More annual reports from Cohen & Steers:
2023 ReportTHE DDOS PROTECTION SPECIALISTS ANNuAL REPORT AND ACCOuNTS 2022 Corero Network Security plc Corero is dedicated to improving the security and availability of the internet through the deployment of innovative Distributed Denial of Service (DDoS) protection solutions. DDOS PrOTeCTiON wiTHOUT THe DOwNTiMe. We are specialists in automatic detection and mitigation solutions, that include network visibility, analytics, and reporting tools. Corero’s technology provides scalable protection capabilities against both external DDoS attackers and internal DDoS threats, in even the most complex edge and subscriber environments, ensuring internet service availability and uptime. We protect thousands of organisations worldwide, across many verticals. Our customers are primarily internet service providers, hosting providers, cloud providers and SaaS providers. We are deployed internationally and, through our own teams and strategic partners, we continue to expand our footprint. CONTENTS Overview 01 2022 Highlights 02 At a glance 04 Business Model 06 Case study: Dakota Carrier Network 08 Market overview 09 2022 Corero DDos Threat Intelligence Report 10 Corero Explained 14 Customer proposition 15 Investor proposition Strategic Report 16 Executive Chairman’s Review 18 Financial Review 20 Key Performance Indicators 22 Key Stakeholders 22 Section 172 Statement 24 Principal Risks and Uncertainties 26 Environmental, Social and Financial Statements and associated notes Governance Report Governance 28 Board of Directors 30 Executive Chairman’s Corporate Governance Introduction 31 QCA Code Compliance 32 Corporate Governance Report 34 Board Performance and Remuneration Policy 35 Board Committee Reports 36 Directors’ Report 39 Statement of Directors’ Responsibilities 40 Independent Auditor’s Report 46 Consolidated Income Statement 47 Consolidated Statement of Comprehensive Income 48 Consolidated Statement of Financial Position 49 Company Statement of Financial Position 50 Consolidated Statement of Cash Flows 51 Consolidated Statement of Changes in Equity 52 Company Statement of Changes in Equity 53 Notes to the Financial Statements Corporate Directory 82 Glossary 83 Corporate Directory FOr MOre iNFOrMATiON viSiT corero.com Overview Strategic Report Governance Financial Statements Corporate Directory 2022 HiGHLiGHTS REVENuE ARR1 $20.1m $14.4m $20.9m $20.1m $16.9m $10.0m $9.7m $14.4m $12.8m $9.8m $7.2m $5.8m 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 GROSS MARGIN NET CASH 87.2% $4.4m 87.2% 85.1% 81.0% 77.3% 78.4% $8.4m $7.6m $5.4m $4.4m $4.4m 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 EBITDA2 $2.6m PROFIT/(LOSS) BEFORE TAXATION $0.4m $4.0m $2.6m $1.4m $0.4m -$1.7m -$1.4m -$3.2m -$4.0m -$5.2m -$6.6m 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 OPerATiONAL HiGHLiGHTS • Secured 32 new customers in the year • Customer support contract renewal rate of 98% (2021: 96%) demonstrating both the quality of Corero solutions and customer service • Annualised Recurring Revenues1 (“ARR”) increased to $14.4 million (2021: $12.8 million), underpinning future revenues and reinforcing the importance of Corero’s solutions for our customers • The Group remains committed to ongoing investment across its technology platform and resource expansion to strengthen its market-leading position FiNANCiAL HiGHLiGHTS • Order intake increased by 13% to $23.9 million from $21.2 million in 2021 • Total revenue of $20.1 million (2021: $20.9 million) • ARR up 13% to $14.4 million as at 1 January 2023 (1 January 2022: $12.8 million) • Revenue from DDoS Protection as a Service (DDPaaS) contracts increased to $4.9 million (2021: $4.0 million) • Gross margins of 87% (2021: 85%) • EBITDA2 of $2.6 million (2021: EBITDA of $4.0 million) • Adjusted EBITDA3 of $1.7 million (2021: $3.2 million) • Profit before taxation of $0.4 million (2021: $1.4 million) • Earnings and diluted earnings per share of 0.1 cents (2021: 0.3 cents) • Net cash at 31 December 2022 of $4.4 million (2021: $8.4 million) 1 ARR is defined as the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software subscription and from DDoS Protection-as-a-Service (DDPaaS) contracts 2 EBITDA is defined as Earnings before Interest, Taxation, Depreciation and Amortisation. The Directors consider EBITDA to be a better measure of profitability as it excludes non-cash items 3 Adjusted EBITDA is defined as Earnings before interest, tax, depreciation, and amortisation excluding unrealised gains/(losses) on an intercompany loan and PPPL forgiveness Corero Network Security plc Annual Report and Accounts 2022 01 AT A GLANCe we Are… DYNAMiC AND FAST-MOviNG. Overview Strategic Report Governance Financial Statements Corporate Directory OUr viSiON In an internet connected world, every business, application and individual is protected from DDoS attacks. OUr vALUeS Values and beliefs underpin the strategy. These are lived to become the culture: Customers First; Technology Leadership & Innovation; Operational Excellence; Integrity; Our People, Empowerment & Teamwork ACHieveD THrOUGH DeLivereD BY wHAT we DO • Prevent downtime in the event of a DDoS attack • Eliminate the need for operator intervention by automatically mitigating over 98% attacks • Enable service providers to deliver added value to their customers by offering DDoS protection services Corero is dedicated to improving the security and availability of the internet through the deployment of innovative DDoS protection solutions. OUr PUrPOSe To best protect customers from the damaging impact of DDoS cyber security attacks. OUr FOCUS Maintain our superior technological performance while delivering sustainable, long-term value to our stakeholders. OUr MiSSiON Corero’s mission is to be our customer’s trusted partner on their journey to implement effective DDOS protection matched to their needs. wHY we DO iT • To make the internet a safer place by protecting organisations from damaging DDoS attacks and the downtime that comes with it. • Corero customers benefit from rapid attack discovery, rapid mitigation, and a dynamic, flexible solution. HOw we DO iT • Intelligently automated solution that protects from DDoS attacks in under a second. • Most flexible and highly scalable deployment options to meet the needs of any business. • Comprehensive visibility with reporting and alerting for clear, actionable intelligence on the DDoS attack activity. reSPONSiBLe BUSiNeSS Corero aspires to carry out its business to the highest ethical standards, treating customers, partners, suppliers, and employees in a professional, courteous and honest manner. Corero is committed to promoting sustainability. We aim to promote good sustainability practice, to carry out our operations in a way which manages and minimises any adverse environmental impacts. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well-being and environmental consequences for the users and customers of those businesses (often in a mission critical way) and the knock-on effects to populations as-a-whole. OUr STrATeGiC GOALS 1. Grow our pipeline and corresponding revenue 2. 3. 4. Leverage our existing reseller and strategic partnerships and develop new ones Target and expand our Ideal Customer Profile (‘ICP’) relationships Better monetise our existing services and introduce new services 5. Amplify our demand generation programs 6. Continue to enhance our technological innovation leadership eNABLeD BY OUr BUSiNeSS MODeL Please see our business model on pages 4 to 5. SUPPOrTeD BY OUr SUPPOrTerS Our supporters are our customers; our partners including strategic alliance partners; our suppliers, our investors and our employees. 02 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 03 Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory BUSiNeSS MODeL Corero’s technology provides scalable protection capabilities against both external DDoS attackers and internal DDoS threats, in even the most complex edge and subscriber environments, ensuring internet service availability and uptime. A CUSTOMER DRIVEN BUSINESS MODEL: iNPUTS KeY SOLUTiONS TDC SALeS CHANNeLS CUSTOMer SeGMeNTS SOUrCe OF reveNUe OUTPUTS OUr CULTUre & vALUeS See page 26 MArKeT Overview See page 10 SeCUrewATCH Support, updates, maintenance, monitoring THreAT DeFeNCe SYSTeM Available in physical and software for 10G, 100G and cloud eDGe THreAT DeFeNCe Offers surgical protection using network routing at the edge to redirect or scrub malicious traffic THreAT DeFeNCe DireCTOr Delivers software edge protection for even the largest networks THreAT DeFeNCe CLOUD Protects against attacks in the Cloud STrATeGiC ALLiANCeS Juniper and GTT SAAS PrOviDerS DDOS PrOTeCTiON AS-A-ServiCe iNDireCT SALeS PArTNerS Value-added resellers and distributors eDGe PrOviDerS reveNUe SHAre CASH FOr reiNveSTMeNT See page 20 FiNANCiAL reTUrNS FOr iNveSTOrS See page 20 DireCT SALeS Corero sales team HOSTiNG AND CLOUD PrOviDerS TerM LiCeNCe eSG See page 26 iNTerNeT ServiCe PrOviDerS SUPPOrT AND ServiCeS APPLiANCe & PerPeTUAL SOFTwAre LiCeNCe 04 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 05 CASe STUDY: DAKOTA CArrier NeTwOrK OUr STrATeGY iN PrACTiCe. Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory vALUe-ADDeD OFFeriNG 1. An immediate solution at their fingertips DCN were interested in an immediate solution: “Whereas other vendors were still talking about their roadmaps and what they would do in the future, Corero could do everything immediately, and didn’t need to talk about their roadmap,” said Heck. “We don’t want to see a roadmap, we want to see what you can do today, because we need this right away.” Corero also supported DCN’s strategic goals for ROI on their DDoS protection investments, helping to meet their objectives to sell DDoS as a service to their downstream customers. “ We’ll be introducing DDoS protection to a lot of our internet customers that don’t have it today. It’s a base service that they all should have from just a good cybersecurity posture.” Jesse Heck, Sr. Director of Operations at Dakota Carrier Network The team at DCN was clear with Corero at the outset, that they prefer to do business by finding partners, not vendors, and Corero have exemplified that they fit this model well. 2. Faster time to mitigation Corero stood out from the competition because it was the only vendor to offer sample packet mirroring functionality, which allows DCN to ingest traffic with faster time to mitigation. This enables DCN to analyse the malicious traffic in real-time and take relevant action against it. 3. Excellent customer support “Corero separated themselves from the pack early on, just by being responsive at every step along the way,” said Heck. “They had a team of people who could answer our questions immediately, so we never had to chase them down for information as we did some of the other vendors.” COrerO SMArTwALL AT A GLANCe Surgically removes DDoS attack traffic automatically, before it reaches critical systems, ensuring optimal performance and maximum availability • Delivers line-rate, in-line DDoS attack protection, from 1 Gbps to 100 Gbps per rack unit, in a solution that scales to terabits per second of protected throughput • Flexible deployment models to reduce attack surface for volumetric floods and state exhaustion attacks at Layers 3 through 7 • Delivers comprehensive visibility for analysis and forensics - before, during and after attacks Dakota Carrier Network improves Customer Security and drives rOi with Corero DDoS Protection OVERVIEW: Dakota Carrier Network (DCN) is a consortium of 13 independent broadband companies located in North Dakota. The consortium has a fiber footprint stemming 60,000 miles in the state of North Dakota, and represents all the major local independent broadband service providers and serve customers in 379 communities. This adds up to over 85 percent of all the exchanges in the state. DCN provides critical network services to state and local governments along with commercial businesses, including banks and energy companies. CHALLENGE: Like most other broadband service providers, DCN has been targeted by cyber attackers with frequent and sophisticated DDoS attacks designed to create service latency and downtime for its network and their customers. DCN needed a DDoS protection solution that works fast, is automated, and could protect at scale. Prior to evaluating Corero solutions, the organisation had a dual-vendor DDoS mitigation solution involving one vendor that analysed traffic to detect DDoS traffic, and another that provided the hardware scrubbing. However this split-vendor solution was unable to provide the DDoS Protection service DCN required. In addition, DCN wanted a single-sourced, multi- tenant portal to provide their customers with a dashboard to show their network traffic, enable them to apply or remove attack mitigation policies and manage reporting. SOLUTION: DCN has a multi-edge, multi- terabit detect and redirect DDoS protection solution that analyses traffic as it comes in, with sample packet mirror. Malicious or attack traffic is automatically sent using BGP protocols to the Corero Threat Defence System which acts as a scrubber to filter the attack traffic, with the clean traffic then being returned. DCN is introducing DDoS protection as a service to their customer base. “Now that we have a solid DDoS mitigation product, with a single-source portal, we are introducing it to a lot of our customers that don’t have DDoS protection” said Heck, commenting that the process of adding their customers to the mitigation service was completely “seamless” with no disruption. RESULTS: Many DDoS solutions are merely reactive and only start working once the DDoS attack has already hit its victim. With Corero’s SmartWall solution, DCN benefits from automatic protection using analytics to aggregate historical records of DDoS traffic. By detecting anomalous traffic at the network edge, attacks are mitigated before they can cause any harm to the network or downstream customers. “ Thanks to the Corero solution, our customers can access the DDoS portal for history and details regarding mitigation events including source and destination iPs, source and destination TCP/ UDP ports, and attack volume.” Jesse Heck, Sr. DireCTOr OF OPerATiONS AT DAKOTA CArrier NeTwOrK 06 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 07 MArKeT Overview CHANGeS iN THe GLOBAL DDOS ATTACK LANDSCAPe BriNG ABOUT A SUrGe iN vOLUMe OF ATTACKS AND vArieTY OF DePLOYMeNTS. CYBER THREATS AND DDOS ATTACKS A wide range of critical cybersecurity issues face every internet connected organisation. These threats include DDoS, hacking, breach, phishing, fraud, ransom, data theft and exfiltration. These cyber threats present themselves via the internet connections that are essential to support online business. Traditionally, internet service providers sell raw internet transit connectivity. This unprotected connectivity, usually sold via 1Gbps, 10Gbps and increasingly 100Gbps links, carries good customer traffic and malicious bad traffic without discrimination. If an enterprise, data centre, or hosting facility connects to these raw transit providers they will be exposed to internet-borne cyber threats and their information security posture must be prepared to detect and protect against any associated malicious intent. Corero focuses on one specific category of these cybersecurity threats known as Distributed Denial of Service (DDoS) and has developed an innovative, flexible, solution that delivers automatic detection and protection against these attacks. The broad range of motives for executing DDoS attacks, coupled with the relative ease with which they can be launched, means a variety of actors, including; criminal gangs, activists, terrorist groups and even nation states use them. Aside from those who are focused purely on disrupting services, some of those who carry out DDoS attacks do so for extortion, via ransom DDoS, or as a smokescreen for other cyberattacks designed to steal data. DDoS attacks continue to grow in sophistication, scale and frequency. Businesses and public-sector organisations are equally vulnerable to DDoS attacks and recent years have seen some of the world’s best-known companies fall victim to these attacks, with a significant impact for their customers and bottom line. The DDoS protection market is driven by the growing need for business continuity. Increasingly, always-on protection is the only answer to defend against the short, sharp, attacks which dominate. This is driving an increasing value-add service revenue opportunity for service providers. THE DDOS PROTECTION MARKET $3.9bn in 2022 Global DDoS Protection Market expected to reach $7.3bn by 2027 at 13% CAGR* $7,300 $6,771 $5,224 $3,916 $2,866 2020 2022 2024 2026 2027 GLOBAL DDOS PROTECTION MARKET >33,000 Daily Attacks Daily DDoS attacks recorded during the first half of 2022, a 12% increase from 2021** * MarketsandMarkets DDoS protection Global forecast to 2027 ** NetScout H1 2022 Report Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory COrerO DDOS THreAT iNTeLLiGeNCe rePOrT ON 2022 ACTiviTY 75% DDOS ATTACKS LAST LESS THAN 10 MINUTES 25% INCREASE IN HIGH PACKET RATE DDOS ATTACKS 300% INCREASE IN CARPET BOMB DDOS ATTACKS 60% INCREASE IN DDOS ATTACKS LASTING OVER 60 MINUTES 39% INCREASE IN MULTI-VECTOR DDOS ATTACKS 27% LIKELIHOOD OF A REPEAT ATTACK IN SAME WEEK 98% DDOS ATTACKS LESS THAN 10 GBPS every half and full year, Corero looks at the latest trends in the DDoS market. The observations below are from our 2022 DDoS Threat intelligence report. In 2022, we witnessed significant changes in the global DDoS attack landscape. Corero has detected a surge in the overall volume of attacks, as well as variations in their nature, with attackers employing increasingly frequent, potent, and intricate tactics. DDoS attacks aim to incapacitate online services by inundating them with traffic from multiple sources, typically through botnets and other means, to surpass the available bandwidth and paralyse the internet traffic flow. These attacks target service and network availability, negatively impacting business continuity and uptime, leading to downtime, internet disruption, loss of revenue, customer loyalty, and brand trust. While traditional DDoS attacks typically deploy fewer packets of larger sizes, our observations indicate that recent attacks are employing larger numbers of smaller-sized packets, aiming to overwhelm a target’s transactional processing. This highlights the criticality of robust DDoS protection for the service and hosting providers responsible for maintaining customers’ internet availability. One of the most significant developments in DDoS attacks in 2022 was the rise of ‘carpet bomb’ attacks, posing a significant threat. These circumvent legacy detect-and-redirect DDoS protection systems by launching multiple small attacks. You can learn more about these emerging DDoS threats in the report which can be downloaded from www.corero.com/ about/newsroom. In conclusion, our key takeaway is that awareness and protocols alone are insufficient countermeasures against today’s DDoS threat. Fast-acting, real-time automatic detection and mitigation continues to be the best line of defence against these attacks. Source: 2022 Corero DDoS Threat Intelligence Report wHAT Are THe KeY DDOS MArKeT DriverS? A significant rise in the use of multiple vectors, increasing exploitation of the Internet of Things (‘IoT’) ecosystem, the growing need to protect the 5G ecosystem, and high demand of cloud-based and hybrid DDoS defence solutions1. • IoT devices, which are the source of high-intensity DDoS attacks, forecast to grow 18% to 14.4 billion during 2023.2 • The increased bandwidth of 5G networks opens avenues for DDoS attackers to induce large DDoS attacks leveraging millions of mobile or IoT devices.1 • Communication service providers (‘CSPs’) are increasingly targets, with limited capability to defend against any such attacks. The increase in IoT devices due to the growth of 5G further increases the risk to CSPs. 1 Markets and Markets DDoS Global Forecast Report, Forecast to 2027, December 2022 2 Techtarget.com, January 2023 08 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 09 COrerO eXPLAiNeD YOUr QUeSTiONS ANSwereD. wHAT iS OUr MiSSiON? To be the customer’s trusted partner on their journey to implement effective DDoS protection matched to their needs. WHAT IS A DDOS ATTACK? A DDoS attack is a cyber threat, in which multiple computer systems or devices attack a target, such as a server, website or network, and impact the users of the targeted resources. The flood of incoming messages, connection requests, or malformed packets sent to the target causes it to slow or shut down or congests the host network thereby denying service to legitimate users. DDoS attacks are a threat to service availability, network security, brand reputation and ultimately lead to lost revenues. Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to either disrupt business operations or provide a smokescreen while they attempt to access sensitive corporate information. Attackers are increasingly leveraging creative ways to circumvent traditional security solutions or reduce the effectiveness of DDoS scrubbing solutions. DDoS attacks can be found in a multitude of sizes and are launched for a variety of motivations. They may also be used to extort payments via Ransom DDoS. Today’s cyber criminals do not even have to construct the attacks themselves. They can simply download ready made DDoS tools or use DDoS for hire services on the darkweb to accomplish their goals. STEPS IN A TYPICAL DDOS BOTNET ATTACK Step 1 Botmaster sends command and control signals to a botnet of infected devices or hosts identifying victim and desired type of attack. Step 2 Botnet receives instruction and begins to attack designated victim by sending a variety of malicious DDoS traffic across the internet. Step 3 Traffic from attacking bots, distributed across the internet, converges on the victim at the same time resulting in congestion, overload and denial of service for legitimate users. Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory WHAT DAMAGE CAN A DDOS ATTACK DO? High availability of Cloud services and online applications are critical for modern businesses and institutions. Any downtime brings risk, including: • • Lost revenue. Loss of control. • Operational costs to mitigate or recover from attacks. • Increased costs to retain unhappy customers and attract new customers. • Brand and reputation damage leading to competitive disadvantage or loss of confidence. • Regulatory fines, legal action, resignations. WHAT SOLUTIONS DO WE HAVE? Corero’s SmartWall DDoS protection solutions are designed to protect business continuity, service availability, revenues and brand reputations from harmful DDoS attacks. We do this for internet service providers, hosting and data centre providers and SaaS enterprises. The SmartWall family of solutions utilise innovative, patented, technology to automatically and surgically remove DDoS attack traffic, while allowing good traffic to flow uninterrupted. They are amongst the highest performing in the industry, while providing the most flexible deployment options for any network for automated and accurate DDoS protection, at unprecedented scale, with the lowest total cost of ownership to the customer. We protect against DDoS attacks in seconds, or less, rather than the minutes or tens of minutes taken by legacy solutions. Corero’s market leading DDoS solution portfolio is endorsed by over 160 direct customers, many of whom are providers using Corero’s solution to protect hundreds, or thousands, of their customers. Our SmartWall solution delivers the industry’s broadest on-premises deployment options. From inline and in-datapath appliances, to out-of-band detection with edge and/or scrubbing protection for the largest provider networks. Corero’s edge solution includes integration that directly powers the silicon filtering capabilities increasingly built into modern edge routers, scaling to tens-of-terabits per second of protection, without the need to deploy additional appliances at the edge or needing to back-haul large volumes of attack traffic to scrubbing centres. WHAT CUSTOMER PROFILES DO WE TARGET? Corero’s Ideal Customer Profile (‘ICP’) is broken down into 3 distinct groups. The first being Tier 2 or Tier 3 internet service providers whose commercial customers would be potential customers for a DDoS Protection Service. The second group consists of hosting and cloud providers that provide critical services and infrastructure to business customers. The third group comprises SaaS providers that have their own infrastructure which requires protection to ensure service availability for their customers. eXAMPLe OF A DDOS BOTNeT ATTACK 1 2 3 Botmaster sends “LAUNCH” command. Bots send attack traffic to victim. Attack traffic overwhelms the victim server or network. BOTMASTER COMMAND AND CONTROL SERVER BOTNET OF HUNDREDS, THOUSANDS OF INFECTED DEVICES OR HOSTS VICTIM SERVER USERS 20+ YeArS OF evOLviNG DDOS ATTACKS MafiaBoy DDoS: Yahoo!, Amazon, Dell, CNN, eBay, E*TRADE Organized Crime: Extortion Coordinated uS Bank attacks: Grew to 200 Gbps, and continue today Mirai Code: The Tbps era of attacks, OVH Memcached blows away the attack size record: 1.3Tbps GitHub 1.7Tbps US ISP 754M PPS Multivector Attack Spammers Discover Botnets Estonia: Parliament, Banks, Media, Estonia, Reform Party 500 Gbps Hong Kong Attack: France swarmed after terror attack PlayStation & Xbox hit at Christmas Massive Attack Launched Against DYN 500M PPS SYN Flood Carpet bombing / Spread spectrum Rio Olympics: 540 Gbps Spamhaus Attack: Reported to reach 310 Gbps AWS Attack 2.3 Tbps Anon hits Church of Scientology ProtonMail Attack 10 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 11 1993 2001 2003 2005 2007 2009 2011 2013 2016 2017 2018 2019 2020 2021 2022 COrerO eXPLAiNeD CONTINUED WHAT STRATEGIC ALLIANCES DO WE HAVE? Juniper Networks Juniper Networks, Inc. (NYSE: JNPR) (‘Juniper’) is one of the world’s largest networking product, solutions and services companies, with revenues of over $5.3bn in 2022. Corero has a global partnership agreement with Juniper enabling Juniper to sell Corero’s SmartWall Threat Defence Director (‘TDD’) software product in conjunction with its own MX and PTX Series routers. Juniper and Corero have developed this fully integrated solution for large-scale network-edge DDoS defence that leverages powerful filtering capabilities in the latest generation of Juniper’s MX and PTX Series routers. GTT Communications GTT Communications, Inc. (NYSE: GTT) (‘GTT’) is a leading global cloud networking provider to multinational clients, with over 600 points of presence (‘POPs’), with revenues of $1.7bn in 2022. GTT operates a global Tier 1 internet network and provides a comprehensive suite of cloud networking services. GTT customers can purchase IP transit with DDoS protection powered by Corero’s SmartWall Solutions which are deployed in the GTT network. Neustar Neustar, Inc. (‘Neustar’), through Neustar Security Services, is an American technology company that provides real-time information and analytics for the Internet, risk, digital performance and defence, telecommunications, entertainment, and marketing industries, and also provides clearinghouse and directory services to the global communications and Internet industries. Corero’s hybrid DDoS protection solution combines the Corero on-premises SmartWall TDS with the SmartWall Threat Defence Cloud (‘TDC’) service, powered by Neustar, which provides protection against the largest attacks which can saturate an organisation’s internet connections and overwhelm legitimate traffic. WHERE ARE WE LOCATED? Corero’s key operational centres are in Marlborough, Massachusetts in the USA and Edinburgh in Scotland, UK, with the Company’s registered office at Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, UK. HOw DOeS THe TeCHNOLOGY wOrK? HOw DO we COMBAT DDOS ATTACKS?. To meet the needs of these customers, Corero offers the Smartwall TDS, TDD and ETD product lines featuring Deep Packet Inspection (‘DPI’), rather than flow monitoring, processing packets in real-time, in the data path or at the network edge, with a high level of automation based on exact match and behavioural heuristics-based rules. These products deliver highly scalable real-time DDoS protection up to tens of terabits per second, which makes our cost- performance ratio superior in the industry. DDoS mitigation providers typically rely on NetFlow monitoring, to identify internet traffic anomalies and then re-direct that traffic to specialist scrubbing centres (which may be on-premises, or in the cloud) where the internet traffic can be scrubbed with a mix of automatic and manual interventions, before the remaining clean traffic is returned to its original destination. Corero supports this detect-and-redirect model with the Smartwall ETD product line. Detect and redirect can be ineffective if the length of the DDoS attack is short in duration. Continued uptime is critical for modern businesses impacting, amongst other areas, the continuity of their services and therefore is fundamental to the businesses’ success. Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory SMARTWALL Corero’s SmartWall solution is highly automated, detecting and mitigating attacks surgically without the expensive intervention of security analysts or network operators, who may not even know the network is under attack before SmartWall provides an alert to them that it is already blocking what would otherwise have been a business damaging attack. With varied deployment topologies (in-line, datapath, scrubbing or edge) Corero’s SmartWall family of solutions utilise innovative, patented technology to automatically and surgically remove the DDoS attack traffic, leaving good traffic to flow unimpeded. Protection is available in cost-effective scaling increments, from tens-of-gigabits to tens-of-terabits, supporting the full spectrum of customer bandwidth protection requirements. We have combined advances in Intel x86 multicore CPU technology, Data Plane Development Kit (‘DPDK’) software for packet processing acceleration, and high-performance network interface cards (‘NICs’), together with an innovative, patented, and highly efficient software architecture, to develop a new generation of physical and virtual appliances providing breakthrough price/performance for DDoS defence. SmartWall appliances perform sampled DPI to generate security metadata from traffic flows. The internal rules-engines examine this metadata to flag offending packet flows in real-time and block attacks. At the same time, the security metadata is streamed to the Corero SecureWatch® Analytics platform, where further analysis, involving correlation with other performance metrics and event data, enables rapid identification of new attack vectors. SecureWatch Analytics can formulate new mitigation rules for these vectors that are distributed out to each SmartWall instance. SECUREWATCH The Corero SecureWatch service is a tiered offering comprised of configuration optimisation, monitoring and mitigation response services. Corero’s SecureWatch Analytics application leverages Splunk’s analytics engine and provides detailed reporting to transform Smartwall’s sophisticated DDoS event data into easily consumable dashboards accessed via a multi-user web GUI. This enables customer security analysts to monitor and manage incident responses, with the ability to conduct sophisticated forensic analysis. The Corero multi-tenant SmartWall Service Portal enables a service provider’s customers (or ‘tenants’) to gain visibility into attacks via per-tenant dashboards. Service provider customers can assign tenant service levels and automatically distribute reports which showcase the value of the protection their customers are receiving. SOLUTiONS THAT FiT ANY iNFrASTrUCTUre INLINE • Deployed directly on Internet links, in front of edge routers • Inspects all traffic to deliver fast and accurate protection DATAPATH • Deployed locally, adjacent to EDGE • Deployed centrally, remote SCRUBBING • Deployed centrally, remote edge routers from edge routers from edge routers • Inspects all, or selected, traffic to deliver fast and accurate protection • Inspects edge traffic samples and instructs routers to protect locally at the edge • Inspects edge traffic samples and redirects attack traffic to scrubbing protection devices ANALYTiCS ServiCeS • Traffic & Attack Analysis • World-Class SOC Service POrTAL • Multi-Tenant Protection SaaS CLOUD • Saturation Protection • Trend, Alerting, Reporting • 24x7x365 MSSP/Support • Detailed Reports & Visibility • Business Continuity SUPPOrTeD BY 12 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 13 CUSTOMer PrOPOSiTiON iNveSTOr PrOPOSiTiON Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory SPeeD SiMPLiCiTY FLeXiBiLiTY Attacks mitigated in seconds versus minutes or tens of minutes for competing technologies with zero downtime Automatic software, plug and play appliances for lowest TCO Multiple deployment options: on- premises, hybrid and cloud protection SCALABiLiTY viSiBiLiTY SUPPOrT Modular and distributed, pay-as-you- grow protection Accurate, forensic-level attack and traffic visibility with SecureWatch Analytics World-Class 24x7x365 SOC support with SecureWatch Managed Services MATUriTY JOUrNeY SeLLiNG DDOS AS A ServiCe • Per-Tenant visibility into DDoS attacks • Tenant Portal for Alerting & Reporting • Subscribe/Upsell/Retain Tenants DDOS PrOTeCTiON • Full visibility into DDoS attacks • Victim Tenant(s) not impacted • Other Tenants unaffected DDOS MiTiGATiON • Basic visibility into DDoS attacks • Victim Tenant(s) impacted/sacrificed • Other Tenants may be impacted NO PrOTeCTiON • No visibility of DDoS • Victim Tenant(s) offline • Other Tenants impacted • Am I being attacked? The maturity journey depicts a typical Corero customers’ DDoS journey and Corero’s ability to support customers at all stages of their DDoS growth needs. SUPeriOr PerFOrMANCe CUSTOMer reLATiONSHiPS High performance, best-in class solutions: automatic DDoS protection without disrupting or delaying legitimate network traffic. Corero automatically mitigates DDoS attacks in seconds, faster than any other solutions in the market. We enjoy high levels of trust with our customers which translates into high retention rates and long-term relationships. High annualised recurring revenues demonstrate such enduring relationships. Corero solutions provide continuity of service and allow our customers to generate incremental revenue. Our 98% customer support contract renewal rate demonstrates the quality of both our solutions and customer service. CUSTOMer SUPPOrT AND ServiCe We provide high levels of customer support and service through our solutions engineers, SOC and Operations teams- worldwide, 24x7x365. We provide high levels of compatibility with customer indigenous equipment and systems. HiGH GrOwTH MArKeTS The increasingly interconnected world grows faster and more complex with higher speed connections; higher capacities and meshed networks; the proliferation of IoT and 5G devices; and the continued growth of cloud services. PrOPrieTArY iNTeLLeCTUAL PrOPerTY In-house expertise and proprietary knowledge means we can innovate without significant outsourcing dependencies or royalty costs. Over 20 years of DDoS protection software development expertise leveraged to expand feature set and pipeline. ATTrACTive BUSiNeSS MODeL, PerFOrMANCe AND wOrLD CLASS TeAM We have high gross margins, recurring and repeat business. Our world class, highly skilled team have decades of experience in the market we operate in. TiMe TO MArKeT Superior solution already developed and field proven. No development cycle with customers. Very quick and simple deployment cycles with high software content. On-going R&D investment in our solutions and product enhancements. SCALABiLiTY – OrGANiC AND PArTNerS We are establishing additional routes to market through our own direct sales force, resellers, distributors, and strategic partnerships. Where customers select appliance based deployment, manufacturing is outsourced, mitigating any in-house supply constraints. 14 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 15 eXeCUTive CHAirMAN’S review THe COMPANY DeLivereD A CreDiBLe PerFOrMANCe ACrOSS FY 2022 Jens Montanana EXECUTIVE CHAIRMAN ORDER INTAKE ARR 13% increase 13% increase Annualised Recurring Revenues (“ARR”) increased 13% to $14.4 million as at 1 January 2023 (ARR at 1 January 2022: $12.8 million), driven by strong demand for Corero’s subscription- based and DDoS Protection as-a- service (“DDPaaS”) products, which increase revenue visibility for the Company going forward. During the final quarter of the year, Corero secured several important customer wins for its SmartWall® DDoS protection solutions including additional purchases from existing customers and a significant multi- year support renewal for an existing customer. These wins will benefit revenues across FY 2023 and subsequent years. iNTrODUCTiON The Company delivered a credible performance across FY 2022. The financial performance was adversely impacted by broader macro-economic factors and as a consequence, the Company saw sales cycles across the business lengthen in the second half of the year which impacted revenues. Nevertheless, the Company delivered growth in order intake, and ARR and reported another year of EBITDA profit. The underlying health of the business remains robust with order intake, which reflects revenues recognised over the lifetime of each of the contracts, up 13% year-on-year to $23.9 million (2021: $21.2 million). Encouragingly, new customer order intake increased 38% over the prior year. This, coupled with an exceptional customer support contract renewal rate of 98% (2021: 96%), demonstrates the strength and quality of Corero’s market-leading solutions, supported by continued investment in product development. Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory OUTLOOK The demand for DDoS protection is expected to remain strong through 2023, with attacks becoming increasingly sophisticated while at the same time the DDoS attack surface is expanding. With the number of recorded attacks on the rise and shifts in attackers’ motives and goals, organisations will need to ensure they have robust DDoS defences in place. The key focus for Corero in 2023 is to grow our sales pipeline and revenue. The Board is confident that with the operational management team in place, our market-leading SmartWall® solutions and SecureWatch® services, the investment in 2022 in sales and marketing initiatives to build a stronger go-to-market organisation and demand generation targeted to our defined Ideal Customer Profile (“ICP”), the Company is now well placed to expand its market coverage and increase sales of SmartWall solutions to new customers. As announced by the Company on 13 April 2023, Q1 2023 has already seen significant orders from both new and existing customers. The Board remains encouraged by the 2022 increase in new order intake, existing customer expansion and increase in ARR, all achieved against a challenging macro- economic backdrop in the second half of 2022. Jens Montanana EXECUTIVE CHAIRMAN 24 April 2022 The Board of Directors believes that Corero has a built a strong operational team and platform, alongside a sales and marketing strategy capable of generating sustainable growth in the medium term, underpinned by: DDOS MARKET DYNAMICS DDoS attacks continue to be prevalent as a means of cyber-attack, as camouflage for ransomware attacks and even with Ransom driven attacks. The global DDoS protection market was worth c.$3.9 billion in 2022 and is expected to reach $7.3 billion by 2027 at a CAGR of 13.2%. Corero operates within a significant segment of this overall market and estimates that the total addressable market exceeds $2.0bn for its SmartWall solutions. The DDoS mitigation marketplace continues to grow apace as a result of the global acceleration of digitisation and the growing need for Service Providers to deliver uncompromised network access for enterprises to ensure business continuity. This is set to continue with the ongoing proliferation of IoT devices, the roll-out of 5G networks and the increase in cloud services. BOARD CHANGES Neil Pritchard, the former CFO resigned from the Board and the Company with effect from 30 September 2022. Subsequent to the year-end, Lionel Chmilewsky resigned from the Board on 28 February 2023. I assumed the role of Executive Chairman with effect from 15 February 2023, and Andrew Miller was appointed Interim Chief Operating Officer with effect from 1 March 2023. • Large and high growth addressable market; • Market leading proprietary technology with global customer service capability; • Better alignment of the product offering to Corero’s Ideal Customer Profile (“ICP”); • Continued investment in sales and channel resources; • Scalable and recurring revenue model with strong gross margins; and • Strong base of existing customers and strategic partnerships. STRATEGIC PROGRESS The Company made operational advances in 2022 with product development and, sales and marketing activities driven by a customer centric approach. We continued to make strategic progress in key areas including: • Increasing our customer base: during 2022 we added 32 new customers. • Growing strategic alliances: extended the Juniper partnership to include the PTX router product line and expanded our reach and business with GTT. • Better monetising our existing services and introducing new services: we continue to enhance the protection and network security visibility for our customers. • Amplifying our demand generation programmes: increased on-line advertising and marketing campaigns including webinars and thought leadership speaking opportunities. • Continuing to increase our technological innovation leadership: We have invested $35 million over 10 years in our market leading SmartWall solutions enabling our customers to have the most advanced DDoS protection, including $1.7 million in 2022 to continue to enhance our product and competitiveness. 16 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 17 Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory FiNANCiAL review i AM PLeASeD TO rePOrT THAT FOr THe SeCOND CONSeCUTive YeAr THe COMPANY HAS ACHieveD A POSiTive eBiTDA of $2.6 million (2021: $4.0 million), demonstrating the robustness of the Company’s business model. REVENUE AND GROSS MARGINS Revenue in the year ended 31 December 2022 reduced slightly year on year from $20.9 million in 2021 to $20.1 million in 2022 due primarily to the timing of order receipts. The Company’s overall gross margin improved in the full year with a margin of 87.2% (2021: gross margin of 85.1%) driven by the difference in revenue mix between 2022 and 2021. Annualised recurring revenues increased in the year with ARR of $14.4 million as at 1 January 2023, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2022: $12.8 million). Software license and appliance revenues in particular saw better margin capture while other revenue streams recorded similar margins to prior periods. OPERATING EXPENSES AND R&D INVESTMENT After adjusting for $0.6 million PPPL loan forgiveness received in 2021, operating expenses decreased marginally by $0.2 million from $16.7 million to $16.5 million. Underlying operating expenses, when taking into account the debt forgiveness, were level year on year. eBiTDA $2.6m -35% $4.0m $2.6m PrOFiT/(LOSS) BeFOre TAXATiON $0.4m -71% $1.4m $0.4m Phil richards CHieF FiNANCiAL OFFiCer -$1.7m -$1.4m -$3.2m -$4.0m -$5.2m -$6.6m 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 OPERATING CASH AND CASH EQUIVALENTS Overall, net cash used in operating activities amounted to $1.7 million in the year (2021: generation of $2.8 million). Cash and cash equivalents excluding the impact of exchange rates decreased by $5.2 million (2021: increase of $1.2 million). This decrease in cash being primarily due to the aforementioned repayment of the Company’s term debt facility, alongside increased working capital investment, due to the timing of customer payment cycles, which has unwound since the year-end. Net cash, defined as cash at bank less total borrowings, at 31 December 2022 was $4.4 million (2021: $8.4 million). Gross cash at bank at 31 December 2022 was $5.6 million (2021: $11.2 million). Borrowings were $1.2 million (2021: $2.8 million), comprising a drawn term bank loan facility due to be repaid in full by 31 March 2024. Phil Richards CHIEF FINANCIAL OFFICER 24 April 2023 Underlying operating expenses included a lower depreciation charge of $0.6 million (2021: $0.7 million) and lower amortisation charge for research and development (‘R&D’) of $1.7 million (2021: $1.9 million). During the year, the Group enhanced its product offerings with new features and functionality, with R&D investment of $1.7 million (2021: $1.8 million). Capital expenditures in property plant and equipment were level year-on-year at $0.4 million (2021: $0.4 million). Share based payments amounted to $0.4 million in 2022 (2021: $0.5 million). Financing costs were lower in the year at $0.3 million (2021: $0.4 million) due to the repayment of $1.6 million of the Company’s debt facility during the year and corresponding decrease in interest costs. PROFITABILITY Building on our maiden EBITDA profit in 2021, I am pleased to report a positive EBITDA for the business of $2.6 million in 2022. Adjusted EBITDA for the year was $1.7 million (2021: $3.2 million). Further details on these measures are provided in the Key Performance Indicators section on pages 20 to 21. Profit after taxation was $0.6 million (2021: $1.5 million). Basic and diluted profit per share was 0.1 cents per share (2021: 0.3 cents per share). GrOSS MArGiN 87.2% +2.1% NeT CASH $4.4m 87.2% -48% 85.1% $8.4m $7.6m 81.0% 77.3% 78.4% $5.4m $4.4m $4.4m 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 18 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 19 KeY PerFOrMANCe iNDiCATOrS reveNUe $20.1m -4% $16.9m $20.9m $20.1m $10.0m $9.7m Represents revenue from the sale of Corero solutions. PERFORMANCE Revenue for the year ended 31 December 2022 decreased slightly to $20.1 million (2021: $20.9 million). Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory eBiTDA $2.6m -35% $4.0m $2.6m Represents operating profit less depreciation, amortisation and impairment of goodwill. The Board considers EBITDA to be a useful measure of profitability as it excludes typical non- cash items. For further details please see note 8. PERFORMANCE EBITDA of $2.6 million was positive for the second consecutive year (2021: $4.0 million). $(1.7)m $(3.2)m $(1.4)m 2018 2019 2020 2021 2022 PrOFiT BeFOre TAXATiON $0.4m $1.4m -71% $(5.2)m $(6.6)m $(4.0)m $0.4m Represents the Company’s profit arising from operations, after depreciation, amortisation and any finance income or expenditure before any taxation charges or credits. PERFORMANCE For the second consecutive year, Corero delivered a profit before taxation of $0.4 million (2021: profit before taxation of $1.4 million). 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 Arr (ANNUALiSeD reCUrriNG reveNUeS) $14.4m +13% $14.4m $12.8m Represents the normalised annualised recurring revenues and includes recurring revenues from contract values of annual support, software subscription and from DDoS Protection-as-a-Service (DDPaaS) contracts. PERFORMANCE Annualised recurring revenues increased in the year with ARR of $14.4 million as at 1 January 2023, driven by growth in DDPaaS and software subscription orders (ARR at 1 January 2022: $12.8 million). $9.8m $7.2m $5.8m ADJUSTeD eBiTDA $1.7m -47% $3.2m $1.7m $(2.1)m $(2.9)m $(1.1)m Represents the operating profit less unrealised foreign exchange differences on an intercompany loan, PPPL forgiveness, depreciation, amortisation and any impairment of goodwill. The Board considers the Adjusted EBITDA to be a further useful measure of profitability as it excludes other significant non-cash items in addition to classic typical EBITDA non-cash items. For further details please see note 8. PERFORMANCE Adjusted EBITDA, was positive for the second consecutive year for Corero in the year ended 31 December 2022 at $1.7million (2021: $3.2 million). 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 GrOSS MArGiN % 87.2% +210 basis points 78.4% 81.0% 77.3% 85.1% 87.2% Represents gross profit divided by revenue. It measures the Group’s profitability before overheads. PERFORMANCE Corero’s gross margin of 87% slightly increased from 2021 of 85%. Represents cash at bank less total borrowings. NeT CASH $4.4m -48% $8.4m $7.6m $5.4m $4.4m $4.4m PERFORMANCE Net cash as at 31 December 2022 was $4.4 million (2021: $8.4 million). Net cash is derived from gross cash (cash at bank and in hand) less borrowings. Gross cash at bank as at 31 December 2022 was $5.6 million (2021: $11.2 million). Borrowings were $1.2 million (2021: $2.8 million). 2018 2019 2020 2021 2022 2018 2019 2020 2021 2022 20 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 21 KeY STAKeHOLDerS SeCTiON 172 STATeMeNT The Directors are aware of their duty under Section 172 of the Companies Act 2006 to act in the way which they consider, in good faith, would be most likely to promote the success of the Company for the benefit of its members as a whole and, in doing so, to have regard (amongst other matters) to the: likely consequences of any decisions in the long-term; interests of the Company’s employees; need to foster the Company’s business relationships with suppliers, customers and others; impact of the Company’s operations on the community and environment; Company’s reputation for high standards of business conduct; and need to act fairly as between members of the Company. The Board reviewed and re-confirmed the Company’s key stakeholder groups during the year. These are set out below along with details of the forms of engagement undertaken by the Board: Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory “ every day Corero is interacting with customers and prospective customers – including in tenders, in technical presentations, in quoting, in invoicing, in deployment, and in after-sales and on- going customer support roles.” WHY THEY MATTER WHAT MATTERS TO THEM CORERO’S ENGAGEMENT THE BOARD’S ENGAGEMENT KEY EVENTS IN THE YEAR CUSTOMerS Customers are the lifeblood of a successful growing business. Corero customers are concerned with having products and services that protect their online presence and operations from the increasing threat of DDoS attacks. High availability of cloud services and applications are critical for modern businesses and institutions, their revenue streams rely on having internet connectivity protected from the threat of DDoS attacks. Executive Directors meet with customers throughout the year and feedback issues to the Board. The Board reviews strategy and monitors performance during the year with the aim of meeting customers’ needs more effectively. Receives regular competitor updates to understand Corero’s competitive performance and its strengths and weaknesses as regards meeting customer needs. Corero employees interact with customers every day– including in tenders, in technical presentations, in quoting, in invoicing, in deployment, and in after-sales and on-going customer support roles. SHAreHOLDerS Shareholders own the business. They are the providers of capital to grow and invest for future success. Concerned with a broad range of issues including, but not limited to, Corero’s financial and operational performance, strategic execution, investment plans and governance. Communications such as annual reports, interim reports and notices of general meetings. Investor roadshows, Stock Exchange announcements and press releases; www.corero.com. Board attendance at the AGM to answer questions. Feedback on investor meetings held by the Chairman. Executive Director meetings with investors. Corero consulted with major shareholders and key strategic partners during investor roadshows and forums. PArTNerS Partners are an extension of Corero, representing the Corero brand in the market, providing an additional route to market to scale the business. Corero’s partners harness Corero’s innovative technology to deliver customer success through creation of unique joint value propositions. They share insights into what current and future customers want, ultimately impacting product strategy and roadmaps and accelerating business growth through sales and marketing programmes, as well as technical training, often with a greater, and more geographically dispersed sales force. Partner Code of Conduct define expectations of responsible business and behaviour. Board updates regarding partner relationships, development and engagement. Regular Board reports, including updates on performance and key partner issues. Senior management engaged in quarterly review of progress of strategic partner relationships. The Board provides on-going consideration of key strategic partnerships, and whether to change or add to existing relationships. Board engaged in review of progress of strategic partner relationships. Board member engagement with Juniper management. eMPLOYeeS Corero employees are a key resource, dedicated to creating, selling and supporting solutions that protect Corero’s customers from the increasing threat of DDoS attacks. Opportunities for personal development and career progression, a culture of inclusion and diversity, compensation and benefits, and the ability to make a difference within Corero. Various activities and forums to foster participation in Group events, invite opinions, questions and ideas. Regular ‘All Hands’ meetings are held. Board members attend the employee ‘All Hands’ meetings where appropriate. Performance appraisal and objective setting processes implemented in 2022 have provided formalised reflection, feedback and direction for 2023. r e D L O H e K A T S r e D L O H e K A T S r e D L O H e K A T S r e D L O H e K A T S 22 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 23 Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory PriNCiPAL riSKS AND UNCerTAiNTieS THe GrOUP HAS A NUMBer OF PriNCiPAL riSKS AND UNCerTAiNTieS. reveNUe GrOwTH FOreiGN eXCHANGe FLUCTUATiONS PeOPLe To grow and address the challenges resulting from technology change and innovation in the DDoS protection market, the Company needs to retain and recruit the required sales, business development, and software development skills. Corero operates in a high growth cyber security market and if Corero is unable to recruit and retain the right skills this will compromise growth plans. Consequently, Corero targets paying salaries in the upper quartile for comparable positions. Corero’s strategy outlined on page 3 depends on delivering revenue growth to meet these ambitions. Clearly, higher order intake and related revenue growth provides the opportunity for Corero to invest further in its future. Revenue growth is highly important to deliver profitable growth for the business. Conversely, lower sales growth reduces the Company’s cash resources which could impact the Company’s investment in sales and marketing and product development and its other associated goals. To deliver this order intake and, as a subset revenue growth, Corero needs to identify, meet and exceed customer needs. If Corero is not successful in identifying customer prospects with a business need Corero can solve, or developing go-to-market partner and channel partner relationships which generate revenue, this will compromise growth plans and success. To be successful Corero is: • • targeting its Ideal Customer Profile (ICP); focussing its lead generation and sales resources, and product development, on its ICP; • working closely with go-to-market partners to grow its sales opportunity pipeline, progress sales opportunities and generate revenue and cash; and • developing relationships with new go-to-market partners and channel partners to expand its routes to market. Past Corero equity fund raises have been in GBP and its debt is denominated in GBP. To the extent such funds are required to support US dollar denominated funding requirements more generally for the Group, the exchange rate value of GBP to the value of US dollar may vary, either impacting adversely or favourably compared to the denominated funding requirements that can be funded from such fund raises. The Group mitigates this risk by utilising US denominated funds received by the Group’s UK subsidiary to fund the Group’s US subsidiary to the extent such funding is required, with the GBP funding requirements satisfied from the GBP denominated funds generated from GBP equity and debt where possible. OTHer NON-PriNCiPAL riSKS AND UNCerTAiNTieS There are a multitude of other risks and uncertainties that face companies like Corero, these include: risks and uncertainties associated with local legal requirements, political and geographic risk, the enforceability of laws and contracts, changes in tax laws, terrorist activities, wars and invasions, natural disasters and other types of health epidemics. TeCHNOLOGY CHANGe AND iNNOvATiON The DDoS mitigation market is competitive and characterised by changes in technology, customer requirements and frequent new product introductions and improvements. Cybersecurity and DDoS attacks are constantly evolving and changing as attackers develop new methods and tools to evade defences. Corero is focused on its chosen markets and delivering continuous innovation by adding new DDoS attack defences and new machine learning and artificial intelligence capabilities, and striving to provide market leading solutions to secure customers from the threat of DDoS attacks. MArKeT AwAreNeSS Corero is an emerging player in the DDoS prevention market and competes with much larger established organisations. If Corero is not successful in connecting with the market and raising its profile this will compromise growth plans. To raise market awareness of Corero and its DDoS protection solutions, the Company will continue to invest in targeted digital marketing and lead generation programmes, together with its brand awareness programmes. riSK MANAGeMeNT The Company operates a risk assessment process, which is embedded in day-to-day management and governance processes. As part of the annual planning and budgeting process, Corero management document the significant risks identified, the probability of those risks occurring, their potential impact and the plans for managing and mitigating each of those risks. The Board reviews the annual risk assessment including an annual assessment of the effectiveness of the Company’s internal control system, comprising financial, operational and compliance controls, to ensure that the Company’s risk management framework identifies and addresses all relevant risks in order to execute and deliver the Company’s strategy. The Directors are responsible for the Company’s system of internal control and for reviewing its effectiveness, whilst the role of management is to implement policies on risk management and control. The Company’s system of internal control is designed to manage, rather than eliminate, the risk of failure to achieve the Company’s business objectives and can only provide reasonable, and not absolute, assurance against material misstatement or loss. The Company operates a series of controls to meet its needs. These controls include, but are not limited to, the annual strategic planning and budgeting process, a clearly defined organisational structure with authorisation limits, reviews by senior management of monthly financial and operating information including comparisons with budgets, and forecasts to the Board. Given the size of the Company, the Board has concluded it is not appropriate to establish a separate, independent internal audit function. The Board will keep this under review. The Audit, Risk and Compliance Committee (‘ARCC’) reviews the effectiveness of internal controls. The ARCC receives reports from management and observations from the external auditors concerning the system of internal control and any material control weaknesses. Significant risk issues, if any, are referred to the Board for consideration. The Corero Risk Register, Auditor’s report, assessment of the effectiveness of the internal control system and key judgements report for the Annual Report and Accounts are tabled and reviewed by the ARCC. 24 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 25 eNvirONMeNTAL, SOCiAL AND GOverNANCe (eSG) rePOrT COrerO ASPireS TO CArrY OUT iTS BUSiNeSS TO THe HiGHeST eTHiCAL STANDArDS We treat customers, partners, suppliers and employees in a professional, courteous and honest manner. We are committed to complying with environmental, social and governance requirements and Corero is dedicated to improving the security and availability of the Internet for all. CORERO’S CULTURE AND VALUES We seek to live our culture and values every day, in a dynamic and professional manner. Our defined values are: Customers First; Technology Leadership & Innovation; Operational Excellence; Integrity; and, Our People, Empowerment & Team Work. In common with most intellectual property technology businesses, we know that the expertise, experience, and passion of our employees is genuinely what make our products and services market leading. For example, Corero’s Security Operation Centre (‘SOC’) comprises a team of highly experienced security analysts whose role it is to assist our customers’ IT and security teams mitigate the growing number of increasingly sophisticated DDoS attacks. This service and customer support offering is therefore an important competitive differentiator. Customers tell us they value the service levels and our team regularly receives very favourable feedback from our customers. CORERO’S APPROACH TO RESPONSIBLE BUSINESS IN SOCIETY EMPLOYEES, DIVERSITY AND INCLUSION AND EMPLOYEE INTERACTION Corero recognises that long-term success is underpinned by good relations with its key stakeholders, both external (partners, suppliers, customers, shareholders, regulators and others) and internal (employees). As part of Corero’s annual planning and budgeting process, the Company identifies its stakeholders and their respective needs, interests and expectations. In addition, the strategy for engaging with these stakeholder groups is formulated and implemented. Corero values feedback from its stakeholders and proactively endeavours to address any matter identified. Feedback is gathered from: customers and partners relating to Corero’s products and services in an on-going, continuous manner; shareholders, through investor relations roadshows; and employees as a part of regular Company ‘All Hands’ meetings. Our employees are Corero’s most important asset and the continued and sustained development of the Company relies on its ability to retain and attract high calibre employees and we are proud to have so many experienced, and talented employees in our team. Corero operates an employee share option plan, with awards approved by the Corero Remuneration Committee. The Corero equal opportunities policy ensures that all job applicants and employees are treated fairly, no matter what age, race, colour, gender, religion or beliefs, sexual orientation, marital or partner status, ethnic origin or community, disability, and without favour or prejudice. We are committed to applying this policy throughout all aspects of employment, recruitment and selection, training, development and promotion. The Corero equal opportunity policy has been developed to maintain the following policy objectives: • To provide a safe and welcoming environment, in which individuals are valued, included and respected • To advance equality of opportunity • To eliminate unfair discrimination • To foster good relations between different groups of people Overview STrATeGiC rePOrT Governance Financial Statements Corporate Directory We are an increasingly international, multi-cultural, gender diverse and diverse organisation. For example, many of our UK-based software engineers are drawn from local universities but also sponsored on EU skilled-migrant visas. Inclusion is the practice of providing everyone with equal access to opportunities and resources. We believe employees find an environment of understanding and respect at Corero - where voices and opinions are heard and carefully considered - this is made easier by the relatively flat hierarchy and agile nature of the business and the values we share. Employees are regularly informed of matters concerning their interest and the financial factors affecting the Company. The Company uses company-wide forums to communicate matters as well as team and individual meetings. ENVIRONMENTAL SUSTAINABILITY Corero has identified the following UN Sustainable Development Goals (SDGs) most applicable to its activities listed in the table below. Corero is committed to promoting sustainability. We aim to lead, follow and to promote good sustainability practice, to carry out our operations in a way which manages and minimises any adverse environmental impacts from our activities. For many years Corero has operated a flexible remote working policy before remote working was necessitated by the COVID-19 pandemic. We aim to mitigate unnecessary travel and the impact on climate change. Our products are used by thousands of businesses throughout the world to protect against disruptions that could have adverse economic, health, well-being and environmental consequences for the users and customers of those businesses (sometimes in a mission critical way) and the knock-on effects to populations as-a-whole. Disruptions may emanate from individuals, groups, corporates or state-sponsored actors. Corero is committed to reducing our resource consumption where possible. Furthermore employees are encouraged to be environmentally aware. For example, Corero encourages the reuse or recycling of office waste, including paper, packaging, computer supplies and redundant equipment. Company cars are not provided. Wherever possible we seek to ensure that waste materials are disposed of in an environmentally safe manner and in accordance with regulations. We aim to provide materials such as marketing collateral in a paperless, digital way. ETHICAL BUSINESS Corero is committed to the fundamental values of integrity, transparency and accountability. We have a zero-tolerance policy with regard to bribery and corruption with reporting mechanisms in place. Corero adopts and enacts an Ethics and Anti-Bribery Policy to record the ethical way in which we conduct business and to make our ethical standards clear to everyone, including those with whom we do business, which includes resellers, agents and distributors as well as our customers. Corero provides training to all its employees on Anti-Bribery and Corruption. STRATEGIC REPORT SIGN-OFF In accordance with Section 414D(1) of The Companies Act 2006, The Strategic Report on pages 16 to 27 is signed by order of the Board. Duncan Swallow COMPANY SECRETARY 24 April 2023 UN SD Goals Good Health and Well Being Quality Education Decent Work and Economic Growth Peace, Justice and Strong Institutions How Corero contributes Ensuring healthy lives and promoting well-being at all ages is essential to sustainable development. We are committed to our people and their wellbeing and are proud of our supportive, collaborative culture and strong values. Obtaining a quality education is the foundation to improving people’s lives and sustainable development. Corero’s DDoS protection is favoured by many research and educational network customers as a secure way to deliver and promote their objectives. Sustained and inclusive economic growth can drive progress, create decent jobs for all and improve living standards. Corero’s DDoS protection protects the remote working practices, being a key feature of post-COVID-19 pandemic ways of working for most employers. Conflict, insecurity, weak institutions and limited access to justice remain a great threat to sustainable development. Corero’s solutions provide cyber protection against nefarious activities from individuals, crime and state-sponsored terrorist groups. Corero’s vision is an Internet connect world where every business, application and individual is protected from DDoS attacks. 26 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 27 Overview Strategic Report GOverNANCe Financial Statements Corporate Directory BOArD OF DireCTOrS Jens Montanana EXECuTIVE CHAIRMAN Richard Last INDEPENDENT NON-EXECuTIVE DIRECTOR* Peter George INDEPENDENT NON-EXECuTIVE DIRECTOR Andrew Miller INTERIM COO Ashley Stephenson CHIEF TECHNOLOGY OFFICER Duncan Swallow COMPANY SECRETARY Nomination Committee Remuneration Committee Audit, Risk and Compliance Committee Chair of Committee APPOiNTeD 6 August 2010 22 May 2008 3 January 2019 6 August 2010 6 September 2013 1 November 2007 BACKGrOUND & eXPerieNCe Jens has spent the majority of his over 30-year career in the technology industry with considerable operational and commercial experience in the resale and distribution of information technology hardware and software solutions. He is the founder and CEO of Datatec Limited, established in 1986 which listed on the Johannesburg Stock Exchange in 1994. Between 1989 and 1993 Jens served as Managing Director and Vice-President of US Robotics (UK) Limited, a wholly owned subsidiary of US Robotics Inc., which was acquired by 3Com. In 1993, he co-founded US start-up Xedia Corporation in Boston, an early pioneer of network switching and IP bandwidth management, which was subsequently sold to Lucent Corporation in 1999 for $246 million. He has previously served on the boards and sub- committees of various public companies. CUrreNT APPOiNTMeNTS CEO of Datatec Limited and Director of various Datatec Limited subsidiary companies. Richard has over 20 years’ senior experience in information technology having worked at board level for a number of publicly quoted and private companies in the technology sector. He is a Fellow of the Institute of Chartered Accountants in England and Wales (‘FCA’). * Richard Last is a Corero shareholder and has been a Non-executive Director of the Company for over 10 years, his independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent manner is independent. Peter George is a US based executive with over 30 years’ experience in the IT networking and cybersecurity industry. He has a successful track record as CEO of leading IT network and security companies and provides sales and marketing leadership experience to the Board. Peter is the CEO of Evolv Technology, a US based leader in human security screening. Prior to that he was President and CEO of empow cybersecurity, a market innovator in AI, machine learning and advanced security analytics. Prior to empow, between 2008 to 2017, he was President and CEO of Fidelis Cybersecurity, a leading US-based Advanced Threat Defense business. Before joining Fidelis, Peter was President and CEO of Crossbeam Systems, a market leader in Unified Threat Management. Prior to that he was the President of Nortel Networks’ enterprise business where he was responsible for growing a $2 billion and 5,000 employee voice and data business in EMEA. Andrew Miller (Interim COO) was until 31 May 2020 the CFO of the Company. He was until January 2022 the CFO and COO of C5 Capital Limited, an investment firm investing in the secure data ecosystem including cybersecurity, cloud infrastructure, data analytics and space, and CFO of the Haven Group, a private equity backed cyber security services provider. Prior to joining Corero Andrew was with the Datatec Limited group in a number of roles between 2000 and 2009 including the Logicalis Group Limited (‘Logicalis’) Operations Director and Corporate Finance and Strategy Director. Prior to this, Andrew gained considerable corporate finance experience in London with Standard Bank, West Deutsche Landesbank and Coopers & Lybrand. Andrew trained and qualified as a chartered accountant and has a bachelor’s degree in commerce from the University of Natal, South Africa. Andrew is a Chartered Accountant with over 20 years’ experience in the technology industry. Duncan is responsible for the Company secretarial function and is also the Group Financial Controller. Prior to joining the Company, Duncan was Divisional Financial Controller for CCH, a Wolters Kluwer business, specialising in providing books, online information, software, CPD and fee protection to tax and accounting professionals. He is a fellow of the Association of Chartered Certified Accountants. Ashley Stephenson (CTO) first joined Corero Network Security as Executive Vice President of the Network Security division, with responsibility for product and solution strategy in March 2012, and was appointed Chief Executive Officer of Corero in January 2013. An IT industry executive and internet technology entrepreneur, Ashley has operating experience in the United States, Europe and Asia. His previous experience includes: CEO of Reva Systems, which was acquired by ODIN, and CEO of Xedia Corporation, which was acquired by Lucent. He has provided strategic advisory services to a number of leading multinational IT companies including technology vendors, distributors and services companies. Ashley began his career at IBM Research & Development in the UK. He is a graduate of Imperial College, London with a degree in Physics and is an Associate of the Royal College of Science. Ashley has deep technology and software development skills and experience. CEO of Evolv Technology Inc. None. Director of Eyealike, Inc. and StepVest LLC. None. Chairman of Hyve Group plc, an international events and exhibitions group listed on the London Stock Exchange. Chairman of AIM listed Gamma Communications plc (standing down as Chairman on 17 May 2023) and Tribal Group plc, a technology company. Richard is also a director of a number of private companies. 28 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 29 eXeCUTive CHAirMAN’S COrPOrATe GOverNANCe iNTrODUCTiON QCA CODe COMPLiANCe Overview Strategic Report GOverNANCe Financial Statements Corporate Directory Jens Montanana EXECuTIVE CHAIRMAN The Board is committed to continue to uphold high standards of corporate governance, enhancing shareholder value, and engaging in a fair and transparent manner with all of the Group’s stakeholders. BOARD COMMITMENT TO GOVERNANCE The Board is committed to continue to uphold high standards of corporate governance, enhancing shareholder value, and engaging in a fair and transparent manner with all of the Group’s stakeholders. The Board therefore supports and is committed to the principles of the QCA Corporate Governance Code. Details of our governance processes and procedures are set in out in the following pages. BOARD LEADERSHIP AND EFFECTIVENESS The Board recognises that to remain effective it must ensure that it has the right balance of skills, experience, knowledge and independence to enable it to discharge its duties and responsibilities. The Directors believe in the necessity for open debate in the boardroom and consider that existing Board dynamics and processes encourage honest, constructive and open debate with the Executive Directors. We conduct internal board evaluation reviews to monitor the Corero Board is operating effectively. OUR CULTURE AND VALUES We recognise the importance of our values and how we live them within our culture. The Board undertakes informal enquiries of employees to ensure our values are upheld and promoted to maintain a healthy corporate culture. In country Board meetings providing the Board with the opportunity to informally interact with employees based in the UK and US office locations. BOARD COMPOSITION Neil Pritchard, the former CFO resigned from the Board and the Company with effect from 30 September 2022. There were no other changes to the board composition during 2022. Subsequent to the year-end, Lionel Chmilewsky resigned from the Board on 28 February 2023. I assumed the role of Executive Chairman with effect from 15 February 2023, and Andrew Miller was appointed Interim Chief Operating Officer with effect from 1 March 2023. STAKEHOLDER ENGAGEMENT We seek to maintain an open dialogue with all stakeholders including shareholders, customers, partners, suppliers and our employees, even in these on-going uncertain times with the global pandemic. Details of our stakeholders along with details of the forms of engagement undertaken by the Board are set out on pages 22 to 23. In this context, I would like to give my continued thanks to our institutional and private investors for their continued support; to all wider stakeholders including our customers, strategic partners and suppliers; and thank you as ever to all our employees for their determination, integrity and commitment to Corero. LOOKING FURTHER AHEAD Corero has delivered a stable performance in 2022 across many metrics. The expectation of strong forecast growth in the DDoS market underpins the Board’s continued confidence, alongside Corero’s improved sales execution in the target ICP, and superior technological solution in that marketplace. To capitalise on this, we will continue investment in 2023 to deliver our strategic goals with the objective of creating long-term values for all our stakeholders. Jens Montanana EXECUTIVE CHAIRMAN 24 April 2023 As an AIM-listed company, Corero adopts the principles of the Quoted Companies Alliance Corporate Governance Code (the ‘QCA Code’). The QCA Code identifies ten principles to be followed in order for companies to deliver growth in long-term shareholder value, encompassing an efficient, effective and dynamic management framework accompanied by good communication to promote confidence and trust. The following explains how Corero follows those QCA Code principles: 1 Establish a strategy and business model to promote long-term value for shareholders 2 understand and meet shareholder needs and expectations 3 Take into account wider stakeholder and social responsibilities and their implications for long-term success 4 Embed effective risk management, considering both opportunities and threats, throughout the organisation 5 Maintain the Board as a well-functioning, balanced team led by the Chair Corero’s strategy is focused on being the leader in real- time, high performance DDoS protection and scaling the business for profitability though revenue growth. For more information please see pages 4 and 5. The Executive Chairman and CFO communicate regularly with shareholders, investors and analysts, including at our full year and half-yearly results roadshows. The full Board is available at the AGM to communicate with shareholders. Shareholders, our customers, partners and employees are our most important stakeholders. We engage with these communities via regular communications in our day-to-day activities, and via formal feedback requests. For more information please visit: http://www.corero.com/about/ investor-relations For more information please see page 22 and 23. Ultimate responsibility for risk management rests with the Board. Day-to-day management of risk is delivered through the way we do business and our culture. For more information please see pages 24 and 25. The Board has three established Committees: Audit, Risk and Compliance Committee; Nomination Committee; and Remuneration Committee. The composition and experience of the Board is reviewed primarily by the Nomination Committee. For more information please see pages 32, 33 and 35. 6 Ensure that between them the Directors have the necessary up-to-date experience, skills and capabilities The Board is satisfied that its current composition includes an appropriate balance of skills, experience and capabilities, including experience of the cyber security market and international markets. For more information please see pages 28, 29 and 34. 7 Evaluate Board performance based on clear and relevant objectives, seeking continuous improvement 8 Promote a corporate culture that is based on ethical values and behaviours 9 Maintain governance structures and processes that are fit for purpose and support good decision making by the Board 10 Communicate how the Company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders The Board considers the effectiveness and relevance of its contributions, any learning and development needs and the level of scrutiny of the senior management team. An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. Corero recognises the importance of culture and values and in conjunction with employees defined the Company’s agreed values which are reinforced via training and performance management. The Board is responsible for the Group’s overall strategic direction and management, and for the establishment and maintenance of a framework of delegated authorities and controls to ensure the efficient and effective management of the Group’s operations. The Board is satisfied that the necessary controls and resources exist within the Company to enable these responsibilities to be met. For more information please see page 34. For more information please see pages 26 and 27. For more information please see pages 32 to 34. The investors section of our website includes our Annual Report, results, presentations, notice of AGM and results of the AGM and general meetings. For more information please visit: http://www.corero.com/about/ investor-relations 30 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 31 COrPOrATe GOverNANCe rePOr T Overview Strategic Report GOverNANCe Financial Statements Corporate Directory BOARD COMPOSITION AND RESPONSIBILITIES The Board sets Corero’s overall strategic direction, reviews management performance and ensures that the Company has the necessary financial and human resource in place to meet its objectives. Operational management of the Company is delegated to the Chief Executive Officer. EMPLOYMENT AND SERVICE AGREEMENTS The Director employment and service contracts are summarised below: CORPORATE GOVERNANCE • Review of the management structure and senior management responsibilities. The Board comprises the Non-executive Chairman, two independent Non-executive Directors, one non-independent Non-executive Director and three Executive Directors whose Board and Committee responsibilities are set out below: Non-executive / Executive Director Board Compliance Committee Audit, Risk and Remuneration Committee Jens Montanana Executive Chairman Peter George Richard Last Andrew Miller Ashley Stephenson Non-executive Non-executive Executive Executive Member Member Member Member Member Chairman Member Chairman Member Nomination Committee Chairman Member Member One third of all Directors are subject to annual reappointment by shareholders, as well as any Director appointed to the Board in the period since the last AGM, and any Non-executive Director whose tenure is more than nine years or whose independence is the subject of Board judgement. Ashley Stephenson and Andrew Miller will be offering themselves for re-election at the forthcoming AGM. The Corero Board members’ biographies and their relevant experience, capabilities and skills and are set out on pages 28 and 29. BOARD BALANCE AND INDEPENDENCE The composition of the Board is reviewed regularly. Appropriate training, briefings, and inductions are available to all Directors on appointment and subsequently as necessary, taking into account existing qualifications and experience. The Board is satisfied that, between the Directors, it has an effective and appropriate balance of skills and experience, including operational, commercial and technology expertise and experience. All members of the Board have more than 20 years’ technology experience through investing in and working for a range of companies from start-ups to large established technology companies, with complementary financial, commercial, sales and marketing skills. The skills and experience of the Board are summarised in the table below: Technology Cyber security Sales and marketing Jens Montanana Peter George Richard Last Andrew Miller Ashley Stephenson The Board is cognisant of the lack of gender diversity and plans to address this as the Company grows through its recruitment policy. All Directors are able to take independent legal advice in relation to their duties, if necessary at the Company’s expense. In addition, the Directors have direct access to the advice and services of the Company Secretary. The Directors keep their skills up to date through a combination of their other roles (if applicable), attending appropriate training courses and seminars funded by the Company if appropriate, and by reading widely. There are no external advisers to the Board or any of its Committees, other than the Company’s broker (Canaccord Genuity). Corero’s Executive Chairman, Jens Montanana, is a material shareholder with an equity interest in Corero of 37.46% at 24 April 2023. His interests are strongly aligned with all shareholders. Richard Last is a Corero shareholder with a 0.50% equity interest in Corero at 24 April 2023 and has been a Non-executive Director of the Company for over 10 years. His independence has been considered by the Board. The Board is satisfied that Richard Last operates in an independent manner and is independent. • Ashley Stephenson, Executive Director, has an employment agreement which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. • The Non-executive Director’s letters of appointment are for 12-month terms and provide that the appointment may be terminated by either party giving to the other not less than three months’ notice. Non-executive Directors, per their letters of appointment, have a time commitment to the Company of not less than eight days per annum including the attendance of Board meetings and the Company AGM. In addition, Non-executive Directors are expected to devote appropriate preparation time ahead of each meeting. BOARD RESPONSIBILITIES The Board meets, virtually or in person, on average once a quarter; additional meetings or conference calls are held as required. Each Director is provided with sufficient information to enable them to consider matters in good time for meetings and enable them to discharge their duties properly. The Board also ensures that the principal goal of the Company is to create shareholder value, while having regard to other stakeholder interests, and takes responsibility for setting the Company’s values and standards. The Board has a formal schedule of matters reserved to it for consideration and approval. These include: • Strategy and management. • With the assistance of the Remuneration Committee, approval of remuneration policies. • Consideration of the independence of the Non-executive Directors. • Receiving reports and feedback from the Company’s shareholders. The Board receives regular briefings on the Company’s performance (including commentary and analysis), key issues and risks affecting the Company’s business. The Company maintains liability insurance for its Directors and Officers. The Company has also entered into indemnity agreements with the Directors, in terms of which the Company has indemnified its Directors, subject to the Companies Act limitations, against any liability arising out of the exercise of the Directors’ powers, duties and responsibilities as a Director or Officer. In the year ended 31 December 2022, the Board met, virtually or physically, on four scheduled occasions; further meetings and conference calls were held as and when necessary. Details of Directors’ attendance at scheduled meetings in the year to 31 December 2022 is shown in the table below: Jens Montanana Richard Last Peter George Andrew Miller Lionel Chmilewsky* Ashley Stephenson Meetings attended 4/4 4/4 4/4 4/4 4/4 4/4 Company. • Approval of strategic plans and budgets and any material changes to them. • Approval of the acquisition or disposal of subsidiaries and major investments, projects and contracts. • Changes relating to the Company’s capital structure. • Delegation of the Board’s powers and authorities. FINANCIAL MATTERS AND INTERNAL CONTROLS • Oversight of the Company’s operations ensuring competent and prudent management, sound planning and maintenance of adequate accounting and other records. • Approval of the annual and interim financial statements and accounting policies. • Approval of the dividend policy. • Ensuring an appropriate system of internal control and risk management is in place. * Lionel Chmilewsky (the Company’s former CEO) resigned from the Board effective 28 February 2023. DIRECTORS’ CONFLICT OF INTEREST The Company has effective procedures in place to monitor and deal with conflicts of interest. The Board is aware of the other commitments and interests of the Directors, and changes to these commitments and interests are reported to and, where appropriate, agreed with the rest of the Board. EVOLUTION OF THE COMPANY’S GOVERNANCE FRAMEWORK The Board will, on an on-going basis, and as the Company’s business develops and grows, review the appropriateness of the governance framework, including the composition of the Board and the need for an internal audit function, to ensure the Company delivers on its strategy and goals whilst maintaining appropriate governance structures. People International Governance Finance • Responsibility for the overall strategy and management of the 32 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 33 BOArD PerFOrMANCe AND reMUNerATiON POLiCY BOArD COMMiTTee rePOrTS Overview Strategic Report GOverNANCe Financial Statements Corporate Directory INTRODUCTION An annual Board effectiveness review is undertaken to enable the Board to stand back and assess its strengths and areas for development. This review is conducted internally. The Board may refresh the performance assessment process based on external advice and if appropriate engage a third-party facilitator to assist in the performance of such effectiveness reviews every three years. The Remuneration Committee’s (‘RC’) remit is to measure the performance of and determine the remuneration policy relating to Directors and senior employees. To support this responsibility, it has access to professional and other advice external to the Group. Taking the performance factors into account, it then makes recommendations to the Board. To assist the work of the RC, the views of the Executive Chairman and Chief Financial Officer are also invited where appropriate. However, they do not participate in any decision related to their own remuneration. The Nomination Committee reviews and recommends nominees as new Directors to the Board. Senior management appointments are required to be approved by the RC. The Group is committed to the governing objective of maximising shareholder value over time. Each year the remuneration framework and the packages of the Directors are reviewed to ensure they continue to achieve this objective. The Group operates in the cyber security market which is a market with significant growth potential. It is also a competitive market with a number of companies who are significantly larger than Corero. The Group’s Executive Director remuneration policy is designed to attract and retain Directors of the calibre required to maintain the Group’s position in its marketplace. This is maintained through the use of bonus and share option schemes, as follows. BONUS A cash bonus designed to incentivise specific short-term financial goals. Goals and objectives are set for the Executive Directors based on key financial performance metrics. The Chief Technology Officer on-target bonus is set at two-thirds of base salary and the Chief Financial Officer is set at one half of base salary. SHARE OPTIONS Share options are granted to encourage and reward delivery of the Company’s long-term strategic objectives and provide alignment with shareholders through the use of share-based incentives. All share-based incentives offered to Directors have a three year vesting schedule, with one-third vesting on the first anniversary of the grant/start date, a further third on the second anniversary of the grant/start date and the final third the third anniversary of the grant/ start date. Shares acquired on the exercise of options may not be sold until the second anniversary of the grant date. Share options are granted with an exercise price set at the higher of market price or such other price as determined by the RC. CONFLICTS OF INTEREST The members of the RC do not have any conflicts from cross- directorships that relate to the business of the Committee. The members of the RC do not have any day-to-day involvement in the running of the Group. BOARD CHANGES Given Corero’s size, the Company does not have internal succession candidates for the Executive Directors. In the event an Executive Director replacement is required, the Company would seek to recruit a replacement through a recruitment search process. The Board is satisfied that the Company’s middle management will ensure the Company’s business is not adversely impacted in the period between an Executive Director leaving and a replacement being recruited. The Board has three established Committees: • Audit, Risk and Compliance Committee: responsible for reviewing the Group’s interim and year end results announcements, and the Annual Report and Accounts; determining the application of the financial reporting and internal control and risk management procedures and assessing the scope, quality and results of the external audit. • Remuneration Committee: responsible for the policy for the remuneration of the Executive Directors and senior management; setting the remuneration of the Executive Directors, determining the payment of bonuses to Executive Directors; and approving the Company’s bonus and incentive arrangements for employees. • Nomination Committee: responsible for reviewing the composition, structure and size of the Board; assessing the leadership needs of the Group; and recommending nominees as new Directors to the Board. AUDIT, RISK AND COMPLIANCE COMMITTEE (‘ARCC’) REPORT The ARCC members comprise Richard Last, who is the Committee Chairman, and member Peter George, and meets at least twice a year. The Company’s Chief Financial Officer and Group Financial Controller, and the Company’s external auditors attend the meetings. In the year ended 31 December 2022, the ARCC met on two occasions. The attendance of individual Committee members at ARCC meetings in the year to 31 December 2022 is shown in the table below: Meetings attended Post the year-end, and in line with good governance practice, the ARCC led a competitive audit tender process for the 2023 Group audit. As a result of this, the ARCC recommended the Board of Directors propose a change of auditors at the forthcoming AGM, with BDO to stand down as auditors following the completion of the 2022 year-end audit. REMUNERATION COMMITTEE (‘RC’) REPORT The RC comprises Peter George, and members Jens Montanana and Richard Last. The RC meets at least twice a year. In the year ended 31 December 2022, the RC met on two scheduled occasions; further meetings and conference calls were held as and when necessary. The attendance of individual Committee members at scheduled RC meetings in the year to 31 December 2022 is shown in the table below: Peter George (Committee Chairman) Richard Last Jens Montanana Meetings attended 2/2 2/2 2/2 The RC’s activities during the year, which are based on its terms of reference, are set out below: • Reviewed the performance of the Executive Directors and set the remuneration of the Executive Directors. • Determined the payment of bonuses to Executive Directors and approved the Company’s bonus and incentive arrangements for employees. Richard Last (Committee Chairman) Peter George 2/2 2/2 • Ensured the Company’s share option schemes were operated properly and approved the share option grants to Executive Directors and employees. The ARCC’s activities during the year, based on its terms of reference, are set out below: The remuneration of the Chairman and Non-executive Directors is decided upon by the Board. • Reviewed the scope and results of the external audit, its cost effectiveness and the objectivity of the auditors. Details of Directors’ remuneration for the year ended 31 December 2022 is set out in note 24 of the financial statements. • Reviewed, prior to publication, the interim financial statements, preliminary results announcement, the annual financial statements and the other information included in the Annual Report. Considered the regulatory, technical and operational risks of the Company and ensured these risks are properly assessed, monitored and reported on and the appropriate policies and procedures are in place. The key financial reporting judgements relating to the financial statements for the year ended 31 December 2022 which the ARCC have considered and discussed with the auditors, include: Financial Statements note Going concern basis for financial statements Revenue recognition 2.2 2.5 Carrying value of goodwill and intangible assets 2.12 and 9 NOMINATION COMMITTEE (‘NC’) REPORT The NC comprises Jens Montanana (Chairman), Richard Last and Peter George. The NC meets as required. In the year ended 31 December 2022, the NC met on one scheduled occasion. The attendance of individual Committee members at NC meetings in the year to 31 December 2022 is shown in the table below: Jens Montanana (Committee Chairman) Richard Last Peter George Meetings attended 1/1 1/1 1/1 The NC’s activities during the year, which are based on its terms of reference, are set out below: The ARCC is satisfied with the treatment in the financial statements and the disclosure in the notes. • Reviewed the composition, structure, and size of the Board. • Reviewed the leadership needs of the Group. 34 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 35 DireCTOrS’ rePOrT GROUP RESULTS The Group’s Income Statement on page 46 shows a profit for the year of $0.6 million (2021: profit of $1.5 million). On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. DIRECTORS’ SHAREHOLDINGS GOING CONCERN The financial position and cash flows are described in the Financial Review on page 18. An indication of likely future developments affecting the Company is included in the Strategic Report on pages 16 to 27. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 April 2024 (“going concern assessment period”). The cash flow projections have been subjected to sensitivity analysis of the revenue, cost and combined revenue and cost levels which demonstrate that the Group and Company will maintain a positive cash balance through the going concern assessment period. As part of the sensitivity analysis, the Directors have noted that should the forecasted revenues not be achieved, mitigating actions can be taken to address any cash flow concerns. These actions include the utilisation of the undrawn revolving credit facility of £1 million, deferral of capital expenditure, reduction in marketing and other variable expenditure alongside a hiring freeze. In addition, the projections confirm that the bank loan covenants will be met during the going concern assessment period. The Directors are also not aware of any significant matters in the remainder of calendar 2024 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. DIVIDENDS The Directors have not recommended a dividend (2021: $nil). SHARE CAPITAL The issued share capital of the Company, together with details of movements in the Company’s issued share capital during the financial period are shown in note 22 to the financial statements. As at the date of this report, 499,953,971 ordinary shares of 1p each (‘ordinary shares’) were in issue and fully paid with an aggregate nominal value of $7.0 million. The market price of the ordinary shares at 31 December 2022 was 9.3p and the shares traded in the range 9.3p to 14.5p during the year (as at 31 December 2021 was 12.5p and the shares traded in the range 9.0p to 16.0p during the year ended 31 December 2021). ISSUE OF SHARES POWERS AT THE AGM At the AGM held on 9 June 2022, shareholders granted authority to the Board under the Articles and section 551 of the Companies Act 2006 (the ‘Act’) to exercise all powers of the Company to allot relevant securities up to an aggregate nominal amount of £1,649,507.68. Also at the AGM held on 9 June 2022, shareholders granted authority to the Board under the Articles and section 570(1) of the Act to exercise all powers of the Company to allot equity securities wholly for cash up to an aggregate nominal amount of £494,852.30 without application of the statutory pre-emption rights contained in section 561(1) of the Act. SUBSTANTIAL SHAREHOLDINGS The Company has been notified of the following holdings that are 3% or more of the Group’s ordinary share capital as at 24 April 2023: Ordinary shares of 1 pence each Jens Montanana* Caraway Group Inc Sabvest Capital Holdings Ltd Juniper Networks Inc Herald Investment Management Ltd Richard Koch Peter Kennedy Gain** Number 187,300,406 53,500,000 50,000,000 49,179,772 34,592,121 29,701,500 16,378,246 % 37.46 10.70 10.00 9.84 6.92 5.94 3.28 * of which 33,674,846 are held in the name of JPM International Limited, which is wholly owned by Jens Montanana, and 125,871,751 are held in the name of The New Millennium Technology Trust of which Jens Montanana is a beneficiary ** of which 4,900,000 shares are held in the name of Draper Gain Investments Ltd Overview Strategic Report GOverNANCe Financial Statements Corporate Directory Jens Montanana Peter George Richard Last Andrew Miller Lionel Chmilewsky* Ashley Stephenson 24 April 2023 31 December 2022 31 December 2021 Number % Number % Number 187,300,406 37.46 187,300,406 37.46 187,300,406 – 2,500,000 1,091,437 – 38,000 – 0.50 0.22 – 0.01 – 2,500,000 1,091,437 – 38,000 – 0.50 0.22 – 0.01 – 2,500,000 1,091,437 – 38,000 % 37.85 – 0.51 0.22 – 0.01 * Lionel Chmilewsky (the Company’s former CEO) resigned from the Board effective 28 February 2023. DIRECTORS’ INDEMNITIES The Company has qualifying third party indemnity provisions in place for the benefit of its Directors. These remain in force at the date of this report. DIRECTORS AND DIRECTORS’ INTERESTS The Directors who served in office during the year and up to the date of this report and their interests in the Company’s shares were as above. The biographical details of the current Directors of the Company are set out on pages 28 and 29. Details of the share options held by Directors are shown in note 27 to the financial statements. FINANCIAL RISK MANAGEMENT OBJECTIVES AND POLICIES The Group’s business activities expose it to a variety of financial risks. The policies for managing these risks are described below: • Liquidity risk – arises from the Group’s management of working capital and finance charges. It is a risk that the Group will encounter difficulty in meeting its financial obligations, including its covenants and a repayment term bank loan drawn down by the Company in April 2022 ($1.2 million at 31 December 2022) details of which are set out in note 18, as they fall due. Liquidity risk is managed by the Finance function. Annual budgets are agreed by the Board, enabling the Group’s cash flow requirements to be anticipated. • Credit risk – arises from cash and cash equivalents and from credit exposures to the Group’s customers including outstanding receivables and committed transactions. Credit risk is managed with regular reports of exposures reviewed by management. The Group does not set individual credit limits but seeks to ensure that customers enter into legally enforceable contracts that include settlement terms that demonstrate the customers’ commitment to the transaction and minimise this risk exposure. The amounts of trade receivables presented in the Statement of Financial Position are shown net of allowances for doubtful accounts estimated by management based on prior experience and their assessment of the current economic environment (note 15). The Group has no significant concentration of credit risk, with exposure spread over a number of customers. The credit risk on liquid funds and financial instruments is limited because the counterparties are banks with acceptable credit ratings assigned by international credit rating agencies. • Cash flow interest rate risk – the Group’s policy is to as far as possible minimise interest rate cash flow risk exposure on its financing. The Group is exposed to interest rate increases on the term bank loan ($1.2 million at 31 December 2022) details of which are set out in note 18, which bears interest at UK base rate plus 6.5%. The bank loan does not have early repayment penalties and thus the Group can if GBP interest rates increase to punitive levels, seek to refinance the loan. The Group’s policy is to balance the risk in relation to cash balances held by spreading these across a number of financial institutions as opposed to maximising interest income. • Currency risk – there was no material impact from trading currency risk on the Group’s profit or loss for the year from exchange rate movements, as foreign currency transactions are entered into by Group companies whose functional currency is aligned with the currencies in which it transacts. Exchange rate risks do arise in relation to (i) the bank loan which is GBP denominated and equity fund raises which are in GBP, given the Company’s AIM listing, to the extent such funds are required to support US dollar denominated funding requirements, and (ii) GBP denominated obligations of the Group given the invoicing currency of the Group is US dollar denominated. The Group has not hedged such GBP debt and equity fund raises or GBP denominated expenses in the past as US denominated funds received by the Group’s UK subsidiary have been used to fund the Group’s US subsidiary to the extent such funding has been required, with the GBP funding requirements satisfied from the GBP denominated funds generated from GBP debt and equity fund raises. The Group keeps this policy under review based on the expected timing of US dollar and GBP operational funding requirements. The principal risk which applies to the Parent Company’s financial statements is the risk that the returns generated by the subsidiaries might not support the carrying value of the cost of the investments in subsidiaries. The carrying value is tested at least annually for impairment and, if necessary, impaired as appropriate. 36 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 37 DireCTOrS’ rePOrT CONTINUED STATeMeNT OF DireCTOrS’ reSPONSiBiLiTieS Overview Strategic Report GOverNANCe Financial Statements Corporate Directory CAPITAL MANAGEMENT The Group monitors its available capital, which it considers to be all components of equity against its expected requirements. The Group’s objectives when maintaining capital are to safeguard the entity’s ability to continue as a going concern, so that it can continue to provide returns for shareholders and benefits for other stakeholders, and to ensure that sufficient funds can be raised for investing activities. In order to maintain or adjust the capital structure, the Company may return capital to shareholders, issue new shares, or sell assets. The Group does not review its capital requirements according to any specified targets or ratios. TREASURY MANAGEMENT The objectives of Group treasury policies are to ensure that adequate financial resources are available for development of the business while at the same time managing financial risks. Financial instruments may be used to reduce financial risk exposures arising from the Group’s business activities and not for speculative purposes. The Group’s treasury activities are managed by the Group Financial Controller who reports to the Board on the implementation of the Group treasury policy. ENVIRONMENT The Group’s activities are primarily office-based and as such the Directors believe that there is no significant environmental impact arising from the Group’s activities. The Group complies with local WEEE regulations. No environmental performance indicators are therefore included within this report. The Group’s environmental policy states: “We endeavour to recycle appropriate materials where possible and to efficiently use natural resources and energy supplies so as to minimise our environmental impact. We will comply with the relevant statutes and legislation. Furthermore, employees are encouraged to be environmentally aware. Company cars are not provided.” RESEARCH AND DEVELOPMENT The development of computer software is an integral part of the Group’s business and the Group continues to develop its software in response to user demand, and particularly the changing IT security threat landscape. During the year the Group enhanced the features and functionality of its existing products. A capital investment of $1.7 million (2021: $1.8 million) was made during the year. Amortisation of $1.7 million (2021: $1.9 million) and costs not capitalised of $1.7 million (2021: £1.5 million) were charged to the Group Income Statement during the year. EMPLOYEES The quality and commitment of the Group’s employees has played a major role in the Company’s continued progress. This has been demonstrated in many ways, including strong customer satisfaction, the development of new product offerings and the flexibility employees have shown in adapting to changing business requirements. The Group operates sales commission, incentive bonus plans and share option plans to provide incentives for achievements which add value to the business. ANNUAL GENERAL MEETING Notice of the AGM together with details of the business to be considered will be sent to shareholders in due course. AUDITORS In so far as each Director is aware: • • there is no relevant audit information of which the Company’s auditors are unaware; and the Directors have taken all the steps that they ought to have taken to make themselves aware of any relevant audit information and to establish that the Company’s auditors are aware of that information. Following a competitive tender process, the Directors will recommend a change of auditors at the forthcoming AGM. As a result, BDO will be standing down as auditors following the completion of the 2022 year-end audit. By order of the Board Duncan Swallow COMPANY SECRETARY 24 April 2023 The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Group’s transactions and disclose with reasonable accuracy at any time the financial position of the Group and enable them to ensure that the financial statements comply with the Companies Act 2006. They are also responsible for safeguarding the assets of the Group and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities. The Directors are responsible for ensuring the Annual Report and the financial statements are made available on a website. Financial statements are published on the Company’s website in accordance with legislation in the United Kingdom governing the preparation and dissemination of financial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the Company’s website is the responsibility of the Directors. The Directors’ responsibility also extends to the on-going integrity of the financial statements contained therein. The Directors are responsible for preparing the Annual Report and Financial Statements in accordance with applicable law and regulations. Company law requires the Directors to prepare financial statements for each financial year. Under that law the Directors have elected to prepare the Group financial statements in accordance with UK adopted international accounting standards in conformity with the requirements of the Companies Act 2006. The Directors have chosen to prepare the Company financial statements in accordance with FRS101. Under company law the Directors must not approve the financial statements unless they give a true and fair view of the state of affairs of the Group and Parent Company and of the profit or loss of the Group for that period. The Directors are also required to prepare financial statements in accordance with the rules of the London Stock Exchange for companies trading securities on the AIM. In preparing these financial statements, the Directors are required to: • select suitable accounting policies and then apply them consistently; • make judgements and estimates that are reasonable and prudent; • state whether they have been prepared in accordance with UK adopted international accounting standards in conformity with the requirements of the Companies Act 2006, subject to any material departures disclosed and explained in the financial statements; and • prepare the financial statements on the going concern basis unless it is inappropriate to presume that the Group will continue in business. 38 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 39 iNDePeNDeNT AUDiTOr’S rePOr T TO THe MeMBerS OF COrerO NeTwOrK SeCUriTY PLC OPINION ON THE FINANCIAL STATEMENTS In our opinion: • • • • the financial statements give a true and fair view of the state of the Group’s and of the Parent Company’s affairs as at 31 December 2022 and of the Group’s profit for the year then ended; the Group financial statements have been properly prepared in accordance with UK adopted international accounting standards; the Parent Company financial statements have been properly prepared in accordance with United Kingdom Generally Accepted Accounting Practice; and the financial statements have been prepared in accordance with the requirements of the Companies Act 2006. We have audited the financial statements of Corero Network Security plc (the ‘Parent Company’) and its subsidiaries (the ‘Group’) for the year ended 31 December 2022 which comprise the Consolidated Income Statement, the Consolidated Statement of Comprehensive Income, the Consolidated and Company Statements of Financial Position, the Consolidated Statement of Cash Flows, the Consolidated and Company Statements of Changes in Equity and notes to the financial statements, including a summary of significant accounting policies. The financial reporting framework that has been applied in the preparation of the Group financial statements is applicable law and UK adopted international accounting standards. The financial reporting framework that has been applied in the preparation of the Parent Company financial statements is applicable law and United Kingdom Accounting Standards, including Financial Reporting Standard 101 Reduced Disclosure Framework (United Kingdom Generally Accepted Accounting Practice). BASIS FOR OPINION We conducted our audit in accordance with International Standards on Auditing (UK) (ISAs (UK)) and applicable law. Our responsibilities under those standards are further described in the Auditor’s responsibilities for the audit of the financial statements section of our report. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion. Independence We remain independent of the Group and the Parent Company in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied to listed entities, and we have fulfilled our other ethical responsibilities in accordance with these requirements. CONCLUSIONS RELATING TO GOING CONCERN In auditing the financial statements, we have concluded that the Directors’ use of the going concern basis of accounting in the preparation of the financial statements is appropriate. Given our assessment of risk and the significance of this area, we have determined going concern to be a key area of focus for the audit. Our evaluation of the Directors’ assessment of the Group’s and the Parent Company’s ability to continue to adopt the going concern basis of accounting and response to the key audit matter is included in the ‘Key Audit Matters’ section below. Based on the work we have performed, we have not identified any material uncertainties relating to events or conditions that, individually or collectively, may cast significant doubt on the Group and the Parent Company’s ability to continue as a going concern for a period of at least twelve months from when the financial statements are authorised for issue. Our responsibilities and the responsibilities of the Directors with respect to going concern are described in the relevant sections of this report. OVERVIEW Coverage 100% (2021: 100%) of Group profit before tax 100% (2021: 100%) of Group revenue 100% (2021: 100%) of Group total assets Key audit matters (KAM) Revenue recognition Going concern Materiality Group financial statements as a whole Goodwill and intangible asset impairment* $400,000 (2021:$418,000) based on 2% (2021: 2%) of revenue. 2022 2021 ✘ ✘ ✘ ✘ ✘ * Goodwill and intangible asset impairment was no longer considered to be a KAM due to the fact the recoverable amount was significantly in excess of the carrying value of the assets assessed by Management for impairment as required under IAS 36 Impairment. Overview Strategic Report GOverNANCe Financial Statements Corporate Directory AN OVERVIEW OF THE SCOPE OF OUR AUDIT Our Group audit was scoped by obtaining an understanding of the Group and its environment, including the Group’s system of internal control, and assessing the risks of material misstatement in the financial statements. We also addressed the risk of management override of internal controls, including assessing whether there was evidence of bias by the Directors that may have represented a risk of material misstatement. Based on our assessment of the Group, we determined there to be three significant components, Corero Network Security plc, Corero Network Security, Inc. and Corero Network Security (UK) Limited each of which were subject to full scope audits by the Group audit team. Corero Group Services Limited was considered a non-significant component, but was subject to a full scope audit for statutory purposes, contributing to the overall Group coverage obtained. Key audit matters Key audit matters are those matters that, in our professional judgement, were of most significance in our audit of the financial statements of the current period and include the most significant assessed risks of material misstatement (whether or not due to fraud) that we identified, including those which had the greatest effect on: the overall audit strategy, the allocation of resources in the audit, and directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters. Key audit matter Revenue recognition See accounting policy at note 2.5, the key accounting estimate at note 3.2 and note 4. How the scope of our audit addressed the key audit matter Our procedures included the following: • We gained an understanding of the Group’s methodology in determining the fair value of the different deliverables in multiple element arrangements and assessed the appropriateness of this through review of accounting policies against the applicable accounting standard, IFRS 15. For a sample of transactions we recalculated the Group’s determination of the fair value of the different deliverables in multiple element arrangements as set out in note 2.5 of the financial statements, to check that it provided a suitable basis on which to recognise revenue. • For a sample of revenue transactions around the year end, we corroborated to supporting documentation, including invoice, underlying contract, subsequent receipt through the bank statement and associated evidence of satisfaction of the obligation, recalculating the accompanying revenue and deferred revenue where applicable to verify that revenue was recorded in the correct period. • We assessed the basis upon which performance obligations were recognised for each revenue stream and compared this to the requirements of the applicable accounting standards, industry practice, and the Group’s specific circumstances. • We also tested on a sample basis the accuracy of the deferred income balance through corroborating to supporting documentation, including invoice, along with testing a sample of transactions around the year-end to supporting documentation, including invoice and proof of delivery to verify that they were recorded in the correct period. Key observations: Based on the work performed we consider that the Group’s revenue recognition accounting policy is appropriate, and that revenue has been recognised in accordance with the Group’s revenue policy. The Group generates revenue primarily from the sale of hardware and associated software and related maintenance and support contracts. It does this directly through arrangements with end-users (either through the sale of hardware and a software licence or by selling the software as a service) as well as through distributors. The sales of licences may be on a perpetual or a fixed term basis. We considered there to be a significant audit risk arising from the allocation of the value of the transaction price to the individual performance obligations included in the sale as well as the timing of revenue recognition with regard to appropriate recognition of point in time revenue recognised around the year end due to the potential material impact of these transactions. 40 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 41 iNDePeNDeNT AUDiTOr’S rePOr T CONTINUED TO THe MeMBerS OF COrerO NeTwOrK SeCUriTY PLC Key audit matter Going concern See note 2.2. The financial performance of the Group was adversely impacted by broader macro- economic factors. This has continued to have an impact on the Group’s future expected cash flows, with a consequent impact on the going concern assessment. In addition, as described in note 18, the Group has loan covenant requirements to adhere to in connection with its financing. Whilst the directors’ assessment in relation to going concern did not identify any material uncertainties in this respect we nevertheless considered going concern to be a significant risk and a key audit matter. How the scope of our audit addressed the key audit matter In assessing the director’s review of the going concern assumption within the financial statements, we have undertaken the following audit procedures: • Confirming the mathematical accuracy of the underlying calculations in the forecasts. • Analysing the directors’ assessment of going concern based upon the Group’s cash flow forecasts through to 30 April 2024. This included assessing and challenging assumptions with reference to historic experience and recent contract wins made in relation to revenues, expenses, and the associated cash flows and any other cash related assumptions. Further, we checked actual results for FY 2022 against budget to review the accuracy of management’s historic forecasts and we compared the forecast against available post year-end trading and cash flow results; • We reviewed the bank loan documents to understand the terms and covenants which the Group and Parent Company is required to comply with, comparing these to the Group’s forecasts; • We recalculated and confirmed management’s covenant compliance calculations for the period under audit, and assessed future covenant compliance using the Directors’ forecasts and compared them to the covenants in place; • We made inquiries of the Directors as to their knowledge of events or conditions beyond the period of their assessment that may cast significant doubt on the entity’s ability to continue as a going concern. • We considered whether any post-balance sheet events had occurred, which may impact going concern. • We assessed the adequacy of the disclosures in the financial statements (see note 2.2) with reference to our knowledge of the business and information obtained in performing our procedures. Our conclusion in respect of going concern is included within the “Conclusions relating to going concern” section of this report on page 40. OUR APPLICATION OF MATERIALITY We apply the concept of materiality both in planning and performing our audit, and in evaluating the effect of misstatements. We consider materiality to be the magnitude by which misstatements, including omissions, could influence the economic decisions of reasonable users that are taken on the basis of the financial statements. In order to reduce to an appropriately low level the probability that any misstatements exceed materiality, we use a lower materiality level, performance materiality, to determine the extent of testing needed. Importantly, misstatements below these levels will not necessarily be evaluated as immaterial as we also take account of the nature of identified misstatements, and the particular circumstances of their occurrence, when evaluating their effect on the financial statements as a whole. Overview Strategic Report GOverNANCe Financial Statements Corporate Directory Based on our professional judgement, we determined materiality for the financial statements as a whole and performance materiality as follows: Materiality Basis for determining materiality Rationale for the benchmark applied Group financial statements Parent company financial statements 2022 $’000 400 2021 $’000 418 2022 $’000 245 2021 $’000 319 2.0% of revenue 0.5% of net assets, capped at 61% of Group materiality 0.5% of net assets, capped at 76% of Group materiality Revenue was considered to be the most appropriate benchmark as it is a consistent indicator of the performance of the Group for users of the financial statements. The materiality of the Parent Company was capped at a percentage of Group materiality to respond to aggregation risk. Performance materiality 300 314 184 239 Basis for determining performance materiality 75% of Group materiality 75% of Parent Company materiality Rationale for the percentage applied for performance materiality 75% of materiality - this was set with reference to the level of adjustments identified in the prior year, planned nature of testing and the size and complexity of the Group. 75% of parent company materiality – this was set with reference to the level of adjustments identified in the prior year and the planned nature of testing. Component materiality For the purposes of our Group audit opinion, we set materiality for each significant component of the Group, apart from the Parent Company whose materiality is set out above, based on a percentage of between 93% and 31% (2021: 95% and 25%) of Group materiality dependent on the size and our assessment of the risk of material misstatement of that component. Component materiality ranged from $370,000 to $125,000 (2021: $397,000 to $105,937). In the audit of each component, we further applied performance materiality levels of 75% (2021: 75%) of the component materiality to our testing to ensure that the risk of errors exceeding component materiality was appropriately mitigated. Reporting threshold We agreed with the Audit Committee that we would report to them all individual audit differences in excess of $20,000 (2021: $20,900). We also agreed to report differences below this threshold that, in our view, warranted reporting on qualitative grounds. OTHER INFORMATION The directors are responsible for the other information. The other information comprises the information included in the Annual Report and Accounts other than the financial statements and our auditor’s report thereon. Our opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon. Our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the course of the audit, or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether this gives rise to a material misstatement in the financial statements themselves. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard. 42 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 43 iNDePeNDeNT AUDiTOr’S rePOr T CONTINUED TO THe MeMBerS OF COrerO NeTwOrK SeCUriTY PLC OTHER COMPANIES ACT 2006 REPORTING Based on the responsibilities described below and our work performed during the course of the audit, we are required by the Companies Act 2006 and ISAs (UK) to report on certain opinions and matters as described below. Strategic report and Directors’ report Matters on which we are required to report by exception In our opinion, based on the work undertaken in the course of the audit: • the information given in the Strategic report and the Directors’ report for the financial year for which the financial statements are prepared is consistent with the financial statements; and • the Strategic report and the Directors’ report have been prepared in accordance with applicable legal requirements. In the light of the knowledge and understanding of the Group and Parent Company and its environment obtained in the course of the audit, we have not identified material misstatements in the strategic report or the Directors’ report. We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires us to report to you if, in our opinion: • adequate accounting records have not been kept by the Parent Company, or returns adequate for our audit have not been received from branches not visited by us; or • the Parent Company financial statements are not in agreement with the accounting records and returns; or • certain disclosures of Directors’ remuneration specified by law are not made; or • we have not received all the information and explanations we require for our audit. RESPONSIBILITIES OF DIRECTORS As explained more fully in the statement of Directors’ responsibilities, the Directors are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the Directors determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. In preparing the financial statements, the Directors are responsible for assessing the Group’s and the Parent Company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Directors either intend to liquidate the Group or the Parent Company or to cease operations, or have no realistic alternative but to do so. AUDITOR’S RESPONSIBILITIES FOR THE AUDIT OF THE FINANCIAL STATEMENTS Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements. Extent to which the audit was capable of detecting irregularities, including fraud Irregularities, including fraud, are instances of non-compliance with laws and regulations. We design procedures in line with our responsibilities, outlined above, to detect material misstatements in respect of irregularities, including fraud. The extent to which our procedures are capable of detecting irregularities, including fraud is detailed below: Overview Strategic Report GOverNANCe Financial Statements Corporate Directory Non-compliance with laws and regulations Based on: • Our understanding of the Group and the industry in which it operates; • Discussion with management and those charged with governance; and • Obtaining and understanding of the Group’s policies and procedures regarding compliance with laws and regulations, we considered the significant laws and regulations which are directly relevant to specific assertions in the financial statements are those that relate to the applicable reporting frameworks, Companies Act 2006, the AIM rules, data privacy and the relevant tax regulations including but not limited to, Corporate and VAT legislation, and Employment Taxes. Our procedures in respect of the above included: • Review of minutes of meeting of those charged with governance for any instances of non-compliance with laws and regulations; • Review of financial statement disclosures and agreeing to supporting documentation; and • Review of legal expenditure accounts to understand the nature of expenditure incurred. Fraud We assessed the susceptibility of the financial statements to material misstatement, including fraud. Our risk assessment procedures included: • Enquiry with management and those charged with governance regarding any known or suspected instances of fraud; • Obtaining an understanding of the Group’s policies and procedures relating to: — Detecting and responding to the risks of fraud; and — Internal controls established to mitigate risks related to fraud. • Review of minutes of meeting of those charged with governance for any known or suspected instances of fraud; • Discussion amongst the engagement team as to how and where fraud might occur in the financial statements; • Performing analytical procedures to identify any unusual or unexpected relationships that may indicate risks of material misstatement due to fraud; and • Considering remuneration incentive schemes and performance targets and the related financial statement areas impacted by these. Our procedures in respect of the above included: • In response to the risk of fraud in revenue recognition, the procedures set out in the key audit matters section of the report. • Testing a sample of journal entries throughout the year, which met a defined risk criteria, by agreeing to supporting documentation; and • Assessing significant estimates made by management for bias. We also communicated relevant identified laws and regulations and potential fraud risks to all engagement team members who were all deemed to have appropriate competence and capabilities and remained alert to any indications of fraud or non-compliance with laws and regulations throughout the audit. Our audit procedures were designed to respond to risks of material misstatement in the financial statements, recognising that the risk of not detecting a material misstatement due to fraud is higher than the risk of not detecting one resulting from error, as fraud may involve deliberate concealment by, for example, forgery, misrepresentations or through collusion. There are inherent limitations in the audit procedures performed and the further removed non-compliance with laws and regulations is from the events and transactions reflected in the financial statements, the less likely we are to become aware of it. A further description of our responsibilities is available on the Financial Reporting Council’s website at: www.frc.org.uk/ auditorsresponsibilities. This description forms part of our auditor’s report. USE OF OUR REPORT This report is made solely to the Parent Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Parent Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Parent Company and the Parent Company’s members as a body, for our audit work, for this report, or for the opinions we have formed. Leighton Thomas (Senior Statutory Auditor) For and on behalf of BDO LLP, Statutory Auditor London, UK 24 April 2023 Based on our risk assessment, we considered the areas most susceptible to fraud to be revenue recognition and override of controls by management. BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127). 44 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 45 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory CONSOLiDATeD STATeMeNT OF COMPreHeNSive iNCOMe FOr THe YeAr eNDeD 31 DeCeMBer 2022 Profit for the year Other comprehensive (expense)/income: Items reclassified subsequently to profit or loss upon derecognition: Foreign exchange differences Other comprehensive expense for the year net of taxation attributable to the equity owners of the parent Total comprehensive (expense)/income for the year attributable to the equity owners of the parent Year ended 31 December 2022 $’000 Year ended 31 December 2021 $’000 554 1,522 (1,087) (1,087) (533) (122) (122) 1,400 CONSOLiDATeD iNCOMe STATeMeNT FOr THe YeAr eNDeD 31 DeCeMBer 2022 Continuing operations Revenue Cost of sales Gross profit Operating expenses Consisting of: Operating expenses before depreciation and amortisation Depreciation and amortisation of intangible assets Operating profit Other income Finance income Finance costs Profit before taxation Taxation credit Profit after taxation Profit after taxation attributable to equity owners of the parent Basic and diluted earnings/(loss) per share Basic earnings per share Diluted earnings per share EBITDA Adjusted EBITDA – for unrealised foreign exchange differences on intercompany loan and PPPL forgiveness The notes on pages 53 to 81 form part of these financial statements. Note 4 10,11,12 5 18 5 6 7 7 8 8 Year ended 31 December 2022 $’000 Year ended 31 December 2021 $’000 20,121 (2,576) 17,545 (16,869) (14,926) (1,943) 676 – 7 (279) 404 150 554 554 Cents 0.1 0.1 2,619 1,658 20,895 (3,112) 17,783 (16,642) (14,450) (2,192) 1,141 637 1 (406) 1,373 149 1,522 1,522 Cents 0.3 0.3 3,970 3,246 46 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 47 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory CONSOLiDATeD STATeMeNT OF FiNANCiAL POSiTiON AS AT 31 DeCeMBer 2022 COMPANY STATeMeNT OF FiNANCiAL POSiTiON AS AT 31 DeCeMBer 2022 As at 31 December 2022 $’000 As at 31 December 2021 $’000 Note As at 31 December 2022 $’000 As at 31 December 2021 $’000 Note Assets Non-current assets Goodwill Acquired intangible assets Capitalised development expenditure Property, plant and equipment – owned assets Leased right of use assets Trade and other receivables Current assets Inventories Trade and other receivables Cash and cash equivalents Total assets Liabilities Current Liabilities Trade and other payables Lease liabilities Deferred income Borrowings Net current assets Non-current liabilities Trade and other payables Lease liabilities Deferred income Borrowings Net assets Capital and reserves attributable to the equity owners of the parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve Total shareholders’ equity 9 10 11 12 12 15 14 15 16 17 20 18 16 17 20 18 22 23 8,991 2 4,500 604 62 1,571 15,730 164 5,294 5,646 11,104 26,834 (3.956) (78) (3,323) (971) (8,328) 2,776 (100) – (2,285) (237) (2,622) 15.884 6,980 82,284 7,051 1,777 (2,593) (79,615) 15,884 8,991 4 4,528 796 145 859 15,323 57 3,206 11,201 14,464 29,787 (4,068) (94) (4,677) (1,421) (10,260) 4,204 (143) (78) (2,147) (1,356) (3,724) 15,803 6,914 82,122 7,051 1,490 (1,506) (80,268) 15,803 Assets Non-current assets Investments in subsidiaries Trade and other receivables Current assets Trade and other receivables Cash and cash equivalents Liabilities Current Liabilities Trade and other payables Borrowings Net current liabilities Non-current liabilities Trade and other payables Borrowings Net assets Total equity attributable to owners of the Parent Share capital Share premium Capital redemption reserve Share options reserve Foreign exchange translation reserve Accumulated profit and loss reserve Total equity 13 15 15 16 18 16 18 22 23 70,209 72 70,281 3,232 5,070 8,302 (8,427) (971) (9,398) (1,096) (100) (237) (337) 68,848 6,980 82,284 7,051 1,465 (18,354) (10,578) 68,848 76,071 97 76,168 17 10,132 10,149 (8,936) (1,421) (10,357) (208) (112) (1,356) (1,468) 74,492 6,914 82,122 7,051 1,212 (10,532) (12,275) 74,492 The Company financial statements were prepared in accordance with Financial Reporting Standard 101 Reduced Disclosure Framework. The Company has taken advantage of the following disclosure exemptions: The requirements of IAS 7 Statement of Cash Flows, IFRS 7 Financial Instruments: Disclosures and IAS 24 Related Party Disclosures. The Company has taken advantage of section 408 of the Companies Act 2006 and has not included an income statement in these financial statements. The Parent Company’s profit for the year was $1.7 million (2021: $11.6 million). These financial statements were approved by the Board of Directors on 24 April 2023 and signed on their behalf. Andrew Miller DIRECTOR These financial statements were approved by the Board of Directors on 24 April 2023 and signed on their behalf. The notes on pages 53 to 81 form part of these financial statements. Andrew Miller DIRECTOR The notes on pages 53 to 81 form part of these financial statements. 48 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 49 CONSOLiDATeD STATeMeNT OF CASH FLOwS FOr THe YeAr eNDeD 31 DeCeMBer 2022 CONSOLiDATeD STATeMeNT OF CHANGeS iN eQUiTY FOr THe YeAr eNDeD 31 DeCeMBer 2022 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Operating activities Profit before taxation for the year Adjustments for movements: Amortisation of acquired intangible assets Amortisation of capitalised development expenditure Depreciation – owned assets Depreciation – leased assets Finance income Finance expense Finance lease interest costs Share based payments expense PPPL forgiveness Cash generated from operating activities before movement in working capital Movement in working capital: (Increase)/decrease in inventories and sales evaluation assets (Increase)/decrease in trade and other receivables Decrease in trade and other payables Net movement in working capital Cash (used in)/generated from operating activities Taxation received Net cash (used in)/generated from operating activities Cash flows from investing activities Investment in development expenditure Purchase of property, plant and equipment Net cash used in investing activities Cash flows from financing activities Net proceeds from issue of ordinary share capital Proceeds from borrowings Finance income Lease liability payments Finance expense Repayments of borrowings Net cash (used in)/generated from financing activities (Decrease)/increase in cash and cash equivalents Effects of exchange rates on cash and cash equivalents Cash and cash equivalents at 1 January Cash and cash equivalents at 31 December The notes on pages 53 to 81 form part of these financial statements. Year ended 31 December 2022 $’000 Year ended 31 December 2021 $’000 404 2 1,732 497 82 (7) 268 11 386 – 3,375 (26) (3,867) (1,361) (5,254) (1,879) 150 (1,729) (1,704) (420) (2,124) 228 – 7 (104) (158) (1,364) (1,391) (5,244) (311) 11,201 5,646 1,373 5 1,872 604 93 (1) 388 18 522 (637) 4,237 175 223 (1,999) (1,601) 2,636 149 2,785 (1,754) (421) (2,175) – 2,683 1 (103) (238) (1,738) 605 1,215 (154) 10,140 11,201 Share premium account $’000 Capital redemption reserve $’000 Share options reserve $’000 Foreign exchange translation reserve $’000 Accumulated profit and loss reserve $’000 Total attributable to equity owners of the parent $’000 82,122 7,051 968 (1,384) (81,790) 13,881 1 January 2021 Profit for the year Other comprehensive income Total comprehensive expense for the year Contributions by and distributions to owners Share based payments Total contributions by and distributions to owners Share capital $’000 6,914 – – – – – – – – – – – – – – – 31 December 2021 and 1 January 2022 6,914 82,122 7,051 Profit for the year Other comprehensive expense Total comprehensive income for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments Total contributions by and distributions to owners – – – 66 – – 66 – – – 162 – – 162 – – – – – – – 31 December 2022 6,980 82,284 7,051 The share capital comprises the nominal values of all shares issued. – – – 522 522 1,490 – – – – (99) 386 287 1,777 – (122) (122) – – 1,522 – 1,522 – – 1,522 (122) 1,400 522 522 (1,506) (80,268) 15,803 – (1,087) (1,087) – – – – 554 – 554 – 99 – 99 554 (1,087) (533) 228 – 386 614 (2,593) (79,615) 15,884 The share premium account comprises the amounts subscribed for share capital in excess of the nominal value, net of issuance costs. The capital redemption reserve comprises the amount transferred from deferred shares on redemption of the deferred shares. The share options reserve represents the cost to the Group of share options. The foreign exchange translation reserve arises on retranslating the net assets of UK operations into US dollars. The retained earnings are all other net gains and losses and transactions with owners not recognised elsewhere. The notes on pages 53 to 81 form part of these financial statements. 50 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 51 COMPANY STATeMeNT OF CHANGeS iN eQUiTY FOr THe YeAr eNDeD 31 DeCeMBer 2022 1 January 2021 Profit for the year Other comprehensive income Total comprehensive income for the year Contributions by and distributions to owners Share based payments Total contributions by and distributions to owners 31 December 2021 and 1 January 2022 Profit for the year Other comprehensive expense Total comprehensive expense for the year Contributions by and distributions to owners Issue of share capital – exercise of options Fully exercised share options Share based payments Total contributions by and distributions to owners Share capital $’000 6,914 Share premium account $’000 82,122 Capital redemption reserve $’000 Restated Share options reserve $’000 Foreign exchange translation reserve $’000 Restated Accumulated profit and loss reserve $’000 Total attributable to equity owners of the parent $’000 7,051 773 (9,947) (23,869) – (585) 11,594 – (585) 63,044 11,594 – – – – – – – – – – – – – – – – – – 439 439 6,914 82,122 7,051 1,212 (10,532) (12,275) – – – – – (7,822) 1,697 – 439 439 74,492 1,697 (7,822) (7,882) 1,697 (6,125) – – – – – – – – 228 (94) 347 481 (18,354) (10,578) 68,848 – – – – (94) 347 253 1,465 – – – 66 – – 66 – – – 162 – – 162 – – – – – – – 31 December 2022 6,980 82,284 7,051 (585) 11,594 11,009 Corero Network Security plc is a public limited company incorporated in the United Kingdom under the Companies Act 2006 and registered in England and Wales. The functional currency of the Company entity is GBP. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory NOTeS TO THe FiNANCiAL STATeMeNTS 1. GENERAL INFORMATION Presentation currency These consolidated financial statements are presented in US dollars (‘$’) rounded to the nearest $’000 unless otherwise stated which represents the presentational currency of the Group. The average $-GBP sterling (‘GBP’) exchange rates used for the conversion of the Consolidated Monthly Income Statements for the year ended 31 December 2022 was between 1.20-1.36 (2021: between 1.33-1.41). The closing $-GBP exchange rate used for the conversion of the Group’s assets and liabilities at 31 December 2022 was 1.21 (2021: 1.35). 2. SIGNIFICANT ACCOUNTING POLICIES 2.1 Basis of preparation The Group financial statements have been prepared in accordance with UK adopted international accounting standards and in conformity with the requirements of the Companies Act 2006. The Parent Company financial statements have been prepared in accordance with Financial Reporting Standard101 (‘FRS 101’) ‘Reduced Disclosure Framework’. 2.2 Going Concern The financial statements have been prepared on a going concern basis. The Directors have prepared detailed income statement, balance sheet and cash flow projections for the period to 30 April 2024 (“going concern assessment period”). The cash flow projections have been subjected to sensitivity analysis of the revenue, cost and combined revenue and cost levels which demonstrate that the Group and Company will maintain a positive cash balance through the going concern assessment period. As part of the sensitivity analysis, the Directors have noted that should the forecasted revenues not be achieved, mitigating actions can be taken to address any cash flow concerns. These actions include the utilisation of the undrawn revolving credit facility of £1 million, deferral of capital expenditure, reduction in marketing and other variable expenditure alongside a hiring freeze. In addition, the projections confirm that the bank loan covenants will be met during the going concern assessment period. The Directors are also not aware of any significant matters in the remainder of calendar 2024 that occur outside the going concern period that could reasonably possibly impact the going concern conclusion. The Directors have also considered the geo-political environment, including rising inflation in some of our key markets and the conflict in Ukraine, and whilst the impact on the Group is currently deemed minimal, the Directors remain vigilant and ready to implement mitigation action in the event of a downturn in demand or an impact on operations. On this basis, the Directors have therefore concluded that it is appropriate to prepare the financial statements on a going concern basis. 2.3 Basis of consolidation The consolidated financial statements incorporate the results, assets, liabilities, and cash flows of the Company and each of its subsidiaries for the financial year ended 31 December 2022. Subsidiaries are entities controlled by the Group. Control is deemed to exist when the Group has all of the following elements: a) power over the subsidiary, b) exposure or rights to variable returns from that subsidiary, and c) ability to use its power to affect the amount of the return from the subsidiary. The results, assets, liabilities and cash flows of subsidiaries are included in the consolidated financial statements from the date control commences until the date that control ceases. Where necessary, adjustments are made to the financial statements of subsidiaries to bring the accounting policies used into line with those used by the Group. Intra–group balances and transactions are eliminated on consolidation. 52 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 53 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 2. SIGNIFICANT ACCOUNTING POLICIES CONTINUED 2.4 Business combinations The acquisition method is used to account for all acquisitions. The cost of an acquisition is measured at the fair values, on the date of acquisition, of assets given, liabilities incurred or assumed, and equity instruments issued. At the date of acquisition, the identifiable assets and liabilities and contingent liabilities of a subsidiary are measured at their fair values. Any excess of the cost of acquisition over the fair values of the identifiable net assets acquired is recognised as goodwill. 2.5 Revenue The Group’s revenue is derived from the following products and services: • appliance and perpetual software licenses; • • • software subscription licenses for a defined term; support services for a defined term; installation and training services; • DDoS Protection as-a-Service (‘DDPaaS’) for a defined term; and • SecureWatch Managed Service (enhanced security monitoring services) for a defined term. The element of DDPaaS revenues pertaining to as-a-service assets is included in reported revenues and is recognised on a straight–line basis over the term of the contract. Performance obligations, timing of revenue recognition and revenue recognition Revenue is recognised when control of the goods (appliances and software) transfer to the customer and services are delivered. Goods are shipped free on board (‘FOB’) from Corero, or Corero’s contract manufacturer, to the customer. The point of transfer of control for appliances is at the point of FOB shipment to the customer and for software at the point of electronic transfer to the customer. Revenue recognised on transfer of control of appliance and software products Appliance, perpetual software licenses and software subscription licenses Revenue recognised over–time (over the term of the contract) Support, DDPaaS and SecureWatch Managed services Revenue recognised once the service has been delivered Installation and training services Determining the transaction price The contract price is determined by reference to the Corero Sales Quotation or DDPaaS Agreement and is a fixed price. Certain DDPaaS contracts have an element of the transaction value or all of the transaction value determined by reference to a share of the customers’ revenue generated from the Corero solution (‘Revenue Share’). This Revenue Share revenue is recognised when the Revenue Share is determined. Corero does not have any other variable consideration payable by the customer and does not pay any consideration to the customer. There is no provision for purchase price adjustments, right of return or price concessions. Allocating amounts to performance obligations For contracts containing only a single performance obligation (annual support services, ‘DDPaaS’ and SecureWatch Managed Service) there is no requirement to make an allocation of the contract price. For contracts containing multiple products, the transaction price is allocated to the separate performance obligations based on relative stand–alone selling prices (‘SSP’). The SSP is determined using defined price lists and historic customer discount rates. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Incremental costs of obtaining a contract Deferred sales commission relating to the support and DDPaaS revenue from a new sales contract is recorded in prepayments and amortised over five years. Corero follows the requirements of the IFRS 15 standard with regards to the amortisation period which requires amortisation on a systematic basis that is consistent with the transfer to the customer of the goods or services to which the asset relates. The expectation, supported by historic evidence, is that customers will generally renew their support contracts for more than three years with the additional expectation of follow–on hardware and software (and associated services) business from a significant number of existing customers. Based on this, and consistent with previous treatment, Corero has assessed that a reasonable period for capitalised sales commission to be amortised is five years. Periodic customer reviews will be undertaken to ascertain if there is any evidence that the value of the customer relationship has been negatively impacted, in which case the prepayment will be appropriately written down. Applying the practical expedient, Corero recognises the incremental costs of obtaining contracts as an expense when incurred if the amortisation period of the prepayment that Corero otherwise would have recognised is one year or less. Fulfilment costs Corero’s principal fulfilment costs relate to the costs of the Corero customer support team which delivers the customer support services, DDPaaS services and the SecureWatch Managed services. These costs are not separately allocated or identifiable against specific customers. Therefore, these costs are recognised in the period in which they are incurred in the Consolidated Income Statement. Contract assets and liabilities Contract assets arise when goods and services have been delivered and invoiced but payment is not yet due. Contract liabilities arise for future delivery of services which have been invoiced and payment is due. Contract liabilities are shown as deferred income in the Statement of Financial Position. 2.6 Government grants Government grants are recognised at fair value when there is reasonable assurance that the Group will comply with the conditions attaching to them and the grant will be received. Grants related to purchase of assets are treated as deferred income and allocated to the Consolidated Income Statement over the useful lives of the related assets while grants related to expenses are netted off against the related item of expenditure in the Consolidated Income Statement. 2.7 Cost of sales Cost of sales includes all direct costs associated with revenue generation, including goods directly related to revenue, services delivery, operation costs, DDoS as-a-service depreciation and amounts charged by external third parties for services. Examples of such costs would include third–party appliance costs and third-party software license costs. 2.8 Foreign currencies Transactions in foreign currencies are translated at the exchange rate ruling at the date of each transaction. Foreign currency monetary assets and liabilities are retranslated using the exchange rates at the reporting date. Gains and losses arising from changes in exchange rates after the date of the transaction are recognised in profit or loss in the Consolidated Income Statement. Non–monetary assets and liabilities that are measured in terms of historical cost in a foreign currency are translated at the exchange rate at the date of the original transaction. In the consolidated financial statements, the net assets of the Group’s UK operations are translated from GBP into US dollars at the exchange rate at the reporting date. Income and expense items are translated into US dollars at the average exchange rates for the period. The resulting exchange differences are recognised in the foreign exchange translation reserve. 54 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 55 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 2. SIGNIFICANT ACCOUNTING POLICIES CONTINUED 2.9 Intangible assets Internally generated intangible assets The Group’s internally generated intangible asset relates to its development expenditure. Development expenditure is capitalised only when it is probable that future economic benefit will result from the project and the following criteria are met: • the technical feasibility of the product has been ascertained; • adequate technical, financial and other resources are available to complete and sell or use the intangible asset; • • • the Group can demonstrate how the intangible asset will generate future economic benefits and the ability to use or sell the intangible asset can be demonstrated; it is the intention of management to complete the intangible asset and use it or sell it; and the development costs can be measured reliably. Expenditure not meeting these criteria is expensed in the Consolidated Income Statement. After initial recognition, internally generated intangible assets are carried at cost less accumulated amortisation and any impairment losses. Amortisation is charged once the asset is capable of generating economic benefits. Acquired intangible assets Identifiable intangible assets acquired as part of a business combination are initially recognised separately from goodwill, irrespective of whether the assets have been recognised by the acquiree before the business combination. An intangible asset is considered identifiable only if it is separable or if it arises from contractual or other legal rights, regardless of whether those rights are transferable or separable from the entity or from other rights and obligations. Intangible assets acquired as part of a business combination and recognised by the Group are computer software and customer relationships. Purchased computer software is carried at cost less accumulated amortisation and any impairment losses. Customer contracts and the related customer relationships are carried at cost less accumulated amortisation and any impairment losses. Amortisation Intangible assets are amortised on a straight–line basis to reduce their carrying value to zero over their estimated useful lives. The following useful lives were applied during the year: • Computer software acquired – three years straight line. • Capitalised development expenditure – five years straight line. Amortisation costs are included within operating expenses in the Consolidated Income Statement. Methods of amortisation and useful lives are reviewed, and if necessary adjusted, at each reporting date. 2.10 Property, plant and equipment Depreciation commences when an asset is available for use. Depreciation is calculated so as to write off the cost or value of an asset, net of anticipated disposal proceeds, over the useful life of that asset as follows: • Leasehold improvements – period of the lease (straight-line basis). • Right-of-use assets – period of the lease (straight-line basis). • Computer equipment, evaluation assets and DDoS Protection as-a-Service assets – three years (straight-line basis). • Fixtures and fittings – five years (straight-line basis). Property, plant and equipment is stated at cost less accumulated depreciation and any impairment losses. Cost comprises the purchase cost of property, plant and equipment together with any directly attributable costs. Evaluation assets are used by customers during proof- of-concept trials. Evaluation assets are stated at cost less accumulated depreciation. When an evaluation asset is retained by a customer as part of a sale, the net book value of the evaluation asset is charged to cost of sales. Depreciation of DDoS Protection as-a-Service assets is charged to cost of sales. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Subsequent costs are included in an asset carrying value or are recognised as a separate asset when it is probable that future economic benefits associated with the additional expenditure will flow to the Group and the cost of the item can be measured reliably. All other costs are charged to the Consolidated Income Statement as incurred. Methods of depreciation, residual values and useful lives are reviewed, and if necessary adjusted, at each balance sheet date. The gain or loss arising from the disposal or retirement of an item of property, plant and equipment is determined as the difference between the net disposal proceeds and the carrying amount of the item and included in the Consolidated Income Statement. 2.11 Inventory Inventory is stated at the lower of cost or net realisable value. Cost is computed using standard cost, which approximates to actual cost, on a first-in, first-out basis. Rapid technological change and new product introductions and enhancements could result in excess or obsolete inventory, the value of which may not be recoverable. To minimise this risk, the Group evaluates inventory levels and expected usage on a periodic basis and records valuation allowances as required. 2.12 Impairment At each reporting date, the Group assesses whether there is any indication that its assets have been impaired. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of any impairment. If it is not possible to estimate the recoverable amount of the individual asset, the recoverable amount of the cash-generating unit (‘CGU’) to which the asset belongs is determined. The recoverable amount of an asset or a CGU is the higher of its fair value less costs to sell and its value in use. The recoverable amount is calculated using the present value of the future cash flows expected to be derived from an asset or CGU. This present value is derived using a cost of capital rate that reflects current market assessments of the time value of money and of the risks specific to the asset for which future cash flow estimates have not been adjusted. If the recoverable amount of an asset is less than its carrying amount, the carrying amount of the asset or CGU is reduced to its recoverable amount. That reduction is recognised as an impairment loss. An impairment loss relating to assets carried at cost less any accumulated depreciation or amortisation is recognised immediately in the Consolidated Income Statement. Goodwill acquired in a business combination is, from the acquisition date, allocated to each of the CGU’s or groups of CGU’s that are expected to benefit from the synergies of the combination. Goodwill is tested for impairment at least annually, and whenever there is an indication that the asset may be impaired. An impairment loss is recognised for CGU’s if the recoverable amount of the CGU is less than the carrying amount of the CGU. The impairment loss is allocated to reduce the carrying amount of the assets of the CGU by first reducing the carrying amount of any goodwill allocated to the CGU, and then reducing the carrying amounts of the other assets of the CGU pro rata. If an impairment loss subsequently reverses, the carrying amount of the asset or CGU is increased to the revised estimate of its recoverable amount but limited to the carrying amount that would have been determined had no impairment loss been recognised in prior years. A reversal of an impairment loss is recognised in the Consolidated Income Statement. Impairment losses on goodwill are not subsequently reversed. 2.13 Leases All leases are accounted for by recognising a right-of-use asset and a lease liability except for: • • leases with a duration of 12 months or less; and leases of low value assets. Lease liabilities are measured at the present value of the contractual payments due to the lessor over the lease term, with the discount rate determined by reference to the rate inherent in the lease unless this is not readily determinable, in which case the Group’s incremental borrowing rate on commencement of the lease is used. 56 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 57 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 2. SIGNIFICANT ACCOUNTING POLICIES CONTINUED 2.13 Leases continued On initial recognition, the carrying value of the lease liability also includes: • amounts expected to be payable under any residual value guarantee; • the exercise price of any purchase option granted in favour of the Group if it is reasonably certain to assess that option; and • any penalties payable for terminating the lease, if the term of the lease has been estimated on the basis of termination option being exercised. Right-of-use assets are initially measured at the amount of the lease liability, reduced for any lease incentives received, and increased for: • • • lease payments made at or before commencement of the lease; initial direct costs incurred; and the amount of any provision recognised where the Group is contractually required to dismantle, remove or restore the lease. Subsequent to initial measurement, lease liabilities increase as a result of interest charged at a constant rate on the balance outstanding and are reduced for lease payments made. Lease payments are analysed between capital and interest. The interest element is charged to the Consolidated Income Statement over the period of the lease. The capital element reduces the balance owed to the lessor. Right-of-use assets are amortised on a straight-line basis over the remaining term of the lease or over the remaining economic life of the asset. The total rentals payable under leases which are not recognised as a right-of-use asset and a lease liability (an ‘operating lease’) are charged to the Consolidated Income Statement on a straight-line basis over the lease term. 2.14 Investments in subsidiaries In the Company’s separate financial statements, investments in subsidiaries are carried at cost less any impairment provisions. 2.15 Taxation The tax expense represents the sum of current tax and deferred tax. Current tax Current tax is based on taxable profit for the year and is calculated using tax rates enacted or substantively enacted at the reporting date. Taxable profit differs from accounting profit either because items are taxable or deductible in periods different to those in which they are recognised in the financial statements (temporary differences), or because they are never taxable or deductible (permanent differences). Deferred tax Deferred tax on temporary differences at the reporting date between the tax bases of assets and liabilities and their carrying amounts for financial reporting purposes is accounted for using the balance sheet liability method. Using the balance sheet liability method, deferred tax liabilities are recognised in full for all taxable temporary differences and deferred tax assets are recognised to the extent that it is probable that taxable profits will be available against which deductible temporary differences can be utilised. However, if the temporary difference arises from the initial recognition of goodwill or the initial recognition of an asset or liability in a transaction other than a business combination, that at the time of the transaction affects neither accounting nor taxable profit, it is not recognised as deferred tax asset or liability. Deferred taxation is measured at the tax rates that are expected to apply when the asset is realised, or the liability settled, based on tax rates and laws enacted or substantively enacted at the reporting date. 2.16 Post-retirement benefits The Group makes contributions in respect of certain employees to defined contribution pension plans under which it is required to pay fixed contributions to group and personal pension funds. Contributions to the schemes are based on a proportion of the employees’ earnings and are charged to the Consolidated Income Statement. The Group has no obligation beyond these contributions. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory 2.17 Financial instruments The Group classifies financial instruments, or their component parts, on initial recognition as a financial asset, a financial liability, or an equity instrument in accordance with the substance of the contractual arrangement. Financial assets and financial liabilities are recognised in the Group’s Statement of Financial Position when the Group becomes party to the contractual provisions of the instrument. The particular recognition and measurement methods adopted for the Group’s financial instruments are disclosed below: Trade and other receivables Trade and other receivables are stated at their fair value at time of initial recognition, reflecting, where material, the time value of money. A provision for impairment of trade receivables is established when there is evidence that the Group will not be able to collect all amounts due. The simplified approach is used for assessing the expected credit loss on trade receivables, requiring the lifetime expected credit loss to be recorded as the provision for impairment. An impairment provision is recorded against the intercompany loan note instrument between the Company and Corero Network Security, Inc. based on calculating the risk adjusted carrying value of the loan to take account of the credit loss which is expected to arise over the period until the cash is realised. The amount of the provision is based on whether there has been a significant increase in credit risk since the initial recognition of the loan. In situations where the credit risk has not increased significantly and the loan amount is expected to be recovered, the expected credit loss is limited to the effect of discounting the intercompany loan over the period until repayment is realised at the effective interest rate. Cash and cash equivalents Cash and cash equivalents include cash in hand and deposits on call with banks. Trade and other payables Trade and other payables are not interest bearing and are stated at their fair value at time of initial recognition. Thereafter they are accounted for at amortised cost. Debt obligations Debt obligations include interest bearing bank borrowings which are stated at their fair value less transaction costs at time of initial recognition. Debt obligations are subsequently measured at amortised cost. 2.18 Equity instruments An equity instrument is any contract that evidences a residual interest in the assets of the Company after deducting all its liabilities. Equity instruments issued by the Company are recorded at the proceeds received, net of directly attributable issue costs. 2.19 Employee share option schemes The Group operates an equity-settled share-based compensation plan. The fair value of the employees’ services received in exchange for the grant of share options is measured at grant date and recognised as an expense on a straight-line basis over the vesting period, based on the Group’s estimate of shares that will eventually vest. Fair value is determined by reference to the Black-Scholes option pricing model. If a granted option is cancelled and regranted the increase in fair value of the granted option measured immediately before and after the cancellation and regrant is added to the value of the employee’s service received in exchange for the grant. If an option grant is cancelled the previously recorded expense is credited to the Consolidated Income Statement. At each reporting date, the Group revises its estimate of the number of options that are expected to become exercisable. When share options are exercised, the proceeds received, net of any transaction costs, are credited to share capital (nominal value) and share premium. 2.20 Standards and Interpretations not yet effective There are a number of standards, amendments to standards, and interpretations which have been issued that are effective in future accounting periods that the Group has decided not to adopt early as they will not have a significant impact on the presentation of the Group financial statements. 58 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 59 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 3. CRITICAL ACCOUNTING JUDGEMENTS AND KEY SOURCES OF ESTIMATION UNCERTAINTY 3.1 Critical judgements in applying the Group’s accounting policies In the process of applying the Group accounting policies, the following judgements have had a significant effect on the amounts recognised in the financial statements: Internally generated research and development costs Management monitors progress of internal research and development projects. Judgement is required in distinguishing the research phase from the development phase. Development costs are recognised as an asset when all criteria are met and a project has passed the feasibility phase, whereas research costs are expensed as incurred. Management monitors whether the recognition requirements for development costs continue to be met. This is necessary as the economic success of any product development is uncertain. Going concern The Directors have reviewed the future profit and cash flow projections in conjunction with the current economic climate in order to express an opinion on the adequacy of working capital and the ability to continue as a going concern for the foreseeable future. The methodology contained in the projections is detailed in the note 2.2. 3.2 Key accounting estimates and assumptions Key assumptions concerning the future and other key sources of estimation uncertainty that have a significant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next financial year are as follows: Impairment of intangible assets and property, plant and equipment The Group tests goodwill at least annually for impairment, and whenever there is an indication that the asset may be impaired. All other intangible assets and property, plant and equipment are tested for impairment when indicators of impairment exist. Impairment is determined with reference to the higher of fair value less costs to sell and value in use. Fair value less costs to sell is estimated using discounted future cash flows. Significant assumptions are made in estimating future cash flows about future events including future market conditions, future growth rates and appropriate discount rates. Changes in these assumptions could affect the outcome of impairment reviews. Details of the main assumptions used in the assessment of the carrying value of the Group’s CGU are set out in note 9. Impairment of investments (applies to the Company financial statements only) The Directors have reviewed the cost of investments in subsidiaries of the Company with reference to current and future trading conditions. The investment in subsidiaries has been reviewed with reference to a valuation based on a discounted free cash flow, in conjunction with the goodwill impairment review, which the Directors consider to be an appropriate valuation methodology. Standalone Selling Price – Revenue recognition On a quarterly basis the Group analyses the selling prices for each deal compared to the current Standalone Selling Price (‘SSP’). This analysis includes grouping similar deals based on qualitative factors such as customer profile, size, and region, together with a quantitative comparison to the then current SSP. SSP fair value prices are adjusted for future quarters if management identifies a pattern of variances of greater than 10% between actual selling prices and the then current SSP. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory 4. SEGMENT REPORTING Business segments The Group is managed according to one business unit, Corero Network Security, which makes up the Group’s reportable operating segment. This business unit forms the basis on which the Group reports its primary segment information to the Board, which management consider to be the Chief Operating Decision maker for the purposes of IFRS 8 Operating Segments. The Group’s revenues from external customers are divided into the following geographies: The Americas EMEA APAC Total 2022 $’000 14,695 4,388 1,038 20,121 2021 $’000 16,042 2,778 2,075 20,895 Revenues from external customers are identified on the basis of invoicing systems and adjusted to take into account the difference between invoiced amounts and deferred revenue adjustments as required by IFRS. An international SaaS customer, the Group’s largest customer, accounted for 13% of 2022 revenue (2021: 22%). The revenue is analysed as follows for each revenue category: Software license and appliance revenue DDoS Protection as-a-Service revenue Maintenance and support services revenue Total The revenue is analysed by timing of delivery of goods or services as: Point in time delivery Over time Total 2022 $’000 8,107 4,854 7,160 2021 $’000 10,337 4,025 6,533 20,121 20,895 2022 $’000 8,107 12,014 20,121 2021 $’000 10,337 10,558 20,895 No unsatisfied performance obligations arise except from those revenues which are recognised over time. See note 20 for further details. Contract balances Contract assets Contract liabilities At 1 January Transfers in the period to/from trade receivables from/to contract assets Amounts included in contract liabilities that were recognised as revenue in the period from the opening balance Amounts included in contract liabilities that were recognised as revenue from amounts invoiced in the period Amounts invoiced in the period and not recognised as revenue in the period 2022 $’000 1,276 1,517 – – – 2021 $’000 2,429 (1,153) – – – At 31 December 2,793 1,276 Company The Company has no contract assets or liabilities (2021: $nil). 2022 $’000 6,824 – 2021 $’000 6,149 – (4,629) (3,442) (5,880) (5,889) 9,293 5,608 10,006 6,824 60 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 61 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 5. PROFIT FOR THE YEAR The following items have been included in arriving at the Group’s profit for the year before taxation: Unrealised (gain)/loss on intercompany loan Finance expense – Clydesdale loan interest and fees Finance expense – lease liability Research and development expenditure not capitalised Amortisation of acquired intangible assets (note 10) Amortisation of capitalised development expenditure (note 11) Depreciation of property, plant and equipment (note 12) DDoS Protection as-a-Service asset depreciation (note 12) Other income – PPPL forgiveness (note 18) Auditor’s remuneration Remuneration received by the Company’s auditor for the audit of these Financial Statements The audit of the financial statements of other Group companies Fees payable to the Company’s auditor for taxation compliance services Fees payable to the Company’s auditor for taxation advisory services 6. TAX ON PROFIT ON ORDINARY ACTIVITIES Current tax credit Total 2022 $’000 (961) 268 11 1,743 2 1,732 209 370 – 2022 $’000 137 44 33 46 260 2022 $’000 150 150 2021 $’000 (87) 388 18 1,546 5 1,872 315 382 (637) 2021 $’000 105 42 35 9 191 2021 $’000 149 149 The tax assessed on the profit on ordinary activities for the year differs from the weighted average UK corporate rate of tax of 19% per the 2022 and 2023 governmental budgets (2021: 19.0%). The differences are reconciled below: Total tax reconciliation Profit before taxation Theoretical tax charge at UK Corporation tax rate 19% (2021: 19.0%) Effect of: – expenditure that is not tax deductible – accelerated capital allowances – other timing differences – losses utilised Taxation charge R&D tax credits 2022 $’000 404 77 79 (28) 6 (134) – 2021 $’000 1,373 261 125 (43) – (343) – 150 149 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Factors affecting future tax charges As at 31 December 2022, the Group’s cumulative fixed asset timing differences were $12,000 (2021: $23,000) and no deferred tax asset has been recognised in respect of these items. Tax losses at 31 December 2022 amounted to $89.7 million (2021: $89.3 million). This comprised UK tax losses of $13.5 million and US tax losses of $76.2 million. The utilisation of US tax losses which are all attributable to Corero Network Security, Inc. is subject to the provisions of Section 382 of the United States Treasury Internal Revenue Code of 1986, as amended. Corero Network Security, Inc did not undergo an ownership change within the meaning of section 382 for the period 1 February 2017 to 31 December 2021, and thus $15.0 million of the US tax losses are available at full value to set-off against future taxable profits. The utilisation of the remaining US tax losses of $61.2 million will be subject to meeting the change of ownership test for the period prior to 1 February 2017. This test will be undertaken as and when these tax losses are required to offset against taxable profits of Corero Network Security, Inc. US tax losses expire 20 years from the end of the accounting period in which the loss arose. UK tax losses arising in the period prior to 1 April 2017 can only used against taxable profits of the same trade, after 1 April 2017 the losses can be used against total company profits. Deferred tax assets of $3.4 million (2021: $3.4 million) relating to the UK tax losses (applying a tax rate of 25.0% to tax losses expected to unwind after 1 April 2023, the rate substantively enacted on 10 June 2021) and the deferred tax assets of $16.0 million (2021: $15.9 million) relating to the US tax losses and taxable temporary fixed asset differences (applying a tax rate of 21.0%) have not been recognised due to uncertainties as to the extent and timing of their future recovery. 7. EARNINGS PER SHARE Earnings per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year. Diluted earnings per share is calculated by dividing the earnings attributable to ordinary shareholders of the Company by the weighted average number of ordinary shares in issue during the year plus the number of ordinary shares to be issued from the exercise of attributable share options. Basic Earnings per share From profit for the year Diluted Earnings per share From profit for the year Basic earnings/(loss) per share From profit for the year Diluted earnings/(loss) per share Basic earnings per share Dilutive effect of share options Diluted earnings per share 2022 Cents 2021 Cents 0.1 0.1 2021 Weighted average number of 1p shares Thousand 494,852 0.3 0.3 Profit per share Cents 0.3 Profit per share Cents 0.1 Profit $’000 1,522 0.1 – 0.1 1,522 494,852 – 18,914 1,522 513,766 0.3 – 0.3 2022 Weighted average number of 1p shares Thousand 495,900 495,900 15,248 511,148 Profit $’000 554 554 – 554 62 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 63 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 8. KEY PERFORMANCE MEASURES EBITDA and Adjusted EBITDA Earnings before interest, tax, depreciation, and amortisation (‘EBITDA’) is defined as earnings from operations before interest, tax, depreciation, and amortisation charges. The following is a reconciliation of EBITDA and Adjusted EBITDA for the periods presented: Profit before taxation Adjustments for: Finance income Finance expense Finance lease interest costs Depreciation – owned assets Depreciation – lease liabilities Amortisation of acquired intangible assets Amortisation of capitalised development expenditure EBITDA Other income - PPPL forgiveness Unrealised foreign exchange differences on intercompany loan Year ended 31 December 2022 $’000 Year ended 31 December 2021 $’000 404 1,373 (7) 268 11 127 82 2 1,732 2,619 – (961) (1) 388 18 222 93 5 1,872 3,970 (637) (87) Adjusted EBITDA – for unrealised foreign exchange differences on intercompany loan and PPPL forgiveness 1,658 3,246 9. GOODWILL Group Cost At 1 January 2021 At 31 December 2021 At 31 December 2022 Impairment At 1 January 2021 At 31 December 2021 At 31 December 2022 Carrying amount At 31 December 2022 At 31 December 2021 At 1 January 2021 $’000 17,983 17,983 17,983 (8,992) (8,992) (8,992) 8,991 8,991 8,991 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Goodwill is tested at least annually for impairment and when there are indications that goodwill might be impaired. Goodwill is allocated to the Group’s single CGU, Corero Network Security (‘CNS’). The recoverable amount for the CNS CGU was determined based on a discounted cash flow calculation to calculate fair values less costs to sell using cash flow projections over a 10 year period (2021: 10 year period). The discounted cash flow approach is a level 3 fair value calculation in the IFRS 13 fair value hierarchy. The key assumptions for the discounted cash flow calculation are those regarding revenue growth and discount rates as summarised in the table below and commented on below: Forecast cash flow period Extrapolated cash flow period 2022 2021 Years 1-2 Years 1-2 Years 3-10 Years 3-10 Cumulative annual growth rate (‘CAGR’) for revenue used for the forecast/extrapolated periods 10.9% 12.2% Growth rates (‘CAGR’) used for the forecast/extrapolated periods: Year 1–2 (forecast period) Years 3–5 (extrapolated period) Years 6–10 (extrapolated period) Revenue growth rate used beyond the extrapolated period Discount rate 16.3% 15.0% 6.5% 2.5% 17.3% 23.5% 15.0% 6.5% 2.5% 12.3% The pre-tax cash flows for the forecast period are derived from the most recent financial budget for the year ending 31 December 2023 (‘2023 Budget’) and the plan for the year ending 31 December 2024 (‘2024 Plan’) approved by the Board, with a sensitivity reflecting prior year experience and progress made in 2022 (10% applied to the 2023 Budget revenue and 15% to the 2024 Plan revenue). The extrapolation for the period 2025 to 2032 is based on management estimates (with the key assumptions set out below). The future pre-tax cash flows are discounted by a WACC of 17.3% (2022: 12.3%). The key assumptions underlying the cash flow projections and which the recoverable amount is most sensitive to are (i) the revenue growth rates forecast and extrapolated for the period 2023 to 2027 (ii) and the discount rate. The cash flow forecasts assume a CAGR revenue growth of 15.5% in the period 2023 to 2027 (18.3% for the period 2022 to 2026) and 6.5% for the period 2028 to 2032 (a ‘CAGR’ of 10.9% for 10-year forecast period; 2022: 12.2%). The cashflow forecasts reflect a sensitivity of 10% applied to the CNS 2023 Budget revenues and a sensitivity of 15% applied to the 2024 Plan revenues (and a sensitivity of 5% to 2023 operating costs and capital expenditure, and a sensitivity of 7.5% to 2024 operating costs and capital expenditure) reflecting prior year experience. The management of the Group believe these growth rates are appropriate for the forecasts given the significant progress the business made in 2021 and 2022, the strategy for 2023 which is focused on scaling the business for profitability through leveraging the Group’s expanded routes to market and the on-going investment in sales and marketing. This strategy is expected to deliver further increases in revenue in the forecast period. The assumed growth rates are supported by the fact that the IT security market is forecast to grow strongly for the foreseeable future. The DDoS market is expected to reach $6.7 billion by 2026 (Source: MarketsandMarkets DDoS Protection and Mitigation market – Global Forecast to 2026, June 2019) – a CAGR of 15.1% in the period 2021 to 2026. The above market growth rates used in the future cash flow assumptions reflect that CNS is in the relatively early stages of the commercial exploitation of its intellectual property. In addition, the business’s strategy, aside from greater sales growth penetration, is to continue to develop its product and solution offerings to remain its market leadership technological credentials in its chosen markets thereby providing the opportunity to generate above market average growth rates. The growth rate assumed in the period beyond the 10-year extrapolation period of 2.5% is considered reasonable as historically IT spend has exceeded GDP growth. 64 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 65 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory 11. CAPITALISED DEVELOPMENT EXPENDITURE Group Cost At 1 January 2021 Additions At 31 December 2021 and at 1 January 2022 Additions At 31 December 2022 Amortisation At 1 January 2021 Charge for year At 31 December 2021 and at 1 January 2022 Charge for year At 31 December 2022 Net book value At 31 December 2022 At 31 December 2021 At 1 January 2021 Company The Company has no capitalised development expenditure (2021: $nil). Total $’000 22,310 1,754 24,064 1,704 25,768 (17,664) (1,872) (19,536) (1,732) (21,268) 4,500 4,528 4,646 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 9. GOODWILL CONTINUED The discount rate is based on a cost of equity using the Capital Asset Pricing Model with the key inputs being a risk-free interest rate estimate of 3.88% (based on 10-year US government bonds) (2021: 1.52%), comparable company betas, an equity risk premium of 6.2% (2021: 6.2%), and small company risk premium of 4.5% (2021: 4.5%). The WACC has been assessed based on that fact that the Company had debt at 31 December 2022 of $1.2 million (debt at 31 December 2021: $2.8 million). The WACC used in the valuation reflects current market assessments of the time value of money and the risks specific to CNS. As stated above, the valuation to support the value in use of the CNS CGU is sensitive to changes in the cash flow forecasts and the discount rate assumptions, and there is no absolute guarantee that the expected growth will be achieved. If the discount rate is increased from 17.3% to 48.0%, this would mathematically result in an impairment of the carrying value of goodwill of $9 million meaning the goodwill would be fully impaired. If the sensitivity of 10% applied to the CNS 2023 Budget and 15% to the 2024 Plan revenues (and sensitivity of 5% to CNS 2023 Budget operating costs and capital expenditure, and 7.5% to the 2024 Plan operating costs and capital expenditure) was increased to 34.0% for the CNS 2023 Budget and 36.0% to the 2024 Plan revenues (and sensitivity of 17.0% to CNS 2023 Budget operating costs and capital expenditure, and 18.0% to the 2024 Plan operating costs and capital expenditure), this would mathematically result in an impairment of the carrying value of goodwill of $9 million meaning the goodwill would be fully impaired. Apart from the considerations in determining the value in use of the CNS CGU extensively described above, the management of the Group is not currently aware of any other reasonably possible changes that would necessitate changes in its key estimates. 10. ACQUIRED INTANGIBLE ASSETS Group Cost At 1 January 2021 Additions At 31 December 2021 and at 1 January 2022 Additions At 31 December 2022 Amortisation At 1 January 2021 Charge for year At 31 December 2021 and at 1 January 2022 Charge for year At 31 December 2022 Net book value At 31 December 2022 At 31 December 2021 At 1 January 2021 Company The Company has no intangible fixed assets (2021: $nil). Computer software $’000 Customer relationships $’000 6,017 – 6,017 – 6,017 (6,008) (5) (6,013) (2) (6,015) 2 4 9 197 – 197 – 197 (197) – (197) – (197) – – – Total $’000 6,214 – 6,214 – 6,214 (6,205) (5) (6,210) (2) (6,212) 2 4 9 66 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 67 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 12. PROPERTY, PLANT AND EQUIPMENT Group 13. INVESTMENT IN SUBSIDIARIES Company Sales evaluation assets $’000 DDoS protection as-a-service assets $’000 Fixtures and Fittings $’000 Leasehold Improvements $’000 Right-of-use assets $’000 Total $’000 Investment in Corero Network Security, Inc. and Corero Network Security (uK) Limited $’000 Investment in Corero Group Services Limited $’000 Loan note $’000 Cost 1 January 2021 Additions Transfers Disposals Foreign currency translation At 31 December 2021 and 1 January 2022 Additions Transfers Disposals Foreign currency translation At 31 December 2022 Depreciation At 1 January 2021 Charge for year Transfers Disposals Foreign currency translation At 31 December 2021 and at 1 January 2022 Charge for year Transfers Disposals Foreign currency translation At 31 December 2022 Net book value At 31 December 2022 At 31 December 2021 At 1 January 2021 Computer Equipment $’000 1,042 17 – (59) (3) 997 114 0 0 (20) 1,091 (834) (129) – 21 3 (939) (65) 0 0 20 (984) 107 58 208 216 136 (67) (99) – 186 137 (57) (69) (10) 187 (91) (59) 16 50 – (84) (38) 9 18 (1) (96) 91 102 125 1,377 104 106 426 3,271 268 67 (57) (7) – – – – – – – – – – (83) 1 421 – (298) (9) 1,648 104 106 344 3,385 169 57 (64) (62) 1,748 (695) (382) (16) 27 4 (1,062) (370) (9) 31 41 0 0 0 (1) 103 (74) (13) – – – (87) (7) 0 0 2 0 0 0 (2) 104 (52) (21) – – – (73) (17) 0 0 2 0 0 0 0 420 0 (133) (95) 344 3,577 (189) (93) – 83 – (199) (82) 0 0 (1) (1,935) (697) – 181 7 (2,444) (579) 0 49 63 (1,369) (92) (88) (282) (2,911) 379 586 682 11 17 30 16 33 54 62 145 237 666 941 1,336 Cost At 1 January 2021 Capitalisation of intercompany balances Additions Foreign currency translation At 31 December 2021 and at 1 January 2022 Additions Foreign currency translation At 31 December 2022 Impairment At 1 January 2021 Impairment credit/(charge) Foreign currency translation At 31 December 2021 and at 1 January 2022 Impairment credit Foreign currency translation At 31 December 2022 Net book value At 31 December 2022 At 31 December 2021 At 1 January 2021 70,302 3,416 – (653) 73,065 – (7,740) 65,325 (22,268) 10,326 207 (11,735) 1,134 1,243 (9,358) 55,967 61,330 48,035 10,878 – – (101) 10,777 – (1,142) 9,635 (4,928) (138) 46 (5,020) 652 532 (3,836) 5,799 5,757 5,950 8,627 – 444 (87) 8,984 420 (961) 8,443 (1,691) 1,675 16 – – – – 8,443 8,984 6,936 Total $’000 89,807 3,416 444 (841) 92,826 (9,843) 83,403 (28,887) 11,863 269 (16,755) 1,786 1,775 (13,194) 70,209 76,071 60,921 The Directors have reviewed the carrying value of the cost of investments in subsidiaries of the Company with reference to the Company market capitalisation at 31 December 2022 or on a discounted free cash flow valuation whichever is the higher value, which the Directors consider to be an appropriate valuation methodology. Based on the Company market capital valuation as at 31 December 2022, the provision against the investment in subsidiaries was $13.2 million (at 31 December 2021: $16.8 million), comprising a provision against the investment in Corero Network Security, Inc. and Corero Network Security (UK) Limited (together ‘CNS’) of $9.4 million and a provision against the investment in Corero Group Services Limited of $3.8 million. The Company’s investment in Corero Network Security, Inc. includes a loan note instrument. These loan notes bear interest at 5.0% per annum which at the election of Corero Network Security, Inc. is payable quarterly or added to the principal amount which is due on 31 October 2026. As at 31 December 2022, the expected credit loss provision was $nil million (2021: $nil million). DDoS Protection as-a-Service assets’ depreciation is charged to cost of sales. Company The Company has no property, plant and equipment (2021: $nil). 68 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 69 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 13. INVESTMENT IN SUBSIDIARIES CONTINUED The Company owns: • 100% of the issued share capital of Corero Network Security, Inc. a company incorporated in Delaware, USA. The company’s business address is 293 Boston Post Road, Marlborough, MA 01752, USA. The principal business of the company consists of the development and sale of appliance and software security products and solutions. • 100% of the issued share capital of Corero Group Services Limited, a company incorporated and registered in England and Wales. The company’s business address is Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, England, United Kingdom. The principal business of the company consists of providing administration services to the Group. • 100% of the issued share capital of Corero Network Security (UK) Limited, a company incorporated and registered in England and Wales. The company’s business address is 3rd Floor, 53 Hanover Street, Edinburgh, EH2 2PJ and registered address is Salisbury House, 29 Finsbury Circus, London, EC2M 5QQ, England, United Kingdom. The principal business of the company consists of sale of appliances and software security products and solutions, providing development and marketing services on behalf of Corero Network Security, Inc. 14. INVENTORIES Gross inventory Less: provision for impairment Net inventory Group 2022 $’000 217 (53) 164 Group 2021 $’000 139 (82) 57 Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory The maturity profile of trade and other receivables is set out in the table below: In one year or less, or on demand In more than one year, but not more than five years Group Company 2022 $’000 5,294 1,571 6,865 2021 $’000 3,206 859 4,065 2022 $’000 3,232 72 3,304 2021 $’000 17 97 114 Balances due in more than one year, but not more than five years, are presented as non-current in the Statement of Financial Position. The analysis of trade and other receivables by foreign currency is set out in the table below: US dollars UK pound Group Company 2022 $’000 5,727 1,138 6,865 2021 $’000 3,163 902 4,065 2022 $’000 – 3,304 3,304 2021 $’000 – 114 114 The Group’s foreign currency receivables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. Net inventory comprises finished goods and raw materials. The value of inventory recognised as an expense in cost of sales was $1.7 million (2021: $1.9 million). 16. TRADE AND OTHER PAYABLES Company The Company holds no inventory (2021: $nil). 15. TRADE AND OTHER RECEIVABLES Trade receivables Contract assets (note 4) Less: provision for impairment of trade receivables Net trade receivables Other debtors Prepayments Amounts due from subsidiaries Group Company 2022 $’000 1,092 2,793 (25) 3,860 160 2,845 – 6,865 2021 $’000 740 1,276 (24) 1,992 180 1,893 – 4,065 2022 $’000 2021 $’000 – – – – 68 19 3,217 3,304 – – – – 76 38 – 114 None of the Company’s trade and other receivables are secured by collateral or credit enhancements (2021: None). The Group applies the simplified approach to measuring expected credit losses using a lifetime expected credit loss for trade receivables and contract assets. To measure expected credit losses on a collective basis, trade receivables and contract assets are grouped based on a similar credit risk and aging. The expected loss rates are based on the Group’s historical credit losses experienced over a two year period prior to the period end. The historical loss rates are then adjusted for current and forward-looking information on macroeconomic factors affecting the Group’s customers. The Group has identified gross domestic product growth rates, unemployment rates and inflation rates as the key macroeconomic factors in the countries in which the Group operates. The Directors consider that the carrying amount of trade and other receivables approximates their fair value. Trade payables Amounts due to subsidiaries Other payables Accruals Group Company 2022 $’000 1,619 – 159 2,278 4,056 2021 $’000 1,567 – 36 2,608 4,211 2022 $’000 – 8,427 – 100 8,527 2021 $’000 – 8,794 – 254 9,048 None of the Group or Company’s trade and other payables are secured by collateral or credit enhancements. The Directors consider that the carrying amount of trade and other payables approximates their fair value. 74% (2021: 66%) of the trade and other payables are due in less than three months. The amounts due to subsidiaries are repayable on demand. The analysis of trade and other payables by foreign currency is set out in the table below: US dollars UK pound Group Company 2022 $’000 2,161 1,895 4,056 2021 $’000 1,977 2,234 4,211 2022 $’000 – 8,527 8,527 2021 $’000 – 9,048 9,048 The Group’s foreign currency payables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the result for the year from exchange rate movements on such financial instruments. 70 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 71 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 17. LEASE LIABILITIES At 1 January Payments Interest cost At 31 December The Directors consider that the carrying amount of lease liabilities approximates to their fair value. The analysis of lease liabilities by foreign currency is set out in the table below: US dollars UK pound Company The Company has no lease liabilities (2021: $nil). 18. BORROWINGS The Group borrowings: Bank loans The Company borrowings: Bank loan Group 2022 $’000 172 (105) 11 78 Group 2022 $’000 78 – 78 2022 $’000 1,208 2022 $’000 1,208 Group 2021 $’000 257 (103) 18 172 Group 2021 $’000 172 – 172 2021 $’000 2,777 2021 $’000 2,777 The borrowings facility comprises a drawn £2.0 million term loan facility and an undrawn £1.0 million Revolving Credit Facility (‘RCF’) for a three-year term. The facility terms include: no early repayment penalties or redemption premium; a reduced interest rate (payable quarterly) at 6.5% per annum over the Bank of England base rate before any potential downward EBITDA margin ratchet adjustment; 2.6% interest per annum on the RCF; arrangement fee of 3.75%; and standard security and loan covenants in line with the existing lending arrangements including the payment of a fee equal to 1.0% of the disposal proceeds on a sale or a change of control of the Company above a threshold amount of £100.0 million if such disposal or change of control occurs before April 2025. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Interest is payable quarterly in arrears based on 3-month GBP UK base rate plus 6.5%. The loan principal repayment schedule by year for the bank loan is: Year 2023 2024 The contractual future cash flows, including undiscounted interest based on the interest rate at 31 December 2022 of 10.0% (at 31 December 2021: 6.75%) for the bank loan, is: Year 2023 2024 $’000 1,008 252 1,260 $’000 1,097 339 1,436 The bank loan is secured by debentures over the business assets of all Group companies and by Group company guarantees including a guarantee from the Company. The bank loan terms include typical covenants for such a loan, as well as revenue and cash consumption covenants, which are tested quarterly and monthly respectively. These covenants were met for each covenant reporting period in the reporting period ended 31 December 2022. Paycheck Protection Program Loan (‘PPPL’) The Company’s US trading subsidiary, Corero Network Security, Inc was advanced, via its US bank, Pacific Western Bank, a Paycheck Protection Program Loan for $637,000 on 11 May 2020. The PPPL was a component of the US federal stimulus package known as the Coronavirus Aid, Relief and Economic Security Act, which offered help to businesses in the US during the COVID-19 crisis. Notification of the PPP loan forgiveness in full was received from Pacific Western Bank on 28th January 2021. The forgiveness of the PPP loan is a non–cash movement and is shown as ‘other income’ in the Group Income Statement. 19. FINANCIAL INSTRUMENTS The Group’s financial instruments are categorised as shown below: Group Financial assets Trade and other receivables Cash Group Financial liabilities Trade and other payables Borrowings Book Value 2022 $’000 Book Value 2021 $’000 4,020 5,646 9,666 2,158 11,201 13,359 Book Value 2022 $’000 Book Value 2021 $’000 4,134 1,208 5,342 4,383 2,901 7,284 For the purpose of this note financial assets - trade and other receivables exclude prepayments. The Group manages liquidity and credit risk in line with the financial risk management objectives and policies as set out on page 25. At the present time the Group does not have significant exposure interest rate risk. There are no differences between the fair values and book values held by the Group. 72 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 73 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 20. DEFERRED INCOME Group Current More than one year but less than five years 2022 $’000 3,323 2,285 5,608 2021 $’000 4,677 2,147 6,824 The Group’s deferred income balance will be recognised as revenue evenly over the remaining term of the service and support agreements in place. The service and support agreements expire at various times throughout the year with no particular seasonality. Company The Company has no deferred income (2021: $nil). 21. PENSIONS The Group’s pension arrangements are operated through defined contribution schemes. Defined contribution schemes Defined contribution pension costs Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory 23. SHARE PREMIUM 1 January 2021 and 1 January 2022 Issued by way of option exercises 66,667 ordinary shares of 4.25p each (5.61c) 20,000 ordinary shares of 15p each (18.45c) 1,000,000 ordinary shares of 15p each (18.15c) 2,126,667 ordinary shares of 15p each (21.3c) 400,000 ordinary shares of 4.25p each (4.80c) 155,000 ordinary shares of 4.25p each (4.80c) 1,333,333 ordinary shares of 4.25p each (5.23c) 31 December 2022 $’000 82,122 1 1 18 45 19 8 70 82,284 Consideration received in excess of the nominal value is included in share premium, less registration, commission, and professional fees. 2022 $’000 192 2021 $’000 153 24. EMPLOYEES AND DIRECTORS Employee expenses, including Directors, during the period Group 22. SHARE CAPITAL Authorised share capital The authorised share capital comprises 745,821,970 (2021: 745,821,970) ordinary shares of 1 penny (‘p’) (1.4 cents (‘c’)) each. Issued ordinary share capital 1 January 2021 and 1 January 2022 494,852,304 ordinary shares of 1p each Issued by way of option exercises 66,667 ordinary shares of 1p each (1.32c) 20,000 ordinary shares of 1p each (1.23c) 1,000,000 ordinary shares of 1p each (1.21c) 2,126,667 ordinary shares of 1p each (1.42c) 400,000 ordinary shares of 1p each (1.13c) 155,000 ordinary shares of 1p each (1.13c) 1,333,333 ordinary shares of 1p each (1.23c) 31 December 2022 499,953,971 ordinary shares of 1p each Wages and salaries Social security costs Other pension costs Average monthly numbers of employees (including Directors) employed Sales and marketing Technical, support and services Management, operations and administration Company The Company has no employees (2021: nil). Total 2022 $’000 11,087 1,229 192 Total 2021 $’000 9,130 1,027 153 12,508 10,310 2022 Number 2021 Number 21 38 6 65 19 35 6 60 $’000 6,914 – – 12 30 5 2 17 6,980 74 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 75 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 24. EMPLOYEES AND DIRECTORS CONTINUED Directors, being the Key Management personnel Directors Ashley Stephenson Andrew Miller Jens Montanana Lionel Chmilewsky Peter George Richard Last Bonus $’000 Benefits $’000 Pension $’000 Subtotal $’000 Options $’000 Company National Insurance Contributions $’000 Total 2022 $’000 Total 2021 $’000 161 – – 167 – – 328 23 1 – 11 – – 35 – – – 53 – – 53 530 141 40 596 36 34 1,377 – – – – – – – 9 18 – 127 – 3 539 159 40 723 36 37 554 29 80 819 72 78 157 1,534 1,632 Salary & fees $’000 346 140 40 365 36 34 961 Bonus payments of $328,000 were awarded to Directors in respect of the year to 31 December 2022 (2021: $352,000). Lionel Chmilewsky has an employment agreement with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Lionel Chmilewsky resigned as a Director of the Company on 28 February 2023. Ashley Stephenson has an employment agreement with a wholly owned subsidiary of the Company which provides for the payment of six months’ base salary if the agreement is terminated by the Company without cause. Andrew Miller was a Non-executive Director during the year and Interim Chief Financial Officer for the period 1 September to 31 December 2022. Andrew Miller has a Director’s Loan of $72,000 which is repayable in August 2030. Andrew Miller was appointed Interim Chief Operating Officer on 1st March 2023. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory 27. SHARE OPTIONS The Company has the following share option schemes: • Enterprise Management Incentive Scheme for its employees, which has been approved by HMRC. • Executive Enterprise Management Incentive Scheme, which has been approved by HMRC. • Unapproved Share Option Scheme. • Deferred Payment Share Plan. Options granted have a three–year vesting period, vesting one third on the first anniversary of grant, one third on the second anniversary of grant and one third on the third anniversary of grant. Shares acquired on the exercise of an option may not be sold until the expiry of the second anniversary following the date of option grant. With the exception of options granted in April 2017 to Directors which include a revenue growth performance vesting condition, there are no vesting conditions for options granted. If an option holder ceases to be in employment or hold office within the Group, options granted shall immediately lapse unless such cessation is because of the option holder’s death; the option holder’s ill health or disability; the company that employs the option holder ceasing to be under the control of the Company or such company ceasing to be within the Group; the transfer of sale of the undertaking or part-undertaking in which the option holder is employed to a person who is neither under the control of the Company nor within the Group; or any other reason that the Board in its absolute discretion shall determine. On a cessation of employment or office as set out above, options shall be exercisable to the extent they have vested according to the terms of the option agreement and the provisions of the relevant share option scheme and must be exercised within 30 days following such cessation unless otherwise determined by the Board or if such cessation is by reason of death in which case the option holder’s personal representatives must exercise the option within 12 months following the date of the option holder’s death. For option agreements granted post June 2020 and subject to the approval of the Board, where an option holder has, as at the date of the grant, been employed by a Group company for a period of at least three years and whose employment is terminated either: (a) by the company other than for cause; or (b) by resignation on the part of the option holder, such option holder shall be entitled to retain the options granted under the option agreement following the effective date of the termination and such retained options shall continue to vest and be exercisable by the option holder in accordance with the vesting terms set out in the agreement. Share options granted at 31 December 2022 were as follows: 25. LEASE COMMITMENTS The Group has total future minimum lease payments under non-cancellable leases totalling $85,000 (2021: $7,000) analysed by year of expiry as follows: Option holders Date granted Expiry date Enterprise Management Incentive Scheme Exercise price – pence (cents) At 1 January 2022 Granted Exercised Forfeit/ cancelled At 31 December 2022 Land and building agreements expiring: Within one year More than one year but less than five years Company The Company has no lease commitments (2021: $nil). 2022 $’000 2021 $’000 64 21 85 7 – 7 26. CONTINGENT LIABILITIES Corero Network Security (UK) Limited was in December 2015 awarded a grant of £600,000 for a development project over three years from Scottish Enterprise. Any monies becoming repayable by Corero Network Security (UK) Limited under the grant terms for breaches of the grant conditions are guaranteed by the Company. These conditions which are typical for a grant of this nature, and which apply for a period of five years from the final grant payment date (being 14 March 2019), include maintaining minimum headcount in Scotland and no change of control. Other Holders April 2019 April 2029 8.4p (11c) 10,000 September 2019 September 2029 2.5p (3c) 5,000 April 2020 June 2020 April 2030 4.2p (5c) 357,500 June 2030 5.3p (7c) 8,975,500 September 2020 September 2030 7.8p (10c) 10,000 October 2020 October 2030 9.0p (12c) 12,500 January 2021 January 2031 13.0p (18c) 685,000 November 2021 November 2031 9.25p (12c) 27,500 – – – – – – – – September 2022 September 2032 10.8p (12c) – 410,000 Executive Enterprise Management Incentive Scheme Andrew Lloyd April 2017 April 2027 8p (10c) 2,083,333 – – – – – – – 10,000 5,000 357,500 (1,888,333) (866,667) 6,220,500 – – – – – – – – 10,000 12,500 (150,000) 535,000 (27,500) - – – 410,000 2,083,333 76 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 77 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 27. SHARE OPTIONS CONTINUED Share options granted at 31 December 2021 were as follows: Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Option holders Date granted Expiry date unapproved French Share Option Scheme Exercise price – pence (cents) At 1 January 2022 Granted Exercised Forfeit/ cancelled At 31 December 2022 Lionel Chmilewsky June 2020 June 2030 5.3p (7c) 7,000,000 January 2021 January 2031 13.0p (18c) 500,000 unapproved Share Option Scheme Jens Montanana Richard Last Andrew Lloyd April 2017 May 2018 April 2027 8p (10c) 994,000 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 January 2021 January 2031 13.0p (18c) 350,000 April 2017 June 2017 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 Ashley Stephenson June 2020 June 2030 5.3p (7c) 7,919,000 January 2021 January 2031 13.0p (18c) 350,000 Andrew Miller June 2020 June 2030 5.3p (7c) 5,775,000 Peter George January 2019 January 2029 11.3p (15c) 750,000 Other holders September 2011 September 2021 37.5p (61c) 40,000 January 2021 January 2031 13.0p (18c) 350,000 March 2012 March 2022 54.5p (89c) 140,000 April 2013 May 2014 April 2023 25p (38c) 100,000 May 2024 25p (42c) 670,666 September 2016 September 2026 22.5p (33c) 5,000 October 2018 October 2028 11.0p (14c) 50,000 September 2019 September 2029 2.5p (3c) 3,531,667 April 2020 April 2020 June 2020 April 2030 4.2p (5c) 455,000 April 2030 4.2p (5c) 50,000 June 2030 5.3p (7c) 4,603,500 September 2020 September 2030 7.8p (10c) 300,000 January 2021 January 2031 13.0p (18c) 610,000 November 2021 November 2031 9.25p (12c) 25,000 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – January 2022 January 2032 13.0p(18c) September 2022 September 2032 10.8p (12c) – 4,260,000 – 910,000 – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – (40,000) (140,000) – – – – 7,000,000 500,000 994,000 425,000 400,000 350,000 450,000 180,000 200,000 350,000 580,001 200,000 7,919,000 350,000 5,775,000 750,000 350,000 – – 100,000 670,666 5,000 50,000 (3,193,334) (238,333) 100,000 – – – – – – – – (50,000) 405,000 – 50,000 (180,000) 4,423,500 (300,000) – (125,000) 485,000 – – – 25,000 4,260,000 910,000 The closing mid-market price for the Company’s shares at 31 December 2022 was 9.25p (11.2c) and the low and high for the year was 9.25p (11.2c) and 14.5p (19.0c). In the 12 months to 31 December 2022, 5,081,667 options were exercised (2021: nil) and 2,117,500 options were forfeited (2021: 1,805,833). 49,520,167 5,580,000 (5,081,667) (2,117,500) 47,901,000 Option holders Date granted Expiry date Enterprise Management Incentive Scheme Exercise price – pence (cents) At 1 January 2021 Granted Exercised Forfeit/ cancelled At 31 December 2021 Other Holders April 2019 April 2029 8.4p (11c) 10,000 September 2019 September 2029 2.5p (3c) 5,000 April 2020 June 2020 April 2030 4.2p (5c) 465,000 June 2030 5.3p (7c) 8,985,500 September 2020 September 2030 7.8p (10c) 10,000 October 2020 October 2030 9.0p (12c) 12,500 – – – – – – January 2021 January 2031 13.0p (18c) November 2021 November 2031 9.25p (12c) – – 685,000 27,500 Executive Enterprise Management Incentive Scheme Andrew Lloyd April 2017 April 2027 8p (10c) 2,083,333 unapproved French Share Option Scheme Lionel Chmilewsky June 2020 June 2030 5.3p (7c) 7,000,000 – – January 2021 January 2031 13.0p (18c) – 500,000 unapproved Share Option Scheme Jens Montanana April 2017 April 2027 8p (10c) 994,000 May 2018 May 2028 13.6p (18c) 425,000 October 2018 October 2028 11.0p (14c) 400,000 – – – Richard Last January 2021 January 2031 13.0p (18c) – 350,000 April 2017 June 2017 April 2027 8p (10c) 450,000 June 2027 13.6 (18c) 180,000 October 2018 October 2028 11.0p (14c) 200,000 – – – January 2021 January 2031 13.0p (18c) – 350,000 Andrew Lloyd April 2017 June 2017 April 2027 8p (10c) 580,001 June 2027 13.6 (18c) 200,000 Ashley Stephenson June 2020 June 2030 5.3p (7c) 7,919,000 – – – January 2021 January 2031 13.0p (18c) – 350,000 – – – – – – – – – – – – – – – – – – – – – – – 10,000 5,000 (107,500) 357,500 (10,000) 8,975,500 – – – – – – – – – – – – – – – – – 10,000 12,500 685,000 27,500 2,083,333 7,000,000 500,000 994,000 425,000 400,000 350,000 450,000 180,000 200,000 350,000 580,001 200,000 7,919,000 350,000 78 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 79 NOTeS TO THe FiNANCiAL STATeMeNTS CONTiNUeD 27. SHARE OPTIONS CONTINUED Option holders Date granted Expiry date unapproved Share Option Scheme continued Exercise price – pence (cents) At 1 January 2021 Granted Exercised Forfeit/ cancelled At 31 December 2021 Andrew Miller June 2020 June 2030 5.3p (7c) 5,775,000 Peter George January 2019 January 2029 11.3p (15c) 750,000 – – January 2021 January 2031 13.0p (18c) – 350,000 Other holders March 2011 March 2021 40p (65c) 290,000 September 2011 September 2021 37.5p (61c) 40,000 March 2012 March 2022 54.5p (89c) 140,000 April 2013 May 2014 April 2023 May 2024 25p (38c) 100,000 25p (42c) 670,666 September 2016 September 2026 22.5p (33c) October 2018 October 2028 11.0p (14c) 5,000 50,000 September 2019 September 2029 2.5p (3c) 4,430,000 April 2020 April 2020 June 2020 April 2030 April 2030 June 2030 4.2p (5c) 605,000 4.2p (5c) 50,000 5.3p (7c) 4,603,500 September 2020 September 2030 7.8p (10c) 300,000 – – – – – – – – – – – – January 2021 January 2031 13.0p (18c) November 2021 November 2031 9.25p (12c) – – 960,000 25,000 47,728,500 3,597,500 Total number of options granted to Directors 31 December 2022 Options granted 31 December 2021 Options granted Relevant Share Option scheme – – – – – – – – – – – – – – – – – – – 5,775,000 750,000 350,000 (290,000) – – – – – – – 40,000 140,000 100,000 670,666 5,000 50,000 (898,333) 3,531,667 (150,000) 455,000 – – – 50,000 4,603,500 300,000 (350,000) 610,000 – 25,000 (1,805,833) 49,520,167 Ashley Stephenson Andrew Miller 8,269,000 5,915,000 8,269,000 Unapproved Share Option Scheme 5,915,000 Executive Enterprise Management Scheme and Unapproved Share Option Scheme Jens Montanana 2,169,000 2,169,000 Unapproved Share Option Scheme Lionel Chmilewsky 7,500,000 7,500,000 Unapproved Share Option Scheme Peter George Richard Last 1,100,000 1,180,000 1,100,000 Unapproved Share Option Scheme 1,180,000 Unapproved Share Option Scheme 26,133,000 26,133,000 None of the Directors holding office at the balance sheet date exercised options during the year (2021: none). Andrew Miller has a contractual right (granted in March 2011) to purchase 140,000 ordinary shares in the Company from the Employee Share Ownership Trust at 40p per share pursuant to a grant made to him under the Deferred Payment Share Plan. Overview Strategic Report Governance FiNANCiAL STATeMeNTS Corporate Directory Share-based payments The Remuneration Committee (‘RC’) approves the grant of share options to employees of the Group under the Group’s share option schemes. Share options are granted with a fixed exercise price which is equal to the market price at the date of the grant or higher price determined by the RC. The share options granted are required to be exercised within 10 years from the date of grant. Share options are valued using the Black-Scholes option-pricing model. The weighted average fair value of the options granted in the year was 6.9p (7.82c). The value of share options granted during the year was calculated using the Black-Scholes option pricing model. The following variables and ranges were used: Share price at date of grants Exercise price Expected volatility Estimated years to exercise Risk free interest rate The table below provides information on all options outstanding at the end of the year: 2022 2021 10.8p–13.0p (12c–18c) 9.25p–13.0p (12c–18c) 10.8p–13.0p (12c–18c) 9.25p–13.0p (12c–18c) 54.7%–65.0% 70.6%–76.5% 4.0–4.8 1.0%–3.0% 4.1–4.9 0%–0.01% Weighted average remaining contractual life Average remaining contractual life Options exercisable Exercise price range Weighted average share price Weighted average exercise price Expected volatility Risk free rate – 5 year gilt rate Expected dividend yield 7.2 years 6.3 years 29,399,167 2.5p–55p (3c–73c) 7.1p (8.0c) 7.4p (8.3c) 0.2%–76.5% -0.08%–3.3% Nil Volatility is calculated as the standard deviation of the closing daily share price over a period of 24 months prior to the grant date. Operating expenses in the Group Income Statement included a charge of $386,000 (2021: $522,000) relating to employee share-based payments. 28. RELATED PARTIES AND TRANSACTIONS There have been no equity placings or offers in the year ended 31 December 2022 or 2021. The Directors consider the Group’s key management personnel to be the Board of Directors of the Company whose compensation is detailed in note 24. Company key management compensation was $nil (2021: $nil) as the key management are employed by subsidiaries. 80 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 81 GLOSSArY COrPOrATe DireCTOrY Overview Strategic Report Governance Financial Statements COrPOrATe DireCTOrY 5G AI AIM ARR CAGR CGu CNS CPu CSPs DDoS DDPaaS DPDK DPI EBITDA Eu FCA FRC FRS IAS IFRS IoT ISA MSSP NICs POPs PPPL RCF R&D ROI SOC SSP TCO TDC TDD TDS Fifth Generation Cellular Network Technology Artificial Intelligence Alternative Investment Market Annualised Recurring Revenues Compound Annual Growth Rate Cash-Generating Unit Corero Network Security Central Processing Unit Communication Service Providers Distributed Denial of Service DDoS Protection as-a-Service Data Plane Development Kit Deep Packet Inspection Earnings Before Interest, Tax, Depreciation, and Amortisation European Union Financial Conduct Authority Financial Reporting Council Financial Reporting Standard International Accounting Standards International Financial Reporting Standards Internet of Things International Standard on Auditing Managed Security Service Provider Network Interface Cards Points of Presence Paycheck Protection Program Loan Revolving Credit Facility Research and Development Return On Investment Security Operations Center Stand–alone Selling Prices Total Cost of Ownership SmartWall® Threat Defense Cloud SmartWall® Threat Defense Director SmartWall® Threat Defense System DIRECTORS Jens Montanana (Executive Chairman) Richard Last (Non-executive Director) Peter George (Non-executive Director) Andrew Miller (Interim Chief Operating Officer) Ashley Stephenson (Chief Technology Officer) SECRETARY AND REGISTERED OFFICE Duncan Swallow Salisbury House 29 Finsbury Circus London EC2M 5QQ NOMINATED ADVISER AND BROKER Canaccord Genuity Ltd 88 Wood Street London EC2V 7QR FINANCIAL PUBLIC RELATIONS Vigo Communications Sackville House 40 Piccadilly London W1J 0DR AUDITOR BDO LLP 55 Baker Street London W1U 7EU SOLICITORS Dorsey and Whitney LLP 199 Bishopsgate London EC2M 3UT BANKERS Santander 2 The Forbury Reading RG1 3EU Pacific Western Bank 406 Blackwell Street Suite 240 Durham North Carolina 27701 USA REGISTRARS Link Group 10th Floor Central Square 29 Wellington Street Leeds LS1 4DL WEBSITE ADDRESS www.corero.com Printed by a Carbon Neutral Operation (certified: CarbonQuota) under the PAS2060 standard. Printed on material from well-managed, FSC™ certified forests and other controlled sources. This publication was printed by an FSC™ certified printer that holds an ISO 14001 certification. 100% of the inks used are HP Indigo ElectroInk which complies with RoHS legislation and meets the chemical requirements of the Nordic Ecolabel (Nordic Swan) for printing companies, 95% of press chemicals are recycled for further use and, on average 99% of any waste associated with this production will be recycled and the remaining 1% used to generate energy. The paper is Carbon Balanced with World Land Trust, an international conservation charity, who offset carbon emissions through the purchase and preservation of high conservation value land. Through protecting standing forests, under threat of clearance, carbon is locked-in, that would otherwise be released. 82 Corero Network Security plc Annual Report and Accounts 2022 Corero Network Security plc Annual Report and Accounts 2022 83 83 CORERO NETWORK SECuRITY PLC Registered Office Salisbury House 29 Finsbury Circus London EC2M 5QQ UK
Continue reading text version or see original annual report in PDF format above