Independent Non-executive Director* Peter George Independent Non-executive Director andrew Miller Non-executive Director Lionel Chmilewsky Chief Executive Officer Neil Pritchard Chief Financial Officer ashley Stephenson Chief Technology Officer Duncan Swallow Company Secretary 6 August 2010 22 May 2008 3 January 2019 6 August 2010 24 April 2020 14 April 2022 6 September 2013 1 November 2007 Background & experience Jens has spent the majority of his over 30-year career in the technology industry with considerable operational and commercial experience in the resale and distribution of information technology hardware and software solutions. He is the founder and CEO of Datatec Limited, established in 1986 which listed on the Johannesburg Stock Exchange in 1994. Between 1989 and 1993 Jens served as Managing Director and Vice- President of US Robotics (UK) Limited, a wholly owned subsidiary of US Robotics Inc., which was acquired by 3Com. In 1993, he co-founded US start-up Xedia Corporation in Boston, an early pioneer of network switching and IP bandwidth management, which was subsequently sold to Lucent Corporation in 1999 for $246 million. He has previously served on the boards and sub-committees of various public companies. Current appointments CEO of Datatec Limited and Director of various Datatec Limited subsidiary companies. Richard has over 20 years’ senior experience in information technology having worked at board level for a number of publicly quoted and private companies in the technology sector. He is a Fellow of the Institute of Chartered Accountants in England and Wales (‘FCA’). * as Richard Last is a Corero shareholder and has been a Non-executive Director of the Company for over 10 years, his independence has been considered by the Board. The Board is satisfied that Richard Last is independent. Peter George is a US based executive with over 30 years’ experience in the IT networking and cybersecurity industry. He has a successful track record as CEO of leading IT network and security companies and provides sales and marketing leadership experience to the Board. Peter is the CEO of Evolv Technology, a US based leader in human security screening. Prior to that he was President and CEO of empow cybersecurity, a market innovator in AI, machine learning and advanced security analytics. Prior to empow, between 2008 to 2017, he was President and CEO of Fidelis Cybersecurity, a leading US-based Advanced Threat Defense business. Before joining Fidelis, Peter was President and CEO of Crossbeam Systems, a market leader in Unified Threat Management. Prior to that he was the President of Nortel Networks’ enterprise business where he was responsible for growing a $2 billion and 5,000 employee voice and data business in EMEA. Andrew Miller (Non-executive Director) was until 31 May 2020 the CFO of the Company. He was until January 2022 the CFO and COO of C5 Capital Limited, an investment firm investing in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space, and CFO of the Haven Group, a private equity backed cyber security services provider. Prior to joining Corero Andrew was with the Datatec Limited group in a number of roles between 2000 and 2009 including the Logicalis Group Limited (‘Logicalis’) Operations Director and Corporate Finance and Strategy Director. Prior to this, Andrew gained considerable corporate finance experience in London with Standard Bank, West Deutsche Landesbank and Coopers & Lybrand. Andrew trained and qualified as a chartered accountant and has a bachelor’s degree in commerce from the University of Natal, South Africa. Andrew is a Chartered Accountant with over 20 years’ experience in the technology industry. Duncan is responsible for the Company secretarial function and is also the Group Financial Controller. Prior to joining the Company, Duncan was Divisional Financial Controller for CCH, a Wolters Kluwer business, specialising in providing books, online information, software, CPD and fee protection to tax and accounting professionals. He is a fellow of the Association of Chartered Certified Accountants. Lionel has 30 years of international experience in the technology field, in particular in the Infrastructure, Software and Services domains. Most recently Lionel was CEO of Cambridge Broadband Networks Ltd, a leader in wireless solutions based in the UK. Before joining CBNL, Lionel was CEO of Comverse IP Communications and Senior Vice President of Comverse Group. Prior to that, he was Executive Vice- President of Proxim Wireless, leading the worldwide business activity and subsidiaries. Lionel’s background also includes General Management and Senior Executive roles in Alcatel, JDS Uniphase, EXFO and Fairchild in the USA. Lionel is a French national and earned an MBA from NEOMA (Rouen Business School). Lionel has a successful track record as CEO of leading technology companies together with sales and managerial leadership experience. Neil Pritchard joined Corero in May 2020, having previously been Group Financial Director and Company Secretary at London listed technology business CML Microsystems PLC and, prior to this, Finance Director of the UK and Eire division of the DAX-listed group Continental AG. Neil also held senior financial positions with quoted companies Delta PLC and Synthomer PLC. He is a qualified chartered accountant, holding a FCA, having spent six years with KPMG London in audit, treasury and forensic transaction service roles. He holds an Economics and Politics degree from the University of Bath, UK. Neil has multidisciplinary, international listed experience with a strong track record in driving business transformation and growth. Ashley Stephenson (CTO) first joined Corero Network Security as Executive Vice President of the Network Security division, with responsibility for product and solution strategy in March 2012, and was appointed Chief Executive Officer of Corero in January 2013. An IT industry executive and internet technology entrepreneur, Ashley has operating experience in the United States, Europe and Asia. His previous experience includes: CEO of Reva Systems, which was acquired by ODIN, and CEO of Xedia Corporation, which was acquired by Lucent. He has provided strategic advisory services to a number of leading multinational IT companies including technology vendors, distributors and services companies. Ashley began his career at IBM Research & Development in the UK. He is a graduate of Imperial College, London with a degree in Physics and is an Associate of the Royal College of Science. Ashley has deep technology and software development skills and experience. Chairman of Hyve Group plc, an international events and exhibitions group listed on the London Stock Exchange. Chairman of AIM listed Gamma Communications plc, a UK telecommunications service provider and Tribal Group plc, a technology company. Richard is also a director of a number of private companies. CEO of Evolv Technology Inc. None. Cambridge Broadband Networks Limited. The Magic Circle Foundation Ltd. Director of Eyealike, Inc. and StepVest LLC. None. Nomination Committee Remuneration Committee Audit, Risk and Compliance Committee Chair of Committee 30 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 31 Chairman’s Corporate Governance Introduction QCA Code Compliance Board commitment to governance The Board is committed to continue to uphold high standards of corporate governance, enhancing shareholder value, and engaging in a fair and transparent manner with all of the Group’s stakeholders. The Board therefore supports and is committed to the principles of the QCA Corporate Governance Code. Details of our governance processes and procedures are set in out in the following pages. Board leadership and effectiveness The Board recognises that to remain effective it must ensure that it has the right balance of skills, experience, knowledge and independence to enable it to discharge its duties and responsibilities. The Directors believe in the necessity for open debate in the boardroom and consider that existing Board dynamics and processes encourage honest, constructive and open debate with the Executive Directors. We conduct internal Board evaluation reviews to monitor it is operating effectively. our culture and values We recognise the importance of our values and how we live them within our culture. The Board undertakes informal enquiries of employees to ensure our values are upheld and promoted to maintain a healthy corporate culture. During the COVID-19 pandemic, with global travel restrictions, it has been necessary to conduct virtual Board meetings. Going forward it is anticipated that more face-to-face time should be possible, providing the Board with the opportunity to informally interact with employees based in the UK and US office locations. Board composition There were no changes to the Board composition in 2021. I am pleased to report that Neil Pritchard, our Chief Financial Officer, joined the Board on 14 April 2022. Stakeholder engagement We seek to maintain an open dialogue with all stakeholders including shareholders, customers, partners, suppliers and our employees, even in these on-going uncertain times with the global pandemic. Details of our stakeholders along with details of the forms of engagement undertaken by the Board are set out on pages 22 to 23. In this context, I would like to give my continued thanks to our institutional and private investors for their continued support; to all wider stakeholders such as our customers, strategic partners and suppliers; and thank you as ever to all our employees for their determination, integrity and commitment to Corero. Looking further ahead Corero has delivered an excellent performance in 2021 across many metrics, not least of which is a significant improvement in profit growth and our pleasure in reporting our maiden profit before taxation. The expectation of strong forecast growth in the DDoS market underpins the Board’s continued confidence, alongside Corero’s improved sales execution, and superior and evolving technological solution in that marketplace. To capitalise on this, we shall be investing in additional resources in 2022 to further the growth drivers for Corero, and long-term value for all its stakeholders. Jens Montanana Non-executive Chairman 25 April 2022 The expectation of strong forecast growth in the DDoS market underpins the Board’s continued confidence, alongside Corero’s improved sales execution, and superior and evolving technological solution in that marketplace. As an AIM-listed company, Corero adopts the principles of the Quoted Companies Alliance Corporate Governance Code (the ‘QCA Code’). The QCA Code identifies ten principles to be followed in order for companies to deliver growth in long-term shareholder value, encompassing an efficient, effective and dynamic management framework accompanied by good communication to promote confidence and trust. The following explains how Corero follows those QCA Code principles: 1 establish a strategy and business model to promote long-term value for shareholders 2 Understand and meet shareholder needs and expectations 3 Take into account wider stakeholder and social responsibilities and their implications for long-term success ✔ Corero’s strategy is focused on being the leader in real- time, high performance DDoS protection and scaling the business for profitability though revenue growth. ✔ The CEO and CFO communicate regularly with shareholders, investors and analysts, including at our half-yearly results roadshows. The full Board is available at the AGM to communicate with shareholders. ✔ Shareholders, our customers, partners and employees are our most important stakeholders. We engage with these communities via regular communications in our day-to-day activities, and via formal feedback requests. For more information please see pages 4 and 5. For more information please visit: http://www.corero.com/who-we- are/investor-relations For more information please see page 22 and 23. 4 embed effective risk management, considering both opportunities and threats, throughout the organisation ✔ Ultimate responsibility for risk management rests with the Board. Day-to-day management of risk is delivered through the way we do business and our culture. For more information please see pages 24 and 25. 5 Maintain the Board as a well- functioning, balanced team led by the Chair 6 ensure that between them the Directors have the necessary up-to-date experience, skills and capabilities 7 evaluate Board performance based on clear and relevant objectives, seeking continuous improvement ✔ The Board has three established Committees: Audit, Risk and Compliance Committee; Nomination Committee; and Remuneration Committee. The composition and experience of the Board is reviewed regularly, primarily by the Nomination Committee. ✔ The Board is satisfied that its current composition includes an appropriate balance of skills, experience and capabilities, including experience of the cyber security market and international markets. ✔ The Board regularly considers the effectiveness and relevance of its contributions, any learning and development needs and the level of scrutiny of the senior management team. An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. 8 Promote a corporate culture that is based on ethical values and behaviours ✔ Corero recognises the importance of culture and values and in conjunction with employees, defined the Company’s agreed values which are reinforced via training and performance management. 9 Maintain governance structures and processes that are fit for purpose and support good decision making by the Board ✔ The Board is responsible for the Group’s overall strategic direction and management, and for the establishment and maintenance of a framework of delegated authorities and controls to ensure the efficient and effective management of the Group’s operations. The Board is satisfied that the necessary controls and resources exist within the Company to enable these responsibilities to be met. For more information please see pages 32, 33 and 35. For more information please see pages 28, 29 and 34. For more information please see page 34. For more information please see pages 26 and 27. For more information please see pages 32 to 34 10 Communicate how the Company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders ✔ The investors section of our website includes our Annual Report, results, presentations, notice of AGM and results of the AGM and general meetings. For more information please visit: http://www.corero.com/who-we- are/investor-relations 32 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 33 Corporate Governance Report Board composition and responsibilities The Board sets Corero’s overall strategic direction, reviews management performance and ensures that the Company has the necessary financial and human resource in place to meet its objectives. Operational management of the Company is delegated to the Chief Executive Officer. The Board comprises the Non-executive Chairman, two independent Non-executive Directors, one non-independent Non-executive Director and three Executive Directors whose Board and Committee responsibilities are set out below: Jens Montanana Peter George Richard Last Andrew Miller Lionel Chmilewsky Neil Pritchard Ashley Stephenson Non-executive / executive Director Non-executive Non-executive Non-executive Non-executive Executive Executive Executive Board Compliance Committee remuneration Committee Nomination Committee audit, risk and Member Chairman Member Chairman Member Chairman Member Member Chairman Member Member Member Member Member Member One third of all Directors are subject to annual reappointment by shareholders, as well as any Director appointed to the Board in the period since the last AGM, and any Non-executive Director whose tenure is more than nine years or whose independence is the subject of Board judgement. Jens Montanana, Richard Last and Neil Pritchard will be offering themselves for (re)election at the forthcoming AGM. The Corero Board members’ biographies and their relevant experience, capabilities and skills and are set out on pages 28 and 29. Board balance and independence The composition of the Board is reviewed regularly. Appropriate training, briefings, and inductions are available to all Directors on appointment and subsequently as necessary, taking into account existing qualifications and experience. The Board is satisfied that, between the Directors, it has an effective and appropriate balance of skills and experience, including operational, commercial and technology expertise and experience. All members of the Board have more than 20 years’ technology experience through investing in and working for a range of companies from start-ups to large established technology companies, with complementary financial, commercial, sales and marketing skills. The skills and experience of the Board are summarised in the table below: Technology Cyber security Sales and marketing People International Governance Finance Jens Montanana Peter George Richard Last Andrew Miller Lionel Chmilewsky Neil Pritchard Ashley Stephenson The Board is cognisant of the lack of gender diversity and plans to address this as the Company grows through its recruitment policy. All Directors are able to take independent legal advice in relation to their duties, if necessary at the Company’s expense. In addition, the Directors have direct access to the advice and services of the Company Secretary. The Directors keep their skills up to date through a combination of their other roles (if applicable), attending appropriate training courses and seminars funded by the Company if appropriate, and by reading widely. There are no external advisers to the Board or any of its Committees, other than the Company’s broker (Canaccord Genuity) and auditor (BDO LLP). Corero’s Chairman, Jens Montanana, is a material shareholder with an equity interest in Corero of 37.85% at 25 April 2022. His interests are strongly aligned with all shareholders. Richard Last is a Corero shareholder with a 0.51% equity interest in Corero at 25 April 2022 and has been a Non-executive Director of the Company for over 10 years. His independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent manner and is independent. Corporate Governance • Review of the management structure and senior management responsibilities. • With the assistance of the Remuneration Committee, approval of remuneration policies. • Consideration of the independence of the Non-executive Directors. • Receiving reports and feedback from the Company’s shareholders. The Board receives regular briefings on the Company’s performance (including commentary and analysis), key issues and risks affecting the Company’s business. The Company maintains liability insurance for its Directors and Officers. The Company has also entered into indemnity agreements with the Directors, in terms of which the Company has indemnified its Directors, subject to the Companies Act limitations, against any liability arising out of the exercise of the Directors’ powers, duties and responsibilities as a Director or Officer. In the year ended 31 December 2021, the Board met, virtually or physically, on five scheduled occasions; further meetings and conference calls were held as and when necessary. Details of Directors’ attendance at scheduled meetings in the year to 31 December 2021 is shown in the table below: Jens Montanana Richard Last Peter George Andrew Miller Lionel Chmilewsky Ashley Stephenson Meetings attended 5/5 5/5 5/5 5/5 5/5 5/5 Directors’ conflict of interest The Company has effective procedures in place to monitor and deal with conflicts of interest. The Board is aware of the other commitments and interests of the Directors, and changes to these commitments and interests are reported to and, where appropriate, agreed with the rest of the Board. evolution of the Company’s governance framework The Board will, on an on-going basis, and as the Company’s business develops and grows, review the appropriateness of the governance framework, including the composition of the Board and the need for an internal audit function, to ensure the Company delivers on its strategy and goals whilst maintaining appropriate governance structures. Andrew Miller is a Corero shareholder with a 0.22% equity interest in Corero at 12 April 2022 and was previously Chief Financial Officer of the Company for over 10 years. His independence has been considered by the Board. The Board considers him to be not independent. employment and service agreements The Director employment and service contracts are summarised below: • Lionel Chmilewsky, Executive Director, has an employment agreement which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. • Neil Pritchard, Executive Director, has an employment agreement which provides for the payment of three months’ base salary if the agreement is terminated by the Company without cause. • Ashley Stephenson, Executive Director, has an employment agreement which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. • The Non-executive Director’s letters of appointment are for 12-month terms and provide that the appointment may be terminated by either party giving to the other not less than three months’ notice. Non-executive Directors, per their letters of appointment, have a time commitment to the Company of not less than eight days per annum including the attendance of Board meetings and the Company AGM. In addition, Non-executive Directors are expected to devote appropriate preparation time ahead of each meeting. Board responsibilities The Board meets, virtually or in person, on average once a quarter; additional meetings or conference calls are held as required. Each Director is provided with sufficient information to enable them to consider matters in good time for meetings and enable them to discharge their duties properly. The Board also ensures that the principal goal of the Company is to create shareholder value, while having regard to other stakeholder interests, and takes responsibility for setting the Company’s values and standards. The Board has a formal schedule of matters reserved to it for consideration and approval. These include: • Strategy and management. • Responsibility for the overall strategy and management of the Company. • Approval of strategic plans and budgets and any material changes to them. • Approval of the acquisition or disposal of subsidiaries and major investments, projects and contracts. • Changes relating to the Company’s capital structure. • Delegation of the Board’s powers and authorities. Financial matters and internal controls • Oversight of the Company’s operations ensuring competent and prudent management, sound planning and maintenance of adequate accounting and other records. • Approval of the annual and interim financial statements and accounting policies. • Approval of the dividend policy. • Ensuring an appropriate system of internal control and risk management is in place. 34 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 35 Board Performance and Remuneration Policy Introduction An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. This review is conducted internally. Share options Share options are granted to encourage and reward delivery of the Company’s long-term strategic objectives and provide alignment with shareholders through the use of share-based incentives. The Board may refresh the performance assessment process based on external advice and if appropriate engage a third-party facilitator to assist in the performance of such effectiveness reviews every three years. The Remuneration Committee’s (‘RC’) remit is to measure the performance of and determine the remuneration policy relating to Directors and senior employees. To support this responsibility, it has access to professional and other advice external to the Group. Taking the performance factors into account, it then makes recommendations to the Board. To assist the work of the RC, the views of the Chief Executive Officer and Chief Financial Officer are also invited where appropriate. However, they do not participate in any decision related to their own remuneration. The Nomination Committee reviews and recommends nominees as new Directors to the Board. Senior management appointments are required to be approved by the RC. The Group is committed to the governing objective of maximising shareholder value over time. Each year the remuneration framework and the packages of the Directors are reviewed to ensure they continue to achieve this objective. The Group operates in the cyber security market which is a market with significant growth potential. It is also a competitive market with a number of companies who are significantly larger than Corero. The Group’s Executive Director remuneration policy is designed to attract and retain Directors of the calibre required to maintain the Group’s position in its marketplace. This is maintained through the use of bonus and share option schemes, as follows. Bonus A cash bonus designed to incentivise specific short-term financial goals. Goals and objectives are set for the Executive Directors with a significant weight being on key financial performance metrics. The Chief Executive Officer and Chief Technology Officer on-target bonuses are set at two-thirds of base salary and the Chief Financial Officer is set at one half of base salary. All share-based incentives offered to Directors have a three year vesting schedule, with one-third vesting on the first anniversary of the grant/start date, a further third on the second anniversary of the grant/start date and the final third the third anniversary of the grant/start date. Shares acquired on the exercise of options may not be sold until the second anniversary of the grant date. Share options are granted with an exercise price set at the higher of market price or such other price as determined by the RC. In order to ensure that share options in issue continue to act as an effective incentive and staff retention tool, the Company sought shareholder approval at the AGM for the cancellation, and subsequent regrant, of certain Existing Share Options granted to various of its directors and employees, and this was enacted in the prior year on 16 June 2020. Conflicts of interest The members of the RC do not have any conflicts from cross-directorships that relate to the business of the Committee. The members of the RC do not have any day-to-day involvement in the running of the Group. Board changes Given Corero’s size, the Company does not have internal succession candidates for the Executive Directors. In the event an Executive Director replacement is required, the Company would seek to recruit a replacement through a recruitment search process. The Board is satisfied that the Company’s middle management will ensure the Company’s business is not adversely impacted in the period between an Executive Director leaving and a replacement being recruited. Board Committee Reports The Board has three established Committees: • Audit, Risk and Compliance Committee: responsible for reviewing the Group’s interim and year end results announcements, and the Annual Report and Accounts; determining the application of the financial reporting and internal control and risk management procedures and assessing the scope, quality and results of the external audit. • Remuneration Committee: responsible for the policy for the remuneration of the Executive Directors and senior management; setting the remuneration of the Executive Directors, determining the payment of bonuses to Executive Directors; and approving the Company’s bonus and incentive arrangements for employees. remuneration Committee (‘rC’) report The RC comprises Peter George, and members Jens Montanana and Richard Last. The RC meets at least twice a year. In the year ended 31 December 2021, the RC met on two scheduled occasions; further meetings and conference calls were held as and when necessary. The attendance of individual Committee members at scheduled RC meetings in the year to 31 December 2021 is shown in the table below: Meetings attended 2/2 2/2 2/2 • Nomination Committee: responsible for reviewing the composition, Peter George (Committee Chairman) structure and size of the Board; assessing the leadership needs of the Group; and recommending nominees as new Directors to the Board. Richard Last Jens Montanana audit, risk and Compliance Committee (‘arCC’) report The ARCC members comprise Richard Last, who is the Committee Chairman, and member Peter George, and meets at least twice a year. The Company’s Chief Financial Officer and Group Financial Controller, and the Company’s external auditors attend the meetings. In the year ended 31 December 2021, the ARCC met on two occasions. The attendance of individual Committee members at ARCC meetings in the year to 31 December 2021 is shown in the table below: The RC’s activities during the year, which are based on its terms of reference, are set out below: • Reviewed the performance of the Executive Directors and set the remuneration of the Executive Directors. • Determined the payment of bonuses to Executive Directors and approved the Company’s bonus and incentive arrangements for employees. • Ensured the Company’s share option schemes were operated properly and approved the share option grants to Executive Directors and employees. Richard Last (Committee Chairman) Peter George Meetings attended The remuneration of the Chairman and Non-executive Directors is decided upon by the Board. 2/2 2/2 Details of Directors’ remuneration for the year ended 31 December 2021 is set out in note 24 of the financial statements. The ARCC’s activities during the year, based on its terms of reference, are set out below: • Reviewed the scope and results of the external audit, its cost effectiveness and the objectivity of the auditors. • Reviewed, prior to publication, the interim financial statements, preliminary results announcement, the annual financial statements and the other information included in the Annual Report. Considered the regulatory, technical and operational risks of the Company and ensured these risks are properly assessed, monitored and reported on and the appropriate policies and procedures are in place. The key financial reporting judgements relating to the financial statements for the year ended 31 December 2021 which the ARCC have considered and discussed with the auditors, include: Going concern basis for financial statements Revenue recognition Financial Statements note 2.2 2.5 Carrying value of goodwill and intangible assets 2.12 and 9 The ARCC is satisfied with the treatment in the financial statements and the disclosure in the notes. Nomination Committee (‘NC’) report The NC comprises Jens Montanana (Chairman), Richard Last and Peter George. The NC meets as required. In the year ended 31 December 2021, the NC met on one scheduled occasion. The attendance of individual Committee members at NC meetings in the year to 31 December 2021 is shown in the table below: Jens Montanana (Committee Chairman) Richard Last Peter George Meetings attended 1/1 1/1 1/1 The NC’s activities during the year, which are based on its terms of reference, are set out below: • Reviewed the composition, structure, and size of the Board. • Reviewed the leadership needs of the Group. 36 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 37 Directors’ Report Group results The Group’s Income Statement on page 45 shows a profit for the year of $1.5 million (2020: loss of $3.8 million). Going concern The financial position and cash flows are described in the Financial Review on page 18. An indication of likely future developments affecting the Company is included in the Strategic Report on pages 16 to 27. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 April 2023 (“going concern assessment period”). The cash flow projections have been subjected to sensitivity analysis at the revenue, cost and combined revenue and cost levels under three different scenarios. The cash flow projections show that the Group and Company will maintain a positive cash balance through the going concern assessment period under the base case and all three sensitivity scenarios. In addition, the projections and sensitivity analyses confirm that the bank loan covenants will be met during the going concern assessment period. The Directors are also not aware of any significant matters in the remainder of calendar 2023 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. The Directors continue to carefully monitor the impact of the COVID-19 pandemic, and its impact on the macroeconomic environment, on the operations of the Group and have a range of possible mitigating actions, which could be implemented in the event of a downturn of the business. However, with COVID-19 driving an increased requirement for workforces to shift to home working and heightened concerns relating to digital security and privacy the Group has benefited from favourable market tailwind. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. Dividends The Directors have not recommended a dividend (2020: $nil). Share capital The issued share capital of the Company, together with details of movements in the Company’s issued share capital during the financial period are shown in note 22 to the financial statements. As at the date of this report, 494,852,304 ordinary shares of 1p each (‘ordinary shares’) were in issue and fully paid with an aggregate nominal value of $6.9 million. The market price of the ordinary shares at 31 December 2021 was 12.5p and the shares traded in the range 9.0p to 16.0p (as at 31 December 2020 was 10.0p and the shares traded in the range 3.6p to 11.6p during the year ended 31 December 2020). Issue of shares powers at the aGM At the AGM held on 11 June 2021, shareholders granted authority to the Board under the Articles and section 551 of the Companies Act 2006 (the ‘Act’) to exercise all powers of the Company to allot relevant securities up to an aggregate nominal amount of £494,852.30. Also at the AGM held on 11 June 2021, shareholders granted authority to the Board under the Articles and section 570(1) of the Act to exercise all powers of the Company to allot equity securities wholly for cash up to an aggregate nominal amount of £494,852.30 without application of the statutory pre-emption rights contained in section 561(1) of the Act. Substantial shareholdings The Company has been notified of the following holdings that are 3% or more of the Group’s ordinary share capital as at 31 March 2022: ordinary shares of 1 pence each Jens Montanana* Sabvest Capital Holdings Limited Juniper Networks, Inc. Herald Investment Management Richard John Koch Premier Miton Group PLC InsingerGlissen Peter Kennedy Gain** Number 187,300,406 50,000,000 49,179,772 34,592,121 30,061,222 26,475,355 25,000,000 16,378,246 % 37.85 10.10 9.94 6.99 6.07 5.35 5.05 3.31 * of which 33,674,846 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 125,871,751 are held in the name of The New Millennium Technology Trust of which Jens Montanana is a beneficiary ** of which 4,900,000 shares are held in the name of Draper Gain Investments Ltd Directors’ shareholdings Jens Montanana Peter George Richard Last Andrew Miller Lionel Chmilewsky Neil Pritchard Ashley Stephenson 31 March 2022 31 December 2020 31 December 2019 Number % Number % Number 187,300,406 37.85 187,300,406 37.85 187,300,406 – 2,500,000 1,091,437 – – – 0.51 0.22 – – – 2,500,000 1,091,437 – – – 0.51 0.22 – – – 2,500,000 1,091,437 – – 38,000 0.01 38,000 0.01 38,000 % 37.85 – 0.51 0.22 – – 0.01 Directors’ indemnities The Company has qualifying third party indemnity provisions in place for the benefit of its Directors. These remain in force at the date of this report. Directors and Directors’ interests The Directors who served in office during the year and up to the date of this report and their interests in the Company’s shares were as above. The biographical details of the current Directors of the Company are set out on pages 28 and 29. Jens Montanana, Peter George, Richard Last, Andrew Miller, Lionel Chmilewsky, Neil Pritchard and Ashley Stephenson, hold share options, details of which are shown in note 27 to the financial statements. Financial risk management objectives and policies The Group’s business activities expose it to a variety of financial risks. The policies for managing these risks are described below: • Liquidity risk – arises from the Group’s management of working capital and finance charges. It is a risk that the Group will encounter difficulty in meeting its financial obligations, including its covenants and a repayment term bank loan drawn down by the Company in April 2021 ($2.8 million at 31 December 2021) details of which are set out in note 18, as they fall due. Liquidity risk is managed by the Finance function. Annual budgets are agreed by the Board, enabling the Group’s cash flow requirements to be anticipated. • Credit risk – arises from cash and cash equivalents and from credit exposures to the Group’s customers including outstanding receivables and committed transactions. Credit risk is managed with regular reports of exposures reviewed by management. The Group does not set individual credit limits but seeks to ensure that customers enter into legally enforceable contracts that include settlement terms that demonstrate the customers’ commitment to the transaction and minimise this risk exposure. The amounts of trade receivables presented in the Statement of Financial Position are shown net of allowances for doubtful accounts estimated by management based on prior experience and their assessment of the current economic environment (note 15). The Group has no significant concentration of credit risk, with exposure spread over a number of customers. The credit risk on liquid funds and financial instruments is limited because the counterparties are banks with acceptable credit ratings assigned by international credit rating agencies. • Cash flow interest rate risk – the Group’s policy is to as far as possible minimise interest rate cash flow risk exposure on its financing. The Group is exposed to interest rate increases on the term bank loan ($2.8 million at 31 December 2021) details of which are set out in note 18, which bears interest at 3-month GBP Libor plus 6.5%. The bank loan does not have early repayment penalties and thus the Group can if GBP interest rates increase to punitive levels, seek to refinance the loan. The Group’s policy is to balance the risk in relation to cash balances held by spreading these across a number of financial institutions as opposed to maximising interest income. • Currency risk – there was no material impact from trading currency risk on the Group’s profit or loss for the year from exchange rate movements, as foreign currency transactions are entered into by Group companies whose functional currency is aligned with the currencies in which it transacts. Exchange rate risks do arise in relation to (i) the bank loan which is GBP denominated and equity fund raises which are in GBP, given the Company’s AIM listing, to the extent such funds are required to support US dollar denominated funding requirements, and (ii) GBP denominated obligations of the Group given the invoicing currency of the Group is US dollar denominated. The Group has not hedged such GBP debt and equity fund raises or GBP denominated expenses in the past as US denominated funds received by the Group’s UK subsidiary have been used to fund the Group’s US subsidiary to the extent such funding has been required, with the GBP funding requirements satisfied from the GBP denominated funds generated from GBP debt and equity fund raises. The Group keeps this policy under review based on the expected timing of US dollar and GBP operational funding requirements. The global COVID-19 pandemic brings on-going uncertainty and wider market disruption globally. The Company continues to closely monitor its supply chain for the supply and delivery of hardware appliances to customers. There is a continued risk of COVID-19 resulting in possible supply chain constraints in the short-term and some IT purchasing decisions by customers being delayed in the medium-term as the virus transmission effects continue. The Group has undertaken financial scenario planning to identify actions that may need to be taken in the event that delays to customers decision making impacts revenue and cash. These actions will be implemented as required. The principal risk which applies to the Parent Company’s financial statements is the risk that the returns generated by the subsidiaries might not support the carrying value of the cost of the investments in subsidiaries. The carrying value is tested at least annually for impairment and, if necessary, impaired as appropriate. 38 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 39 Directors’ Report continued Statement of Directors’ Responsibilities Capital management The Group monitors its available capital, which it considers to be all components of equity against its expected requirements. The Group’s objectives when maintaining capital are to safeguard the entity’s ability to continue as a going concern, so that it can continue to provide returns for shareholders and benefits for other stakeholders, and to ensure that sufficient funds can be raised for investing activities. In order to maintain or adjust the capital structure, the Company may return capital to shareholders, issue new shares, or sell assets. The Group does not review its capital requirements according to any specified targets or ratios. annual General Meeting Notice of the AGM together with details of the business to be considered will be sent to shareholders in due course. auditors In so far as each Director is aware: • there is no relevant audit information of which the Company’s auditors are unaware; and • the Directors have taken all the steps that they ought to have taken to make themselves aware of any relevant audit information and to establish that the Company’s auditors are aware of that information. Treasury management The objectives of Group treasury policies are to ensure that adequate financial resources are available for development of the business while at the same time managing financial risks. Financial instruments may be used to reduce financial risk exposures arising from the Group’s business activities and not for speculative purposes. By order of the Board Duncan Swallow Company Secretary 25 April 2022 The Group’s treasury activities are managed by the Group Financial Controller who reports to the Board on the implementation of the Group treasury policy. environment The Group’s activities are primarily office-based and as such the Directors believe that there is no significant environmental impact arising from the Group’s activities. The Group complies with local WEEE regulations. No environmental performance indicators are therefore included within this report. The Group’s environmental policy states: “We endeavour to recycle appropriate materials where possible and to efficiently use natural resources and energy supplies so as to minimise our environmental impact. We will comply with the relevant statutes and legislation. Furthermore, employees are encouraged to be environmentally aware. Company cars are not provided.” research and development The development of computer software is an integral part of the Group’s business and the Group continues to develop its software in response to user demand, and particularly the changing IT security threat landscape. During the year the Group enhanced the features and functionality of its existing products. A capital investment of $1.8 million (2020: $1.4 million) was made during the year. Amortisation of $1.9 million (2020: $1.9 million) and costs not capitalised of $1.5 million (2020: £1.6 million) were charged to the Group Income Statement during the year. employees The quality and commitment of the Group’s employees has played a major role in the Company’s continued progress. This has been demonstrated in many ways, including strong customer satisfaction, the development of new product offerings and the flexibility employees have shown in adapting to changing business requirements. The Group operates sales commission, incentive bonus plans and share option plans to provide incentives for achievements which add value to the business. The Directors are responsible for preparing the Annual Report and Financial Statements in accordance with applicable law and regulations. Company law requires the Directors to prepare financial statements for each financial year. Under that law the Directors have elected to prepare the Group financial statements in accordance with UK adopted international accounting standards in conformity with the requirements of the Companies Act 2006. The Directors have chosen to prepare the Company financial statements in accordance with FRS101. Under company law the Directors must not approve the financial statements unless they give a true and fair view of the state of affairs of the Group and Parent Company and of the profit or loss of the Group for that period. The Directors are also required to prepare financial statements in accordance with the rules of the London Stock Exchange for companies trading securities on the AIM. In preparing these financial statements, the Directors are required to: • select suitable accounting policies and then apply them consistently; • make judgements and estimates that are reasonable and prudent; • state whether they have been prepared in accordance with UK adopted international accounting standards in conformity with the requirements of the Companies Act 2006, subject to any material departures disclosed and explained in the financial statements; and • prepare the financial statements on the going concern basis unless it is inappropriate to presume that the Group will continue in business. The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Group’s transactions and disclose with reasonable accuracy at any time the financial position of the Group and enable them to ensure that the financial statements comply with the Companies Act 2006. They are also responsible for safeguarding the assets of the Group and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities. The Directors are responsible for ensuring the Annual Report and the financial statements are made available on a website. Financial statements are published on the Company’s website in accordance with legislation in the United Kingdom governing the preparation and dissemination of financial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the Company’s website is the responsibility of the Directors. The Directors’ responsibility also extends to the on-going integrity of the financial statements contained therein. 40 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 41 Independent Auditor’s Report to the members of Corero Network Security plc opinion on the financial statements In our opinion: • the financial statements give a true and fair view of the state of the Group’s and of the Parent Company’s affairs as at 31 December 2021 and of the Group’s profit for the year then ended; • the Group financial statements have been properly prepared in accordance with UK adopted international accounting standards; • the Parent Company financial statements have been properly prepared in accordance with United Kingdom Generally Accepted Accounting Practice; and • the financial statements have been prepared in accordance with the requirements of the Companies Act 2006. We have audited the financial statements of Corero Network Security Plc (the ‘Parent Company’) and its subsidiaries (the ‘Group’) for the year ended 31 December 2021 which comprise the Consolidated Income Statement, the Consolidated Statement of Comprehensive Income, the Consolidated and Company Statements of Financial Position, the Consolidated Statement of Cash Flows, the Consolidated and Company Statements of Changes in Equity and notes to the financial statements, including a summary of significant accounting policies. The financial reporting framework that has been applied in the preparation of the Group financial statements is applicable law and UK adopted international accounting standards. The financial reporting framework that has been applied in the preparation of the Parent Company financial statements is applicable law and United Kingdom Accounting Standards, including Financial Reporting Standard 101 Reduced Disclosure Framework (United Kingdom Generally Accepted Accounting Practice). Basis for opinion We conducted our audit in accordance with International Standards on Auditing (UK) (ISAs (UK)) and applicable law. Our responsibilities under those standards are further described in the Auditor’s responsibilities for the audit of the financial statements section of our report. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion. Independence We remain independent of the Group and the Parent Company in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied to listed entities, and we have fulfilled our other ethical responsibilities in accordance with these requirements. Conclusions relating to going concern In auditing the financial statements, we have concluded that the Directors’ use of the going concern basis of accounting in the preparation of the financial statements is appropriate. Our evaluation of the Directors’ assessment of the Group and the Parent Company’s ability to continue to adopt the going concern basis of accounting, has been set out in the Key Audit Matters section of the report. Based on the work we have performed, we have not identified any material uncertainties relating to events or conditions that, individually or collectively, may cast significant doubt on the Group and the Parent Company’s ability to continue as a going concern for a period of at least twelve months from when the financial statements are authorised for issue. Our responsibilities and the responsibilities of the Directors with respect to going concern are described in the relevant sections of this report. overview Coverage Key audit matters 100% (2020: 100%) of Group revenue, Group profit before tax, Group total assets Revenue recognition Goodwill and intangible asset impairment Going concern Materiality Group financial statements $418,000 based on 2% of revenue (2020: $381,000 based on 2.26% of revenue) 2021 2020 ✔ ✔ ✔ ✔ ✔ ✔ an overview of the scope of our audit Our Group audit was scoped by obtaining an understanding of the Group and its environment, including the Group’s system of internal control, and assessing the risks of material misstatement in the financial statements. We also addressed the risk of management override of internal controls, including assessing whether there was evidence of bias by the Directors that may have represented a risk of material misstatement. A full scope audit was performed for each component included in the consolidation. All audit work was undertaken by the Group audit team. Corero Group Services Limited was considered a non-significant component, but was subject to a full scope audit for statutory purposes, contributing to the overall Group coverage obtained. Key audit matters Key audit matters are those matters that, in our professional judgement, were of most significance in our audit of the financial statements of the current period and include the most significant assessed risks of material misstatement (whether or not due to fraud) that we identified, including those which had the greatest effect on: the overall audit strategy, the allocation of resources in the audit, and directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters. Key audit matter revenue recognition See accounting policy at note 2.5, the key accounting estimate at note 3.2 and note 4. The Group generates revenue primarily from the sale of software and related maintenance and support contracts. It does this directly through arrangements with end- users (either through the sale of a software licence or by selling the software as a service) as well as through distributors. The sales of licences may be on a perpetual or a fixed term basis. We considered there to be a significant audit risk arising from the allocation of the value of the transaction price to the individual performance obligations included in the sale as well as the timing of revenue recognition with regard to appropriate deferral of maintenance and support revenues. Goodwill and intangible asset impairment review As at the year end, the group holds goodwill of $8,991k, computer software of $4k and capitalised development expenditure of $4,528k. See accounting policy at note 2.12, the key accounting estimate at note 3.2 and note 9. Management performed an impairment review over its sole cash generating unit (CGU) – Corero Network Security (CNS) – as at 31 December 2021 using a discounted cash flow model to calculate value in use. The impairment review necessitates significant management judgement over the timing and degree of certainty attaching to forecast net cash flows and the rate at which those future cash flows should be discounted to present value. Certain key assumptions and data points are required to be disclosed along with sensitivity calculations where reasonably possible changes in key assumptions could give rise to an impairment. The accurate disclosure of such information formed part of the risk we assessed as being present. In view of the impact of the ongoing COVID-19 pandemic there is a risk, whether due to fraud or error, that there is an application of inappropriate assumptions supporting the assets valuations and therefore that these assets should be impaired. As a result of the significant estimates and judgements involved, we considered this area to be a key audit matter. How the scope of our audit addressed the key audit matter Our procedures included the following: We gained an understanding of the Group’s methodology in determining the fair value of the different transactions prices for performance obligations in multiple element arrangements as required by the applicable accounting standards. For a sample of transactions we recalculated the Group’s determination of the fair value of the different transactions prices for performance obligations in multiple element arrangements as set out in note 2.5 of the financial statements, to check that it provided a suitable basis on which to recognise revenues. For a sample of revenue transactions throughout the period and around the year end we corroborated to supporting documentation, including invoice, underlying contract, subsequent receipt through the bank statement and associated evidence of satisfaction of the obligation, recalculating the accompanying revenue and deferred revenue where applicable. We assessed the basis upon which performance obligations were recognised for each revenue stream and compared this to the requirements of the applicable accounting standards, industry practice, and the Group’s specific circumstances. We also tested on a sample basis the accuracy of the deferred income balance through corroborating to supporting documentation, including invoice, along with testing a sample of transactions around the year-end to supporting documentation, including invoice and proof of deliver to verify that revenue was recognised were recorded in the correct period. Key observations: Based on the work performed we consider that revenue has been recognised in accordance with the Group’s revenue policy. Our procedures included the following: We verified that the model was mechanically accurate and prepared in accordance with the requirements of applicable accounting standards. We considered and reviewed the Managements identification of the CGU in accordance with the requirements of the applicable accounting standards and our understanding of the Group and its operations. We reviewed, challenged and corroborated the assumptions regarding future cash flows and whether the rate at which they had been discounted was appropriate to the Group’s circumstances. To further support this, we confirmed the consistency of the forecasts used for impairment with the forecasts used for going concern. We used our internal valuations experts to assist with our interrogation of the model and the appropriateness of the discount rate applied by Management. This work also included comparison to industry data, historic trading, and macro-economic factors. Our audit procedures relating to the review of forecast operating cash flows included corroboration of forecast revenue to post year-end transactions and trading along with performing sensitivity analysis and ‘look back’ procedures to consider the accuracy of forecasts by comparing previous forecast to actual outcomes. Key observations: Based on the procedures performed, we considered that the assumptions used within the impairment model prepared by management to be appropriate. 42 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report GoverNaNCe Financial Statements Corporate Directory 43 Independent Auditor’s Report continued to the members of Corero Network Security plc Key audit matter Going concern See note 2.2. The Group has historically been loss making and is trading during the ongoing backdrop of the COVID-19 pandemic and supply chain challenges. These factors cause disruption and economic uncertainty globally and could impact on the Group’s future expected cash flows and bank covenant compliance, with a consequent impact on the going concern assessment. We therefore considered going concern to be a significant risk and a key audit matter. How the scope of our audit addressed the key audit matter In assessing the directors’ conclusion on the going concern assumption within the financial statements, we have undertaken the following audit procedures: • Confirming the mathematical accuracy of the underlying calculations in the forecast. • Analysing the directors’ assessment of going concern based upon the Group’s cash flow forecasts through to 31 December 2023. This included assessing and challenging assumptions with reference to historic experience and recent contract wins made in relation to revenues, expenses, and the associated cash flows and any other cash related assumptions. Further, we checked actual results for FY 2021 against budget to review the accuracy of the directors’ historic forecasts and we compared the forecast against available post year-end trading and cash flow results. • Reviewing the bank loan documents to understand the terms and covenants which the Group and Parent Company are required to comply with, comparing these to the Group’s forecasts. • Recalculating management’s covenant compliance calculations for the going concern assessment period with reference to the forecast and the loan documents. • Reviewing the sensitivity analysis performed by the directors’ considering the reasonableness of the assumptions, likelihood of the scenarios occurring and the resulting impact on cash flows and covenant compliance headroom. • We made inquiries of the Directors as to their knowledge of events or conditions beyond the period of their assessment that may cast significant doubt on the entity’s ability to continue as a going concern. • We considered whether any post-balance sheet events had occurred, which may impact going concern. • We assessed the adequacy of the disclosures in the financial statements (see note 2.2) with reference to our knowledge of the business and information obtained in performing our procedures. Key observations: Our observations in respect of going concern are set out in the Conclusions relating to going concern section above. our application of materiality We apply the concept of materiality both in planning and performing our audit, and in evaluating the effect of misstatements. We consider materiality to be the magnitude by which misstatements, including omissions, could influence the economic decisions of reasonable users that are taken on the basis of the financial statements. In order to reduce to an appropriately low level the probability that any misstatements exceed materiality, we use a lower materiality level, performance materiality, to determine the extent of testing needed. Importantly, misstatements below these levels will not necessarily be evaluated as immaterial as we also take account of the nature of identified misstatements, and the particular circumstances of their occurrence, when evaluating their effect on the financial statements as a whole. Based on our professional judgement, we determined materiality for the financial statements as a whole and performance materiality as follows: Materiality Group financial statements Parent company financial statements 2021 $’000 418 2020 $’000 381 2021 $’000 319 2020 $’000 190.5 Basis for determining materiality 2.0% of revenue 2.26% of revenue rationale for the benchmark applied We believe that revenue remains the most appropriate benchmark for materiality due to it being a key measure of the Group’s performance for users of the financial statements. We believe that revenue has become the most appropriate benchmark for materiality since revenue has become more consistent and a better indicator of the performance of the business. 76% of Group materiality 50% of Group materiality The materiality of the Parent Company was capped at a percentage of Group materiality to respond to aggregation risk. Performance materiality 75% – $314 75% – $286 75% – $239 75% – 143 Basis for determining performance materiality 75% of materiality – this was set with reference to the level of adjustments identified in the prior year, planned nature of testing and the size complexity of the Group. 75% of parent company materiality – this was set with reference to the level of adjustments identified in the prior year and the planned nature of testing. Component materiality We set materiality for each component of the Group based on a percentage of between 25% and 95% of Group materiality dependent on the size and our assessment of the risk of material misstatement of that component. Component materiality ranged from $105,937 to $397,000. In the audit of each component, we further applied performance materiality levels of 75% of the component materiality to our testing to ensure that the risk of errors exceeding component materiality was appropriately mitigated. reporting threshold We agreed with the Audit Committee that we would report to them all individual audit differences in excess of $20,900 (2020: $19,050). We also agreed to report differences below this threshold that, in our view, warranted reporting on qualitative grounds. other information The directors are responsible for the other information. The other information comprises the information included in the Annual Report and Accounts other than the financial statements and our auditor’s report thereon. Our opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon. Our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the course of the audit, or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether this gives rise to a material misstatement in the financial statements themselves. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard. other Companies act 2006 reporting Based on the responsibilities described below and our work performed during the course of the audit, we are required by the Companies Act 2006 and ISAs (UK) to report on certain opinions and matters as described below. Strategic report and Directors’ report In our opinion, based on the work undertaken in the course of the audit: Matters on which we are required to report by exception • the information given in the Strategic Report and the Directors’ Report for the financial year for which the financial statements are prepared is consistent with the financial statements; and • the Strategic Report and the Directors’ Report have been prepared in accordance with applicable legal requirements. In the light of the knowledge and understanding of the Group and Parent Company and its environment obtained in the course of the audit, we have not identified material misstatements in the Strategic Report or the Directors’ Report. We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires us to report to you if, in our opinion: • adequate accounting records have not been kept by the Parent Company, or returns adequate for our audit have not been received from branches not visited by us; or • the Parent Company financial statements are not in agreement with the accounting records and returns; or • certain disclosures of Directors’ remuneration specified by law are not made; or • we have not received all the information and explanations we require for our audit. responsibilities of Directors As explained more fully in the Statement of Directors’ Responsibilities, the Directors are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the Directors determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. In preparing the financial statements, the Directors are responsible for assessing the Group’s and the Parent Company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Directors either intend to liquidate the Group or the Parent Company or to cease operations, or have no realistic alternative but to do so. 44 Corero Network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance FINaNCIaL STaTeMeNTS Corporate Directory 45 Independent Auditor’s Report continued to the members of Corero Network Security plc Consolidated Income Statement for the year ended 31 December 2021 auditor’s responsibilities for the audit of the financial statements Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements. Our audit procedures were designed to respond to risks of material misstatement in the financial statements, recognising that the risk of not detecting a material misstatement due to fraud is higher than the risk of not detecting one resulting from error, as fraud may involve deliberate concealment by, for example, forgery, misrepresentations or through collusion. There are inherent limitations in the audit procedures performed and the further removed non-compliance with laws and regulations is from the events and transactions reflected in the financial statements, the less likely we are to become aware of it. A further description of our responsibilities is available on the Financial Reporting Council’s website at: www.frc.org.uk/auditorsresponsibilities. This description forms part of our auditor’s report. Use of our report This report is made solely to the Parent Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Parent Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Parent Company and the Parent Company’s members as a body, for our audit work, for this report, or for the opinions we have formed. Leighton Thomas (Senior Statutory Auditor) For and on behalf of BDO LLP, Statutory Auditor London, UK 25 April 2022 BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127). extent to which the audit was capable of detecting irregularities, including fraud Irregularities, including fraud, are instances of non-compliance with laws and regulations. We design procedures in line with our responsibilities, outlined above, to detect material misstatements in respect of irregularities, including fraud. The extent to which our procedures are capable of detecting irregularities, including fraud is detailed below: • We obtained an understanding of the legal and regulatory frameworks that are applicable to the Group and its components and determined that the most significant laws and regulations which are directly relevant to specific assertions in the financial statements are those that relate to the reporting framework, Companies Act 2006, the AIM rules, data privacy and the relevant tax regulations including but not limited to, Corporate and VAT legislation, and Employment Taxes. • We understood how the Group and its components are complying with those frameworks by making enquiries of management and those responsible for legal and compliance procedures. We corroborated our enquiries through our review of board minutes and papers provided to the Audit Committee. • We also reviewed the Group’s tax computations and returns and financial statements disclosures against the requirements of the relevant tax legislation and applicable accounting frameworks respectively. • We assessed the susceptibility of the Group’s financial statements to material misstatement, including how fraud might occur, by meeting with management to understand where they considered there was a susceptibility to fraud. • Our audit planning identified fraud risks in relation to management override of control and risk of fraud in revenue recognition which has been assessed as a Key Audit Matter above. • We obtained an understanding of the processes and controls that the Group has established to address risks identified, or that otherwise prevent, deter and detect fraud and how management monitors the processes and controls. • We communicated relevant identified laws and regulations and potential fraud risks to all engagement team members and remained alert to any indications of fraud or non-compliance with laws and regulations throughout the audit. • In response to the risk of management override of control, our procedures included journal entry testing, with a focus on large or unusual transactions based on our knowledge of the business which where agreed to supporting documentation where applicable; and enquiries with Group Management and those charged with governance regarding an instances of known or suspected fraud during the year. Continuing operations revenue Cost of sales Gross profit Operating expenses Consisting of: Operating expenses before depreciation and amortisation Depreciation and amortisation of intangible assets Profit/(loss) from operations Share–based payments operating profit/(loss) Other income Finance income Finance costs Profit/(loss) before taxation Taxation credit Profit/(loss) after taxation Profit/(loss) after taxation attributable to equity owners of the parent Basic and diluted earnings/(loss) per share Basic earnings/(loss) per share Diluted earnings/(loss) per share EBITDA Adjusted EBITDA – for DDPaaS depreciation, share based payments, unrealised foreign exchange differences on intercompany loan and PPPL forgiveness The notes on pages 52 to 80 form part of these financial statements. Year ended 31 December 2021 $’000 Year ended 31 December 2020 $’000 20,895 (3,112) 17,783 (16,120) (13,928) (2,192) 1,663 (522) 1,141 637 1 (406) 1,373 149 1,522 1,522 Cents 0.3 0.3 3,970 4,150 16,877 (3,832) 13,045 (16,431) (14,114) (2,317) (3,386) (359) (3,745) – 16 (301) (4,030) 246 (3,784) (3,784) Cents (0.8) (0.8) (1,428) (551) Note 4 10,11,12 27 5 18 5 6 7 7 8 8 46 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 47 Consolidated Statement of Comprehensive Income for the year ended 31 December 2021 Consolidated Statement of Financial Position as at 31 December 2021 Profit/(loss) for the year Other comprehensive (expense)/income: Items reclassified subsequently to profit or loss upon derecognition: Foreign exchange differences Other comprehensive (expense)/income for the year net of taxation attributable to the equity owners of the parent total comprehensive income/(expense) for the year attributable to the equity owners of the parent Year ended 31 December 2021 $’000 Year ended 31 December 2020 $’000 1,522 (3,784) (122) (122) 1,400 216 216 (3,568) assets non–current assets Goodwill Acquired intangible assets Capitalised development expenditure Property, plant and equipment – owned assets Leased right of use assets Trade and other receivables current assets Inventories Trade and other receivables Cash and cash equivalents total assets liabilities current liabilities Trade and other payables Lease liabilities Deferred income Borrowings net current assets non–current liabilities Trade and other payables Lease liabilities Deferred income Borrowings net assets capital and reserves attributable to the equity owners of the parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve total shareholders’ equity These financial statements were approved by the Board of Directors on 25 April 2022 and signed on their behalf. lionel chmilewsky Director The notes on pages 52 to 80 form part of these financial statements. as at 31 December 2021 $’000 as at 31 December 2020 $’000 note 9 10 11 12 12 15 14 15 16 17 20 18 16 17 20 18 22 23 8,991 4 4,528 796 145 859 15,323 57 3,206 11,201 14,464 29,787 (4,068) (94) (4,677) (1,421) (10,260) 4,204 (143) (78) (2,147) (1,356) (3,724) 15,803 6,914 82,122 7,051 1,490 (1,506) (80,268) 15,803 8,991 9 4,646 1,099 237 694 15,676 98 3,714 10,140 13,952 29,628 (6,461) (86) (3,444) (2,073) (12,064) 1,888 (402) (171) (2,705) (405) (3,683) 13,881 6,914 82,122 7,051 968 (1,384) (81,790) 13,881 48 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 49 Company Statement of Financial Position as at 31 December 2021 Consolidated Statement of Cash Flows for the year ended 31 December 2021 assets non–current assets Investments in subsidiaries Trade and other receivables current assets Trade and other receivables Cash and cash equivalents liabilities current liabilities Trade and other payables Borrowings net current (liabilities) / assets non–current liabilities Trade and other payables Borrowings net assets total equity attributable to owners of the Parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve total equity as at 31 December 2021 $’000 as at 31 December 2020 $’000 note 13 15 15 16 18 16 18 22 23 76,071 97 76,168 17 10,132 10,149 (8,936) (1,421) (10,357) (208) (112) (1,356) (1,468) 74,492 6,914 82,122 7,051 1,490 (10,532) (12,553) 74,492 60,921 77 60,998 – 9,875 9,875 (5,845) (1,436) (7,281) 2,594 (143) (405) (548) 63,044 6,914 82,122 7,051 968 (9,947) (24,064) 63,044 The Company financial statements were prepared in accordance with Financial Reporting Standard 101 Reduced Disclosure Framework. The Company has taken advantage of the following disclosure exemptions: The requirements of IAS 7 Statement of Cash Flows, IFRS 7 Financial Instruments: Disclosures and IAS 24 Related Party Disclosures. The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in these financial statements. The Parent Company’s profit for the year was $11.5 million (2020: $36.5 million). These financial statements were approved by the Board of Directors on 25 April 2022 and signed on their behalf. lionel chmilewsky Director The notes on pages 52 to 80 form part of these financial statements. Operating activities Profit/loss before taxation for the year Adjustments for movements: Amortisation of acquired intangible assets Amortisation of capitalised development expenditure Depreciation – owned assets Depreciation – leased assets Finance income Finance expense Finance lease interest costs Share based payments expense PPPL forgiveness cash generated from/(used in) operating activities before movement in working capital Movement in working capital: Decrease in inventories and sales evaluation assets (Increase)/decrease in trade and other receivables (Decrease)/increase in trade and other payables net movement in working capital cash generated from operating activities Taxation received net cash generated from operating activities cash flows from investing activities Purchase of intangible assets Investment in development expenditure Purchase of property, plant and equipment net cash used in investing activities cash flows from financing activities Proceeds from borrowings Finance income Lease liability payments Finance expense Repayments of borrowings net cash generated from/(used in) financing activities increase in cash and cash equivalents Effects of exchange rates on cash and cash equivalents Cash and cash equivalents at 1 January cash and cash equivalents at 31 December The notes on pages 52 to 80 form part of these financial statements. Year ended 31 December 2021 $’000 Year ended 31 December 2020 $’000 1,373 (4,030) 5 1,872 604 93 (1) 388 18 522 (637) 4,237 175 223 (1,999) (1,601) 2,636 149 2,785 – (1,754) (421) (2,175) 2,683 1 (103) (238) (1,738) 605 1,215 (154) 10,140 11,201 6 1,933 514 119 (16) 274 27 359 – (814) 45 (1,187) 6,852 5,710 4,896 246 5,142 (8) (1,410) (1,015) (2,433) 637 16 (136) (206) (1,187) (876) 1,833 (14) 8,321 10,140 50 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 51 Consolidated Statement of Changes in Equity for the year ended 31 December 2021 Company Statement of Changes in Equity for the year ended 31 December 2021 1 January 2020 Loss for the year Other comprehensive income total comprehensive expense for the year contributions by and distributions to owners Share based payments total contributions by and distributions to owners Share capital $’000 6,914 Share premium account $’000 82,122 – – – – – – – – – – – – – – – 31 December 2020 and 1 January 2021 6,914 82,122 7,051 Profit for the year Other comprehensive expense total comprehensive income for the year contributions by and distributions to owners Share based payments total contributions by and distributions to owners – – – – – – – – – – – – – – – capital redemption reserve $’000 Share options reserve $’000 Foreign exchange translation reserve $’000 accumulated profit and loss reserve $’000 total attributable to equity owners of the parent $’000 7,051 609 (1,600) (78,006) – – – 359 359 968 – – – 522 522 – 216 216 – – (3,784) – – – (1,384) (81,790) – (122) (122) – – 1,522 – 1,522 – – 359 359 13,881 1,522 (122) 1,400 522 522 Share capital $’000 6,914 Share premium account $’000 82,122 capital redemption reserve $’000 Share options reserve $’000 Foreign exchange translation reserve $’000 accumulated profit and loss reserve $’000 total attributable to equity owners of the parent $’000 7,051 609 (10,724) (60,563) – – – – – – – – – – – – – – – contributions by and distributions to owners Share based payments total contributions by and distributions to owners 31 December 2020 and 1 January 2021 6,914 82,122 7,051 Profit for the year Other comprehensive expense total comprehensive expense for the year contributions by and distributions to owners Share based payments total contributions by and distributions to owners – – – – – – – – – – – – – – – 25,409 36,499 777 37,276 359 359 63,044 11,511 (585) – 777 777 – – 36,499 – 36,499 – – (9,947) (24,064) – (585) (585) – – 11,511 – 11,511 10,926 – – 522 522 – – – 359 359 968 – – – 522 522 17,090 (3,784) 216 1 January 2020 Profit for the year Other comprehensive income (3,784) (3,568) total comprehensive income for the year 31 December 2021 6,914 82,122 7,051 1,490 (1,506) (80,268) 15,803 31 December 2021 6,914 82,122 7,051 1,490 (10,532) (12,553) 74,492 The share capital comprises the nominal values of all shares issued. The share premium account comprises the amounts subscribed for share capital in excess of the nominal value, net of issuance costs. The capital redemption reserve comprises the amount transferred from deferred shares on redemption of the deferred shares. The share options reserve represents the cost to the Group of share options. The foreign exchange translation reserve arises on retranslating the net assets of UK operations into US dollars. The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere. The notes on pages 52 to 80 form part of these financial statements. 52 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 53 Notes to the Financial Statements 1. General information Presentation currency These consolidated financial statements are presented in US dollars (‘$’) rounded to the nearest $’000 unless otherwise stated which represents the presentational currency of the Group. The average $–GBP sterling (‘GBP’) exchange rate used for the conversion of the Consolidated Income Statement for the 12 months ended 31 December 2021 was 1.38 (2020: 1.28). The closing $–GBP exchange rate used for the conversion of the Group’s assets and liabilities at 31 December 2021 was 1.35 (2020: 1.37). 2.5 Revenue The Group’s revenue is derived from the following products and services: • appliance and perpetual software licenses; • support services for a defined term; • installation and training services; • DDoS Protection as–a–Service (‘DDPaaS’) for a defined term; • SecureWatch Managed Service (enhanced security monitoring services) for a defined term; and • software subscription licenses for a defined term. Corero Network Security plc is a public limited company incorporated in the United Kingdom under the Companies Act 2006 and registered in England and Wales. The functional currency of the Company entity is GBP. The element of DDPaaS revenues pertaining to as–a–service assets is included in reported revenues and is recognised on a straight–line basis over the term of the contract. 2. Significant accounting policies 2.1 Basis of preparation The Group financial statements have been prepared in accordance with UK adopted international accounting standards and in conformity with the requirements of the Companies Act 2006. The Parent Company financial statements have been prepared in accordance with Financial Reporting Standard 101 (‘FRS 101’) ‘Reduced Disclosure Framework’. 2.2 Going concern The financial statements have been prepared on a going concern basis. Performance obligations, timing of revenue recognition and revenue recognition Revenue is recognised when control of the goods (appliances and software) transfer to the customer and services are delivered. Goods are shipped free on board (‘FOB’) from Corero, or Corero’s contract manufacturer, to the customer. The point of transfer of control for appliances is at the point of FOB shipment to the customer and for software at the point of electronic transfer to the customer. Revenue recognised on transfer of control of appliance and software products Appliance, perpetual software licenses and software subscription licenses Revenue recognised over–time (over the term of the contract) Support, DDPaaS and SecureWatch Managed services Revenue recognised once the service has been delivered Installation and training services The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 April 2023 (“going concern assessment period”). The cash flow projections have been subjected to sensitivity analysis at the revenue, cost and combined revenue and cost levels under three different scenarios. The cash flow projections show that the Group and Company will maintain a positive cash balance through the going concern assessment period under the base case and all three sensitivity scenarios. In addition, the projections and sensitivity analyses confirm that the bank loan covenants will be met during the going concern assessment period. Determining the transaction price The contract price is determined by reference to the Corero Sales Quotation or DDPaaS Agreement and is a fixed price. Certain DDPaaS contracts have an element of the transaction value or all of the transaction value determined by reference to a share of the customers’ revenue generated from the Corero solution (‘Revenue Share’). This Revenue Share revenue is recognised when the Revenue Share is determined. The Directors are also not aware of any significant matters in the remainder of calendar 2023 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. Corero does not have any other variable consideration payable by the customer and does not pay any consideration to the customer. There is no provision for purchase price adjustments, right of return or price concessions. The Directors continue to carefully monitor the impact of the COVID-19 pandemic, and its impact on the macroeconomic environment, on the operations of the Group and have a range of possible mitigating actions, which could be implemented in the event of a downturn of the business. However, with COVID-19 driving an increased requirement for workforces to shift to home working and heightened concerns relating to digital security and privacy the Group has benefited from favourable market tailwind. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. 2.3 Basis of consolidation The consolidated financial statements incorporate the results, assets, liabilities, and cash flows of the Company and each of its subsidiaries for the financial year ended 31 December 2021. Subsidiaries are entities controlled by the Group. Control is deemed to exist when the Group has all of the following elements: a) power over the subsidiary, b) exposure or rights to variable returns from that subsidiary, and c) ability to use its power to affect the amount of the return from the subsidiary. The results, assets, liabilities and cash flows of subsidiaries are included in the consolidated financial statements from the date control commences until the date that control ceases. Where necessary, adjustments are made to the financial statements of subsidiaries to bring the accounting policies used into line with those used by the Group. Intra–group balances and transactions are eliminated on consolidation. 2.4 Business combinations The acquisition method is used to account for all acquisitions. The cost of an acquisition is measured at the fair values, on the date of acquisition, of assets given, liabilities incurred or assumed, and equity instruments issued. At the date of acquisition, the identifiable assets and liabilities and contingent liabilities of a subsidiary are measured at their fair values. Any excess of the cost of acquisition over the fair values of the identifiable net assets acquired is recognised as goodwill. allocating amounts to performance obligations For contracts containing only a single performance obligation (annual support services, ‘DDPaaS’ and SecureWatch Managed Service) there is no requirement to make an allocation of the contract price. For contracts containing multiple products, the transaction price is allocated to the separate performance obligations based on relative stand–alone selling prices (‘SSP’). The SSP is determined using defined price lists and historic customer discount rates. incremental costs of obtaining a contract Sales commission paid to Corero sales employees is an incremental cost of obtaining a contract and is recorded under Trade and other receivables in the Consolidated Statement of Financial Position. Sales commission relating to the support revenue from a new sales contract is recorded in prepayments and amortised over five years. Corero follows the requirements of the IFRS 15 standard with regards to the amortisation period which requires amortisation on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates. The expectation, supported by historic evidence, is that customers will generally renew their support contracts for more than three years with the additional expectation of follow–on hardware and software (and associated services) business from a significant number of existing customers. Based on this, and consistent with previous treatment, Corero has assessed that a reasonable period for capitalised sales commission to be amortised is five years. Periodic customer reviews will be undertaken to ascertain if there is any evidence that the value of the customer relationship has been negatively impacted, in which case the prepayment will be appropriately written down. Applying the practical expedient, Corero recognises the incremental costs of obtaining contracts as an expense when incurred if the amortisation period of the prepayment that Corero otherwise would have recognised is one year or less. Fulfilment costs Corero’s principal fulfilment costs relate to the costs of the Corero customer support team which delivers the customer support services, DDPaaS services and the SecureWatch Managed services. These costs are not separately allocated or identifiable against specific customers. Therefore, these costs are recognised in the period in which they are incurred in the Consolidated Income Statement. contract assets and liabilities Contract assets arise when goods and services have been delivered and invoiced but payment is not yet due. Contract liabilities arise for future delivery of services which have been invoiced and payment is due. Contract liabilities are shown as deferred income in the Statement of Financial Position. 54 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 55 Notes to the Financial Statements continued 2. Significant accounting policies continued 2.6 Government grants Government grants are recognised at fair value when there is reasonable assurance that the Group will comply with the conditions attaching to them and the grant will be received. Grants related to purchase of assets are treated as deferred income and allocated to the Consolidated Income Statement over the useful lives of the related assets while grants related to expenses are netted off against the related item of expenditure in the Consolidated Income Statement. 2.7 cost of sales Cost of sales includes all direct costs associated with revenue generation, including goods directly related to revenue, services delivery, operation costs, DDoS as–a–service depreciation and amounts charged by external third parties for services. Examples of such costs would include third–party appliance costs and third–party software license costs. 2.8 Foreign currencies Transactions in foreign currencies are translated at the exchange rate ruling at the date of each transaction. Foreign currency monetary assets and liabilities are retranslated using the exchange rates at the reporting date. Gains and losses arising from changes in exchange rates after the date of the transaction are recognised in profit or loss in the Consolidated Income Statement. Non–monetary assets and liabilities that are measured in terms of historical cost in a foreign currency are translated at the exchange rate at the date of the original transaction. In the consolidated financial statements, the net assets of the Group’s UK operations are translated from GBP into US dollars at the exchange rate at the reporting date. Income and expense items are translated into US dollars at the average exchange rates for the period. The resulting exchange differences are recognised in the foreign exchange translation reserve. 2.9 intangible assets internally generated intangible assets The Group’s internally generated intangible asset relates to its development expenditure. Development expenditure is capitalised only when it is probable that future economic benefit will result from the project and the following criteria are met: • the technical feasibility of the product has been ascertained; • adequate technical, financial and other resources are available to complete and sell or use the intangible asset; • the Group can demonstrate how the intangible asset will generate future economic benefits and the ability to use or sell the intangible asset can be demonstrated; • it is the intention of management to complete the intangible asset and use it or sell it; and • the development costs can be measured reliably. Expenditure not meeting these criteria is expensed in the Consolidated Income Statement. 2.10 Property, plant and equipment Depreciation commences when an asset is available for use. Depreciation is calculated so as to write off the cost or value of an asset, net of anticipated disposal proceeds, over the useful life of that asset as follows: • Leasehold improvements – period of the lease (straight–line basis). • Right–of–use assets – period of the lease (straight–line basis). • Computer equipment, evaluation assets and DDoS Protection as–a–Service assets – three years (straight–line basis). • Fixtures and fittings – five years (straight–line basis). Property, plant and equipment is stated at cost less accumulated depreciation and any impairment losses. Cost comprises the purchase cost of property, plant and equipment together with any directly attributable costs. Evaluation assets are used by customers during proof–of–concept trials. Evaluation assets are stated at cost less accumulated depreciation. When an evaluation asset is retained by a customer as part of a sale, the net book value of the evaluation asset is charged to cost of sales. Depreciation of DDoS Protection as–a–Service assets is charged to cost of sales. Subsequent costs are included in an asset carrying value or are recognised as a separate asset when it is probable that future economic benefits associated with the additional expenditure will flow to the Group and the cost of the item can be measured reliably. All other costs are charged to the Consolidated Income Statement as incurred. Methods of depreciation, residual values and useful lives are reviewed, and if necessary adjusted, at each balance sheet date. The gain or loss arising from the disposal or retirement of an item of property, plant and equipment is determined as the difference between the net disposal proceeds and the carrying amount of the item and included in the Consolidated Income Statement. 2.11 inventory Inventory is stated at the lower of cost or net realisable value. Cost is computed using standard cost, which approximates to actual cost, on a first–in, first–out basis. Rapid technological change and new product introductions and enhancements could result in excess or obsolete inventory, the value of which may not be recoverable. To minimise this risk, the Group evaluates inventory levels and expected usage on a periodic basis and records valuation allowances as required. 2.12 impairment At each reporting date, the Group assesses whether there is any indication that its assets have been impaired. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of any impairment. If it is not possible to estimate the recoverable amount of the individual asset, the recoverable amount of the cash–generating unit (‘CGU’) to which the asset belongs is determined. The recoverable amount of an asset or a CGU is the higher of its fair value less costs to sell and its value in use. The recoverable amount is calculated using the present value of the future cash flows expected to be derived from an asset or CGU. This present value is derived using a cost of capital rate that reflects current market assessments of the time value of money and of the risks specific to the asset for which future cash flow estimates have not been adjusted. If the recoverable amount of an asset is less than its carrying amount, the carrying amount of the asset or CGU is reduced to its recoverable amount. That reduction is recognised as an impairment loss. After initial recognition, internally–generated intangible assets are carried at cost less accumulated amortisation and any impairment losses. Amortisation is charged once the asset is capable of generating economic benefits. An impairment loss relating to assets carried at cost less any accumulated depreciation or amortisation is recognised immediately in the Consolidated Income Statement. acquired intangible assets Identifiable intangible assets acquired as part of a business combination are initially recognised separately from goodwill, irrespective of whether the assets have been recognised by the acquiree before the business combination. An intangible asset is considered identifiable only if it is separable or if it arises from contractual or other legal rights, regardless of whether those rights are transferable or separable from the entity or from other rights and obligations. Intangible assets acquired as part of a business combination and recognised by the Group are computer software and customer relationships. Purchased computer software is carried at cost less accumulated amortisation and any impairment losses. Customer contracts and the related customer relationships are carried at cost less accumulated amortisation and any impairment losses. amortisation Intangible assets are amortised on a straight–line basis to reduce their carrying value to zero over their estimated useful lives. The following useful lives were applied during the year: • Computer software acquired – three years straight line. • Capitalised development expenditure – five years straight line. Amortisation costs are included within operating expenses in the Consolidated Income Statement. Methods of amortisation and useful lives are reviewed, and if necessary adjusted, at each reporting date. Goodwill acquired in a business combination is, from the acquisition date, allocated to each of the CGU’s or groups of CGU’s that are expected to benefit from the synergies of the combination. Goodwill is tested for impairment at least annually, and whenever there is an indication that the asset may be impaired. An impairment loss is recognised for CGU’s if the recoverable amount of the CGU is less than the carrying amount of the CGU. The impairment loss is allocated to reduce the carrying amount of the assets of the CGU by first reducing the carrying amount of any goodwill allocated to the CGU, and then reducing the carrying amounts of the other assets of the CGU pro rata. If an impairment loss subsequently reverses, the carrying amount of the asset or CGU is increased to the revised estimate of its recoverable amount but limited to the carrying amount that would have been determined had no impairment loss been recognised in prior years. A reversal of an impairment loss is recognised in the Consolidated Income Statement. Impairment losses on goodwill are not subsequently reversed. 56 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 57 Notes to the Financial Statements continued 2. Significant accounting policies continued 2.13 leases All leases are accounted for by recognising a right–of–use asset and a lease liability except for: • leases with a duration of 12 months or less; and • leases of low value assets. Lease liabilities are measured at the present value of the contractual payments due to the lessor over the lease term, with the discount rate determined by reference to the rate inherent in the lease unless this is not readily determinable, in which case the Group’s incremental borrowing rate on commencement of the lease is used. On initial recognition, the carrying value of the lease liability also includes: • amounts expected to be payable under any residual value guarantee; • the exercise price of any purchase option granted in favour of the Group if it is reasonably certain to assess that option; and • any penalties payable for terminating the lease, if the term of the lease has been estimated on the basis of termination option being exercised. Right–of–use assets are initially measured at the amount of the lease liability, reduced for any lease incentives received, and increased for: • lease payments made at or before commencement of the lease; • initial direct costs incurred; and • the amount of any provision recognised where the Group is contractually required to dismantle, remove or restore the lease. Subsequent to initial measurement, lease liabilities increase as a result of interest charged at a constant rate on the balance outstanding and are reduced for lease payments made. Lease payments are analysed between capital and interest. The interest element is charged to the Consolidated Income Statement over the period of the lease. The capital element reduces the balance owed to the lessor. Right–of–use assets are amortised on a straight–line basis over the remaining term of the lease or over the remaining economic life of the asset. The total rentals payable under leases which are not recognised as a right–of–use asset and a lease liability (an ‘operating lease’) are charged to the Consolidated Income Statement on a straight–line basis over the lease term. 2.14 investments in subsidiaries In the Company’s separate financial statements, investments in subsidiaries are carried at cost less any impairment provisions. 2.15 taxation The tax expense represents the sum of current tax and deferred tax. current tax Current tax is based on taxable profit for the year and is calculated using tax rates enacted or substantively enacted at the reporting date. Taxable profit differs from accounting profit either because items are taxable or deductible in periods different to those in which they are recognised in the financial statements (temporary differences), or because they are never taxable or deductible (permanent differences). Deferred tax Deferred tax on temporary differences at the reporting date between the tax bases of assets and liabilities and their carrying amounts for financial reporting purposes is accounted for using the balance sheet liability method. Using the balance sheet liability method, deferred tax liabilities are recognised in full for all taxable temporary differences and deferred tax assets are recognised to the extent that it is probable that taxable profits will be available against which deductible temporary differences can be utilised. However, if the temporary difference arises from the initial recognition of goodwill or the initial recognition of an asset or liability in a transaction other than a business combination, that at the time of the transaction affects neither accounting nor taxable profit, it is not recognised as deferred tax asset or liability. Deferred taxation is measured at the tax rates that are expected to apply when the asset is realised, or the liability settled, based on tax rates and laws enacted or substantively enacted at the reporting date. 2.16 Post–retirement benefits The Group makes contributions in respect of certain employees to defined contribution pension plans under which it is required to pay fixed contributions to group and personal pension funds. Contributions to the schemes are based on a proportion of the employees’ earnings and are charged to the Consolidated Income Statement. The Group has no obligation beyond these contributions. 2.17 Financial instruments The Group classifies financial instruments, or their component parts, on initial recognition as a financial asset, a financial liability or an equity instrument in accordance with the substance of the contractual arrangement. Financial assets and financial liabilities are recognised in the Group’s Statement of Financial Position when the Group becomes party to the contractual provisions of the instrument. The particular recognition and measurement methods adopted for the Group’s financial instruments are disclosed below: trade and other receivables Trade and other receivables are stated at their fair value at time of initial recognition, reflecting, where material, the time value of money. A provision for impairment of trade receivables is established when there is evidence that the Group will not be able to collect all amounts due. The simplified approach is used for assessing the expected credit loss on trade receivables, requiring the lifetime expected credit loss to be recorded as the provision for impairment. An impairment provision is recorded against the intercompany loan note instrument between the Company and Corero Network Security, Inc. based on calculating the risk adjusted carrying value of the loan to take account of the credit loss which is expected to arise over the period until the cash is realised. The amount of the provision is based on whether there has been a significant increase in credit risk since the initial recognition of the loan. In situations where the credit risk has not increased significantly and the loan amount is expected to be recovered, the expected credit loss is limited to the effect of discounting the intercompany loan over the period until repayment is realised at the effective interest rate. cash and cash equivalents Cash and cash equivalents include cash in hand and deposits on call with banks. trade and other payables Trade and other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they are accounted for at amortised cost. Debt obligations Debt obligations include interest bearing bank borrowings which are stated at their fair value less transaction costs at time of initial recognition. Debt obligations are subsequently measured at amortised cost. 2.18 equity instruments An equity instrument is any contract that evidences a residual interest in the assets of the Company after deducting all its liabilities. Equity instruments issued by the Company are recorded at the proceeds received, net of directly attributable issue costs. 2.19 employee share option schemes The Group operates an equity–settled share–based compensation plan. The fair value of the employees’ services received in exchange for the grant of share options is measured at grant date and recognised as an expense on a straight–line basis over the vesting period, based on the Group’s estimate of shares that will eventually vest. Fair value is determined by reference to the Black–Scholes option pricing model. If a granted option is cancelled and regranted the increase in fair value of the granted option measured immediately before and after the cancellation and regrant is added to the value of the employee’s service received in exchange for the grant. If an option grant is cancelled the previously recorded expense is credited to the Consolidated Income Statement. At each reporting date, the Group revises its estimate of the number of options that are expected to become exercisable. When share options are exercised, the proceeds received, net of any transaction costs, are credited to share capital (nominal value) and share premium. 2.20 Standards and interpretations not yet effective There are a number of standards, amendments to standards, and interpretations which have been issued that are effective in future accounting periods that the Group has decided not to adopt early as they will not have a significant impact on the presentation of the Group financial statements. 58 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 59 Notes to the Financial Statements continued 3. critical accounting judgements and key sources of estimation uncertainty Revenues from external customers are identified on the basis of invoicing systems and adjusted to take into account the difference between invoiced amounts and deferred revenue adjustments as required by IFRS. 3.1 critical judgements in applying the Group’s accounting policies In the process of applying the Group accounting policies, the following judgements have had a significant effect on the amounts recognised in the financial statements: An international SaaS customer, the Group’s largest customer, accounted for 22% of 2021 revenue (2020: 19%). The revenue is analysed as follows for each revenue category: internally generated research and development costs Management monitors progress of internal research and development projects. Judgement is required in distinguishing the research phase from the development phase. Development costs are recognised as an asset when all criteria are met and a project has passed the feasibility phase, whereas research costs are expensed as incurred. Management monitors whether the recognition requirements for development costs continue to be met. This is necessary as the economic success of any product development is uncertain. Going concern The Directors have reviewed the future profit and cash flow projections in conjunction with the current economic climate in order to express an opinion on the adequacy of working capital and the ability to continue as a going concern for the foreseeable future. The methodology contained in the projections is detailed in the note 2.2. 3.2 Key accounting estimates and assumptions Key assumptions concerning the future and other key sources of estimation uncertainty that have a significant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next financial year are as follows: impairment of intangible assets and property, plant and equipment The Group tests goodwill at least annually for impairment, and whenever there is an indication that the asset may be impaired. All other intangible assets and property, plant and equipment are tested for impairment when indicators of impairment exist. Impairment is determined with reference to the higher of fair value less costs to sell and value in use. Fair value less costs to sell is estimated using discounted future cash flows. Significant assumptions are made in estimating future cash flows about future events including future market conditions, future growth rates and appropriate discount rates. Changes in these assumptions could affect the outcome of impairment reviews. Details of the main assumptions used in the assessment of the carrying value of the Group’s CGU are set out in note 9. impairment of investments (applies to the company financial statements only) The Directors have reviewed the cost of investments in subsidiaries of the Company with reference to current and future trading conditions. The investment in subsidiaries has been reviewed with reference to a valuation based on a discounted free cash flow, in conjunction with the goodwill impairment review, which the Directors consider to be an appropriate valuation methodology. Standalone Selling Price – Revenue recognition On a quarterly basis the Group analyses the selling prices for each deal compared to the current Standalone Selling Price (‘SSP’). This analysis includes grouping similar deals based on qualitative factors such as customer profile, size, and region, together with a quantitative comparison to the then current SSP. SSP fair value prices are adjusted for future quarters if management identifies a pattern of variances of greater than 10% between actual selling prices and the then current SSP. 4. Segment reporting Business segments The Group is managed according to one business unit, Corero Network Security, which makes up the Group’s reportable operating segment. This business unit forms the basis on which the Group reports its primary segment information to the Board, which management consider to be the Chief Operating Decision maker for the purposes of IFRS 8 Operating Segments. The Group’s revenues from external customers are divided into the following geographies: The Americas EMEA APAC ROW total 2021 $’000 2020 $’000 16,042 10,988 2,778 2,075 – 4,323 1,278 288 20,895 16,877 Software license and appliance revenue DDoS Protection as–a–Service revenue Maintenance and support services revenue total The revenue is analysed by timing of delivery of goods or services as: Point in time delivery Over time total 2021 $’000 10,337 4,025 6,533 20,895 2021 $’000 10,337 10,558 20,895 2020 $’000 8,446 2,876 5,555 16,877 2020 $’000 8,446 8,431 16,877 No unsatisfied performance obligations arise except from those revenues which are recognised over time. See note 20 for further details. contract balances At 1 January Transfers in the period to/from trade receivables from/to contract assets Amounts included in contract liabilities that were recognised as revenue in the period from the opening balance Amounts included in contract liabilities that were recognised as revenue from amounts invoiced in the period Amounts invoiced in the period and not recognised as revenue in the period At 31 December company The Company has no contract assets or liabilities (2020: $nil). contract assets contract liabilities 2021 $’000 2,429 (1,153) – – – 2020 $’000 1,326 1,103 – – – 1,276 2,429 2021 $’000 6,149 – 2020 $’000 3,896 – (3,442) (3,211) (5,889) 10,006 6,824 (5,219) 10,683 6,149 60 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 61 Notes to the Financial Statements continued 5. Profit for the year The following items have been included in arriving at the Group’s profit/(loss) for the year before taxation: Unrealised (gain)/loss on intercompany loan Finance expense – Clydesdale loan interest and fees Finance expense – lease liability Research and development expenditure not capitalised Amortisation of acquired intangible assets (note 10) Amortisation of capitalised development expenditure (note 11) Depreciation of property, plant and equipment (note 12) DDoS Protection as–a–Service asset depreciation (note 12) Other income – PPPL forgiveness (note 18) auditor’s remuneration Remuneration received by the Company’s auditor for the audit of these Financial Statements The audit of the financial statements of other Group companies Fees payable to the Company’s auditor for taxation compliance services Fees payable to the Company’s auditor for taxation advisory services 6. tax on profit/(loss) on ordinary activities Current tax credit Total 2021 $’000 (87) 388 18 1,546 5 1,872 315 382 (637) 2021 $’000 105 42 35 9 191 2021 $’000 149 149 2020 $’000 263 274 27 1,562 6 1,933 378 255 – 2020 $’000 105 41 33 17 196 2020 $’000 246 246 The tax assessed on the profit on ordinary activities for the year differs from the weighted average UK corporate rate of tax of 19% per the 2021 and 2022 governmental budgets (2020: 19.0%). The differences are reconciled below: Total tax reconciliation Profit before taxation Theoretical tax credit at UK Corporation tax rate 19% (2020: 19.0%) Effect of: – expenditure that is not tax deductible – R&D tax credits – accelerated capital allowances – losses not utilised / utilised actual taxation credit 2021 $’000 2020 $’000 1,373 261 125 149 (43) (343) 149 (4,030) (766) 168 246 (58) 656 246 Factors affecting future tax charges As at 31 December 2021, the Group’s cumulative fixed asset timing differences were $23,000 (2020: $76,000) and no deferred tax asset has been recognised in respect of these items. In addition, the tax losses at that date amounted to $89.3 million (2020: $94.2 million). This comprised UK tax losses of $13.8 million and US tax losses of $75.5 million. $6.4 million of the tax losses relate to pre–acquisition US tax losses which can be offset against taxable profits over 10 years (there is a limit on the utilisation of pre–acquisition tax losses of $0.7 million per annum and any unused loss may be carried forward to subsequent periods). All other US tax losses expire 20 years from the end of the accounting period in which the loss arose. UK tax losses arising in the period prior to 1 April 2017 can only used against taxable profits of the same trade, after 1 April 2017 the losses can be used against total company profits. Deferred tax assets of $3.4 million (2020: $2.5 million) relating to the UK tax losses (applying a tax rate of 25.0% to tax losses expected to unwind after 1 April 2023, the rate substantively enacted on 10 June 2021) and the deferred tax assets of $15.9 million (2020: $17.0 million) relating to the US tax losses and taxable temporary fixed asset differences (applying a tax rate of 21.0%) have not been recognised due to uncertainties as to the extent and timing of their future recovery. 7. earnings/(loss) per share Earnings/(loss) per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year. The effects of anti–dilutive ordinary shares resulting from the exercise of share options are excluded from the calculation of the loss per share. Therefore, the diluted loss per share is equal to the loss per share. Basic earnings per share From profit/(loss) for the year Diluted earnings per share From profit/(loss) for the year Basic earnings/(loss) per share From profit/(loss) for the year Diluted earnings/(loss) per share Basic earnings/(loss) per share Dilutive effect of share options Diluted earnings/(loss) per share 2021 cents 0.3 0.3 2020 cents (0.8) (0.8) 2021 Weighted average number of 1p shares thousand 494,852 494,852 18,914 513,766 Profit $’000 1,522 1,522 – 1,522 Profit per share cents 0.3 0.3 – 0.3 2020 Weighted average number of 1p shares thousand loss $’000 loss per share cents (3,784) 494,852 (0.8) (3,784) 494,852 – – (3,784) 494,852 (0.8) – (0.8) 62 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 63 Notes to the Financial Statements continued 8. Key performance measures eBitDa and adjusted eBitDa Earnings before interest, tax, depreciation, and amortisation (‘EBITDA’) is defined as earnings from operations before interest, tax, depreciation, and amortisation charges. The following is a reconciliation of EBITDA and Adjusted EBITDA for the periods presented: The recoverable amount for the CNS CGU was determined based on a discounted cash flow calculation to calculate fair values less costs to sell using cash flow projections over a 10 year period (2020: 10 year period). The discounted cash flow approach is a level 3 fair value calculation in the IFRS 13 fair value hierarchy. The key assumptions for the discounted cash flow calculation are those regarding revenue growth and discount rates as summarised in the table below and commented on below: Profit/(loss) before taxation Adjustments for: Finance income Finance expense Finance lease interest costs Depreciation – owned assets Depreciation – lease liabilities Amortisation of acquired intangible assets Amortisation of capitalised development expenditure eBitDa Depreciation of DDoS Protection–as–a–Service assets charged to cost of sales Share based payments Unrealised foreign exchange differences on intercompany loan Other income – PPPL forgiveness Year ended 31 December 2021 $’000 Year ended 31 December 2020 $’000 1,373 (4,030) (1) 388 18 222 93 5 1,872 3,970 382 522 (87) (637) (16) 274 27 259 119 6 1,933 (1,428) 255 359 263 – adjusted eBitDa – for DDPaaS depreciation, share based payments, unrealised foreign exchange differences on intercompany loan and PPPl forgiveness 4,150 (551) 9. Goodwill Group cost At 1 January 2020 At 31 December 2020 at 31 December 2021 impairment At 1 January 2020 At 31 December 2020 at 31 December 2021 carrying amount at 31 December 2021 At 31 December 2020 At 1 January 2020 Goodwill is tested at least annually for impairment and when there are indications that goodwill might be impaired. Goodwill is allocated to the Group’s single CGU, Corero Network Security (‘CNS’). $’000 17,983 17,983 17,983 (8,992) (8,992) (8,992) 8,991 8,991 8,991 Forecast cash flow period Extrapolated cash flow period Cumulative annual growth rate (‘CAGR’) for revenue used for the forecast/extrapolated periods Growth rates (‘CAGR’) used for the forecast/extrapolated periods: Year 1–2 (forecast period) Years 3–5 (extrapolated period) Years 6–10 (extrapolated period) Revenue growth rate used beyond the extrapolated period Discount rate 2021 2020 Years 1–2 Years 1–2 Years 3–10 Years 3–10 12.2% 13.1% 23.5% 15.0% 6.5% 2.5% 12.3% 29.8% 14.0% 6.5% 2.5% 12.2% The pre–tax cash flows for the forecast period are derived from the most recent financial budget for the year ending 31 December 2022 (‘2022 Budget’) and the plan for the year ending 31 December 2023 (‘2023 Plan’) approved by the Board, with a sensitivity reflecting prior year experience and progress made in 2021 (10% applied to the 2022 Budget revenue and 15% to the 2023 Plan revenue). The extrapolation for the period 2024 to 2031 is based on management estimates (with the key assumptions set out below). The future pre–tax cash flows are discounted by a WACC of 12.3% (2020: 12.2%). The key assumptions underlying the cash flow projections and which the recoverable amount is most sensitive to are (i) the revenue growth rates forecast and extrapolated for the period 2022 to 2026 (ii) and the discount rate. The cash flow forecasts assume a CAGR revenue growth of 18.3% in the period 2022 to 2026 (20.1% for the period 2021 to 2025) and 6.5% for the period 2026 to 2031 (a ‘CAGR’ of 12.2% for 10–year forecast period; 2020: 13.1%). The cashflow forecasts reflect a sensitivity of 10% applied to the CNS 2022 Budget revenues and a sensitivity of 15% applied to the 2023 Plan revenues (and a sensitivity of 5% to 2022 operating costs and capital expenditure, and a sensitivity of 7.5% to 2023 operating costs and capital expenditure) reflecting prior year experience. The management of the Group believe these growth rates are appropriate for the forecasts given the significant progress the business made in 2020 and 2021, the strategy for 2022 which is focused on scaling the business for profitability through leveraging the Group’s expanded routes to market and the on–going investment in sales and marketing. This strategy is expected to deliver further increases in revenue in the forecast period. The global COVID–19 pandemic continues to bring uncertainty and wider market disruption globally. Whilst Corero has to date not seen any significant short–term impact on the provision of its products and services, and the sector within which the Company operates, and indeed to some extent benefits from acceleration in, for example, increased network usage deriving from increased ‘Working From Home’ initiatives, there have been disruptive impacts on the wider economy and large indebtedness of some public finances and this might impact some of its customer base. This impact continues to be a factor in the on–going assessment on the carrying value of goodwill at future reporting dates. The assumed growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future. The DDoS market is expected to reach $6.7 billion by 2026 (Source: MarketsandMarkets DDoS Protection and Mitigation market – Global Forecast to 2026, June 2019) – a CAGR of 15.1% in the period 2021 to 2026. The above market growth rates used in the future cash flow assumptions reflect that CNS is in the relatively early stages of the commercial exploitation of its intellectual property. In addition, the business’s strategy, aside from greater sales growth penetration, is to continue to develop its product and solution offerings to remain its market leadership technological credentials in its chosen markets thereby providing the opportunity to generate above market average growth rates. The growth rate assumed in the period beyond the 10–year extrapolation period of 2.5% is considered reasonable as historically IT spend has exceeded GDP growth. The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk–free interest rate estimate of 1.52% (based on 10–year US government bonds) (2020: 0.93%), comparable company betas, an equity risk premium of 6.2% (2020: 6.2%), and small company risk premium of 4.5% (2020: 4.5%). The WACC has been assessed based on that fact that the Group had debt at 31 December 2021 of $2.8 million (debt at 31 December 2020: $1.8 million). The WACC used in the valuation reflects current market assessments of the time value of money and the risks specific to CNS. As stated above, the valuation to support the value in use of the CNS CGU is sensitive to changes in the cash flow forecasts and the discount rate assumptions, and there is no absolute guarantee that the expected growth will be achieved. If the discount rate is increased from 12.3% to 101.6%, this would mathematically result in an impairment of the carrying value of goodwill of $9.0 million meaning the goodwill would be fully impaired. If the sensitivity of 10% applied to the CNS 2022 Budget and 15% to the 2023 Plan revenues (and sensitivity of 5% to CNS 2022 Budget operating costs and capital expenditure, and 7.5% to the 2023 Plan operating costs and capital expenditure) was increased to 39.0% for the CNS 2022 Budget and 58.6% to the 2023 Plan revenues (and sensitivity of 19.5% to CNS 2022 Budget operating costs and capital expenditure, and 29.3% to the 2023 Plan operating costs and capital expenditure), this would mathematically result in an impairment of the carrying value of goodwill of $9.0 million meaning the goodwill would be fully impaired. Apart from the considerations in determining the value in use of the CNS CGU extensively described above, the management of the Group is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates. 64 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 65 Notes to the Financial Statements continued 10. acquired intangible assets 11. capitalised development expenditure Group cost At 1 January 2020 Additions At 31 December 2020 and at 1 January 2021 Additions at 31 December 2021 amortisation At 1 January 2020 Charge for year At 31 December 2020 and at 1 January 2021 Charge for year at 31 December 2021 net book value at 31 December 2021 At 31 December 2020 At 1 January 2020 company The Company has no intangible fixed assets (2020: $nil). computer software $’000 customer relationships $’000 6,009 8 6,017 – 6,017 (6,002) (6) (6,008) (5) (6,013) 4 9 7 197 – 197 – 197 (197) – (197) – (197) – – – total $’000 6,206 8 6,214 – 6,214 (6,199) (6) (6,205) (5) (6,210) 4 9 7 Group cost At 1 January 2020 Additions At 31 December 2020 and at 1 January 2021 Additions at 31 December 2021 amortisation At 1 January 2020 Charge for year At 31 December 2020 and at 1 January 2021 Charge for year at 31 December 2021 net book value at 31 December 2021 At 31 December 2020 At 1 January 2020 company The Company has no capitalised development expenditure (2020: $nil). total $’000 20,900 1,410 22,310 1,754 24,064 (15,731) (1,933) (17,664) (1,872) 19,536 4,528 4,646 5,169 66 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 67 Notes to the Financial Statements continued 12. Property, plant and equipment Group computer equipment $’000 Sales evaluation assets $’000 DDoS protection as–a–service assets $’000 Fixtures and Fittings $’000 leasehold improvements $’000 Right–of–use assets $’000 cost 1 January 2020 Additions Transfers Disposals Foreign currency translation at 31 December 2020 and 1 January 2021 Additions Transfers Disposals Foreign currency translation at 31 December 2021 Depreciation at 1 January 2020 Charge for year Transfers Disposals Foreign currency translation at 31 December 2020 and at 1 January 2021 Charge for year Transfers Disposals Foreign currency translation at 31 December 2021 net book value at 31 December 2021 At 31 December 2020 At 1 January 2020 2,632 160 – (1,755) 5 1,042 17 – (59) (3) 997 (2,429) (154) – 1,755 (6) (834) (129) – 21 3 (939) 58 208 203 511 196 (83) (405) (3) 216 136 (67) (99) – 186 (379) (68) 16 337 3 (91) (59) 16 50 – (84) 102 125 132 DDoS Protection as–a–Service assets’ depreciation is charged to cost of sales. company The Company has no property, plant and equipment (2020: $nil). 621 646 83 – 27 104 – – – – 93 13 – – – 1,377 104 106 268 67 (57) (7) – – – – – – – – 1,648 104 106 (413) (255) (16) – (11) (695) (382) (16) 27 4 (58) (15) – – (1) (74) (13) – – – (30) (22) – – – (52) (21) – – – 423 – – – 3 426 – – (83) 1 344 (66) (119) – – (4) (189) (93) – 83 – total $’000 4,384 1,015 – (2,160) 32 3,271 421 – (298) (9) 3,385 (3,375) (633) – 2,092 (19) (1,935) (697) – 181 7 (1,062) (87) (73) (199) (2,444) 586 682 208 17 30 46 33 54 63 145 237 357 941 1,336 1,009 13. investment in subsidiaries company cost At 1 January 2020 Capitalisation of intercompany balances Additions Foreign currency translation at 31 December 2020 and at 1 January 2021 Capitalisation of intercompany balances Additions Foreign currency translation at 31 December 2021 impairment At 1 January 2020 Impairment credit/(charge) Foreign currency translation at 31 December 2020 and at 1 January 2021 Impairment credit/(charge) Foreign currency translation at 31 December 2021 net book value at 31 December 2021 At 31 December 2020 At 1 January 20120 investment in corero network Security, inc. and corero network Security (UK) limited $’000 investment in corero Group Services limited $’000 67,445 849 – 2,008 70,302 3,416 – (653) 73,065 (57,152) 36,588 (1,704) (22,268) 10,326 207 (11,735) 61,330 48,035 10,293 9,068 1,540 – 270 10,878 – – (101) 10,777 (4,331) (469) (128) (4,928) (138) 46 (5,020) 5,757 5,950 4,737 loan note $’000 7,970 – 394 263 8,627 – 444 (87) 8,984 (2,228) 604 (67) (1,691) 1,675 16 – 8,984 6,936 5,742 total $’000 84,483 2,389 394 2,541 89,807 3,416 444 (841) 92,826 (63,711) 36,723 (1,899) (28,887) 11,863 269 (16,755) 76,071 60,921 20,772 The Directors have reviewed the carrying value of the cost of investments in subsidiaries of the Company with reference to current and future trading conditions and on a discounted free cash flow valuation which the Directors consider to be an appropriate valuation methodology. As at 31 December 2021 the provision against the investment in subsidiaries was $16.8 million (at 31 December 2020: $27.2 million), comprising a provision against the investment in Corero Network Security, Inc. and Corero Network Security (UK) Limited (together ‘CNS’) of $11.7 million and a provision against the investment in Corero Group Services Limited of $5.0 million. As noted in note 9, the discounted cash flow valuation for CNS is sensitive to changes in the cash flow forecast and the discount rate assumptions. If the sensitivity applied to the CNS 2022 Budget and 2023 Plan revenues (and the CNS 2022 Budget operating costs and capital expenditure, and 2023 Plan operating costs and capital expenditure) was increased to 28.0% for the CNS 2022 Budget and 32.7% to the 2023 Plan revenues (and sensitivity of 14% to CNS 2022 Budget operating costs and capital expenditure, and 16.4% to the 2023 Plan operating costs and capital expenditure), this would mathematically result in the net book value of the investment in CNS at 31 December 2021 being nil (fully impaired). If the discount rate is increased from 12.9% to 15.5%, this would mathematically result in the net book value of the investment in CNS at 31 December 2021 being nil (fully impaired). The Company’s investment in Corero Network Security, Inc. includes a loan note instrument. These loan notes bear interest at 5.0% per annum which at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount which is due on 31 October 2026. As at 31 December 2021 the expected credit loss provision was $nil million (2020: $1.7 million). The Company owns: • 100% of the issued share capital of Corero Network Security, Inc. a company incorporated in Delaware, USA. The company’s business address is 293 Boston Post Road, Marlborough, MA 01752, USA. The principal business of the company consists of the development and sale of appliance and software security products and solutions. • 100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and Wales. The company’s business address is St Mary’s Court, The Broadway, Amersham, Buckinghamshire, HP7 0UT, England, United Kingdom. The principal business of the company consists of providing administration services to the Group. • 100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England and Wales. The company’s business address is 3rd Floor, 53 Hanover Street, Edinburgh, EH2 2PJ and registered address is St Mary’s Court, The Broadway, Amersham, Buckinghamshire, HP7 0UT, England, United Kingdom. The principal business of the company consists of sale of appliances and software security products and solutions, providing development and marketing services on behalf of Corero Network Security, Inc. 68 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 69 Notes to the Financial Statements continued 14. inventories Gross inventory Less: provision for impairment Net inventory The analysis of trade and other receivables by foreign currency is set out in the table below: Group 2021 $’000 139 (82) 57 Group 2020 $’000 148 (50) 98 US dollars UK pound Group company 2021 $’000 3,163 902 4,065 2020 $’000 3,818 590 4,408 2021 $’000 – 114 114 2020 $’000 – 77 77 Net inventory comprises finished goods and raw materials. The value of inventory recognised as an expense in cost of sales was $1.9 million (2020: $2.7 million). company The Company holds no inventory (2020: $nil). 15. trade and other receivables Trade receivables Contract assets (note 4) Less: provision for impairment of trade receivables Net trade receivables Other debtors Prepayments Group 2021 $’000 740 1,276 (24) 1,992 180 1,893 4,065 2020 $’000 278 2,429 – 2,707 124 1,577 4,408 company 2021 $’000 2020 $’000 – – – – 76 38 114 – – – – 77 – 77 The Group’s foreign currency receivables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. 16. trade and other payables Trade payables Amounts due to subsidiaries Other payables Accruals Group company 2021 $’000 1,567 – 36 2,608 4,211 2020 $’000 3,977 – 348 2,538 6,863 2021 $’000 – 8,794 – 254 9,048 2020 $’000 – 5,845 – 143 5,988 None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements. The Directors consider that the carrying amount of trade and other payables approximates their fair value. 66% (2020: 74%) of the trade and other payables are due in less than three months. None of the Company’s trade and other receivables are secured by collateral or credit enhancements (2020: None). The amounts due to subsidiaries are repayable on demand. The Group applies the simplified approach to measuring expected credit losses using a lifetime expected credit loss for trade receivables and contract assets. To measure expected credit losses on a collective basis, trade receivables and contract assets are grouped based on a similar credit risk and aging. The expected loss rates are based on the Group’s historical credit losses experienced over a two year period prior to the period end. The historical loss rates are then adjusted for current and forward–looking information on macroeconomic factors affecting the Group’s customers. The Group has identified gross domestic product growth rates, unemployment rates and inflation rates as the key macroeconomic factors in the countries in which the Group operates. The Directors consider that the carrying amount of trade and other receivables approximates their fair value. The maturity profile of trade and other receivables is set out in the table below: In one year or less, or on demand In more than one year, but not more than five years Group company 2021 $’000 3,206 859 4,065 2020 $’000 3,714 694 4,408 2021 $’000 17 97 114 2020 $’000 – 77 77 Balances due in more than one year, but not more than five years, are presented as non–current in the Statement of Financial Position. The analysis of trade and other payables by foreign currency is set out in the table below: US dollars UK pound Group company 2021 $’000 1,977 2,234 4,211 2020 $’000 4,383 2,480 6,863 2021 $’000 – 9,048 9,048 2020 $’000 – 5,988 5,988 The Group’s foreign currency payables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. 17. lease liabilities At 1 January Payments Interest cost At 31 December The Directors consider that the carrying amount of lease liabilities approximates to their fair value. Group 2021 $’000 257 (103) 18 172 Group 2020 $’000 369 (139) 27 257 70 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 71 Notes to the Financial Statements continued 17. lease liabilities continued The analysis of lease liabilities by foreign currency is set out in the table below: The contractual future cash flows, including undiscounted interest based on the interest rate at 31 December 2021 of 7.582% and 6.750% (at 31 December 2020: 7.561%) for the bank loans, are: US dollars UK pound company The Company has no lease liabilities (2020: $nil). 18. Borrowings The Group borrowings: Bank loans The Company borrowings: Bank loan Group 2021 $’000 172 – 172 Group 2020 $’000 254 3 257 2021 $’000 2,777 2021 $’000 2,777 2020 $’000 2,478 2020 $’000 1,841 The Company’s borrowings as at 31 December 2021 comprised two bank loan elements: an ’older loan’ and ‘new borrowing facility’. The older loan was an initial four–year term GBP sterling bank loan of £3.0 million, drawn down in May 2018, with quarterly repayments that commenced on 31 March 2019. These quarterly repayments increased from £150,000 on 31 March 2019 to £310,000 on 31 March 2022 such that the loan was repaid in full on 31 March 2022. The loan costs were $286,000, $143,000 of which was payable on 31 March 2022. The bank loan has no early repayment penalties or redemption premium. The bank loan terms include the payment of a fee equal to 1.0% of the disposal proceeds on a sale or a change of control of the Company above a threshold amount of £100.0 million if such disposal or change of control occurs before April 2025. With regards to the newer borrowing facility, the Company announced in April 2021 it had entered into this new borrowing facility for up to £3.0 million (c$4.2 million) with its existing banking partner, the net proceeds of which will be used for working capital purposes and its on–going investment programme to support its growth strategy. The new borrowings facility comprises a drawn £2.0 million term loan facility and an undrawn £1.0 million Revolving Credit Facility (‘RCF’) for a three–year term. The facility terms include: no early repayment penalties or redemption premium; a reduced interest rate (payable quarterly) at 6.5% per annum over the Bank of England base rate (before any potential downward EBITDA margin ratchet adjustment); 2.6% interest per annum on the RCF; arrangement fee of 3.75%; and standard security and loan covenants in line with the existing lending arrangements including the payment of a fee equal to 1.0% of the disposal proceeds on a sale or a change of control of the Company above a threshold amount of £100.0 million if such disposal or change of control occurs before April 2025. See also note 26. Interest is payable quarterly in arrears based on 3–month GBP Libor plus 7.5% on the older loan and 3–month GBP UK base rate plus 6.5% on the newer loan. The loan principal repayment schedule by year for the bank loans is: Year 2022 2023 $’000 1,491 1,410 2,901 Year 2022 2023 $’000 1,783 1,556 3,339 The bank loan is secured by debentures over the business assets of all Group companies and by Group company guarantees including a guarantee from the Company. The bank loan terms include typical covenants for such a loan, as well as revenue and cash consumption covenants, which are tested quarterly and monthly respectively. These covenants were met for each covenant reporting period in the reporting period ended 31 December 2021. At 31 December 2021, the Group’s liabilities have contractual maturities which are summarised below. These contractual maturities reflect the payment obligations which may differ from the carrying values of the liabilities at the balance sheet date. Group Trade and other payables Lease liabilities Total company Trade and other payables Total in one year or less, or on demand Between two and five years 2021 $’000 4,068 94 4,162 2020 $’000 6,461 86 6,547 2021 $’000 143 78 221 2020 $’000 402 171 573 in one year or less, or on demand Between two and five years 2021 $’000 8,936 8,936 2020 $’000 5,845 5,845 2021 $’000 112 112 2020 $’000 143 143 analysis of changes in net cash (cash and cash equivalents, and borrowings) Cash and cash equivalents Bank borrowings Paycheck Protection Program Loan (see below) total net cash as at 1 Jan 2020 $’000 movement in period $’000 as at 1 Jan 2021 $’000 movement in period $’000 8,321 (2,937) – 5,384 1,819 1,096 (637) 2,278 10,140 (1,841) (637) 7,662 1,061 (936) 637 762 as at 31 December 2021 $’000 11,201 (2,777) – 8,424 The movement in the period is a combination of the actual cashflow (from operating, financing and investing activities) and the exchange rate movement. Paycheck Protection Program Loan (‘PPPL’) In the prior year, the Company’s US trading subsidiary, Corero Network Security, Inc was advanced, via its US bank, Pacific Western Bank, a Paycheck Protection Program Loan for $637,000 on 11 May 2020. The PPPL was a component of the US federal stimulus package known as the Coronavirus Aid, Relief and Economic Security Act, which offers help to businesses in the US during the COVID–19 crisis. The loan, approved under waiver from the Group’s borrowing providers represents allowable US payroll costs, together with a smaller element of associated rent and utility costs. The terms of the PPPL were 1% interest, 2–year term, no early repayment penalties, no collateral/guarantees and no fees. Loan repayments were deferred for 6 months but interest continued to accrue. As at 31 December 2020, loan forgiveness had been applied for but not granted. The Board did not have reasonable assurance that the loan would be forgiven. Notification of the PPP loan forgiveness in full was subsequently received from Pacific Western Bank on 28th January 2021. The forgiveness of the PPP loan is a non–cash movement and is shown as ‘other income’ in the Group Income Statement. 72 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 73 Notes to the Financial Statements continued 19. Financial instruments The Group’s financial instruments are categorised as shown below: Group Financial assets Trade and other receivables Cash Group Financial liabilities Trade and other payables Borrowings Book Value 2021 $’000 Book Value 2020 $’000 2,158 11,201 13,359 2,815 10,140 12,955 Book Value 2021 $’000 Book Value 2020 $’000 4,383 2,901 7,284 7,120 2,568 9,688 The Group manages liquidity and credit risk in line with the financial risk management objectives and policies as set out on page 25. At the present time the Group does not have significant exposure to foreign exchange or interest rate risk. There are no differences between the fair values and book values held by the Group. 20. Deferred income Group Current More than one year but less than five years 2021 $’000 4,677 2,147 6,824 2020 $’000 3,444 2,705 6,149 The Group’s deferred income balance will be recognised as revenue evenly over the remaining term of the service and support agreements in place. The service and support agreements expire at various times throughout the year with no particular seasonality. company The Company has no deferred income (2020: $nil). 21. Pensions The Group’s pension arrangements are operated through defined contribution schemes. Defined contribution schemes Defined contribution pension costs 2021 $’000 153 2020 $’000 153 22. Share capital authorised share capital The authorised share capital comprises 745,821,970 (2020: 745,821,970) ordinary shares of 1 penny (‘p’) (1.4 cents (‘c’)) each. issued ordinary share capital 1 January 2020, 31 December 2020, and 31 December 2021 494,852,304 ordinary shares of 1p each There have been no share issues in 2021 or 2020. 23. Share premium 1 January 2020, 31 December 2020, and 31 December 2021 $’000 6,914 $’000 82,122 There have been no share issues in 2020 and 2021. Consideration received in excess of the nominal value is included in share premium, less registration, commission and professional fees. 24. employees and Directors employee expenses, including Directors, during the period Group Wages and salaries Social security costs Other pension costs average monthly numbers of employees (including Directors) employed Sales and marketing Technical, support and services Management, operations and administration company The Company has no employees (2020: nil). total 2021 $’000 9,130 1,027 153 total 2020 $’000 9,581 1,166 153 10,310 10,900 2021 number 2020 number 19 35 6 60 18 34 7 59 74 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 75 Notes to the Financial Statements continued 24. employees and Directors continued Directors, being the Key management personnel Directors1 Ashley Stephenson Andrew Miller Jens Montanana Lionel Chmilewsky Peter George Richard Last Salary & fees $’000 326 25 44 374 36 38 843 Bonus $’000 Benefits $’000 Pension $’000 Subtotal $’000 Options $’000 163 – – 189 – – 352 20 2 – 12 – – 34 – – 64 – – 64 509 27 44 639 36 38 36 – 36 57 36 36 1,293 201 company national insurance contributions $’000 9 2 – 123 – 4 138 total 2021 $’000 554 29 80 819 72 78 total 2020 $’000 620 219 41 740 36 38 1,632 1,694 1 Neil Pritchard was appointed to the Board after the year to 31 December 2021. Bonus payments of $352,000 were awarded to Directors in respect of the year to 31 December 2021 (2020: $334,000). Lionel Chmilewsky has an employment agreement with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Ashley Stephenson has an employment agreement with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Andrew Miller resigned as an Executive Director on 31st May 2020 and took up a new role on the Board as a Non–executive Director on 1st June 2020. Andrew Miller has a Director’s Loan of $76,000 which is repayable in August 2030. 25. lease commitments The Group has total future minimum lease payments under non–cancellable leases totalling $7,000 (2020: $3,000) analysed by year of expiry as follows: Land and building agreements expiring: Within one year company The Company has no lease commitments (2020: $nil). 2021 $’000 2020 $’000 7 7 3 3 26. contingent liabilities Corero Network Security (UK) Limited was in December 2015 awarded a grant of £600,000 for a development project over three years from Scottish Enterprise. Any monies becoming repayable by Corero Network Security (UK) Limited under the grant terms for breaches of the grant conditions are guaranteed by the Company. These conditions which are typical for a grant of this nature, and which apply for a period of five years from the final grant payment date (being 14 March 2019), include maintaining minimum headcount in Scotland and no change of control. 27. Share options The Company has the following share option schemes: • Enterprise Management Incentive Scheme for its employees, which has been approved by HMRC. • Executive Enterprise Management Incentive Scheme, which has been approved by HMRC. • Unapproved Share Option Scheme. • Deferred Payment Share Plan. Options granted have a three–year vesting period, vesting one third on the first anniversary of grant, one third on the second anniversary of grant and one third on the third anniversary of grant. Shares acquired on the exercise of an option may not be sold until the expiry of the second anniversary following the date of option grant. With the exception of options granted in April 2017 to Directors which include a revenue growth performance vesting condition, there are no vesting conditions for options granted. If an option holder ceases to be in employment or hold office within the Group, options granted shall immediately lapse unless such cessation is because of the option holder’s death; the option holder’s ill health or disability; the company that employs the option holder ceasing to be under the control of the Company or such company ceasing to be within the Group; the transfer of sale of the undertaking or part–undertaking in which the option holder is employed to a person who is neither under the control of the Company nor within the Group; or any other reason that the Board in its absolute discretion shall determine. On a cessation of employment or office as set out above, options shall be exercisable to the extent they have vested according to the terms of the option agreement and the provisions of the relevant share option scheme and must be exercised within 30 days following such cessation unless otherwise determined by the Board or if such cessation is by reason of death in which case the option holder’s personal representatives must exercise the option within 12 months following the date of the option holder’s death. For option agreements granted post June 2020 and subject to the approval of the Board, where an option holder has, as at the date of the grant, been employed by a Group company for a period of at least three years and whose employment is terminated either: (a) by the company other than for cause; or (b) by resignation on the part of the option holder, such option holder shall be entitled to retain the options granted under the option agreement following the effective date of the termination and such retained options shall continue to vest and be exercisable by the option holder in accordance with the vesting terms set out in the agreement. In the year ended 31 December 2020, to continue to attract and retain the Company’s employees, and with the approval of the Company’s significant shareholders, a share option re–pricing, cancellation and re–grant of 25,446,000 options were made on 16 June 2020. A summary of the share option re– pricing, cancellation and re–grant is as follows: • One–for–one basis for ‘out of the money’ options • Share option price of 5.25p (7c): determined from higher of the 90–day volume weighted average share price (VWAP) and the mid–market closing share price on Monday 15 June • 14,403,000 new options were also granted • No performance conditions attached other than: vest one third on the first anniversary, one third on the second anniversary and one third on the third anniversary of the date of grant • Any ordinary shares which are issued following exercise of the first tranche may not be sold or transferred by an option holder prior to the second anniversary • With shareholder approval, the overall limit on share options was increased from the previous limit of 10% of the Company’s issued share capital to the greater of (i) a maximum of 61,856,538 share options (equivalent to 12.5% of the Company’s current issued share capital) or (ii) 10% of the Company’s issued share capital. On 19 July 2021, the Board approved minor wording changes to the Unapproved Share Option Plan, the Executive EMI Share Option Plan and the EMI Share Option Plan in line with recent legislative changes only. 76 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 77 Notes to the Financial Statements continued exercise price – pence (cents) at 1 January 2021 Granted exercised Forfeit/ cancelled at 31 December 2021 Option holders Date granted expiry date Unapproved Share Option Scheme continued exercise price – pence (cents) at 1 January 2021 Granted exercised Forfeit/ cancelled at 31 December 2021 Share options granted at 31 December 2021 were as follows: – – – – – – 27. Share options continued Share options granted at 31 December 2021 were as follows: Option holders Date granted expiry date enterprise management incentive Scheme Other Holders April 2019 April 2029 8.4p (11c) September 2019 September 2029 2.5p (3c) 10,000 5,000 April 2020 June 2020 April 2030 4.2p (5c) 465,000 June 2030 5.3p (7c) 8,985,500 September 2020 September 2030 7.8p (10c) October 2020 October 2030 9.0p (12c) January 2021 January 2031 13.0p (18c) November 2021 November 2031 9.25p (12c) 10,000 12,500 – – 685,000 27,500 executive enterprise management incentive Scheme Andrew Lloyd April 2017 April 2027 8p (10c) 2,083,333 Unapproved French Share Option Scheme Lionel Chmilewsky June 2020 June 2030 5.3p (7c) 7,000,000 – – January 2021 January 2031 13.0p (18c) – 500,000 Unapproved Share Option Scheme Jens Montanana Richard Last Andrew Lloyd Ashley Stephenson April 2017 May 2018 April 2027 8p (10c) 994,000 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 – – – January 2021 January 2031 13.0p (18c) – 350,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 – – – January 2021 January 2031 13.0p (18c) – 350,000 April 2017 June 2017 June 2020 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 June 2030 5.3p (7c) 7,919,000 – – – January 2021 January 2031 13.0p (18c) – 350,000 Andrew Miller Peter George June 2020 June 2030 5.3p (7c) 5,775,000 January 2019 January 2029 11.3p (15c) 750,000 – – January 2021 January 2031 13.0p (18c) – 350,000 Other holders March 2011 March 2021 40p (65c) 290,000 September 2011 September 2021 37.5p (61c) 40,000 March 2012 March 2022 54.5p (89c) 140,000 April 2013 May 2014 April 2023 25p (38c) 100,000 May 2024 25p (42c) 670,666 September 2016 September 2026 22.5p (33c) October 2018 October 2028 11.0p (14c) 5,000 50,000 September 2019 September 2029 2.5p (3) 4,430,000 April 2020 April 2020 June 2020 April 2030 4.2p (5c) 605,000 April 2030 4.2p (5c) 50,000 June 2030 5.3p (7c) 4,603,500 September 2020 September 2030 7.8p (10c) 300,000 – – – – – – – – – – – – January 2021 January 2031 13.0p (18c) November 2021 November 2031 9.25p (12c) – – 960,000 25,000 47,728,500 3,597,500 – – – – – – – – – – – – – – – – – – – 5,775,000 750,000 350,000 (290,000) – – – – – – – 40,000 140,000 100,000 670,666 5,000 50,000 (898,333) 3,531,667 (150,000) 455,000 – – – 50,000 4,603,500 300,000 (350,000) 610,000 – 25,000 (1,805,833) 49,520,167 The closing mid–market price for the Company’s shares at 31 December 2021 was 12.5p (16.9c) and the high and low for the year was 16.0p (21.9c) and 9.0p (12.0c). In the 12 months to 31 December 2021, no options were exercised (2020: nil) and 1,805,833,000 options were forfeited (2020: 1,192,000). – – – – – – – – – – – – – – – – – – – – – – – 10,000 5,000 (107,500) 357,500 (10,000) 8,975,500 – – – – – – – – – – – – – – – – – 10,000 12,500 685,000 27,500 2,083,333 7,000,000 500,000 994,000 425,000 400,000 350,000 450,000 180,000 200,000 350,000 580,001 200,000 7,919,000 350,000 78 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial StatementS Corporate Directory 79 Notes to the Financial Statements continued 27. Share options continued Share options granted at 31 December 2020 were as follows: Option holders Date granted expiry date enterprise management incentive Scheme exercise price – pence (cents) at 1 January 2020 Granted exercised Forfeit/ cancelled at 31 December 2020 Other Holders April 2015 April 2017 June 2017 April 2025 15p (23c) 500,000 April 2027 8p (10c) 1,586,569 June 2027 13.6 (18c) 1,698,305 September 2017 September 2027 9.1p (12c) 5,000 October 2018 October 2028 11.0p (14c) 2,569,932 April 2019 April 2029 8.4p (11c) 237,500 September 2019 September 2029 2.5p (3c) 5,000 – – – – – – – April 2020 June 2020 April 2030 4.2p (5c) June 2030 5.3p (7c) September 2020 September 2030 7.8p (10c) October 2020 October 2030 9.0p (12c) – – – – 565,000 9,040,500 10,000 12,500 executive enterprise management incentive Scheme Andrew Miller May 2018 May 2028 13.6p (18c) 2,356,000 Andrew Lloyd April 2017 April 2027 8p (10c) 2,083,333 October 2018 October 2028 11.0p (14c) 599,479 – – – Unapproved French Share Option Scheme Lionel Chmilewsky June 2020 June 2030 5.3p (7c) – 7,000,000 Unapproved Share Option Scheme Jens Montanana Richard Last Andrew Lloyd Ashley Stephenson April 2017 May 2018 April 2027 8p (10c) 994,000 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 April 2017 June 2017 April 2017 June 2017 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 April 2027 8p (10c) 2,319,000 June 2027 13.6 (18c) 3,200,000 October 2018 October 2028 11.0p (14c) 2,400,000 – – – – – – – – – – – June 2020 June 2030 5.3p (7c) – 7,919,000 – – – – – – – – – – – – – – – – – – – – – – – – – – – (500,000) (1,586,569) (1,698,305) (5,000) (2,569,932) (227,500) – – – – – – 10,000 5,000 (100,000) 465,000 (55,000) 8,985,500 – – 10,000 12,500 (2,356,000) (599,479) – – – – – – – – – – (2,319,000) (3,200,000) (2,400,000) – – 2,083,333 7,000,000 994,000 425,000 400,000 450,000 180,000 200,000 580,001 200,000 – – – – 7,919,000 Option holders Date granted expiry date Unapproved Share Option Scheme continued exercise price – pence (cents) at 1 January 2020 Granted exercised Forfeit/ cancelled at 31 December 2020 Andrew Miller April 2017 April 2027 8p (10c) 1,919,000 October 2018 October 2028 11.0p (14c) 900,521 – – June 2020 June 2030 5.3p (7c) – 5,775,000 Peter George Other holders January 2019 January 2029 11.3p (15c) 750,000 August 2010 August 2020 31p (50c) 308,000 March 2011 March 2021 40p (65c) 290,000 September 2011 September 2021 37.5p (61c) 40,000 March 2012 March 2022 54.5p (89c) 140,000 April 2013 May 2014 April 2015 April 2023 25p (38c) 100,000 May 2024 25p (42c) 670,666 April 2025 15p (23c) 53,000 October 2015 September 2025 15p (23c) 105,000 May 2016 May 2026 20p (29c) 20,000 September 2016 September 2026 22.5p (33c) 455,000 April 2017 June 2017 April 2027 8p (10c) 623,626 June 2027 13.6 (18c) 665,500 September 2017 September 2027 9.1p (12c) 500,000 October 2018 October 2028 11.0p (14c) 3,268,568 April 2019 April 2029 8.4p (11c) 50,000 September 2019 September 2029 2.5p (3) 4,430,000 – – – – – – – – – – – – – – – – – April 2020 April 2020 June 2020 April 2030 4.2p (5c) April 2030 4.2p (5c) June 2030 5.3p (7c) September 2020 September 2030 7.8p (10c) – – – – 705,000 50,000 4,711,500 300,000 – – – – – – – – – – – – – – – – – – – – – – – – (1,919,000) (900,521) – – (308,000) – – – – – (53,000) (105,000) (20,000) (450,000) (623,626) (665,500) (500,000) – – 5,775,000 750,000 – 290,000 40,000 140,000 100,000 670,666 – – – 5,000 – – – (3,218,568) 50,000 (50,000) – – 4,430,000 (100,000) – 605,000 50,000 (108,000) 4,603,500 – 300,000 38,278,000 36,088,500 – (26,638,000) 47,728,500 80 corero network Security plc – Annual Report and Accounts 2021 Overview Strategic Report Governance Financial Statements cORPORate DiRectORY 81 Notes to the Financial Statements continued Glossary 27. Share options continued total number of options granted to Directors 31 December 2021 Options granted 31 December 2020 Options granted Relevant Share Option scheme Ashley Stephenson Andrew Lloyd Andrew Miller Jens Montanana Lionel Chmilewsky Peter George Richard Last 8,269,000 2,863,334 5,915,000 2,169,000 7,500,000 1,100,000 1,180,000 7,919,000 Unapproved Share Option Scheme 2,863,334 Executive Enterprise Management Scheme and Unapproved Share Option Scheme 5,915,000 Executive Enterprise Management Scheme and Unapproved Share Option Scheme 1,819,000 Unapproved Share Option Scheme 7,000,000 Unapproved Share Option Scheme 750,000 Unapproved Share Option Scheme 830,000 Unapproved Share Option Scheme 28,996,334 27,096,334 None of the Directors holding office at the balance sheet date exercised options during the year (2020: none). Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from the Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan. Share–based payments The Remuneration Committee (‘RC’) approves the grant of share options to employees of the Group under the Group’s share option schemes. Share options are granted with a fixed exercise price which is equal to the market price at the date of the grant or higher price determined by the RC. The share options granted are required to be exercised within 10 years from the date of grant. Share options are valued using the Black–Scholes option–pricing model. The weighted average fair value of the options granted in the year was 8.1p (11.2c). The value of share options granted during the year was calculated using the Black–Scholes option pricing model. The following variables and ranges were used: Share price at date of grants Exercise price Expected volatility Estimated years to exercise Risk free interest rate The table below provides information on all options outstanding at the end of the year: 2021 2020 9.25p–13.0p (12c–18c) 4.2p–9.0p (5c–12c) 9.25p–13.0p (12c–18c) 4.2p–9.0p (5c–12c) 70.6%–76.5% 62.3%–75.6% 4.1–4.9 0%–0.01% 4.25–4.8 –0.08%–0.2% Weighted average remaining contractual life Average remaining contractual life Options exercisable Exercise price range Weighted average share price Weighted average exercise price Expected volatility Risk free rate – 5 year gilt rate Expected dividend yield 8 years 6.6 years 2.5p–55p (3c–73c) 6.3p (8.6c) 6.5p (8.8c) 0.2%–76.5% –0.08%–2.5% Nil Volatility is calculated as the standard deviation of the closing daily share price over a period of 24 months prior to the grant date. Operating expenses in the Group Income Statement included a charge of $522,000 (2020: $359,000) relating to employee share–based payments. 28. Related parties and transactions There have been no equity placings or offers in the year ended 31 December 2021 or 2020. The Directors consider the Group’s key management personnel to be the Board of Directors of the Company whose compensation is detailed in note 24. Company key management compensation was $nil (2020: $nil) as the key management are employed by subsidiaries. 5G ai aim aRR caGR cGU cnS cPU cSPs DDoS Fifth Generation Cellular Network Technology Artificial Intelligence Alternative Investment Market Annualised Recurring Revenues Compound Annual Growth Rate Cash–Generating Unit Corero Network Security Central Processing Unit Communication Service Providers Distributed Denial of Service DDPaaS DDoS Protection as–a–Service DPDK DPi DtR eBitDa eU Fca FRc FRS iaS iaSB iFRic iFRS iot iP Data Plane Development Kit Deep Packet Inspection Disclosure and Transparency Rules Earnings Before Interest, Tax, Depreciation, and Amortisation European Union Financial Conduct Authority Financial Reporting Council Financial Reporting Standard International Accounting Standards International Accounting Standards Board International Financial Reporting Interpretations Committee International Financial Reporting Standards Internet of Things Internet Protocol iPS/aPt Intrusion Prevention System/Advances Persistent Threat iSa mSP mSSP nics POPs PPPl RcF R&D ROi International Standard on Auditing Managed Service Provider Managed Security Service Provider Network Interface Cards Points of Presence Paycheck Protection Program Loan Revolving Credit Facility Research and Development Return On Investment SlB/aDc Server Load Balancer/Application Delivery Controller SOc SSDP SSP tcO tDc tDD tDS UPnP VWaP WaF Security Operations Center Simple Service Discovery Protocol Stand–alone Selling Prices Total Cost of Ownership SmartWall® Threat Defense Cloud SmartWall® Threat Defense Director SmartWall® Threat Defense System Universal Plug and Play Volume Weighted Average share Price Web Application Firewall 82 corero network Security plc – Annual Report and Accounts 2021 Corporate Directory Directors Jens Montanana (Non–executive Chairman) Richard Last (Non–executive Director) Peter George (Non–executive Director) Andrew Miller (Non–executive Director) Lionel Chmilewsky (Chief Executive Officer) Neil Pritchard (Chief Financial Officer) Ashley Stephenson (Chief Technology Officer) Secretary and Registered Office Duncan Swallow St Mary’s Court The Broadway Amersham Buckinghamshire HP7 0UT nominated adviser and Broker Canaccord Genuity Ltd 88 Wood Street London EC2V 7QR Financial Public Relations Vigo Communications Sackville House 40 Piccadilly London W1J 0DR auditor BDO LLP 55 Baker Street London W1U 7EU Solicitors Dorsey and Whitney LLP 199 Bishopsgate London EC2M 3UT Bankers Santander 2 The Forbury Reading RG1 3EU Pacific Western Bank 406 Blackwell Street Suite 240 Durham North Carolina 27701 USA Registrars Link Group 10th Floor Central Square 29 Wellington Street Leeds LS1 4DL Website address www.corero.com C o r e r o N e t w o r k S e c u r i t y p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 1 Registered Office St Mary’s Court The Broadway Amersham Buckinghamshire HP7 0UT UK

Continue reading text version or see original annual report in PDF format above