Gorman-Rupp Co.
Annual Report 2021

Plain-text annual report

Our Expertise, Your Peace of Mind G R C I n t e r n a t i o n a l G r o u p p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 1 We believe we are a global leader in integrated cyber and privacy solutions Annual Report and Accounts 2021 CONTENTS INTRODUC TION We believe we are the only global cyber security and privacy Group that provides a united and world-class one-stop shop which delivers off-the-shelf and tailored solutions for organisations looking to seamlessly manage the increasingly complex cyber and privacy challenges all organisations face today. Our in-depth and diverse range of products and services holistically addresses the IT governance, risk management and compliance requirements for organisations of every shape, size and geography. As a Group we have the most comprehensive and integrated global portfolio of cyber and privacy solutions. Our joint expertise means we are succeeding in our mission to be the business world’s go-to resource for robustly managing cyber threats alongside meeting global regulatory requirements. Strategic Report 1-27 Highlights At a Glance Chairman’s Statement Chief Executive Officer’s Review Market Overview Business Model Our Strategy Our Strategy in Action Financial Review Risk Management Key Performance Indicators Stakeholder Engagement Corporate Governance 28-43 Governance Report Application of the QCA Code Board of Directors Audit Committee Report Remuneration Committee Report Directors’ Report Statement of Directors’ Responsibilities Financial Statements 44-94 Independent Auditor’s Report Consolidated Income Statement Consolidated Statement of Comprehensive Income Consolidated Balance Sheet Consolidated Statement of Changes in Equity Consolidated Statement of Cash Flows Nature of Operations and General Information Notes to the Financial Statements Company Balance Sheet Company Statement of Changes in Equity Notes to the Company Financial Statements 1 2 4 6 9 10 12 14 18 22 24 26 28 30 34 36 40 42 43 44 50 50 51 52 53 54 65 84 85 86 Our Expertise, Your Peace of Mind HIGHLIGHTS We have focused on steadily navigating the effects of the pandemic by concentrating on securing recurring revenue and producing higher gross margins across all three of our divisions: e-Commerce, SaaS and Professional Services. This solid foundation and increasingly robust infrastructure has enabled us to move into an exciting new period of growth. We have continued investing in infrastructure and product development across all divisions and regions. Exciting new product launches have been driven both by market demand and how our experts see the future of cyber compliance developing, and these include: – Cyber Security as a Service, Privacy as a Service, Remote Working Security Assessment Service, EU-US Data Transfers Assessment and Action Plan, Certified ISO 27701 PIMS Lead Auditor Training Course, and improved penetration testing and vulnerability scanning for remote working – Our growth has been driven by the changing threat landscape caused by the emergence of hybrid working; and all of the Group’s services and products can now be deployed remotely to suit the evolving needs of organisations across the globe – We have seen significant organic growth across website traffic in our fledgling businesses IT Governance EU and USA, indicating that our tried and tested, established UK growth strategy is working effectively across new jurisdictions which puts us in a strong position for significant future growth – 2019’s data privacy acquisition, DQM GRC, has been firmly embedded within the Group and it is now effectively offering a wide range of our Group’s cyber security services to its own customers – We have unified the Group's marketing under one value proposition and developed our brand strategy to ensure companies work more seamlessly together to further increase up and cross selling within the Group – The Group has clearly demonstrated resilience and success through uncertain times which we now plan to build on as we look forward to developing further opportunities in the cyber and compliance markets FINANCIAL HIGHLIGHTS Revenue (£’000) £11,760 2020: £14,146 (17)%1 EBITDA2 (£’000) £(1,131) 2020: £(1,859) 52%1 Loss before tax (£’000) £(2,835) 2020: £(3,651) 22%1 Loss1 after tax (£’000) Earnings per share (undiluted) £(2,571) 2020: £(3,206) 20%1 (2.58)p 2020: (4.67)p 45%1 OPERATIONAL HIGHLIGHTS Total billings3 (£’000) Average FTE headcount Billings per month per FTE £12,252 2020: £14,027 (13)%1 149 2020: 187 (20)%1 £9,988 2020: £6,307 58%1 Website visits (‘000) Website revenue (£’000) Net customer additions 3,691 2020: 3,552 4%1 £4,002 2020: £2,293 74%1 3,477 2020: 3,864 (11)%1 1 Year-on-year: 2021 compared with 2020. 2 EBITDA (“Earnings Before Interest, Tax, Depreciation, Amortisation”) excludes share-based payment expenses (which are excluded as they are a non-cash expense). 3 The relationship between billings and revenue is explained on page 24. GRC International Group plc Annual Report and Accounts 2021 1 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT AT A GL ANCE A comprehensive suite of quality services and products We are a global cyber security and privacy business that uses our wide-ranging and in-depth expertise to build and package comprehensive solutions for our clients, regardless of the organisation’s size, maturity or business sector. The simplest and most effective solution for organisations worldwide is access to a supplier that can address all of their IT governance, compliance and risk management needs with an integrated and comprehensive product and service portfolio. We are that solution. We work with customers across the globe to address their unique cyber and compliance challenges. This includes: – Helping to ease the strain from the shortage of skilled cyber and privacy resources that are required to deliver and maintain quality improvements, modifications and general operations – Helping organisations successfully manage the increasing global compliance, regulatory and legislative burden – Firstly ensuring organisations get basic cyber hygiene right and then helping them to advance their strategies and practices in a world of ever-increasing cyber-criminal activities WE DO THIS THROUGH OUR SUITE OF LEADING SERVICES AND PRODUCTS Training We offer classroom and web-based training courses, both trainer-led and self-paced, which cover the A-Z of cyber security and data protection practices. Topics include the GDPR, Privacy by Design, risk management, business continuity, ISO 27001 certification and related topics. Publishing and Distribution We sell books, documentation templates and software via the Group’s websites, both those which we at GRC have written ourselves, and those supplied by expert third party authors who are authorities in their field. Consultancy On-site and remote support to help organisations design and implement data protection, privacy and cyber security policies and procedures. This includes penetration testing, Payment Card Industry Data Security Standard (‘PCI DSS‘) compliance and Cyber Essentials certification and consultancy. Software Our software solutions include a range of ‘software-as-a-service‘ products such as e-learning, risk assessment and data flow mapping tools, data monitoring and data watermarking solutions. We have also released two innovative and flagship products this year that help organisations manage and meet their cyber and privacy needs all in one simple, affordable solution: Cyber Security-as-a-Service, and Privacy-as-a-Service. A leading, global, ‘one-stop shop‘ supplier of cyber security and privacy solutions that deliver great value to clients. We provide a variety of services including consultancy and certification, technical security, software tools, books and toolkits and training and qualifications. Our areas of expertise include: – Cyber Security as a Service – Cyber resilience – Governance and risk management – Data protection compliance, GDPR – Privacy as a Service – EU/UK representative services – Cyber security and ISO 27001 – IT Governance and COBIT® – Service management – Risk management – PCI DSS – Cyber Incident Response – BCM and ISO 22301 – Penetration testing – Cyber Essentials – ISO 9001, ISO 14001, ISO 45001 – ITIL® and ISO 20000 – Cloud and PCI training – SOC2 Consultancy – Cloud Consultancy – Project management, PRINCE2® 2 GRC International Group plc Annual Report and Accounts 2021 OUR DIVISIONAL STRUCTURE Over the past three years we have evolved from a Governance, Risk and Compliance consultancy into a cyber security and privacy business that is split into three divisions: e-Commerce, SaaS and Professional Services. Across our three divisions, we work to improve our customers’ cyber resilience and compliance postures. We use our expertise to deliver comprehensive and robust solutions that are tailored to our customers’ risk appetites, budgets and business goals. This gives them peace of mind and allows them to focus on what their business does best. E-Commerce division Software-as-a-Service division Professional Services division – 8 B2B ecommerce websites – ‘Learn from Anywhere’ instructor led and self-paced courses leading to essential professional qualifications in: – Cyber security – Privacy/data protection – ISO/IEC 27001 – Wide range of toolkits, books, standards and software – Risk assessment – Data flow mapping – DPIAs – Data breach reporting – Data watermarking and monitoring – Vulnerability scanning – Staff awareness e-learning – GDPR as a Service – Documentation toolkits We help organisations meet their compliance and cyber risk management objectives with the appropriate cyber security, data protection, and privacy by design policies and procedures. Other consultancy services: – Penetration testing – PCI DSS compliance – Cyber Essentials certification – Legal, GDPR and DPO services Our customers include: BAE Systems, Barclays, BBC, BT, Carlsberg, Dominoes, Dun and Bradstreet, Freshfields Bruckhaus Deringer, Grant Thornton, Halfords, HSBC, John Lewis, Kubota, National Health Service, Next, Inmarsat, Royal Mail, Sipchem, Slaughter & May, Thames Water, The Bank of England, UK national and local government departments, Vodafone, Volkswagen, US Army, PwC. Where we are: We are a global group of companies that offers in-country delivery tailored to local needs and cultures. Physical offices: UK, Ireland and the United States. Website: 11 country websites, with interfaces to all 27 non-UK member states buying from one or another of those websites. 21% E-Commerce Division Training. Distribution. UK Digital Marketing. Cloud and PCI training. 1 2 19% SaaS Division Cyber Essentials. GRC e-Learning, (incl. Bespoke). GDPR.co.uk. Vigilant Software. EU/UK Rep and CSaaS. 60% 3 Professional Services Division GDPR and GRC Consultancy. Technical Services. GRCI Law. DQM GRC. Cloud Consultancy, SOC2 Consultancy, Cyber Incident Response. CROSS SALES / DIVISION 1 2 3 – Service Centre – Websites – CRM System(s) – ITGP Books & Toolkits – EU and USA – Channel Team GRC International Group plc Annual Report and Accounts 2021 3 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT CHAIRMAN’S S TATEMENT The Group operates in global markets that are set to grow significantly over the medium and long term, with increasingly important short-term demand as we move into a world where hybrid working becomes the norm and organisations become even more reliant on the adoption of technology Overview I am delighted to contribute to GRC International’s Annual Report for the year ended 31 March 2021, the Group’s fourth Annual Report since admission to the London Stock Exchange’s AIM market in March 2018. GRC International strives to provide a ‘one-stop shop‘ for cyber security and data compliance products and services delivered via a variety of channels. Whilst the Group is UK-headquartered, its clients are global, and its strategic ambition is to become an international ‘one-stop shop‘, expanding its geographic footprint with overseas revenues exceeding domestic sales. Developments over the last year have reinforced the Group’s belief that cyber security, business continuity and privacy compliance issues are critical for the sustainability of ongoing business operations. Your Board is confident that the Group is well positioned to deliver the products and services its clients will require to address these issues. Performance FY20 was a challenging year for the Group following the fall off of GDPR activity, and the implementation of the necessary reductions in staff. FY21 was of course even more challenging, given the global impact of COVID-19. Management reacted swiftly to the restrictions posed by COVID-19, and driven by the need to protect our employees, was able to establish a working-from-home model in short order. The Group put in place a pandemic response plan which embraced a significant drop in revenues and cash receipts, utilising government help and implementing exceptionally tight cost controls. As a result, revenues declined by 16% to £11.8 million, but the loss for the year was reduced from £3.2 million to £2.6 million due to the annualised effect of FY20 cost reductions and restructuring and due to management's close attention to cost control in FY21. Within these numbers, I am pleased to note that the H2 performance was excellent with positive EBITDA in Q4 following a small EBITDA loss in Q3. The improvement in results began in November 2020 and has continued to the end of Q1 and into Q2 FY22. ANDREW STEPHEN BRODE NON-EXECUTIVE CHAIRMAN The Group’s strategic ambition is to become an international ‘one-stop shop‘ under the umbrella of governance, regulation and compliance, expanding into other forms of compliance and new jurisdictions. 4 GRC International Group plc Annual Report and Accounts 2021 OUR S TORY SO FAR HISTORY Cyber security and privacy are two sides of the same coin – organisations must demonstrate appropriate security measures in order to demonstrate compliance. We are an established cyber security and privacy business, and we believe we are uniquely positioned to help our clients achieve cyber resilience and regulatory compliance through our range of innovative and integrated solutions. 1997 Alan Calder and Steve Watkins become the first people in the UK to successfully implement an Information Security Management System (‘ISMS‘) compliant with BS 7799 (the precursor to ISO 27001). 2006 IT Governance Ltd co-founds Vigilant Software Ltd and subscribes to 50% of the equity. Vigilant develops software programme to help organisations assess risks to information and select appropriate controls to reduce risks. 2009 The Group acquires control of 80% of Vigilant Software Ltd. 2019 Acquisition of DQM Group Holdings Ltd, a provider of data consulting and technology solutions. 2020 Pivot to online delivery and remote working. OUR MISSION We serve an international customer base and deliver a broad range of integrated, high-quality solutions that meet the real-world needs of today’s organisations, directors and practitioners. Our mission is to use our Group’s united expertise to deliver peace of mind to organisations across the globe, and to help them: Protect their business assets and intellectual capital Comply with the worldwide increase in regulation and legislation Thrive as they use improved cyber and privacy practices to achieve their business goals OUR VALUES GRC International Group is a dynamic and fast-paced business that is dedicated to: 1. Solving our clients’ real business problems. 2. Being open and transparent with our clients, partners and other stakeholders. 3. Being honest, responsible and accountable for the work we do. 4. Collaborating with our colleagues and stakeholders. 5. Showing leadership and initiative both within the business and externally. 6. Delivering results and exceeding our clients’ expectations. People In February 2021 Neil Acworth, the Group Chief Information Officer, left the Board. Since the year end, in May 2021 Steve Watkins, an Executive Director, also left the Board. Steve will continue thereafter as a special Board advisor providing ongoing insight into developments in international standards. The Board thanks Neil and Steve for all their hard work and considerable contributions over many years. Their responsibilities have been assumed by our experienced management team. The extraordinary impact of the pandemic on the global economy has placed significant pressures upon our staff, who have performed exceptionally well in largely unfamiliar circumstances. GRC is essentially a people business and depends upon the skills, passion and commitment of the entire workforce to provide the quality of service our clients demand. On behalf of the Board I would like to place on record our thanks to all of our employees for rising to the many challenges they encountered. Outlook Whilst the Group continues to be unable to provide financial guidance for FY22, the results for Q1 of FY22 are encouraging and in line with management’s expectations. We are managing our cash position within agreed parameters, and look forward to a post- pandemic business environment confident that our global markets will grow significantly over the medium to long term. Andrew Brode Chairman GRC International Group plc Annual Report and Accounts 2021 5 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT CHIEF E XECUTIVE OFFICER ’S RE VIE W Our performance in FY21 is testament to the Group’s inherent agility and foresight which has enabled us to swiftly develop new and innovative solutions, while also focusing on securing recurrent revenue and producing higher gross margins across all of our three divisions A year of two halves After the Coronavirus-induced economic uncertainty and commercial retraction that heavily impacted H1 FY21, the Group saw significant improvements in performance across all areas of its business in H2, culminating with strong Q4 revenue that generated positive EBITDA and positive cash flow for the quarter. The performance improvement started at the end of November 2020, continued through Q4 into the new financial year and is reflected in all our key performance indicators: H1 FY21 H2 FY21 Change ALAN PHILIP CALDER CHIEF EXECUTIVE OFFICER Our expertise, and how we deliver peace of mind to our customers, is made possible by our people and our commitment to retaining our experienced core staff throughout the pandemic. Total revenue Total billings* Total billings per FTE Cyber security billings Recurring and £5.4m £5.6m £6.4m £6.7m +18% +20% £39k £46k +18% £3.6m £4.5m +25% contracted billings Website billings Website visits £3.0m £1.5m 1.7m £3.6m £2.5m 1.9m +20% +67% +12% (The ’Cyber security’, ’Recuring and contracted’ and ’Website’ categories in the table above are non- exclusive. An invoice or web sale can feature in more than one category.) – The March 2021 total monthly billings figure was the strongest achieved by the Group in the two years since March 2019. – 45% of transactions in Q4 were from new customers, with the balance from returning existing customers. – 15 months after launching the first Group subscription service, there were a cumulative 3,600 subscribers to recurring revenue lines of business in Vigilant Software, GRC e-Learning, IASME Cyber Essentials, ITGP Toolkits, and GRCI Law, with a combined rolling annual churn rate of only 2.2%. * Billings equate to the total value (net of VAT) of invoices raised and cash sales through the Group's websites. This figure does not take account of accrued or deferred income adjustments that are required to comply with UK-adopted International Financial Reporting Standards ("IFRS") but is considered to provide useful information to the users of the Group's financial information. Billings is considered by the Board to be a key metric for managing the business due to its direct relationship with cashflow. Cash receipts are driven by billings achieved each month rather than by revenue recognised in accordance with IFRS. 6 GRC International Group plc Annual Report and Accounts 2021 OUR VALUE PROPOSITION Our Expertise, Your Peace of Mind. GRC International Group has the most comprehensive suite of cyber security and privacy products and services in the world. Our mission is to use our cohesive and in-depth expertise as a Group to give our customers complete peace of mind for every unique cyber and privacy challenge they face, with a holistic approach to cyber security and compliance. We have focused this year on developing and improving our products and services to meet the needs of organisations that are facing new challenges in uncertain territories around hybrid working, Brexit and the significant rise in cyber criminal activity. This includes the creation of our new COVID-secure training centre, our new suite of ransomware and Cyber Incident Response services, our EU and UK Representative Services, and our Cyber Security as a Service and Privacy as a Service solutions. Our Expertise Recognised We have won several awards recognising the Group’s expertise this year, including; • UK’s Top Cyber Security Solution Provider (Enterprise Security Magazine) • Best Privacy by Design Award (DMA Awards) • Best Privacy and Data Ethics Initiative Award (DataIQ Cost management across the year Although we pivoted, in March 2020, to delivering 98% of our services online, the COVID-19 recession meant that our billings and revenues dipped significantly in April 2020 before turning up again in May and June. Cost and cash management therefore remained key areas for the management team throughout the year, during which we reduced Group overheads by £2.3 million (21%) from £11.2 million in FY20 to £8.9 million in FY21 £1.4 million (61%) of this saving was in staff costs and, although we drew to a limited extent on the UK Government furlough scheme receiving a total of £0.1 million in payments (with a peak of less than 10% of our staff on furlough in May 2020), we finished the year with 148.5 FTEs (Full Time Equivalents), which is where we started FY20. Cash management was aided by the deferral of certain HMRC liabilities, as is fully explained in the Financial Review. Awards) GRC International Group TOP CYBER SECURITY 2020 SOLUTION PROVIDERS IN UK Our Expertise in the Media Our experts are thought-leaders who are constantly future- gazing and analysing the threat landscape. Our Group has some of the best minds in compliance and cyber security that are regularly asked for commentary within the media on key industry topics. CNBC, The Daily Telegraph, The Financial Times, MSN, Business Insider, TechRadar Pro, Computer Weekly, Compliance Week, SC Media. Our expertise, and how we deliver peace of mind to our customers, is made possible by our people. Two key factors that helped us handle the trading upturn in H2 were our commitment to retaining our experienced core staff throughout the pandemic, and investing in automation and customer-facing software solutions. Divisional overview The Group has three operating divisions: e-Commerce, Software as a Service (’SaaS’) and Professional Services. e-Commerce division (21% of Group billings – (35)% YoY change) The Group operates multiple business-to-business (’B2B’) e-commerce websites, which provide market- leading information across the broad range of cyber security and privacy issues that concern today’s organisations, and which also provide a route to market for the majority of products and services. The IT Governance-branded One-Stop Shop is, for a growing number of organisations, their single source for information, products and services that help them survive today’s cyber threats, comply with a growing range of privacy regulations and build thriving, successful businesses. The key products sold through our IT Governance e-commerce websites are: – Instructor-led professional training and qualifications (58% of Division billings) – Self-paced (distance) learning courses and qualifications (13% of Division billings) – e-books, audio books and international standards (29% of Division billings) GRC International Group plc Annual Report and Accounts 2021 7 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT CHIEF E XECUTIVE OFFICER ’S RE VIE W CONTINUED SaaS division (19% of Group billings – (12)% YoY change) The SaaS division contains our high-volume, high-margin software-enabled or software-as-a-service platforms. While the gross margin achieved on our IASME Cyber Essentials certification service is relatively low, the gross margin on the other lines of business is in excess of 90%. The SaaS division consists of: – Vigilant Software’s CyberComply Risk and Compliance management platform (14% of Division billings) – The IASME Cyber Essentials certification service (43% of Division billings) – The GRC e-Learning Staff Awareness platform (43% of Division billings Professional Services division (60% of Group billings – (1)% YoY change) Our Professional Services division delivers high-value consultancy services that help clients tackle their cyber security and privacy governance and compliance challenges. The Professional Services division consists of: • IT Governance consulting services (48% of Division billings) – ISO27001 and information security management systems – Cyber security consultancy – Penetration testing – PCI DSS consultancy • DQM GRC consulting services (33% of Division billings) – Privacy and GDPR – Data quality management – Data compliance and licence management • GRCI Law (13% of Division billings) – Privacy as a Service – Legal and contract services – EU and UK Rep services – Data breach response services Repeat and contracted billings, across the Group, totalled £6.6 million, or 54% of total billings; this is an increase of 4% on FY20 and reflects our ongoing investment in improving the visibility and resilience of our revenues. Our businesses in the EU and the USA both made steady progress through the year. Whilst both are still small businesses and do not yet offer the full range of products and services that are available through our UK websites, encouragingly they both won new clients, and became EBITDA positive in the year. Carbon footprint Our pivot, shifting the majority of our staff to permanent home-working contracts, and delivering the majority of our services online, has enabled us to complete the shift to a virtually paper-free operation, as well as almost eliminating the more substantial areas of our carbon footprint. Our offices, and travel for work, were both important carbon contributors and we have largely eliminated travel for work while also reducing our office space by approximately 40%. These three changes – paperless office, travel reduction and office space reduction, take us as an organisation to having a very low carbon footprint. Summary Our continued progress through FY21 is testament to GRC International’s inherent nimbleness in swiftly developing new products and solutions that can service all of our clients’ cyber security and data protection needs. One of our key competitive advantages is utilising the skill and deep industry knowledge of our management team to identify emerging trends in the market and consequent client needs. Furthermore, we continue to be the only organisation in the market that can deploy a full suite of services that can help clients respond to proliferating cyber security and privacy threats. Product and service development remains at the heart of what we do and is fundamental to our business model. The market we operate in changes very quickly and we are agile in launching new products and services on a regular basis. The cyber security market continues to be driven by a mounting pressure on companies to have in place data protection, privacy and cyber security systems and procedures. It is this fundamental trend – one that we see globally – that is driving the performance of our cyber security-related products and services across all three of our divisions. The trajectory of the recovery from the Coronavirus crisis remains unclear; we nevertheless believe we are well-placed to serve the growing, and global, cyber security market. In FY22, we intend to scale up our business to better service clients and enable us to grow margin-accretive, recurring revenues. The fundamentals of our strategy remain unchanged, with investment in our product and service offerings, across both new and existing jurisdictions, coupled with continued growth in cyber security demand, driving profitable growth for our shareholders. 8 GRC International Group plc Annual Report and Accounts 2021 Alan Calder Chief Executive Officer MARK E T OVERVIE W A global market driven by the growing volume and scale of cyber security threats The market for cyber security solutions and services is driven predominantly by the rising number of cyber-attacks globally, which are becoming increasingly sophisticated, coupled with increased regulatory pressure for privacy and data security and a growing demand for data processing transparency. In addition to laws and regulations, companies are increasingly required to provide assurance to their customers, regulators and stakeholders that their data protection and cyber security systems are adequate for the current risk environment. Although data protection complaints received by the Information Commissioner’s Office in the UK decreased marginally from 38,514 in 2019/20 to 36,607 in 2020/21,the FBI’s IC3 2020 Internet Crime Report shows 791,790 suspected internet crime reports (an increase os 300,000 on the prior year) costing, globally, more than $4.2 billion. Businesses, therefore, require evidence of adequate security from all the entities in their supply chains. For example, the payment card brands, through their acquiring banks, require businesses (and their suppliers) that process payment cards to meet the Payment Card Industry Data Security Standard (’PCI DSS’) and the UK Government already requires that organisations supplying it directly or indirectly should comply with Cyber Essentials (its own standard). We operate in a growing and global market Due to the ’one-stop shop’ nature of GRC International’s business, it is difficult to confirm the exact size of the global market for the Group’s products and services. However, there are a number of research reports that indicate the size and growth rate of this market: – The global cyber security market is predicted to be worth US $243.6 billion by 2025, equating to a CAGR of 11.7% between 2020 and 2025 (according to VynZ Research). – Cybersecurity Ventures predicted cybercrime will continue rising and would cost businesses globally more than US $5.2 trillion over the next five years. – Average total to identify and contain a breach in 2019: 280 days (Accenture-Ponemon Institute Cost of Cybercrime Study 2020). – Average total cost of a cyber breach in 2019: US $3.86 million (Accenture-Ponemon Institute Cost of Cybercrime Study 2020). – Where cyber security skills were concerned, 82% of employers report a shortage of cyber security skills and 61% of companies thought their cyber security applicants weren’t adequately qualified. GRC International offers a unique proposition to the market In response to market trends in cyber security, there is a rising number of consultancies, including the six major accountancy firms, who now offer cyber security services. However, the Board maintains that there are no other companies offering the wide range of products and services that GRC International provides, either in the UK or elsewhere. Furthermore, the Board believes that no other company is able to offer a bespoke solution for clients seeking to address their IT governance, risk management and compliance requirements. The COVID-19 pandemic accelerated corporate technology- enablement and digitalisation as organisations were forced to rely heavily on digitally-stored information, shared in vast quantities both internally and externally. This increases the opportunity for data to fall victim to a cyber-attack, resulting in potentially devastating impacts to an organisation’s bottom line and reputation. Although businesses around the world are recognising the criticality of taking action, the pandemic created conflicting priorities in which cyber security activity sometimes took a back seat. 81% of executives said that the pandemic forced them to bypass cyber security processes (Ernst & Young 2018-19 Global Information Security Survey (’GISS’)). Cyber security, nevertheless, is still a ”high priority” for 77% of company senior managements (UK Government Cyber Security Breaches Survey 2021). Many organisations are currently outsourcing cyber security functions, including functions of their security operations centres. Ernst & Young also reported that 77% of organisations had seen a clear increase in cyber attacks in comparison with the previous year, while threat actors have hit a new level of maturity and went on to say: “Attackers are targeting a growing surface area and their tactics are increasingly unpredictable. Just one in three respondents is confident in their ability to make the supply chain suitably robust or water-tight”. The need for end-to-end compliance across the supply chain with legal and regulatory obligations is further increasing demand for our products and services All organisations have a legal and regulatory obligations to have in place data protection and cyber security systems and procedures in place. These laws and regulations (for example, EU GDPR and, since Brexit, UK GDPR as well as a patchwork of state-level laws in the USA) often have international reach outside of the countries in which they are enacted. The Board continues to believe that the most prominent legal, regulatory and commercial standards relating to these areas will continue to be adopted more widely across the globe. Organisations will need to implement procedures and practices that will enable them to demonstrate their compliance with the standards. GRC International Group plc Annual Report and Accounts 2021 9 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT BUSINESS MODEL Our core proposition is built around our ability to provide a full range of integrated services to clients WHAT WE DELIVER HOW WE DELIVER PROFESSIONAL SERVICES Consultancy Our comprehensive and diverse range of consultancy services and products has grown over the years to meet the increase in customer demand. Our two service offerings are: We provide on-site and remote support, helping organisations to design and implement data protection and cyber security policies and procedures. Through GRCI Law, we also provide specialist legal privacy advice, and annual support packages like Privacy as a Service and DPO as a Service. – Consultancy – Technical services “Great product, always gives out clear results.” Vulnerability Scanning Service SOFTWARE-AS-A-SERVICE We create and sell software solutions, including a range of ’software-as-a-service’ products such as e-learning, risk assessment and data flow mapping tools, data seeding and watermarking solutions, all on an annual subscription basis. Our in-house development team is able to deliver continual improvements on the basis of customer feedback and our own subject matter expertise. E-COMMERCE Our e-Commerce division is made up of the Group’s training, publishing and distribution services “Fantastic must-have product for anyone looking to introduce or maintain an IT Governance environment within an organisation.” Our newest acquisition, DQM GRC, is the leading data protection and Privacy by Design consultancy. The Group attracts most of its consultancy customers via online searches carried out by the customer, through attendance on training courses, recommendation or as a result of relationships that have developed over time. We are successfully delivering 98% of our cyber security, privacy and continuity services remotely to customers across the world. We create and sell software solutions through our subsidiary, Vigilant Software Ltd, including: – vsRisk: Provides a programme for identifying and recording management decisions relating to information security risk levels within an organisation. – Compliance Manager: Assists with identifying the legal, contractual and regulatory obligations to meet the Interested Parties clause 4.2 of ISO 27001. – The Data Flow Mapping Tool: The quick, easy and affordable way for organisations to map personal data. Training Instructor-led courses range from one to five days with typically 8-20 delegates: – Our classroom training business is now completely online, with a bio secure training centre that has opened in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel delivery model. We also hold courses at: – Hired premises. – Customers’ premises (for organisations that require training for a large number of their employees). – Via live webinars to domestic and international audiences. – Self-paced courses enable learners to acquire new skills at their own pace ISO 27001 Toolkit and in their own time. 10 GRC International Group plc Annual Report and Accounts 2021 Technical Services Through this line we provide: – Penetration testing: we carry out an authorised simulated attack on a customer’s IT systems to test the effectiveness of the systems and procedures and to identify any weaknesses. We also offer simulated phishing attacks and a broad range of security testing services. – PCI DSS assessments: in line with contractual payment card industry requirements, we regularly test organisations’ data protection and cyber security systems. – Cyber Essentials certification and consultancy: we provide an accredited certification service that helps organisations of all sizes become certified to the UK Government’s Cyber Essentials scheme. – GCRI Law is growing rapidly – revenues went up 99% from FY 2019/2020 £461,000 to FY2020/2021 £916,000. We have focused on recurrent revenue and now have a growing list of clients buying our DPOaaS and Privacy as a Service offerings on annual contracts, which brings in 79% of our revenue. – Our newest acquisition, DQM GRC, has been firmly embedded into our Group, and is now selling a variety of the Group’s original cyber security products to their client base, such as the Group’s Cyber Health Check, whilst continuing to retain key clients such as Royal Mail with their data governance programme – which is now in its 15th year. – We’ve been a leading Cyber Essentials certification body for more than five years and have issued more than 5,500 certificates with our one-to-one consultancy support and certification guarantee service. – Clients now signing multi-year contracts, with a view to secure £600,000 in revenue within the next 12 months. – Custom views and reporting now available in new formats. – Better integration with our other product lines (document – Live chat now embedded within the tools to offer immediate toolkits). – All new design to Getting Started Welcome page. This will help the users get to grips with all CyberComply has to offer in a progression-based scoring system. assistance to users. – New help section baked into the tool – it is no longer necessary for users to physically download manuals. – Implemented additional control frameworks and regulations – ISO 27701, NIST SP 800-171, ISO 27017 & 27018, UK-GDPR. – Risk libraries baked into vsRisk, allowing a user to select from a pre-defined library of risks to speed up the risk assessment process. Publishing and Distribution Books We commission authors to write books on the basis of feedback from clients or knowledge of the markets in which the Group operates. Most of the books we sell relate to how organisations should manage their IT risk exposures or standards published by various bodies. Documentation templates We create and sell 37 sets of documentation templates, the most important of which are now sold through a cloud-based subscription service. – Number of IT Governance Publishing subscriptions grew by 343.75% YoY in Q4, with over 1,100 new users and an average churn rate of just 0.99% throughout the year. – IT Governance Publishing has sold more than 130,000 books and pocket guides, 12,000 toolkits and templates, 9,500 audiobooks, and the company now has over 250 titles in our portfolio. – IT Governance Publishing published over 200 content updates within the DocumentKits platform. – GRC eLearning hit an exciting new milestone of hosting over 100,000 users on its corporate Learning Management System (’LMS’) between 1,036 companies. – Opened a new bio secure training centre in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel – We ran 243 courses this year and secured £1.8million in delivery model. training revenue. PROFESSIONAL SERVICES Consultancy Our comprehensive and diverse range of We provide on-site and remote support, helping organisations to design and consultancy services and products has grown over implement data protection and cyber security policies and procedures. HOW WE DELIVER the years to meet the increase in customer demand. Our two service offerings are: – Consultancy – Technical services Through GRCI Law, we also provide specialist legal privacy advice, and annual support packages like Privacy as a Service and DPO as a Service. Our newest acquisition, DQM GRC, is the leading data protection and Privacy by Design consultancy. The Group attracts most of its consultancy customers via online searches carried out by the customer, through attendance on training courses, recommendation or as a result of relationships that have developed over time. We are successfully delivering 98% of our cyber security, privacy and continuity services remotely to customers across the world. We create and sell software solutions through our subsidiary, Vigilant Software Ltd, including: – vsRisk: Provides a programme for identifying and recording management decisions relating to information security risk levels within an organisation. – Compliance Manager: Assists with identifying the legal, contractual and regulatory obligations to meet the Interested Parties clause 4.2 of ISO 27001. – The Data Flow Mapping Tool: The quick, easy and affordable way for organisations to map personal data. SOFTWARE-AS-A-SERVICE We create and sell software solutions, including a range of ’software-as-a-service’ products such as e-learning, risk assessment and data flow mapping tools, data seeding and watermarking solutions, all on an annual subscription basis. Our in-house development team is able to deliver continual improvements on the basis of customer feedback and our own subject matter expertise. E-COMMERCE Our e-Commerce division is made up of the Group’s training, publishing and distribution services Training delegates: Instructor-led courses range from one to five days with typically 8-20 – Our classroom training business is now completely online, with a bio secure training centre that has opened in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel delivery model. We also hold courses at: – Hired premises. – Customers’ premises (for organisations that require training for a large number of their employees). – Via live webinars to domestic and international audiences. – Self-paced courses enable learners to acquire new skills at their own pace and in their own time. STRATEGIC REPORT “I cannot think of a better way to start understanding ISO 27001 and information security management systems.” Certified ISO 27001 ISMS Lead Implementer Training Course Technical Services Through this line we provide: – Penetration testing: we carry out an authorised simulated attack on a customer’s IT systems to test the effectiveness of the systems and procedures and to identify any weaknesses. We also offer simulated phishing attacks and a broad range of security testing services. – PCI DSS assessments: in line with contractual payment card industry requirements, we regularly test organisations’ data protection and cyber security systems. – Cyber Essentials certification and consultancy: we provide an accredited certification service that helps organisations of all sizes become certified to the UK Government’s Cyber Essentials scheme. – GCRI Law is growing rapidly – revenues went up 99% from FY 2019/2020 £461,000 to FY2020/2021 £916,000. We have focused on recurrent revenue and now have a growing list of clients buying our DPOaaS and Privacy as a Service offerings on annual contracts, which brings in 79% of our revenue. – Our newest acquisition, DQM GRC, has been firmly embedded into our Group, and is now selling a variety of the Group’s original cyber security products to their client base, such as the Group’s Cyber Health Check, whilst continuing to retain key clients such as Royal Mail with their data governance programme – which is now in its 15th year. – We’ve been a leading Cyber Essentials certification body for more than five years and have issued more than 5,500 certificates with our one-to-one consultancy support and certification guarantee service. – Clients now signing multi-year contracts, with a view to secure £600,000 in revenue within the next 12 months. – Custom views and reporting now available in new formats. – Better integration with our other product lines (document – Live chat now embedded within the tools to offer immediate toolkits). assistance to users. – New help section baked into the tool – it is no longer necessary for users to physically download manuals. – Implemented additional control frameworks and regulations – ISO 27701, NIST SP 800-171, ISO 27017 & 27018, UK-GDPR. – Risk libraries baked into vsRisk, allowing a user to select from a pre-defined library of risks to speed up the risk assessment process. Publishing and Distribution Books We commission authors to write books on the basis of feedback from clients or knowledge of the markets in which the Group operates. Most of the books we sell relate to how organisations should manage their IT risk exposures or standards published by various bodies. Documentation templates We create and sell 37 sets of documentation templates, the most important of which are now sold through a cloud-based subscription service. – All new design to Getting Started Welcome page. This will help the users get to grips with all CyberComply has to offer in a progression-based scoring system. “vsRisk is an excellent product.” vRisk – Number of IT Governance Publishing subscriptions grew by 343.75% YoY in Q4, with over 1,100 new users and an average churn rate of just 0.99% throughout the year. – IT Governance Publishing has sold more than 130,000 books and pocket guides, 12,000 toolkits and templates, 9,500 audiobooks, and the company now has over 250 titles in our portfolio. – IT Governance Publishing published over 200 content updates within the DocumentKits platform. – GRC eLearning hit an exciting new milestone of hosting over 100,000 users on its corporate Learning Management System (’LMS’) between 1,036 companies. – Opened a new bio secure training centre in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel delivery model. – We ran 243 courses this year and secured £1.8million in training revenue. GRC International Group plc Annual Report and Accounts 2021 11 FINANCIAL STATEMENTSGOVERNANCE OUR S TR ATEGY We have four strategic priorities that enable us to grow our ’one-stop shop’ EXPAND EXISTING SERVICES IN EXISTING MARKETS We aim to deliver consistently high-quality, integrated solutions that give our customers privacy and cyber peace of mind, fully utilising our global capability and the world-class expertise of our employees and consultants. DELIVERING AGAINST OUR STRATEGY – GRC e-Learning hit an exciting milestone of hosting over 100,000 users on its corporate Learning Management System (’LMS’) between 1,036 companies. – IT Governance Publishing has sold more than 130,000 books and pocket guides, 12,000 toolkits and templates, 9,500 audiobooks, and the company now has over 250 titles in our portfolio. – GCRI Law had a rapid period of growth – revenues went up 99% from FY2019/2020 £461,000 to FY2020/2021 £916,000. We have focused on recurrent revenue and now have a growing list of clients buying our DPOaaS and Privacy as a Service offerings on annual contracts, which brings in 78% of our revenue. – Our team issued 1,144 Cyber Essentials certificates this year. With just over 30,000 Cyber Essentials certificates being issued since its release in 2014, and with cyber crime continuing to rise and the threat landscape changing to accommodate hybrid working, we see this as a significant growth market and an exciting opportunity for the Group to strongly position itself as the go-to Cyber Essentials consultancy and certification body. – The Group ran 243 cyber security and privacy training courses this year. This is another avenue where we see customer demand increasing over the next few years, as there currently aren’t enough cyber security workers out there to meet the growing demand, and things are getting worse. It is estimated that 3.5 million cyber security jobs are unfilled, and of the candidates who apply, fewer than one in four are even appropriately qualified. – We have focused significantly on pushing organic growth through our websites; and our established UK business model has proven this growth converts into web sales and long-term relationships with clients. In Q1 2021 we had over 1 million visits to our IT Governance UK website (1,034,610) – an 18% increase YoY. This resulted in web revenue increasing by a significant 140% to almost £1.3 million. Our conversion rate has also increased to 0.25% – a 25.06% increase on Q1 2020. There is a global demand for cyber resilience and regulatory compliance – COVID-19 has only intensified the cyber threat landscape. As we move into a world where hybrid working becomes the norm, we will become even more reliant on our connected devices and the adoption of technology – which creates an even bigger playing field for cyber threat actors, and speeds up the increase in regulatory requirements, with the cost of compliance failure mounting even higher. OUR MISSION We exist to give cyber and privacy peace of mind to all organisations through our Group’s united expertise and comprehensive range of integrated, world-class solutions. OUR VISION To be the business world’s go-to resource for managing and mitigating both cyber and privacy risk with integrated solutions – all deployed from one place and one organisation. DELIVERING OUR VISION THROUGH FOUR STRATEGIC PILLARS “The integrated governance service DQM GRC provide to us is invaluable in the fight against data misuse and protection of our valuable data assets. The DQM team always go the extra mile required to exceed our expectations. We consider them a valuable extension to our knowledgeable team and a trusted partner.” Royal Mail 12 GRC International Group plc Annual Report and Accounts 2021 EXPAND EXISTING SERVICES INTO NEW JURISDICTIONS ADDING NEW SERVICES FOR EXISTING AND NEW CLIENTS MAKE SELECTIVE ACQUISITIONS The Group is rolling out its established and successful business model and infrastructure to the EU and USA, but with appropriate adjustments to reflect local cultures and market dynamics. We have identified these areas as clear growth markets for cyber compliance activities. DELIVERING AGAINST OUR STRATEGY – Web traffic for IT Governance EU increased by 23% YoY in Q1 2021. This converted into a 23% increase in web transactions and a significant 103% increase from web revenue. – Web traffic for IT Governance USA increased by 21% YoY in Q1 2021. This converted into a 21% increase in web transactions and a 21% increase from web revenue. – Key client wins for IT Governance EU include Equinor and Swift Soft Computers. – Key client wins for IT Governance USA include Vanran Communications Inc and LDAR Tools. The global cyber and privacy markets have continued to evolve rapidly throughout the pandemic. This year we have focused on securing recurring revenue, increasing our gross margins and growing our current capabilities – with a specific focus on ensuring our newest acquisition, DQM GRC, has been successfully and fully embedded within the Group. This has put us in a strong position to make selective and strategic acquisitions after the uncertainty surrounding the pandemic has lifted, where we will continue to invest to enhance our proposition and create growth opportunities from changing market dynamics. DELIVERING AGAINST OUR STRATEGY – DQM GRC has been firmly embedded into our Group, and is now selling a variety of the Group’s original cyber security products to their client base, such as the Group’s Cyber Health Check, whilst continuing to retain key clients such as Royal Mail with their data governance programme – which is now in its 15th year. We continue to evaluate market demand for new services, products and propositions to deliver to both existing and new customers in both existing and new jurisdictions. Agile and innovative, this year, we launched 45 new products and services specifically focused on serving the cyber security and training needs of organisations rapidly shifting to a remote working model, along with a specific suite of services designed to help organisations manage and navigate the compliance challenges resulting from Brexit. We have proactively planned our future business around COVID-19 restrictions – all of our products and services can be deployed remotely to suit our clients and the changing business landscape. DELIVERING AGAINST OUR STRATEGY Product development is fundamental to what we do. We are agile in launching new products and services to match customer demands and swift market changes. We have successfully launched a diverse variety of new cyber security and compliance products and services in all regions and divisions, including: – Cyber Security as a Service – Privacy as a Service – UK GDPR and DPA 2018 Data Protection Assessment Service – Remote Working Security Assessment Service – Cyber Security for Remote Workers Staff Awareness e-Learning Course – Privacy by Design Foundation Instructor-led Training Course – GDPR RADAR Tool (GDPR Compliance Tool) – GDPR EU Representative, UK Representative & Combined Service – California Consumer Privacy Act – Compliance Gap Assessment Tool (ITG USA) – EU-US Data Transfers Assessment and Action Plan – Privacy Essentials for Marketers Training Course – CCPA Gap Compliance Assessment Tool GRC International Group plc Annual Report and Accounts 2021 13 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT OUR S TR ATEGY IN AC TION 1 Expand existing services in existing markets Expanding our comprehensive training portfolio to help ease the strain from the global shortage of skilled cyber and privacy resource. THE TREND OUR SOLUTION Cyber security expertise and services have never been needed more, as workforces remain remote through the rest of the year, and cyber threats continue to rise and grow more powerful. But while cybercrime grows exponentially, businesses are facing a severe cyber security talent drought. The supply of available, qualified security professionals is insufficient and the competition for services has dramatically increased – there are an estimated 3.5 million cyber security jobs that are currently unfilled in 2021. Expanding and Delivering Our Comprehensive Training Portfolio We have a vast portfolio of 48 cyber security and privacy training courses that can be deployed in classroom environments and remotely, with a live tutor or self-paced. We regularly refresh and update our diverse range of courses in line with customer demand and the market landscape. We added eight new courses to our training portfolio this year – including a Cyber security for Remote Workers Staff Awareness e-Learning Course and a Cyber Security Practitioner Instructor-led Course. – We ran 243 courses this year and secured £1.8 million in training revenue. – GRC e-Learning hit an exciting new milestone of hosting over 100,000 users on its corporate Learning Management System (’LMS’) between 1,036 companies. – Planning ahead for the aftermath of the pandemic, we constructed a new bio secure training centre in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel delivery model. “The Instructor clearly had an extensive wealth of knowledge and experience within this field, and the training venue used was excellent, so I can very easily recommend this course to anyone needing a starting point into a Cyber Security career.” \ Certified Ethical Hacker (’CEH’) Training Course and CEH Practical Exam “Thoroughly enjoyable course – brilliant trainer – insightful, useful and informative – thoroughly recommended – 5 stars!” Certified Data Protection Officer (’C-DPO’) Training Course 14 GRC International Group plc Annual Report and Accounts 2021 Helping organisations get the basics of cyber hygiene right in a world of increasing cyber-criminal activity. THE TREND OUR SOLUTION One of the Largest Cyber Essentials Certification Bodies in the UK – Our Group issued 1,144 Cyber Essentials certificates this year. – We’re one of the founding Cyber Essentials certification bodies and remain one of the largest in the UK. – We’ve issued more than 5,500 certificates to date and have helped thousands more become cyber secure. – Our Cyber Essentials services have received an excellent NPS (Net Promoter Score) of +68. – Our Cyber Essentials packages include cyber insurance, one-to-one consultancy support and a certification guarantee to bolster an organisation’s commitment to baseline cyber security. Cyber criminals have taken advantage of a fractured workforce landscape, launching phishing campaigns that have exploited the fear and uncertainty about the pandemic, and targeting vulnerabilities in popular software. Perhaps most disruptively of all, there was a huge increase in ransomware attacks with a 65% year-on-year increase globally. The need to defend critical infrastructure from Advanced Persistent Threats (’APTs’) has encouraged governments across the globe to reform their cyber security strategies, creating a pool of opportunities for industry participants. Cyber Essentials is one of the most cost-effective ways of bolstering an organisation’s information security. The UK government-backed scheme is designed to help organisations address common weaknesses without having to spend a fortune overhauling their cyber security practices. With just over 30,000 certificates being issued since its release in 2014, we see this as a significant growth market as organisations look to improve security practices following the aftermath of the pandemic and the shift to hybrid working. “From ease of ordering the audit to continual communication throughout the process. What can be a challenging audit was made to run smoothly throughout. All was managed remotely including Audit and testing.” Cyber Essentials and Cyber Essentials Plus Certification “Amazing service, very friendly throughout and willing to help you at every step throughout the process.” Cyber Essentials Certification and Precheck GRC International Group plc Annual Report and Accounts 2021 15 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT OUR S TR ATEGY IN AC TION 2 Expand existing services into new jurisdictions Helping organisations across the globe successfully manage their increasing security and legislative burdens with the Group’s proven ’tried and tested’ growth strategy. THE TREND OUR SOLUTION ENISA has listed malware as the top cyber threat in the EU this year, with significant increases in phishing, identity theft, and ransomware attacks. An ETL report warns that there is a long road ahead in order to reach a more secure digital environment globally – which is largely due to the weakening of existing cyber security measures through changes organisations have had to make regarding both working and infrastructure patterns that have arisen due to the COVID-19 pandemic. This global phenomenon has led to a surge in cyber criminals’ personalised cyber attacks, where they continue to use more advanced methods and techniques. The Group has rolled out its ‘tried and tested’ successful business model and infrastructure to the EU and USA, but with appropriate adjustments to reflect local cultures and market dynamics. We are now starting to see significant growth in our EU region and the grassroots are beginning to emerge in the US – these are both identified as clear growth markets for cyber compliance activities. – Web traffic for IT Governance EU increased by 23% YoY in Q1 2021. This converted into a 23% increase in web transactions and a significant 103% increase from web revenue. – Web traffic for IT Governance USA increased by 21% YoY in Q1 2021. This converted into a 21% increase in web transactions and a 21% increase from web revenue. 16 GRC International Group plc Annual Report and Accounts 2021 STRATEGIC REPORT 3 Adding new services for existing and new clients Making cyber security and regulatory compliance easy and affordable for organisations of every shape and size. THE TREND OUR NEW, INNOVATIVE SOLUTIONS 90% of organisations intend to shift to a hybrid working model where possible after the pandemic. However, more than a third of employees have picked up bad security habits while working from home during the pandemic, and cyber crime levels continue to rise – with ransomware attacks alone increasing by 65% year-on-year globally. Implementing suitable technical and organisational security measures is especially important when it comes to compliance with data protection law. UK regulators such as the Information Commissioner’s Office have made allowances for the pressure the pandemic put organisations under. Now that restrictions are being lifted, however, they will be less lenient, so it is essential to act without delay if organisations are making hybrid working permanent. The industry is also facing a huge talent drought. According to Cybersecurity Ventures, there are currently 3.5 million unfilled cyber security jobs globally. However, businesses must still defend against threats in real-time, and the need to recruit for a 24x7x365 cyber security team is growing. Cyber criminals do not take breaks, nights off or even holidays, and filling positions with a work schedule across all hours of the day, weekends and holidays is incredibly challenging. Our newest services have been designed to address the fractured workforce along with the rise in cyber crime and tougher global regulatory action. They make cyber compliance easy and affordable for organisations of all sizes in two simple packages and affordable subscription services. Cyber Security as a Service: Delivered through IT Governance, this is a cost- effective solution that offers organisations an outsourced, pre- packaged and comprehensive cyber security department that works 24x7x365 to ensure they are, and continue to remain, cyber secure – both at home and in the office. It includes everything an organisation needs to cover staff, processes and infrastructure in one simple package – and comes with a cyber insurance package of up to £500,000 to cover any worst-case scenarios. Privacy as a Service: Delivered through GRCI Law, this solution is the simplest, fastest and most affordable way to comply with the GDPR. It reduces an organisation’s privacy risks with one simple and affordable subscription service – enabling organisations to enjoy peace of mind with their own dedicated, outsourced DPO or data privacy manager for guidance, training and support. Our product deployment is now 100% remote in order to suit the needs of our clients and the future working landscape. GRC International Group plc Annual Report and Accounts 2021 17 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT FINANCIAL RE VIE W Strong momentum throughout the year has led to a leaner and fitter business that has returned to an EBITDA positive performance in Q4 and built a solid foundation for future growth The Group’s H1 performance very much followed the mood of the nation. The national lockdown imposed at the end of March 2020 closed significant parts of the economy, and those businesses that were operational focused on short-term survival. This led to an immediate reduction in monthly billings as customers delayed projects and cut back on spend not deemed to be immediately business critical. The Group initially saw a strong V-shaped recovery followed by a summer of mixed results as the economy struggled to keep up with regularly changing restrictions and government guidance, along with the realisation that the pandemic was set to last longer than most had initially expected. However, from the end of November the Group evidenced that customers had begun to have confidence in the roadmap back to economic recovery and/or had simply accepted that they had to get on with doing business in an uncertain environment, recognising that dealing with their cyber risks was a key part of that. The Group built strong positive momentum through the remainder of the year, delivering consistently EBITDA positive results through the tail end of FY21 and continuing into FY22. Revenue Overall revenue in FY21 was down 16% to £11.8 million (FY20: £14.1 million). Revenue was significantly impacted by the pandemic in H1, with revenue down 24% vs H1 FY20 at £5.4 million (H1 FY19: £7.1 million). H2 revenue of £6.4 million showed somewhat of a return towards normalised trading. Significantly, revenue of £3.5 million in Q4 (up 21%) compared to £2.9 million in Q3 demonstrates the momentum as the year ended. Additionally, February and March 2021 saw a significantly higher value of invoices raised for future delivered work than had typically been seen in the year. Although these invoices do not aid the FY21 revenue result they will be released as revenue in H1 FY22, a further sign of business and economic recovery. The Group has four key revenue streams: – Consultancy – Publishing and Distribution – Software – Training CHRIS HARTSHORNE, FCCA FINANCE DIRECTOR Following a year of restructuring and rebuilding in FY20 the Board were looking forward to a year of profitable growth in FY21 and were encouraged by the EBITDA positive Group performance in Q4 of FY20. Unfortunately, the onset of the global COVID-19 pandemic in the first quarter of calender year 2020 and its unprecedented impact on daily life and the economy meant that plans and expectations needed to be substantially revised. Nevertheless, I’m delighted to report that the Group has not only navigated the pandemic but has built strong momentum in FY21 H2, returning to EBITDA positive performance in Q4. 18 GRC International Group plc Annual Report and Accounts 2021 As shown in the tables below, whilst all revenue streams were impacted by the pandemic it was the training revenue that declined most significantly, being the typical type on non-contracted, short-term 'discretional' spend that customers delayed. The continually improving levels of recurring revenue and longer-term contract revenue in other revenue streams ensured that the overall decline was not as severe as it otherwise could have been. The training business has seen solid improvement through H2 and into FY22. £’000 FY17 FY18 FY19 FY20 FY21 Consultancy Publishing and Distribution Software Training 2,898 5,274 7,228 8,635 8,106 1,042 1,649 1,337 977 750 410 399 1,513 1,356 1,147 2,483 8,366 5,771 3,178 1,757 Period-on-period % Consultancy Publishing and Distribution Software Training FY18 FY19 FY20 FY21 £’000 FY17 FY18 FY19 FY20 FY21 82% 37% 19% (6)% 58% (19)% (27)% (23)% (3)% 279% (10)% (15)% 237% (31)% (45)% (45)% UK Non-UK 5,525 12,666 12,886 11,680 9,667 1,308 3,022 2,962 2,466 2,093 Total 6,833 15,688 15,849 14,146 11,760 Total 130% 1% (11)% (16)% Non-UK % 19% 19% 19% 17% 18% Gross profit Gross profit was down 25% to £6.1 million (FY20: £8.1 million) compared with the prior year. Gross profit as a percentage of sales is down 500 basis points on the prior year at 52% (FY20: 57%). The majority of the Group's direct cost base relates to headcount costs for consultants and client delivery staff. The sudden and dramatic revenue drop in the early part of the year meant that sales revenue was temporarily out of alignment with the Group's costs. Where possible, the Group took advantage of government furlough schemes to reduce the impact of staff underutilisation to a manageable level, whilst also retaining and supporting the staff resource it needed as the extraordinary trading circumstances experienced through H1 began to normalise and revenue returned towards pre-COVID-19 levels. The Group received a total of £0.1 million in government furlough scheme payments during the period. Whilst gross margin for the year as a whole was lower than usual, the margins achieved in Q4 were much more in line with management expectations at above 60% and improving month on month. Operating expenses Other operating expenses (excluding share-based payment expenses and exceptional costs) decreased by £2.3 million to £8.9 million, down 21% (FY20: £11.2 million). The Group worked hard in FY20 to restructure and reduce overhead spend. The cost reduction in H1 FY21 was the result of action taken in FY20 combined with management retaining a strong focus on cost reduction into FY21. Whilst management held back on discretional spend through the pandemic, the significant reduction in costs is not a reaction to the COVID-19 trading environment but a pre-planned part of the FY21 finance strategy. By the end of FY21 overheads were running at an annualised run rate a further £0.5 million lower than the full year FY21 figure. EBITDA Although EBITDA is not a statutory measure, it is considered by the Board to be an important Key Performance Indicator that is helpful to investors. This is considered to be a more accurate measure of underlying business performance as it removes the impact of non-cash accounting adjustments. Notwithstanding the 16% reduction in revenue impacted by the COVID-19 global pandemic, EBITDA loss reduced by 42% to £1.1 million (FY20: £1.9 million loss). GRC International Group plc Annual Report and Accounts 2021 19 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT FINANCIAL RE VIE W CONTINUED Notably the EBITDA loss for the period was significantly smaller than the reduction in revenue. Since the reduction in revenue was caused by unusual trading circumstances and much of the Group's costs are fixed, the Board believes that a positive EBITDA would have been expected on a normalised level of revenue. This belief is supported by the Q4 performance where the Group delivered EBITDA positive results for February and March, and was EBITDA positive for the quarter as a whole. £’000 Operating loss Depreciation Amortisation EBITDA Unaudited H1 FY21 Unaudited H2 FY21 FY21 FY20 (1,427) 157 502 (768) (1,161) 193 605 (363) (2,588) 350 1,107 (1,131) (3,425) 386 1,180 (1,859) Finance expense The net finance expense of £247k (FY20: £222k) relates mainly to interest on the Group’s borrowings (£187k) and the IFRS 16 treatment of leases (£60k). Loss before tax Loss before tax was £2.8 million (FY20: £3.7 million). Normalised loss before tax (defined as loss before tax excluding share-based payment expenses and exceptional costs) was £2.8 million (FY20: £3.3 million). Taxation A tax credit of £264k has been recognised in the period (FY20: £445k credit). The tax credit recognised relates primarily to the unwinding of deferred tax on the acquisition of DQM and a Research and Development tax credit. The Group has derecognised a deferred tax asset of £138k in IT Governance Europe Ltd to bring the accounting treatment in line with the rest of the Group. The Group has £1.3 million of deferred tax assets that are due to lack of uncertainty over the timing of future profits. As clarity on the timing of future profits crystallise the Group will look to recognise those assets and will utilise them as part of its overall tax planning approval. Earnings per share Loss per share was 2.58 pence (FY20: loss per share of 4.67 pence). Statement of financial position Net assets were £6.9 million (31 March 2020: £9.4 million). Net current liabilities at year end were up by £2.5 million from the prior year to £5.2 million (31 March 2020: £2.7 million). The main factors in the overall increase in net current liabilities are the reduction in trade receivables of £0.6 million and the increase in trade and other payables of £2.6 million. The other payables increase arose mainly from the deferred HMRC liabilities through the pandemic, as explained in the Going Concern section below. Included within the current liabilities balance of £7.2 million (31 March 2020: £5.4 million) is a deferred income balance of £1.1 million (31 March 2020: £0.9 million), relating to training and consultancy projects due to be delivered after the statement of financial position date. The Board continues to pay close attention to the working capital management of debtors and creditors. Intangible assets The Group’s accounting policy is that only directly attributable staff costs of the technical teams developing the assets are capitalised. No management time is capitalised, and neither is any proportion of overheads. Additions of £1.2 million largely relate to software development of £0.9 million and consultancy and courseware products of £0.2 million. Cash flow and cash/debt The Group’s closing cash position was £0.2 million (FY20: £0.2 million). The significant reduction in operating cash outflows before changes in working capital (FY21: £1.1 million, FY20: £1.9 million) is a reflection of the improvement in trading result during the period. The increase in trade and other payables during the year of £2.6 million largely relates to loans and payment deferrals associated with government support through the COVID-19 pandemic. The Group has banking facilities to provide adequate headroom for unforeseen working capital requirements by way of an uncommitted invoice discounting facility that was inherited as part of the acquisition of DQM. In addition, the unsecured loan facility provided to the Company by Andrew Brode for the amount of £700k at an interest rate of 5% above the Bank of England base rate to provide additional working capital is available to the Company until at least 31 December 2022 and shall automatically renew for a further 12 months unless terminated by either party. At the year end the loan facility was 50% drawn (31 March 2020: 100% drawn). Borrowings (excluding lease obligations) at period end were £1.4 million (31 March 2020: £1.8 million) a decrease on the previous period as loans to support the working capital requirements during the restructuring in FY20 are paid down. A full schedule of borrowings and terms are disclosed in note 9. Going concern The Group has recorded a loss for the year of £2.6 million (FY20: £3.2 million) and at 31 March 2021 its current liabilities exceeded its current assets by £5.2 million (FY20: £2.7 million). Notwithstanding this, the Directors consider it appropriate to prepare the financial statements on a going concern basis. The key considerations relating to this judgement are described below. As set out above, the Group went through a transitional year of restructuring in FY20 and was looking forward to a strong FY21, continuing its H2 FY20 momentum and anticipating profitable results for the year. However, the global COVID-19 pandemic led to an immediate reduction in monthly billings as customers delayed projects, reduced spend seen as not immediately critical to day-to-day operations and focused on establishing new business processes and procedures to survive the short term. This unprecedented trading environment resulted in a reduction in revenues for April and May 2020, followed initially by a strong V-shaped recovery, but then a period of mixed results through the summer as the economy stuttered in an environment of ever- changing regulations and guidance. From late in Q3 the Group saw genuine performance improvements with momentum building through the rest of the year, and performance back to consistently positive monthly EBITDA before the year end and into the new financial year. 20 GRC International Group plc Annual Report and Accounts 2021 In response to the pandemic the Board revisited its FY21 and FY22 forecasts, increased the regularity of its short and medium-term cash flow planning, implemented a number of key cost reduction measures and took advantage of government initiatives that have been introduced in the geographies that the Group operates in order to preserve liquidity, supplemented by deferring the payment of certain liabilities to HMRC which amounted to approximately £1.6 million. Additionally, in March 2021 certain subsidiaries of the Group joined the HMRC VAT deferral scheme to defer repayment of VAT liabilities totalling £0.4 million falling due in FY21 until FY22. Notwithstanding some easing of trading conditions and subsequent improvement in performance since the outbreak of the global pandemic reached the United Kingdom (which represents around 82% of the Group’s revenue in FY21), the Directors acknowledge that trading conditions will remain uncertain for the foreseeable future. Those uncertainties include: – The possibility of further local or national restrictions. – The lack of visibility over future levels of revenue in the context of weakened demand for the Group’s products and services. – Should the Group need to further reduce its scalable cost base, its ability to make those adjustments and realise the benefits from doing that on a timely basis. – The continued availability of existing financing, including HMRC arrangements (see below), existing borrowings and flexibility allowed by suppliers. – The ability to access new financing, including further government support in its various forms, sufficient to fund any further cash requirement over the foreseeable future. To assess going concern the Directors prepared an integrated profit and loss, balance sheet and cash flow forecast by month to 31 March 2023. The Group’s base case forecast identifies that through the going concern review period the Group is able to meet its liabilities as they fall due and make settlement of the outstanding HMRC liabilities through FY22 in equal monthly instalments. The majority of the deferred payroll tax liabilities owed are now covered by formal ‘time to pay’ repayment plans agreed with HMRC. The repayment plans differ across the trading entities within the Group, but all split the deferred balance into equal monthly instalments, with the full balance being repaid by September 2022, and the balance owing as at the date of this report being £1.0 million. The Directors are in discussions with HMRC to agree the repayment plan for the remainder of the balance not yet covered by formal ‘time to pay’ arrangements and expect this to be formalised imminently. Additionally, the Directors prepared a sensitised forecast to the base case forecast where the COVID-19 pandemic was more prolonged than envisaged by the Directors at the time (the ‘worst-case forecast’). This worst-case forecast assumes that revenues until March 2023 are 40% below the base case (marginally below those actually achieved in FY21) and that cost reduction measures, to reflect the reduced level of billings, have been effected. The sensitised forecast does not identify a potential cash flow shortfall in any month and includes the same assumptions for settlement of the outstanding HMRC liabilities as in the base case forecast. The Directors are monitoring actual business performance and cash flow against the base case forecast and the worst-case forecast. Encouragingly, the Group has traded ahead of the revenue, EBITDA and cash flow expectations set out in the base case and the sensitised forecast. Furthermore, in the view of the Directors any temporary cash flow shortfall can be mitigated through the deferment or removal of selected planned marketing, capital expenditure and other scheduled cash outflows. Based on the forecasts and the medium and longer-term planning in place, the Directors have identified that they have a reasonable expectation of being able to reduce costs sufficiently in the required timeframe should revenue levels cause this to be necessary, and that the Group will remain within its currently available facility levels, none of which has any financial covenant compliance requirements. Central to those facilities is the £700,000 unsecured loan facility provided by Andrew Brode which is at present 50% utilised, and which remains in place until at least 31 December 2022, although the Group does also have access to additional liquidity through its uncommitted invoice discounting facility, which is not currently utilised. The Directors have reviewed the Group’s forecasts and projections to 31 March 2023 which, taking account of reasonably possible changes in trading performance, show that the Group is able to generate sufficient liquidity to continue in operational existence for the foreseeable future. On this basis, the Directors believe that the Group will be able to generate sufficient cash through its normal business trading to enable it to continue its operations, and continue to meet, as and when they fall due, its planned and committed liabilities for at least the next 12 months from the date of this report. For this reason, the Directors continue to adopt the going concern basis in the preparation of its financial statements. However, should the Group not be able to generate cash inflows sufficient to meet its current operational obligations and legacy deferred obligations as they fall due, it would need to secure additional funding with no guarantee such funding would be secured. These circumstances indicate the existence of a material uncertainty which may cast significant doubt over the Group’s ability to continue as a going concern. The financial statements do not include the adjustments that would be required should the going concern basis of preparation no longer be appropriate. Capital structure The issued share capital at 31 March 2021 was 99,931,509 ordinary shares of £0.001 each (31 March 2020: 99,577,589). There were no share options granted in the period to 31 March 2021, and the total number of unexercised share options at 31 March 2021 was 426,760 (31 March 2020: 780,680). Risks and uncertainties The Board continuously assesses and monitors the key risks of the business. The key risks that could affect the Group’s performance, and the factors which mitigate these risks, are set on pages 22 to 23. The one exception is an additional point regarding liquidity risk and the Group’s recognition of the need to regularly review and monitor the Group’s financing. Further information is provided above under ’Cash flow and cash/debt’. Chris Hartshorne Finance Director GRC International Group plc Annual Report and Accounts 2021 21 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT RISK MANAGEMENT Our principal risks and uncertainties The Group is exposed to a number of potential risks which may have a material effect on our reputation, financial or operational performance. The Board is aware that the nature and scope of risks can evolve and that there may be further risks to which GRC International is exposed. While this list is not intended to be exhaustive, the Directors consider the below to be the principal risks and uncertainties faced by the Group. The Board has overall responsibility for risk management and internal control and is fully supported by the Audit Committee. Risk Mitigation c i m o n o c E t n e m n o r i v n e Our operations are affected by overall economic conditions in the key geographic markets it operates in. The Group could be affected by unforeseen events outside of its control including: – Economic and political events, such as Brexit and COVID-19 – Inflation or deflation – Currency exchange fluctuation While the increasing geographic diversity of GRC provides some mitigation from individual country economic fluctuations, we continue to review and monitor our economic environment and will continue to consult widely to better understand any economic uncertainty and associated impacts. GRC operates on a basis of natural hedging to help minimise exposure to this risk. The COVID-19 disruption has led to reduced sales in the short term and deferred projects. It has also disrupted daily business life with remote working instigated wherever possible and a shift to remote working and delivery. With the continued uncertainty associated with the virus it is too early to assess the impact on the Group’s operational and financial performance in FY22 and beyond. Business Continuity: GRC has executed its UK business continuity plan in response to the UK Government’s instruction that where possible and as far they are able to, all employees should work from home. The Company is able to confirm that by 25 March all our staff across the Group in the UK, USA and EU were successfully working from home and carrying out business as usual. Encouragingly, to date this approach has meant that the Group has suffered minimal disruption as a result of staff having to self-isolate. 9 1 - D V O C I t n e m n o r i v n e g n i t a r e p O Customer Focus: During March 2020, we successfully shifted almost all of our client service delivery across our continuity, security and privacy compliance services worldwide, online. With very minor exceptions, we are now able to meet all our clients’ delivery needs – including classroom training, consultancy, audit, testing and legal compliance services, on a remote basis to clients across the world. Privacy Management: While executing our continuity plan and completing our pivot to comprehensive online service delivery, we were also successfully audited against ISO/IEC 27701, the new privacy management extension to ISO/ IEC 27001. It is another standard for which we provide training and implementation services. The Group has adequate cash resource and committed undrawn debt facilities available to ensure that the immediate impact of the disruption can be managed. The business has a proven track record of disciplined cost control which will continue to be vital in the current trading environment. We are continuing to take action to reduce costs and preserve cash and, where possible, will take advantage of emerging Government support schemes in all of the geographies in which we operate including deferral of tax payments and furloughing of some staff. Competition: The Group's current competitors, or new entrants to the market, particularly the data protection and cyber security market, might bring superior technologies, products or services to the market, or equivalent products or services at a lower price which may have an adverse effect on the Group's business. We believe that the best way to mitigate this risk is to continue to deliver and maintain high-quality products and services to our customers. We continually review and monitor competitive activity in all our markets to ensure GRC remains innovative, competitive and attractive in the markets in which we operate. Customers: Loss of key customers has the potential to materially impact Group revenue. We have adapted to the COVID-19 pandemic by moving to remote working and delivery of some of our services. Compliance environment: Customer activity is to a significant extent driven by their fear of a data or cyber security breach and the regulatory and commercial consequences thereof. A reduction in external compliance pressure on the Group's clients may have an adverse effect on the Group's business. Suppliers: We have a strategic relationship with Xanthos Ltd, a key supplier of digital marketing and website services, and a related party. If Xanthos Ltd were to withdraw provision of these services, it may have an adverse impact on the business, results of operations and financial condition of the Group. In addition to the above, we seek to balance our exposure to customer dependency across all our geographic markets. We monitor customer demand and, in the event of a reduction in demand, would take steps to reduce delivery capacity and overheads. We maintain close working and contractual relationships with key suppliers and endeavour to limit those services for which we have a single point of failure. 22 GRC International Group plc Annual Report and Accounts 2021 The markets in which the Group operates are subject to legal and regulatory changes and the emergence of new industry standards. To compete successfully, the Group will need to continue to improve its products and services, and to develop and market new products and services that keep pace with changes in legislation, regulation and commercial practices. d n a n o i t a l s i g e L n o i t a l u g e r We monitor developments and proposed changes in Government policies, legislation, regulation and other factors that may impact our business and our customers’ businesses. Our strategy is kept under close review to ensure we respond to any such impact. We have well-developed IT systems, operational controls, comprehensive training and a rigorous compliance monitoring programme in order to maintain adherence to legislation. n o i s n a p x e l a n o i t a n r e t n I l a c i n h c e t d n a m e t s y S l e p o e P s e i t i l i c a f g n i c n a n i F The continued expansion of the Group into new countries brings associated risks. With a number of offices located outside the UK, there is a risk that the Group’s growth overseas may result in a reduction in the quality of control and oversight provided by senior management. The Board and senior management review international activity on a regular basis and consider both strategic and operational issues that may impact performance. The Board has full oversight of UK and overseas operations through regular management meetings, both remotely and in person. Factors such as different time zones, languages, regulatory regimes and working cultures may all reduce the efficacy of the oversight provided by senior management. The financial performance of the Group may be impacted by changes to taxation regulation and the repatriation of profits, as the UK has now left the EU. The nature of the Group’s business means that it is exposed to a number or risks associated with information technology which have the potential to cause a significant impact on operational performance, Company reputation and financial performance. These risks include: – Cyber security breach – Data breach – Reliance on key systems, including defects in software We manage this risk in a number of ways, including external certification to international security standards, such as ISO/IEC 27001 and UK standards such as Cyber Essentials Plus. Our GDPR compliance management system is externally audited to comply with BS 10012. A business continuity plan is in place to minimise the impact to the business should IT systems fail. The internal IT team assesses risks associated with potential cyber threats on a regular basis and uses antivirus software, amongst other controls, to protect the integrity of systems. We also undertake regular penetration testing to assess infrastructure and data security. In the event that an IT incident does occur, back-up facilities are in place to ensure business interruptions are minimised and internal and customer data is protected from corruption or unauthorised access. GRC also has cyber insurance appropriate to its risk profile. We continue to invest in cyber security measures, tools and infrastructure, as well as seeking to develop and upgrade systems in line with the Group’s plans for significant expansion. The Group's future will be greatly influenced by the continued services and performance of its Directors and senior management. GRC takes pride in creating a positive and exciting workplace environment, through training, engagement, rewards and values. Furthermore, failure to recruit and retain skilled personnel at all levels across the business could also have an adverse impact. The Remuneration Committee seeks to ensure that rewards correspond with performance and retention. With a strategy for the Group of significant growth, including further international expansion, the Board recognises the importance of regular review and monitoring of the Group’s financing. The Group maintains a short-term invoice discounting facility and has an unsecured loan facility provided by Andrew Brode to provide additional working capital. The Group only has a limited forward order book for its services, creating unpredictability in revenues and cash, hence impacting on the level of liquidity. Further details are included on page 20 of this Annual Report in the Financial Review under Going concern. Keyman insurance has been put in place in respect of the Chief Executive Officer, Alan Calder, for £750,000. The Group maintains regular and transparent dialogue with its facility lenders to ensure they are aware of developments in the business and reviews the level of facilities required based on the Group’s forecasts. The Board receives weekly and monthly information to enable it to consider the Group’s short and medium-term performance. If performance is not in line with forecast, the Group has a number of mitigating actions that could be implemented. GRC International Group plc Annual Report and Accounts 2021 23 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT K E Y PERFORMANCE INDIC ATORS How we measure our performance Billings Billings equates to the total value of invoices raised and cash sales through Group websites. This figure does not take account of accrued or deferred income adjustments that are required to comply with accounting standards.* Total billings (£000s) £12,253 (13)% 2020: £14,026 * Billings equate to the total value (net of VAT) of invoices raised and cash sales through the Group's websites. The figure does not take account of accrued or deferred income adjustments that are required to comply with UK-adopted International Financial Reporting Standards ("IFRS") but is considered to provide useful information to the users of the Group's financial information. Billings is considered by the Board to be a key metric for managing the business due to its direct relationship with cash-flow. Cash receipts are driven by billings achieved each month rather than by revenue recognised in accordance with IFRS Average FTE headcount While the number of full-time equivalent (’FTE’) employees is not a KPI in itself, the decrease demonstrates the scale of the Group’s restructure over the course of the financial year. Monthly billings divided by FTE employees This is an internal target given to the Group’s sales and marketing teams. 16,260 15,833 14,026 12,253 20,000 15,000 10,000 5,000 0 2018 2019 2020 2021 Average FTE headcount 149 (20)% FTE as at 31 March 2021: 149 FTE as at 31 March 2020: 187 300 250 200 150 100 50 0 270 177 187 149 2018 2019 2020 2021 Billings per FTE (£) £9,988 58% 2020: £6,307 10,000 9,000 8,000 7,000 6,000 5,000 4,000 3,000 2,000 1,000 0 9,988 7,465 6,307 4,881 2018 2019 2020 2021 24 GRC International Group plc Annual Report and Accounts 2021 Website visits The Group invests significant funds into digital marketing in order to maintain our dominance of certain web search term results. There is a distinct correlation between website visits and sales, however, we remain careful to use the term ’correlation’ rather than ’causation’. Website visits (000s) 3,691 4% 2020: 3,552 4,902 3,107 3,552 3,691 5,000 4,000 3,000 2,000 1,000 0 2018 2019 2020 2021 Website revenue This equates to debit and credit card sales via the website that turn into cash immediately. This is an important KPI as it is a key driver of the Group’s working capital. Furthermore, the Group refers to website sales trends to estimate the returns generated through digital marketing campaigns and, therefore, how to prioritise these accordingly. Website revenue (£000s) £4,002 74% 2020: £2,293 Underlying EBITDA EBITDA (“Earnings Before Interest, Tax, Depreciation, Amortisation”) excludes share- based payment expenses (which are excluded as they are a non-cash expense) and exceptional costs in relation to acquisitions made in the year. 4,683 4,002 3,374 2,293 5,000 4,000 3,000 2,000 1,000 0 2018 2019 2020 2021 Underlying EBITDA (£000s) £(1,131) 25% 2020: £(1,501) 2,000 1,000 0 -1,000 -2,000 -3,000 -4,000 -5,000 1,662 (1,501) (1,131) (4,336) 2018 2019 2020 2021 The Strategic Report was approved by the Board of Directors and signed on its behalf. Alan Calder Director 28 September 2021 GRC International Group plc Annual Report and Accounts 2021 25 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT S TAK EHOLDER ENGAGEMENT We engage with our stakeholders to develop effective relationships and improve business decisions By understanding our stakeholders and listening to their views and feedback, we can factor into Board discussions the potential impact of our decisions on each stakeholder group and consider their needs and concerns. OUR STAKEHOLDERS MATERIAL TOPICS EMPLOYEES Engaging with our people enables us to create an inclusive company culture and a positive working environment. – Opportunities for development and progression – Opportunity to share ideas and make a difference – Diversity and inclusion S172 Statement As required by s172 of the Companies Act 2006, a director of a company must act in the way he considers, in good faith, would most likely promote the success of the company for the benefit of its shareholders. In so doing, the director must have regards amongst other matters to the: – Likely consequences of any decision in the long term – Interests of the company’s employees – Need to foster the company’s business relationships with suppliers, customers and others – Impact of the company’s actions on the community and environment – Desirability of the company maintaining a reputation for high standards of business conduct – Need to act fairly between members of the company CUSTOMERS Listening to our customers helps us to better understand their needs and provide suitable and reliable products and services. SHAREHOLDERS Our shareholders are vital to the future success of our business, providing funds which aid business growth and the generation of sustainable returns. – Help customers make better decisions – Personalised customer propositions – Leveraging a deep understanding of their needs and views to create innovative solutions – Financial performance – Strategy and business model – Proactive approach to communication THIRD PARTY SUPPLIERS Interaction with our suppliers and treating our suppliers fairly allows us to drive higher standards and reduce risk in our supply chain whilst benefiting from cost efficiencies and positive environmental outcomes. – Long-term partnerships – Collaborative approach – Open terms of business – Fair payment terms 26 GRC International Group plc Annual Report and Accounts 2021 HOW WE ENGAGE OUTCOMES We have an experienced, diverse and dedicated workforce which we recognise as the key asset of our business. It is vital to the success of the Group to continue to create the right environment to encourage and create opportunities for individuals and teams to realise potential. FY21 was a transition year for employees as we moved to a remote working organisation. Throughout the COVID-19 lockdown daily employee briefings have been held. Employees have been consulted on some very difficult decisions facing the Group during the COVID-19 crisis. We have had an overwhelming level of support throughout the organisation. The majority of our previously office-based staff in all our geographic locations are now permanently home-based. Following the introduction of the HR Software tool in the later part of FY19 we have much greater data accuracy, increased over data, improved efficiency and a modern employment experience. Social media is a key channel for mobilising customer engagement. During the COVID-19 crisis we have actively supported many of our customers with payment holidays and flexible approaches on delivering our products. Our classroom training business is now completely online, with a bio secure training centre that has opened in Cambridgeshire with an innovative ’Learn from Anywhere’ multi-channel delivery model. We are successfully delivering 95% of our cyber security, privacy and continuity services remotely to customers across the world. During the year the primary mechanism for engaging with shareholders in more depth was via meetings with the largest shareholders following the financial results for the half and full year. In addition, in FY21, additional areas of discussion with the largest shareholders were focused on the future development of the Group. Investors showed their support for the Board and the Company’s strategy by passing all resolutions at the Annual General Meeting and the general meetings to approve the raising of additional funds to complete the purchase of DQM and additional working capital requirements. We operate in a way that safeguards against unfair business practices and encourages suppliers and contractors to adopt responsible business policies and practices for mutual benefit. We recognise that we must, where possible, integrate our business values and operations to meet the expectations of our stakeholders, including customers, suppliers, the community and environment. We regularly monitor the relationship and engagement approach with our third-party suppliers. GRC International Group plc Annual Report and Accounts 2021 27 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT GOVERNANCE REPOR T ANDREW STEPHEN BRODE NON-EXECUTIVE CHAIRMAN On behalf of the Board of Directors, I am pleased to introduce the Group’s Corporate Governance Statement for the year ended 31 March 2021. Introduction This statement of the report sets out GRC International Group plc’s approach to corporate governance and intends to provide information on how the Board and its Committees operate. As a Board, we take corporate governance very seriously, and I will continue to ensure that we maintain high standards throughout my tenure. As a company whose shares are traded on the AIM market of the London Stock Exchange, GRC International has chosen to monitor and report its compliance with the Quoted Companies Alliance (’QCA’) Corporate Governance Code (’the Code’) and its Statement of Compliance with the same can be found with information on governance arrangements on the Company website (https://www. grci.group/corporate-governance). Further information is provided in the table on pages 30-33. This report seeks to inform shareholders about how it complies with the QCA Code, and where it departs from the QCA Code the Board will provide an explanation of the reason(s) for doing so. The role of the Board The Board is collectively responsible for GRC International’s performance and creating value for shareholders. The Board meets as often as required to effectively conduct its business. The Board is responsible for overseeing the management of the Group and approving the strategic direction of GRC International. Composition of the Board and meetings The QCA Code states that a company should have at least two independent non-executive directors. At the beginning of the year the Board comprised six Directors; four Executive Directors and two independent Non-Executive Directors, reflecting a blend of different experiences and backgrounds. On 17 February 2021 Neil Acworth (Executive Director) resigned his position on the Board with immediate effect. On 13 May 2021 Steve Watkins (Executive Director) resigned his position on the Board with immediate effect. Both individuals continued to make themselves available to the Board for a period to ensure smooth handover of their responsibilities. The Board believes that the current composition of the Board brings a desirable range of skills and experience in light of the Company’s challenges and opportunities following admission to AIM in March 2018, while simultaneously ensuring that no individual or group can dominate the Board’s decision making. The structure of the Board is designed to ensure that the Board focuses on the strategic direction of the Group, monitoring its performance, governance, risk and control issues. The Board meets regularly to review, formulate and approve the Group’s strategy, budgets, corporate actions and oversee the Group’s progress towards its goals. The Company will continue to appraise the structure of the Board on an ongoing basis. 28 GRC International Group plc Annual Report and Accounts 2021 The table below sets out the Directors’ attendance at scheduled Board meetings during the period ended 31 March 2021, against the number of meetings each Board member was eligible to attend: The members of the Remuneration Committee include two Non-Executive Directors. The Remuneration Committee comprises Ric Piper (as Chairman) and Andrew Brode. Andrew Brode Alan Calder Christopher Hartshorne Stephen Watkins Neil Acworth Ric Piper 10/10 10/10 10/10 10/10 7/8 10/10 At each Board meeting, the Directors follow a formal agenda, which is circulated in advance by the Company Secretary. Board Committees The Board has delegated specific responsibilities to the Audit Committee and the Remuneration Committee, details of which are set out below. Each Committee has written Terms of Reference setting out its duties, authorities and reporting responsibilities which can be obtained from the Company Secretary on application via https://www.grci.group/contact. Audit Committee The Audit Committee has the responsibility of reviewing and reporting to the Board on the Group’s financial reporting, internal control and risk management systems, the independence and effectiveness of the external auditor. The Audit Committee meets no less than two times in each financial year and has unrestricted access to the Group’s external auditor. The members of the Audit Committee comprise two Non-Executive Directors: Ric Piper (as Chairman) and Andrew Brode. More information about this Board Committee can be found in the Remuneration Committee Report on pages 40 to 41. Nomination Committee No nomination committee has been established. Instead, decision- making on matters of nomination and succession will be retained with the Board as a whole. This approach is considered appropriate considering the small size of the Board and is believed to enable all Board members to take an active involvement in the consideration of Board candidates and to support the Chair in matters of nomination and succession. Board effectiveness In line with the requirements of the QCA Code, an annual evaluation process is undertaken which considers the effectiveness of the Board, its Committees and individual Directors. This review identifies areas for improvement, informs training plans for Directors and identifies areas of knowledge, expertise or diversity which should be considered in the Group’s succession plans. The evaluation did not take place on one specific date but via a series of conversations, both during and outside regular Board meetings. Conversations took place involving all members of the Board together and as one on one conversations led by the Chairman. In addition to the annual evaluation exercise, there remains an ongoing dialogue within the Board to ensure that it operates effectively and that any matters raised are addressed in a timely manner. The Board maintains strong relationships with external advisers and has access to advice as required. More information about this Board Committee can be found in the Audit Committee Report on pages 36 to 39. The performance of the Executive Directors is reviewed annually by the Remuneration Committee in conjunction with their annual pay review and the payment of bonuses. Remuneration Committee The Remuneration Committee reviews the performance of the Executive Directors, Chairman of the Board and senior management of the Group and makes recommendations to the Board on matters relating to their remuneration and terms of service. The Remuneration Committee also makes recommendations to the Board on proposals for the granting of share options and other equity incentives pursuant to any employee share option scheme or equity incentive plans in operation from time to time. The Remuneration Committee meets as and when necessary, but at least once each year. In exercising this role, the Directors have regard to the recommendations put forward in the QCA Code and, where appropriate, the QCA Remuneration Committee Guide and associated guidance. The Corporate Governance Statement was approved by the Board of Directors and signed on its behalf. Andrew Brode Chairman 28 September 2021 GRC International Group plc Annual Report and Accounts 2021 29 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT APPLIC ATION OF THE QC A CODE GOVERNANCE PRINCIPLE 1 Establish a strategy and business model which promote long-term value for shareholders. EXPLANATION The Board is committed to delivering long-term value for GRC International’s shareholders. The Group’s business model and strategy is explained fully within the Strategic Report on pages 12 to 13. Details of the principal risks and uncertainties which the Board considers to be associated with the Group’s activities, together with the mitigating actions which are being pursued in relation to them, are set out on pages 22 to 23. COMPLIANT GOVERNANCE PRINCIPLE 2 Seek to understand and meet shareholder needs and expectations. EXPLANATION The Board attaches great importance to communication with all of GRC International’s shareholders. We encourage all our shareholders to attend our AGM, which provides a forum and time for shareholders’ questions and open discussions. Furthermore, feedback from investors is obtained through direct interaction with the Chief Executive Officer and Finance Director at meetings following its interim full-year results, and certain other ad hoc meetings that take place during the year. There is a regular dialogue with shareholders through the medium of the Company’s corporate broker, Dowgate Capital Ltd. The voting record at the Company’s general meetings is monitored and we are pleased that all resolutions proposed so far have been passed by shareholders (with a great majority being passed by 100% of attending votes). COMPLIANT GOVERNANCE PRINCIPLE 3 Take into account wider stakeholder and social responsibilities and their implications for long-term success. EXPLANATION As an international company, GRC International places significant importance on understanding and respecting different cultural and social values within the international realm in which it operates. The Group has adopted policies to encourage an open and transparent corporate culture, including policies addressing anti-slavery, anti-bribery and whistleblowing. We continue to adopt new policies and monitor existing policies on an ongoing basis. Details of the stakeholder engagement which the Board considers to be associated with the Group’s activities are set out in the S172 disclosure on pages 26 to 27. COMPLIANT 30 GRC International Group plc Annual Report and Accounts 2021 COMPLIANT GOVERNANCE PRINCIPLE 4 Embed effective risk management, considering both opportunities and threats, throughout the organisation. EXPLANATION Details of the principal risks and uncertainties which the Board considers to be associated with the Group’s activities, together with the mitigating actions which are being pursued in relation to them, are set out on pages 22 to 23. The Company sets out in its annual report the steps taken to ensure that effective risk management is embedded within the Group's culture. The Board has identified the principal business and financial risks and has implemented control procedures. The Group has an established framework of internal financial controls which is subject to review by the Directors and the Audit Committee considering the ongoing risks faced by the Group. The Board acknowledges its responsibility for reviewing the effectiveness of the systems that are in place to manage risk. However, no such system can provide absolute assurance against misstatement or loss. The Board considers that the internal controls that are in place are appropriate for the size and complexity of the Group. The key elements of the Group’s internal control environment include: – close involvement of the Executive Directors in the day-to-day running of the Group; – weekly Executive Committee meetings – clear lines of authority and reporting established; – centralised control and decision making over key areas such as capital expenditure and financing; and – a suite of daily and monthly reports focusing on the key performance and risk areas. Such reports include detailed annual budget setting with monthly monitoring and daily reporting including reports on sales, orders and cash balances compared with budget. The Board, with the advice of the Audit Committee, has reviewed the effectiveness of the systems of internal control for the year to 31 March 2021. Given the current size of the Group and the close involvement of the Executive Directors in the day-to-day operations, the Group does not consider it necessary to have a separate financial internal audit function due to the Group’s size and its centralised administrative function but keeps this need under review. The Company receives regular feedback from its external auditors on the effectiveness of its internal controls and aims to implement any improvements identified. The Group undertakes regular updates and reviews of its business processes, co-ordinated by the Group quality function to ensure that it not only addresses basic financial controls but that non-financial controls are also in place over areas such as health and safety, environmental issues and adherence to law and regulations. Mitigation can only provide reasonable, but not absolute, assurance against material misstatement or loss. As such the Group maintains appropriate insurance cover for the Group’s activities, with the types of cover and insured values being reviewed on a periodic basis by the Board. The Group also has a Business Continuity Plan to manage significant risks such as the COVID-19 pandemic. GOVERNANCE PRINCIPLE 5 Evaluate Board performance based on clear and relevant objectives, seeking continuous improvement. EXPLANATION In line with the requirements of the QCA Code, an annual evaluation process is undertaken which considers the effectiveness of the Board, its Committees and individual Directors. This review identifies areas for improvement, informs training plans for Directors and identifies areas of knowledge, expertise or diversity which should be considered in the Group’s succession plans. The process of Board evaluation is a continuous one as the Board communicates regularly as a group, picking up on matters where a particular Director’s time and efforts should be focused. Both the Chairman and the CEO hold regular one-to-one conversations with other members of the Board, with the Finance Director also communicating regularly with the Chairman of the Audit Committee. The Board is considered to be operating effectively and appropriately for the size and complexity of the Group. COMPLIANT GRC International Group plc Annual Report and Accounts 2021 31 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT COMPLIANT APPLIC ATION OF THE QC A CODE CONTINUED GOVERNANCE PRINCIPLE 6 Maintain the Board as a well-functioning, balanced team led by the Chair. EXPLANATION The Board is responsible for taking all major strategic decisions and also addressing any significant operational matters. In addition, the Board reviews the risk profile of the Group and ensures that an adequate system of internal control is in place. The Board has a formal schedule of matters reserved for its approval and is supported by the Audit and Remuneration Committees. All Directors are required to devote sufficient time to carry out their role. The Board believes that the current composition of the Board brings a desirable range of skills and experience in light of the Company’s challenges and opportunities following admission to AIM in March 2018, while simultaneously ensuring that no individual or group can dominate the Board’s decision making. Non-Executive Directors have a time commitment to the Company of not less than eight days per annum including the attendance of Board meetings and the Company AGM. In addition, Non-Executive Directors are expected to devote appropriate preparation time ahead of each meeting. The structure of the Board is designed to ensure that the Board focuses on the strategic direction of the Group, monitoring its performance, governance, risk and control issues. The Board has considered Mr Brode’s independence and, notwithstanding his shareholding in the Company and his position as a debt provider, the Board considers that Mr Brode is of independent mind in regards to his interactions with the Company. Ric Piper is considered to be independent as described on page 35. The composition and experience of the Board is shown on pages 34 to 35 of the Annual Report. GOVERNANCE PRINCIPLE 7 Ensure that between them the Directors have the necessary up-to-date experience, skills and capabilities. EXPLANATION The GRCI Board has, in its opinion, an appropriate balance of sector, financial and public market skills and experience, as well as an appropriate balance of personal qualities including gender balance and capabilities to successfully execute the Group’s strategy. The Board fully supports and funds any training, formally or otherwise, that is required by any individual Board member so as to ensure that their knowledge and experience remains relevant and effective. The Directors receive briefings at Board meetings on regulatory and other issues relevant to the Group and its business sector and may attend external courses to assist in their professional development. All Directors, the Audit Committee and Remuneration Committee are able to take independent professional advice in the furtherance of their duties, if necessary. A summary of the skills and experience of each Board member is included in their biographies on pages 34 to 35 of the Annual Report. COMPLIANT 32 GRC International Group plc Annual Report and Accounts 2021 GOVERNANCE PRINCIPLE 8 Promote a corporate culture that is based on ethical values and behaviours. EXPLANATION The Board believes that the promotion of a corporate culture based on sound ethical values and behaviours is essential to creating a workplace environment that allows people to flourish and this will contribute to enhancing shareholder value. Each Director places great importance on demonstrating ethical behaviours, both during the decision-making process, and in the implementation and communication of strategic decisions. Senior managers are also encouraged to lead by example in the promotion of ethical values and behaviours. So far as possible, we ensure that these values are visible through our recruitment process, internal communications and management style, corporate reports and external announcements. GOVERNANCE PRINCIPLE 9 Maintain governance structures and processes that are fit for purpose and support good decision-making by the Board. EXPLANATION The Board meets regularly throughout the year to consider strategy, performance and the framework of internal controls. A scheduled meeting calendar is arranged as far in advance as possible, and ad hoc meetings are held in person or by telephone when it is necessary for the Board to discuss specific issues. To enable the Board to discharge its duties, the Directors receive appropriate and timely information. A formal agenda and briefing papers are distributed to the Directors in advance of each Board meeting. The Directors have access to the advice and services of the Finance Director and Company Secretary, who is responsible for ensuring that the Board procedures are followed, and that applicable rules and regulations are complied with. The Board reviews its governance structures regularly to ensure they are fit for purpose and will carry out a review of the terms of the Audit and Remuneration Committees during financial year 2021. Further details on our governance structure and the role of our Board Committees are set out on pages 28 to 29. COMPLIANT COMPLIANT Communicate how the Company is governed and is performing by maintaining a dialogue with shareholders and other relevant stakeholders. GOVERNANCE PRINCIPLE 10 COMPLIANT EXPLANATION The Board attaches great importance to communication with shareholders. Regular communication is maintained with our shareholders primarily through: – our Annual General Meeting; – our website (www.grci.group); – meetings and conversations between the Chief Executive Officer and shareholders, both on an ad hoc basis, and following publication of the interim and final results; and – Company announcements. Our Group website (www.grci.group) sets out details of the Group and its activities, regulatory announcements and Company press releases, annual reports, half-year reports, notices of general meetings and information required by the AIM Rules for companies and the QCA Code. The ’Investors’ section of the Group website includes a dedicated ’Corporate Governance’ section, where our annual Corporate Governance Statements can be found (www.grci.group/corporate-governance). Further information can also be found in the Audit Committee report on pages 36 to 39 and the Remuneration Committee report on pages 40 to 41. GRC International Group plc Annual Report and Accounts 2021 33 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT BOARD OF DIREC TORS Bringing a broad range of skills and a depth of experience The existing Directors of GRC International Group plc are listed below. The Directors’ Report on page 42 sets out details of the Directors who served during the year ended 31 March 2021. The Board is committed to maintaining high standards of corporate governance. The Company has adopted policies and procedures which reflect the principles of the QCA’s Corporate Governance Guidelines for Smaller Quoted Companies (’QCA Code’) as appropriate to a company whose shares are admitted to trading on AIM. ANDREW STEPHEN BRODE NON-EXECUTIVE CHAIRMAN A R ALAN PHILIP CALDER CHIEF EXECUTIVE OFFICER APPOINTMENT TO THE BOARD APPOINTMENT TO THE BOARD November 2012 April 2002 KEY SKILLS AND EXPERIENCE KEY SKILLS AND EXPERIENCE In 2012, Andrew acquired an initial shareholding in IT Governance Ltd before later joining the Board as a Non-Executive Director in November 2012. In 2014, Andrew subscribed for further shares in IT Governance Ltd, increasing his shareholding to 22% (of the issued share capital of the Company prior to Admission). Andrew was appointed Non-Executive Chairman of the Company in February 2018. As well as being a Chartered Accountant, Andrew has gained significant leadership experience on the boards of several listed companies. He was Chief Executive of Wolters Kluwer (UK) plc between 1978 and 1990 and Andrew is currently Chairman of RWS Holdings plc and Learning Technologies Group plc. These roles together with his extensive executive experience, ensure he is well placed to lead the Board of GRC International plc effectively. PRINCIPAL EXTERNAL APPOINTMENTS – Chairman of RWS Holdings plc – Chairman of Learning Technologies Group plc – Non-Executive Director of a number of private equity-backed media companies As CEO and founder of IT Governance Ltd, Alan leads the senior team and is responsible for delivering GRC International plc’s strategy. Prior to founding IT Governance Ltd in 2002, Alan held a number of roles including the position of CEO of Business Link London City Partners, CEO of Focus Central London, CEO of Wide Learning, the Outsourced Training Company and was Chairman of CEME. Alan graduated from the University of Witwatersrand in 1978 before moving to the UK. Alan has written a number of books about IT management including the definitive compliance guide “IT Governance: An International Guide to Data Security and ISO27001/ISO27002” (co-written with Steve Watkins), which is in its sixth edition and is the basis for the UK Open University’s postgraduate course on information security and “IT Governance – Guidelines for Directors”. With his significant executive experience and expertise in the field of IT governance, risk management and compliance, Alan is well placed to lead the senior team of GRC International plc effectively. PRINCIPAL EXTERNAL APPOINTMENTS – None 34 GRC International Group plc Annual Report and Accounts 2021 BOARD COMMITTEE MEMBERSHIP A R Audit Committee member Remuneration Committee member Chair CHRISTOPHER JOHN HARTSHORNE, FCCA FINANCE DIRECTOR RICHARD JOHN PIPER, ACA INDEPENDENT NON-EXECUTIVE DIRECTOR A R APPOINTMENT TO THE BOARD APPOINTMENT TO THE BOARD April 2017 February 2018 KEY SKILLS AND EXPERIENCE KEY SKILLS AND EXPERIENCE Chris joined the Group in April 2017 as Finance Director. Prior to this, Chris qualified as a Chartered Certified Accountant with Deloitte in 2007 and subsequently worked for PwC. In 2015, Chris joined MM (UK) Limited as Financial Controller before leaving to take up his position with GRC International. PRINCIPAL EXTERNAL APPOINTMENTS – None Ric has over 40 years of experience as a Chartered Accountant, including a number of senior finance roles at ICI, Citicorp and Logica. He was also Group Finance Director at WS Atkins plc from 1993 to 2002. Ric advises a number of businesses in the Engineering and Technology sectors. He was a Member of the Financial Reporting Review Panel for ten years until 2019. PRINCIPAL EXTERNAL APPOINTMENTS – Partner at Restoration Partners – NED at Belluscura plc GRC International Group plc Annual Report and Accounts 2021 35 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT AUDIT COMMIT TEE REPOR T RICHARD JOHN PIPER, ACA AUDIT COMMITTEE CHAIR, REMUNERATION COMMITTEE CHAIR As Chairman of the Audit Committee, I am pleased to present this report of the Audit Committee (the ’Committee’) for the year ended 31 March 2021. This report is intended to explain how the Committee has met its responsibilities. I will be available at the Annual General Meeting (’AGM’) to respond to any questions shareholders may raise on any of the Committee’s activities. Apart for the material uncertainty related to going concern in the independent auditor’s report on page 44 and as further discussed below under significant issues related to the financial statements – Going concern, from a ’business as usual’ perspective, there is nothing to bring to your specific attention. Aims and objectives The Committee has responsibility for monitoring the integrity of the annual and interim financial statements and formal announcements relating to the Group’s financial performance, including advising the Board that the Annual Report is fair, balanced and understandable. It reviews significant financial reporting issues and accounting policies and disclosures in financial reports, the effectiveness of the Group’s internal control procedures and risk management systems and considers how the Group’s internal audit requirements shall be satisfied, making recommendations to the Board. It reviews the independent auditor’s audit strategy and implementation plan and its findings in relation to the Annual Report and Interim Financial Statements. The main duties of the Committee are set out in its Terms of Reference which are available from the Company Secretary on application via https://www.grci.group/contact. Committee membership, meetings and attendance Membership Throughout the year ended 31 March 2021, and since the year end to the date of this Report, the Committee comprised two Non- Executive Directors: – Ric Piper (Chairman of the Committee and independent Non- Executive Director); and – Andrew Brode (Chairman of the Board). Both Andrew Brode and Ric Piper are Chartered Accountants and the Board considers them to have recent and relevant financial experience. Further information on Mr Piper and Mr Brode can be found in the Directors’ biographies on pages 34 to 35. The Board considers that the Committee as a whole has competence relevant to the sector in which the Group operates. Meetings and attendance The Audit Committee met two times during the year ended 31 March 2021. The Committee has met with the external auditor to agree the Audit Plan, including (as for the previous financial year) the likely impact of COVID-19 working arrangements on the preparation and audit of the financial statements. The Chief Executive Officer and the Finance Director are also routinely invited to Committee meetings. The attendance at the Audit Committee meetings is set out in the following table: Andrew Brode Ric Piper 2/2 2/2 36 GRC International Group plc Annual Report and Accounts 2021 Since the year end, the Committee met privately with the independent auditor. Ric Piper, the Committee Chairman, also met privately with the senior statutory auditor, Tim Neathercoat, outside of the Committee meetings. Operation of the Committee Each year, the Committee works to a planned programme of activities which are focused on key events in the annual financial reporting cycle and other matters that are considered in accordance with its Terms of Reference. It provides oversight and guidance to contribute to the ongoing good governance of the business, particularly by providing assurance that shareholders’ interests are being properly protected by appropriate financial management, reporting and internal controls. The main activities of the Committee in the year ended 31 March 2021 are as follows: – Financial statements: The Committee reviewed the Annual Report. Presentations were made by management and the auditor about the key technical and judgemental matters relevant to the financial statements. Further information is provided below in the section ’Significant issues related to the financial statements’. – Taxation: The Group operates under varied tax regimes. The completeness and valuation of provisions to cover the range of potential final determinations by the tax authorities of the Group’s tax positions are the subject of judgement. Further information is set out in note 7 to the financial statements. The provisions held by the Group were reviewed by management as at 31 March 2021. The Committee agreed with management’s assessment of the Group’s tax provisions. The Committee notes that the Group is committed to paying the correct amount of tax and receiving the correct amount of research and development tax credits and will only undertake transactions that have a genuine commercial purpose. – Fair, balanced and understandable: The content and disclosures made in the Annual Report are subject to a verification exercise by management to ensure that no statement is misleading in the form and context in which it is included, no material facts are omitted which may make any statement of fact or opinion misleading, and implications which might be reasonably drawn from the statement are true. The Committee was satisfied that it was appropriate for the Board to approve the financial statements and that the Annual Report taken as a whole is fair, balanced and understandable such that it allows shareholders to assess the Group’s performance against the Group’s strategy and business model. – Internal financial control systems: The Committee reviewed the observations made by the independent auditor, as part of the audit process, and management’s responses and actions. The Committee was satisfied that it was appropriate for the Board to make the statements regarding internal controls included in the Corporate Governance Statement. Compliance reviews, both of financial and operational activities, were satisfactorily completed for the Group’s International Organisation for Standardisation (’ISO’) accreditations. Internal Audit is reported on below. The Chairman of the Committee reported to the Board on the Committee’s activities after each meeting, identifying relevant matters requiring communication to the Board and recommendations on the steps to be taken. Significant issues related to the financial statements The Committee reviewed the key judgements applied to a number of significant issues in the preparation of the financial statements. The review included consideration of the following: Revenue recognition and recoverability of accounts receivables The Group has well-developed accounting policies for revenue recognition – see the ’Principal accounting policies’ section in the financial statements. The Committee receives reports from management and from the independent auditor to ensure that the policies are complied with across the Group. The Board also receives regular reports on the collectability of aged accounts receivables, accrued income and deferred income. On the basis of these reports, the Committee concluded that it was content with the judgements that had been made. Intangibles: accounting As set out in the intangibles accounting policy in the financial statements, the Group has significant unamortised intangibles. As at 31 March 2021, the Committee agreed with the management’s recommendation on capitalisation and that no impairment charge was required. Intangibles impairment assessments (including assumptions about future performance) are carried out at least annually by management and reviewed by the Board and the Committee. Going concern The Group has recorded a loss for the year of £2.6 million (2020: £3.2 million) and at 31 March 2021 its current liabilities exceeded its current assets by £5.2 million (2020: £2.7 million). Notwithstanding this, the Directors consider it appropriate to prepare the financial statements on a going concern basis. The key considerations relating to this judgement are described below. As set out above, the Group went through a transitional year of restructuring in FY20 and was looking forward to a strong FY21, continuing its H2 FY20 momentum and anticipating profitable results for the year. However, the global COVID-19 pandemic led to an immediate reduction in monthly billings as customers delayed projects, reduced spend seen as not immediately critical to day-to-day operations and focused on establishing new business processes and procedures to survive the short term. This unprecedented trading environment resulted in a reduction in revenues for April and May 2021, followed initially by a strong V-shaped recovery, but then a period of mixed results through the summer as the economy stuttered in an environment of ever- changing regulations and guidance. From late in Q3 the Group saw genuine performance improvements with momentum building through the rest of the year, and performance back to consistently positive monthly EBITDA before the year end and into the new financial year. In response to the pandemic the Board revisited its FY21 and FY22 forecasts, increased the regularity of its short and medium-term cash flow planning, implemented a number of key cost reduction measures and took advantage of government initiatives that have been introduced in the geographies that the Group operates in order to preserve liquidity, supplemented by deferring the payment of certain liabilities to HMRC which amounted to approximately £1.6 million. Additionally, in March 2021 certain subsidiaries of the Group joined the HMRC VAT deferral scheme to defer repayment of VAT liabilities totalling £0.4 million falling due in FY21 until FY22. GRC International Group plc Annual Report and Accounts 2021 37 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT AUDIT COMMIT TEE REPOR T CONTINUED Notwithstanding some easing of trading conditions and subsequent improvement in performance since the outbreak of the global pandemic reached the United Kingdom (which represents around 82% of the Group’s revenue in FY21), the Directors acknowledge that trading conditions will remain uncertain for the foreseeable future. Those uncertainties include: – The possibility of further local or national restrictions. – The lack of visibility over future levels of revenue in the context of weakened demand for the Group’s products and services. – Should the Group need to further reduce its scalable cost base, its ability to make those adjustments and realise the benefits from doing that on a timely basis. – The continued availability of existing financing, including HMRC arrangements (see below), existing borrowings and flexibility allowed by suppliers. – The ability to access new financing, including further government support in its various forms, sufficient to fund any further cash requirement over the foreseeable future. The Directors have reviewed the Group’s forecasts and projections to 31 March 2023 which, taking account of reasonably possible changes in trading performance, show that the Group is able to generate sufficient liquidity to continue in operational existence for the foreseeable future. On this basis, the Directors believe that the Group will be able to generate sufficient cash through its normal business trading to enable it to continue its operations, and continue to meet, as and when they fall due, its planned and committed liabilities for at least the next 12 months from the date of this report. For this reason, the Directors continue to adopt the going concern basis in the preparation of its financial statements. However, should the Group not be able to generate cash inflows sufficient to meet its current operational obligations and legacy deferred obligations as they fall due, it would need to secure additional funding with no guarantee such funding would be secured. These circumstances indicate the existence of a material uncertainty which may cast significant doubt over the Group’s ability to continue as a going concern. As in the FY20 statutory accounts, the committee notes that the Independent Auditor's Report contains a material uncertainty related to going concern. The financial statements do not include the adjustments that would be required should the going concern basis of preparation no longer be appropriate. Independent auditor The appointment of the independent auditor is approved by shareholders annually. The independent auditor’s audit of the financial statements is conducted in accordance with International Standards on Auditing (UK) (’ISAs’), issued by the Financial Reporting Council. There are no contractual obligations that act to restrict the Committee’s choice of external auditor. BDO LLP became the Group's independent auditor for the financial year ended March 2019. This year, having considered the effectiveness and performance of the independent auditor, the Committee has recommended to the Board the appointment of BDO LLP as independent auditor of the Company for the next financial year. Services, independence and fees The independent auditor provides the following: – A report to the Committee giving an overview of the results and judgements and observations on the control environment. – An opinion on the truth and fairness of the Group financial statements. The Committee monitors the cost effectiveness of audit and any non-audit work performed by the independent auditor and also considers the potential impact, if any, of this work on independence. It recognises that certain work of a non-audit nature may be best undertaken by the independent auditor as a result of its unique position and knowledge of key areas of the Company. To assess going concern the Directors prepared an integrated profit and loss, balance sheet and cash flow forecast by month to 31 March 2023. The Group’s base case forecast identifies that through the going concern review period the Group is able to meet its liabilities as they fall due and make settlement of the outstanding HMRC liabilities through FY22 in equal monthly instalments. The majority of the deferred payroll tax liabilities owed are now covered by formal ‘time to pay’ repayment plans agreed with HMRC. The repayment plans differ across the trading entities within the Group, but all split the deferred balance into equal monthly instalments, with the full balance being repaid by September 2022, and the balance owing as at the date of this report being £1.0 million. The Directors are in discussions with HMRC to agree the repayment plan for the remainder of the balance not yet covered by formal ‘time to pay’ arrangements and expect this to be formalised imminently. Additionally, the Directors prepared a sensitised forecast to the base case forecast where the COVID-19 pandemic was more prolonged than envisaged by the Directors at the time (the ‘worst-case forecast’). This worst-case forecast assumes that revenues until March 2023 are 40% below the base case (marginally below those actually achieved in FY21) and that cost reduction measures, to reflect the reduced level of billings, have been effected. The sensitised forecast does not identify a potential cash flow shortfall in any month and includes the same assumptions for settlement of the outstanding HMRC liabilities as in the base case forecast. The Directors are monitoring actual business performance and cash flow against the base case forecast and the worst-case forecast. Encouragingly, the Group has traded ahead of the revenue, EBITDA and cash flow expectations set out in the base case and the worst-case forecast. Furthermore, in the view of the Directors any temporary cash flow shortfall can be mitigated through the deferment or removal of selected planned marketing, capital expenditure and other scheduled cash outflows. Based on the forecasts and the medium and longer-term planning in place, the Directors have identified that they have a reasonable expectation of being able to reduce costs sufficiently in the required timeframe should revenue levels cause this to be necessary, and that the Group will remain within its currently available facility levels, none of which has any financial covenant compliance requirements. Central to those facilities is the £700,000 unsecured loan facility provided by Andrew Brode which is at present 50% utilised, and which remains in place until at least 31 December 2022, although the Group does also have access to additional liquidity through its uncommitted invoice discounting facility, which is not currently utilised. 38 GRC International Group plc Annual Report and Accounts 2021 Approval is required, prior to the independent auditor commencing any material non-audit work, in accordance with a Group policy approved by the Committee. Certain work, such as providing bookkeeping services and taxation planning advice, is prohibited. The Committee requires that non-audit fees do not have any material negative impact on BDO’s independence. Further, the Committee seeks positive evidence of the independence of the independent auditor through its challenge to management. The Committee regularly reviews all fees for non-audit work paid to the independent auditor. There were no fees paid to BDO LLP for non-audit work in the year ended 31 March 2021. The Committee will continue to keep the area of non-audit work under close review, particularly in the context of developing best practice on auditor’s independence. The Committee regulates the appointment of former employees of the independent auditor to positions in the Group. The independent external auditor also operates procedures designed to safeguard its objectivity and independence. These include the periodic rotation of the senior statutory auditor, use of independent concurring partners, use of a technical review panel (where appropriate) and annual independence confirmations by all staff. The independent auditor reports to the Committee on matters including independence and non-audit work, on an annual basis. Risk management and internal control The Group holds weekly Executive Directors’ meetings to discuss all business matters which includes risks and risk mitigation. Depending on the nature of the risk, it is escalated to the Committee and/or Board meetings for review. The Group’s principal risks and uncertainties and the Board’s approach to mitigation are set out on pages 22 and 23 of the Annual Report. Evaluation of the Committee There are no matters to report to shareholders. Approval This report was approved by the Committee, on behalf of the Board, and signed on its behalf by: Ric Piper Chair of the Audit Committee GRC International Group plc Annual Report and Accounts 2021 39 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT REMUNER ATION COMMIT TEE REPOR T On behalf of the Board, I am pleased to present the Directors’ Remuneration Report for the year ended 31 March 2021. This report is intended to explain how the Remuneration Committee (the ’Committee’) has met its responsibilities. In exercising their roles, the Directors shall have regard to the recommendations put forward in the QCA Code and, where appropriate, the QCA Remuneration Committee Guide and associated guidance. Whilst there is no requirement for companies quoted on AIM to produce a formal Remuneration Report, the Committee prepares this Remuneration Report for information purposes in order to give shareholders, and other users of the financial statements, greater transparency about the way in which the Directors of GRC International Group plc are remunerated. This report sets out the remuneration paid to the Directors for the year ended 31 March 2021 and sets out the remuneration policy for the forthcoming financial year and beyond. We value the views of our shareholders and guidance issued by investor bodies. As Chair of the Committee, I will be available at the AGM to respond to any questions shareholders may raise on any of the Committee’s activities. Aims and objectives The Committee has responsibility for determining the overall remuneration policies and practices within GRC International Group plc, taking into account applicable laws, regulations and the principles of good governance. In particular, the Committee is responsible for: – Setting the remuneration policy for all Executive Directors. – Approving their remuneration packages. – Reviewing the ongoing appropriateness and relevance of the remuneration policy. – Reviewing and approving the overall remuneration spend (fixed and variable) to ensure that evidence exists to demonstrate that awards have been adjusted where appropriate for risk and will not limit the ability to strengthen the capital base. – Approving the design of, and determining targets for, all performance-related incentive plans operated by the Group and approving the total annual payments made under such plans. – Reviewing the design of all share incentive plans for approval by the Board and shareholders. For plans such as these, the Committee will make recommendations to the Board on proposals for the granting of share options, and other equity incentives, pursuant to any employee share option scheme or equity incentive plans in operation from time to time. The Committee’s Terms of Reference can be obtained from the Company Secretary on application via https://www.grci.group/contact. Committee membership, meetings and attendance Membership The Committee comprises two Non-Executive Directors: – Ric Piper (Chairman of the Committee and independent Non- Executive Director); and – Andrew Brode (Chairman of the Board). The Chief Executive Officer and the Finance Director only attend meetings by invitation from the Committee. They are not present when their own remuneration is being discussed. Meetings and attendance The Remuneration Committee met once during the year ended 31 March 2021. The attendance at the Remuneration Committee meetings is set out in the following table. Andrew Brode Ric Piper 1/1 1/1 Remuneration policy objectives The main objective of the Committee is to ensure that the Company’s policy: – Attracts, motivates and retains executives in order to deliver the Group’s strategic goals and business outputs. – Encourages and supports a high-performance sales and service culture. – Adheres to the principles of good corporate governance and appropriate risk management. – Aligns executives with the interests of shareholders and other key stakeholders. We remain committed to a remuneration policy that rewards high individual performance to drive strong results. Basic salary The basic salaries of the Group’s Executive Directors will be reviewed on an annual basis. The Committee seeks to establish a basic salary for each position commensurate with the individual’s responsibilities and performance, taking into account comparable salaries for similar companies of a similar size in the same market. Directors’ remuneration The remuneration of each of the Directors during the year ended 31 March 2021 has been audited as part of the financial statements and is set out in detail below: Directors’ remuneration for the year ended 31 March 2021 £000s Andrew Brode Alan Calder Christopher Hartshorne Stephen Watkins Neil Acworth – left the Board on 17/02/2021 Ric Piper Salary and fees All taxable benefits Annual bonuses Pension – 220 135 115 98 35 – – – – – – – – – – – – – 33 1 1 1 – Total for the year ended 31 March 2021 – 253 136 116 99 35 40 GRC International Group plc Annual Report and Accounts 2021 REMUNER ATION COMMIT TEE REPOR T CONTINUED Directors’ remuneration for the year ended 31 March 2020 £000s Andrew Brode Alan Calder Christopher Hartshorne Stephen Watkins Neil Acworth Ric Piper The Executive Directors have entered into a service agreement with the Company. Each Director’s appointment will be terminable on six months’ notice given by either party and summarily by the Company in certain limited circumstances. Each Director has given certain non-compete and non-solicitation undertakings which will apply during his engagement and in respect of the period of 12 months post termination. Share-based incentive schemes In order to align the interests of shareholders and employees following admission, the Company adopted a new employee share option scheme, as further detailed in the Group’s AIM admission document which is available on the Group’s website at https://www. grci.group/investors. Share options held at 31 March 2021 are set out below: Exercise price (pence per share) Total exercise value Shares Chris Hartshorne 326,760 42.85714 £135,000 Neil Acworth exercised options over 353,920 ordinary shares of 0.1 pence in the Company (’Ordinary Shares’) at a price of 12.71474 pence per share, with 353,920 Ordinary Shares being immediately sold at a price of 20 pence per Ordinary Share. These transactions took place on 29 and 30 September 2020. Following admission in March 2018 options were limited to a further 10% of the nominal value of the shares in issue at 6:00 p.m. (London time) on the date which is three business days following Admission. Options granted following Admission are subject to standard performance conditions, as determined and recommended by the Remuneration Committee in accordance with the plan rules. Directors’ share interests at 31 March 2021 are set out below: Alan Calder Calder family (including Alan’s shares above) Andrew Brode Steve Watkins Ric Piper Chris Hartshorne 29,822,461 shares (29.84%) 31,049,218 shares (31.07%) 13,972,108 shares (13.98%) 3,727,082 shares (3.73%) 319,231 shares (0.32%) 11,760 shares (0.01%) Salary and fees All taxable benefits Annual bonuses Pension – 220 110 115 113 35 – – – – – – – – – – – – – 33 1 1 1 – Total for the year ended 31 March 2020 – 253 111 116 114 35 There has been no changes between 31 March 2021 and the date that this Report was signed. (In the case of Steve Watkins; 13 May 2021, being the date he left the Board.) Other benefits Depending on the exact terms of each individual Executive Director’s service contract with GRC International Group plc, they are entitled to a range of benefits including contributions to pension schemes. Non-Executive Directors The Group has two Non-Executive Directors: Andrew Brode, the Chairman and Ric Piper. Both Non-Executive Directors have letters of appointment. Initially for a three-year period from Admission to AIM in March 2018, appointments are now reviewed annually. The Non-Executive Directors’ letters of appointment do not provide specifically for any termination payments, although the Group might make payments in lieu of notice. Non-Executive Director fees are determined by the Executive Directors, having regard to the requirement to attract high-calibre individuals with the right experience, the time requirements and the responsibilities incumbent on an individual acting as a Non- Executive Director for a company, such as GRC International Group plc, admitted to trading on AIM. The Non-Executive Directors are not eligible for annual discretionary bonuses and do not participate in the Group’s long-term incentive plans. At his request, the Chairman does not receive a Director’s fee or other remuneration. Ric Piper receives an annual fee of £35,000, paid monthly in arrears. Evaluation of the Committee There is nothing to report to shareholders. Approval This report was approved by the Committee, on behalf of the Board, and signed on its behalf by: Ric Piper Chair of the Remuneration Committee GRC International Group plc Annual Report and Accounts 2021 41 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT DIREC TORS’ REPOR T The Directors present their annual report on the affairs of the Group, together with the financial statements and Auditor’s Report, for the year ended 31 March 2021. The Corporate Governance Statement set out on pages 28 and 29 forms part of this report. There have been no significant events since the balance sheet date. An indication of likely future developments in the business of the Company are included in the Strategic Report. Directors The Directors, who served throughout the year, are as follows: – Andrew Brode – Non-Executive Chairman – Alan Calder – Chief Executive Officer – Christopher Hartshorne – Finance Director – Stephen Watkins – Executive Director – Resigned 13 May 2021 – Neil Acworth – Chief Information Officer – Resigned 17 February 2021 – Ric Piper – Independent Non-Executive Director Information about the use of financial instruments by the Company and its subsidiaries is given in notes 19 and 20 to the financial statements. Capital structure and dividends The Board is not proposing a dividend for the year. Details of the authorised and issued share capital, together with details of the movements in the Company’s issued share capital during the year are shown in note 23 to the financial statements. The Company has one class of ordinary shares which carry no right to fixed income. Each share carries the right to one vote at general meetings of the Company. There are no specific restrictions on the size of a holding nor on the transfer of shares, which are both governed by the general provisions of the Articles of Association and prevailing legislation. The Directors are not aware of any agreements between holders of the Company’s shares that may result in restrictions on the transfer of securities or on voting rights. Details of employee share schemes are set out in note 26 to the financial statements. No person has any special rights of control over the Company’s share capital and all issued shares are fully paid. With regard to the appointment and replacement of Directors, the Company is governed by its Articles of Association, the Companies Act 2006 and related legislation. The Articles themselves may be amended by special resolution of the shareholders. The powers of Directors are described in the Main Board Terms of Reference, copies of which are available on request, and the Corporate Governance Statement on pages 28 and 29. Under its Articles of Association, the Company has authority to issue up to 10% of issued share capital. Directors’ indemnities The Company has made qualifying third-party indemnity provisions for the benefit of its Directors which were made during the year and remain in force at the date of this report. Employee consultation The Group places considerable value on the involvement of its employees and has continued to keep them informed on matters affecting them as employees and on the various factors affecting the performance of the Group. This is achieved through formal and informal meetings, the Company magazine and a special edition for employees of the annual financial statements. Employee representatives are consulted regularly on a wide range of matters affecting their current and future interests. The employee share scheme has been running successfully since its inception on 12 February 2018. Options can be granted to any employee or Director within the Group. The Board may set performance or time conditions for vesting. The option holder indemnifies the Company against income tax and national insurance. Options are normally exercisable after they have vested. In addition, all employees receive an annual bonus related to the overall profitability of the Group. R&D activity Research activity is expensed through the income statement as it is incurred. At the point where all relevant recognition criteria are met the expenditure incurred on internally guaranteed intangible fixed assets, where relevant to development activity, is capitalised in line with the Group’s accounting policy. Auditor Each of the persons who is a Director at the date of approval of this Annual Report confirms that: – so far as the Director is aware, there is no relevant audit information of which the Group’s auditor is unaware; and – the Director has taken all the steps that he/she ought to have taken as a Director in order to make himself/herself aware of any relevant audit information and to establish that the Group’s auditor is aware of that information. The Directors’ Report was approved by the Board of Directors and signed on its behalf. Alan Calder Director 28 September 2020 42 GRC International Group plc Annual Report and Accounts 2021 S TATEMENT OF DIREC TORS’ RESPONSIBILITIES The Directors are responsible for preparing the Annual Report and the financial statements in accordance with applicable law and regulations. Company law requires the Directors to prepare financial statements for each financial period. Under that law the Directors have elected to prepare the Group’s Consolidated Financial Statements in accordance with international accounting standards in conformity with the requirements of the Companies Act 2006 and the Company’s Financial Statements in accordance with United Kingdom generally accepted accounting practice (United Kingdom accounting standards and applicable law). Under company law the Directors must not approve the financial statements unless they are satisfied that they give a true and fair view of the state of affairs of the Group and Company and of the profit or loss of the Group for that period. The Directors are also required to prepare financial statements in accordance with the rules of the London Stock Exchange for companies trading securities on the AIM. The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Company’s transactions and disclose with reasonable accuracy at any time the financial position of the Company, and enable them to ensure that the financial statements comply with the requirements of the Companies Act 2006. They are also responsible for safeguarding the assets of the Group, and hence for taking reasonable steps for the prevention and detection of fraud and other irregularities. The Directors are responsible for ensuring the Annual Report and the financial statements are made available on a website. Financial statements are published on the Group’s website in accordance with legislation in the United Kingdom governing the preparation and dissemination of financial statements, which may vary from legislation in other jurisdictions. The maintenance and integrity of the Group’s website is the responsibility of the Directors. The Directors’ responsibility also extends to the ongoing integrity of the financial statements contained therein. In preparing these financial statements, the Directors are required to: – select suitable accounting policies and then apply them consistently; – make judgements and accounting estimates that are reasonable and prudent; – state whether they have been prepared in accordance with IFRS as adopted by the European Union, subject to any material departures disclosed and explained in the financial statements; and – prepare the financial statements on a going concern basis unless it is inappropriate to presume that the Group will continue in business. GRC International Group plc Annual Report and Accounts 2021 43 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT INDEPENDENT AUDITOR'S REPOR T TO THE MEMBERS OF GRC INTERNATIONAL GROUP PLC Opinion on the financial statements In our opinion: – the financial statements give a true and fair view of the state of the Group’s and of the Parent Company’s affairs as at 31 March 2021 and of the Group’s loss for the year then ended; – the Group financial statements have been properly prepared in accordance with international accounting standards in conformity with the requirements of the Companies Act 2006; – the Parent Company financial statements have been properly prepared in accordance with United Kingdom Generally Accepted Accounting Practice; and – the financial statements have been prepared in accordance with the requirements of the Companies Act 2006. We have audited the financial statements of GRC International plc (the ‘Parent Company’) and its subsidiaries (the ‘Group’) for the year ended 31 March 2021 which comprise the Consolidated Income Statement, the Consolidated Statement of Comprehensive Income, the Consolidated Balance Sheet, the Consolidated Statement of Changes in Equity, the Consolidated Statement of Cash Flows, the Company Balance Sheet, the Company Statement of Changes in Equity and the notes to the financial statements, including a summary of significant accounting policies. The financial reporting framework that has been applied in the preparation of the Group financial statements is applicable law and international accounting standards in conformity with the requirements of the Companies Act 2006. The financial reporting framework that has been applied in the preparation of the Parent Company financial statements is applicable law and United Kingdom Accounting Standards, including Financial Reporting Standard 101 Reduced Disclosure Framework (United Kingdom Generally Accepted Accounting Practice). Basis for opinion We conducted our audit in accordance with International Standards on Auditing (UK) (‘ISAs (UK)’) and applicable law. Our responsibilities under those standards are further described in the ‘Auditor’s responsibilities for the audit of the financial statements‘ section of our report. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion. Independence We remain independent of the Group and the Parent Company in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied to listed entities, and we have fulfilled our other ethical responsibilities in accordance with these requirements. Material uncertainty related to going concern We draw attention to note 1 to the financial statements which states that the ability of the Group and Parent Company to continue as a going concern is reliant upon both the continuing recovery of the Group’s trading performance following the effects of the COVID-19 pandemic and the ability of the Group to continue to meet its existing liabilities, as well as settlement of legacy liabilities that are past due, some of which have no formal arrangement in place. If the Group’s past-due current liabilities (not subject to payment plans) are demanded sooner than expected and the effect of COVID-19 on the Group’s future trading is more prolonged or severe than the Directors’ expectations, the two events combined would impact the Group’s ability to generate sufficient positive cash flows and the Parent Company would be required to raise additional funding in order to meet its and the Group’s liabilities, with no guarantee such funding would be secured. These conditions indicate a material uncertainty exists that may cast significant doubt on the Group’s and Parent Company’s ability to continue as a going concern. Our opinion is not modified in respect of this matter. Given the conditions and uncertainties noted above, we considered going concern to be a key audit matter. Our response to the key audit matter included: – we examined the terms of the Group’s borrowing arrangements and made enquiries as to the Group’s repayment plans for HMRC liabilities and certain other amounts which were due but had not been settled as at the year end; – we critically assessed the Directors’ financial forecasts and the underlying key assumptions, including operating and capital expenditure and forecast income. In doing so, we considered factors such as whether the forecast operating expenditure is reasonable in light of historic levels of expenditure and reliability of revenue forecasting by reference to historic revenue generation run rates; – we tested the mathematical accuracy of the going concern model prepared by management and the underlying calculations used within it; – we compared data on the Group’s expected cash outflows in relation to its liabilities as at the last practical date for which information was available post year end to the forecast trading scenarios and sensitivity analysis used by the Directors to assess the Group’s and Parent Company’s ability to meet its financial obligations over a period of at least 12 months after the approval of these financial statements; – we gained an understanding of the Directors’ plans in relation to both the timing and quantum of cost reduction measures that could be taken in the event that revenue levels were not sustained at a level that would enable the Group’s operations to generate sufficient positive cash flows; and – we evaluated the adequacy of disclosures made in the financial statements in respect of going concern. 44 GRC International Group plc Annual Report and Accounts 2021 In auditing the financial statements, we have concluded that the Directors’ use of the going concern basis of accounting in the preparation of the financial statements is appropriate. Our responsibilities and the responsibilities of the Directors with respect to going concern are described in the relevant sections of this report. Overview Coverage1 82% (2020: 93%) of Group loss before tax, with a further 10% being covered through targeted audit procedures. 84% (2020: 92%) of Group revenue 90% (2020: 90%) of Group total assets, with a further 5% being covered through targeted audit procedures. Key audit matters Going concern Revenue recognition Impairment of goodwill and intangible assets 2021 2020 Materiality Group financial statements as a whole £180,000 (2020: £230,000) based on 1.6% (2020: 1.6%) of revenue 1 These are areas which have been subject to a full scope audit or targeted audit procedures by the Group engagement team. An overview of the scope of our audit Our Group audit was scoped by obtaining an understanding of the Group and its environment, including the Group’s system of internal control, and assessing the risks of material misstatement in the financial statements. We also addressed the risk of management override of internal controls, including assessing whether there was evidence of bias by the Directors that may have represented a risk of material misstatement. We identified three significant components (2020: three) in the Group, which were subject to full scope audits. Excluding dormant subsidiaries, we assessed seven (2020: seven) Group companies (five UK subsidiaries and two overseas subsidiaries) as non-significant components on the grounds of their size and assessed risk of material misstatement to the Group financial statements. We performed targeted audit procedures on one overseas and one UK non-significant component according to our assessment of risk across the Group, as well as analytical procedures on the remaining non-significant components. The Group audit team was responsible for the component audits of all significant components and the procedures performed in relation to non-significant components. The coverage we obtained over the Group’s loss before tax, revenue and total assets are summarised above. GRC International Group plc Annual Report and Accounts 2021 45 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT INDEPENDENT AUDITOR'S REPOR T TO THE MEMBERS OF GRC INTERNATIONAL GROUP PLC CONTINUED Key audit matters Key audit matters are those matters that, in our professional judgement, were of most significance in our audit of the financial statements of the current period and include the most significant assessed risks of material misstatement (whether or not due to fraud) that we identified, including those which had the greatest effect on the overall audit strategy, the allocation of resources in the audit, and directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters. Revenue recognition Key Audit Matter The Group’s accounting policy for revenue recognition is disclosed on pages 55 to 57 and the financial statements disclose further detail concerning the Group’s revenues in note 2. The Group’s revenue of £11.8 million (2020: £14.1 million) is generated from a number of different revenue streams. We evaluated in our planning the risks we expected would be present across revenue as a whole, as well as the risks specific to each stream. We considered that a significant risk of material misstatement existed in all revenue streams, in relation to the possibility of overstatement. We formed this assessment having considered the susceptibility of the financial statements to fraud risks, such as may arise in the posting of unauthorised entries and we identified that the risk was most likely to present itself in the Consultancy and Software revenue streams in the non-deferral of revenues invoiced pre year end but earned post year end, because of the nature of the Group’s contracts and invoicing arrangements. Whilst considered less susceptible to errors of judgement, we also considered cut off in other revenue streams such as Learning to pose a significant risk of material misstatement. How the scope of our audit addressed the key audit matter Our procedures across revenues as a whole included testing of supporting documentation including contracts, records of delivery or of performance of the service, from sources outside the Group or from systems independent of the Group’s accounting systems. Our work was planned to test both information in the accounting system as well as outside of the accounting system in such a way as to ensure that revenues existed and were accurately recorded, and where appropriate the relevant proportion of amounts invoiced prior to the year end were deferred into future periods where the Group’s performance obligations had not been fully satisfied at the reporting date. For each stream we performed cut off testing, agreeing relevant documentation as set out above to ledger entries, based on a representative sample of revenues invoiced pre year end and post year end. Using data interrogation software, we conducted a targeted procedure on journal entries posted to revenue to enable us to confirm that entries recorded in revenue arose from valid transactions processed in line with the Group's accounting policies. Key observations Nothing has come to our attention as a result of performing the above procedures that causes us to believe that a material misstatement is present in respect of revenue recognition. 46 GRC International Group plc Annual Report and Accounts 2021 Impairment of goodwill and intangible assets Key Audit Matter The Group’s accounting policy for impairment is disclosed on page 59 and the financial statements disclose further detail concerning the Group’s impairment testing in notes 10 and 11. In accordance with IAS 36, goodwill is tested for impairment annually and other non-current tangible assets with finite lives are tested for impairment whenever an indicator of impairment arises. The Group’s goodwill balance is included in the DQM cash-generating unit (’CGU’), along with the Group’s acquired finite-lived intangible assets. The Group’s internally-generated intangible assets are included in the GRC cash-generating unit. Having identified indicators of impairment in the GRC CGU, management performed impairment tests on a value in use basis in respect of both of the Group’s CGUs. The preparation of impairment tests under IAS 36 requires significant management judgement over the timing and degree of certainty attaching to forecast net cash flows and the rate at which those future cash flows should be discounted to present value. The degree of management judgement involved and the sensitivity of the conclusion to changes in key assumptions was the reason we assessed this area to be significant in our audit. The recoverable amount of both of the Group’s CGUs was assessed as being higher than its carrying value at the reporting date and therefore, management concluded that the goodwill and intangible assets were not impaired. How the scope of our audit addressed the key audit matter Our work on the impairment tests prepared by management had a dual focus: firstly, to ensure the models were mechanically accurate and prepared in accordance with the detailed requirements of IAS 36 and secondly, to ensure that the assumptions regarding future cash flows and the rate at which they had been discounted were appropriate to the respective CGUs’ circumstances. We used internal valuations specialists in order to assist with our interrogation of the impairment testing models. This work also included evaluation of historic trading and macro-economic factors. Our audit procedures relating to the operating cash flows included analysis of CGU performance trends, post year end performance and key assumptions relating to revenue levels and projected operating cost levels. Having made enquiries of the Group’s development operations senior management personnel and reviewed development projects undertaken in the year, we were able to assess whether any additional impairment indicators in respect of specific internally-developed intangible assets within the CGU were present. Key observations Nothing has come to our attention as a result of performing the above procedures that causes us to believe that a material misstatement is present in respect of impairment of goodwill and intangible assets. Our application of materiality We apply the concept of materiality both in planning and performing our audit, and in evaluating the effect of misstatements. We consider materiality to be the magnitude by which misstatements, including omissions, could influence the economic decisions of reasonable users that are taken on the basis of the financial statements. In order to reduce to an appropriately low level the probability that any misstatements exceed materiality, we use a lower materiality level, performance materiality, to determine the extent of testing needed. Importantly, misstatements below these levels will not necessarily be evaluated as immaterial as we also take account of the nature of identified misstatements, and the particular circumstances of their occurrence, when evaluating their effect on the financial statements as a whole. GRC International Group plc Annual Report and Accounts 2021 47 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT INDEPENDENT AUDITOR'S REPOR T TO THE MEMBERS OF GRC INTERNATIONAL GROUP PLC CONTINUED Based on our professional judgement, we determined materiality for the financial statements as a whole and performance materiality as follows: Group financial statements Parent Company financial statements 2021 £’000 180 2020 £’000 230 2021 £’000 140 2020 £’000 171 Set based on 1.6% of revenue Set based on 1.7% of total assets capped at a proportion of Group materiality We considered revenue to be the most appropriate performance measure as it reflects the volume of business undertaken by the Group, which is a key measure of performance for the Group at this stage in its life cycle. 117 143 87 107 Set based on 65% (2020:62.5%) of materiality following evaluation inter alia of the expected total value of known and likely misstatements and the nature of our planned testing. Materiality Basis for determining materiality Rationale for the benchmark applied Performance materiality Basis for determining performance materiality Component materiality We set materiality for each component of the Group based on a percentage of between 20% and 78% (2020: between 20% and 75%) of Group materiality dependent on the size and our assessment of the risk of material misstatement of that component. Component materiality ranged from £37,000 to £140,000 (2020: £46,000 to £171,000). In the audit of each significant component, we further applied performance materiality levels of 65% (2020:62.5%) of the component materiality to our testing to ensure that the risk of errors exceeding component materiality was appropriately mitigated. Reporting threshold We agreed with the Audit Committee that we would report to them all individual audit differences in excess of £4,500 (2020: £5,700). We also agreed to report differences below this threshold that, in our view, warranted reporting on qualitative grounds. Other information The Directors are responsible for the other information. The other information comprises the information included in the Annual Report other than the financial statements and our auditor’s report thereon. Our opinion on the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon. Our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the course of the audit, or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether this gives rise to a material misstatement in the financial statements themselves. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact. We have nothing to report in this regard. Other Companies Act 2006 reporting Based on the responsibilities described below and our work performed during the course of the audit, we are required by the Companies Act 2006 and ISAs (UK) to report on certain opinions and matters as described below. Strategic Report and Directors’ Report In our opinion, based on the work undertaken in the course of the audit: – the information given in the Strategic Report and the Directors’ Report for the financial year for which the financial statements are prepared is consistent with the financial statements; and – the Strategic Report and the Directors’ Report have been prepared in accordance with applicable legal requirements. In the light of the knowledge and understanding of the Group and Parent Company and its environment obtained in the course of the audit, we have not identified material misstatements in the Strategic Report or the Directors’ Report. Matters on which we are required to report by exception We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires us to report to you if, in our opinion: – adequate accounting records have not been kept by the Parent Company, or returns adequate for our audit have not been received from branches not visited by us; or – the Parent Company financial statements are not in agreement with the accounting records and returns; or – certain disclosures of Directors’ remuneration specified by law are not made; or – we have not received all the information and explanations we require for our audit. 48 GRC International Group plc Annual Report and Accounts 2021 Responsibilities of Directors As explained more fully in the Statement of Directors’ Responsibilities, the Directors are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the Directors determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error. In preparing the financial statements, the Directors are responsible for assessing the Group’s and the Parent Company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the Directors either intend to liquidate the Group or the Parent Company or to cease operations, or have no realistic alternative but to do so. Auditor’s responsibilities for the audit of the financial statements Our objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in the aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements. Extent to which the audit was capable of detecting irregularities, including fraud Irregularities, including fraud, are instances of non-compliance with laws and regulations. We design procedures in line with our responsibilities, outlined above, to detect material misstatements in respect of irregularities, including fraud. The extent to which our procedures are capable of detecting irregularities, including fraud is detailed below. The objectives of our audit, in respect to fraud, are: to identify and assess the risks of material misstatement of the financial statements due to fraud; to obtain sufficient appropriate audit evidence regarding the assessed risks of material misstatement due to fraud through designing and implementing appropriate responses; and to respond appropriately to fraud or suspected fraud identified in the audit. However, the primary responsibility for the prevention and detection of fraud rests with both those charged with governance of the entity and management. Our approach was as follows: – We obtained an understanding of the legal and regulatory frameworks that are applicable to the Group and the industries in which it operates, and considered the risk of acts by the Group that would be contrary to applicable laws and regulations, including due to fraud. We designed audit procedures at Group and significant component levels to respond to the risk. We performed procedures focused on ensuring compliance with laws and regulations that could give rise to a material misstatement in the financial statements including, but not limited to, the Companies Act 2006 and relevant tax legislation. – We understood how the Group complies with legal and regulatory frameworks by making enquiries of management and those responsible for legal and compliance procedures. We corroborated our enquiries through our review of Board minutes. – We assessed the susceptibility of the Group’s financial statements to material misstatement, including how fraud might occur by meeting with management to understand where it is considered there was a susceptibility of fraud. We also considered potential fraud drivers including financial or other pressures, opportunity, and personal or corporate motivations. We considered the programmes and controls that the Group has established to address risks identified, or that otherwise prevent, deter and detect fraud and how senior management monitors those programmes and controls. Where the risk was considered to be higher, we performed audit procedures to address each identified fraud risk. These procedures included testing journals and challenging assumptions made by management in key areas of estimation uncertainty or judgement, for example in revenue recognition policy application and in financial and non-financial asset valuations, including but not limited to intangible assets and receivables. We refer to the key audit matters above in relation to revenue recognition and non-financial asset impairment risks. – We also communicated relevant identified laws and regulations and potential fraud risks to all engagement team members and remained alert to any indications of fraud or non-compliance with laws and regulations throughout the audit. Our audit procedures were designed to respond to risks of material misstatement in the financial statements, recognising that the risk of not detecting a material misstatement due to fraud is higher than the risk of not detecting one resulting from error, as fraud may involve deliberate concealment by, for example, forgery, misrepresentations or through collusion. There are inherent limitations in the audit procedures performed and the further removed non-compliance with laws and regulations is from the events and transactions reflected in the financial statements, the less likely we are to become aware of it. A further description of our responsibilities is available on the Financial Reporting Council’s website at: www.frc.org.uk/ auditorsresponsibilities. This description forms part of our auditor’s report. Use of our report This report is made solely to the Parent Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Parent Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Parent Company and the Parent Company’s members as a body, for our audit work, for this report, or for the opinions we have formed. Tim Neathercoat (Senior Statutory Auditor) For and on behalf of BDO LLP, Statutory Auditor London 28 September 2021 BDO LLP is a limited liability partnership registered in England and Wales (with registered number OC305127). GRC International Group plc Annual Report and Accounts 2021 49 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT CONSOLIDATED INCOME S TATEMENT FOR THE Y E AR ENDED 31 MARCH Revenue Cost of sales Gross profit Administrative expenses: – Other administrative expenses – Exceptional administrative expenses Total administrative expenses Other operating income Operating loss Net finance costs Share of post-tax loss of equity-accounted joint ventures Loss before taxation Taxation Loss for the financial year Loss for the financial year attributable to: Equity shareholders of the parent Basic loss per share (pence) Diluted loss per share (pence) All of the Group’s loss relates to continuing operations. Notes 2 4 3 4 4 6 7 8 8 2021 £’000 11,760 (5,614) 6,146 (8,882) – (8,882) 148 (2,588) (247) – (2,835) 264 (2,571) (2,571) (2.58) (2.58) 2020 £’000 14,146 (6,082) 8,064 (11,230) (358) (11,588) 99 (3,425) (222) (4) (3,651) 445 (3,206) (3,206) (4.67) (4.67) The accompanying accounting policies and notes form an integral part of these financial statements. CONSOLIDATED S TATEMENT OF COMPREHENSIVE INCOME FOR THE Y E AR ENDED 31 MARCH Loss for the year Other comprehensive profit/(loss) – items that may subsequently be reclassified to profit/loss: Exchange differences on translation of foreign operations Other comprehensive profit/(loss) for the financial year Total comprehensive loss for the financial year Total comprehensive loss attributable to equity shareholders of the parent The accompanying accounting policies and notes form an integral part of these financial statements. 2021 £’000 (2,571) 4 4 (2,567) (2,567) 2020 £’000 (3,206) (6) (6) (3,212) (3,212) 50 GRC International Group plc Annual Report and Accounts 2021 CONSOLIDATED BAL ANCE SHEE T A S AT 31 MARCH Assets Non-current assets Goodwill Intangible assets Property, plant and equipment Investments in equity-accounted joint ventures Deferred tax asset Current assets Inventories Trade and other receivables Cash at bank Current tax Current liabilities Trade and other payables Borrowings Contingent consideration Lease liabilities Current tax Net current liabilities Non-current liabilities Borrowings Lease liabilities Deferred tax liability Net assets Equity Share capital Share premium Merger reserve Share-based payment reserve Translation reserve Accumulated deficit Total equity Notes 2021 £’000 2020 £’000 10 11 12 7 13 14 15 16 17 19 21 7 17 21 7 23 6,804 5,765 426 7 – 13,002 33 1,694 233 – 1,960 (5,986) (863) – (197) (127) (7,173) (5,213) (460) (83) (340) (883) 6,906 100 13,227 4,276 126 (8) (10,815) 6,906 6,804 5,706 783 7 144 13,444 61 2,247 245 76 2,629 (3,629) (1,446) (100) (201) – (5,376) (2,747) (401) (286) (582) (1,269) 9,428 100 13,182 4,276 171 (12) (8,289) 9,428 The financial statements were approved by the Board of Directors and authorised for issue on 28 September 2021 and were signed on its behalf by: Chris Hartshorne Director Company registration number: 11036180 The accompanying accounting policies and notes form an integral part of these financial statements. GRC International Group plc Annual Report and Accounts 2021 51 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT CONSOLIDATED S TATEMENT OF CHANGES IN EQUIT Y FOR THE Y E AR ENDED 31 MARCH For the year ended 31 March 2021 Balance at 1 April 2020 Loss for the year Foreign exchange difference on consolidation Total comprehensive loss for the year Shares issued Transactions with owners At 31 March 2021 For the year ended 31 March 2020 Balance at 1 April 2019 Loss for the year Foreign exchange difference on consolidation Total comprehensive loss for the year Deferred tax on share-based payments Shares issued Cost of share issue Transactions with owners At 31 March 2020 Share capital £ 100 – – Share premium £ 13,182 – – – – – – 45 45 Merger reserve £ 4,276 – – – – – Share-based payment reserve £ Retained earnings £ Translation reserve £ 171 – – (8,289) (2,571) – – (2,571) (45) (45) 45 45 (12) – 4 4 – – Total £ 9,428 (2,571) 4 (2,567) 45 45 100 13,227 4,276 126 (10,815) (8) 6,906 Share capital £ Share premium £ Merger reserve £ Share-based payment reserve £ Retained earnings £ Translation reserve £ 64 – – – – 36 – 36 9,588 – – – – 3,725 (131) 3,594 100 13,182 2,353 – – – – 1,923 – 1,923 4,276 440 – – – (269) – – (269) 171 (5,083) (3,206) – (3,206) – – – – (6) – (6) (6) – – – – (8,289) (12) Total £ 7,356 (3,206) (6) (3,212) (269) 5,684 (131) 5,284 9,428 The accompanying accounting policies and notes form an integral part of these financial statements. 52 GRC International Group plc Annual Report and Accounts 2021 CONSOLIDATED S TATEMENT OF C A SH FLOWS FOR THE Y E AR ENDED 31 MARCH Cash flows from operating activities Loss before tax Depreciation Amortisation Loss on disposal of fixed assets Foreign exchange gains Share of post-tax loss of equity-accounted joint ventures Finance costs Operating cash flows before changes in working capital Net cash from operations Taxation refund Decrease in inventories Decrease in trade and other receivables Increase/(decrease) in trade and other payables Net cash inflow/(outflow) from operating activities Cash flows from investing activities Settlement of contingent consideration Purchase of intangible assets Purchase of plant and equipment Net cash outflow from investing activities Net cash flows from financing activities Proceeds from issue of shares Costs of share issue Repayment of acquired contingent consideration liability Proceeds from borrowings Repayment of borrowings Interest paid Interest on lease liability on right-of-use asset Payments of lease liabilities on right-of-use asset Capital element of finance lease payments Net cash (outflow)/inflow from financing activities Net (decrease)/increase in cash and cash equivalents Cash and cash equivalents at beginning of financial year Effects of exchange rate changes on cash and cash equivalents Cash and cash equivalents at end of financial year Comprising Cash at bank The accompanying accounting policies and notes form an integral part of the financial statements. Notes 11 19 11 24 19 17 17 17 21 21 15 2021 £’000 2020 £’000 (2,835) 350 1,107 4 (22) – 247 (1,149) 187 28 588 2,560 2,214 – (1,168) (35) (1,203) – – (100) 710 (1,249) (186) (43) (168) – (1,036) (25) 245 13 233 233 (3,651) 386 1,180 – (22) 4 222 (1,881) – 3 625 (815) (2,068) (1,626) (1,124) (11) (2,761) 3,750 (130) (100) 2,356 (568) (134) (60) (181) (6) 4,927 98 147 – 245 245 GRC International Group plc Annual Report and Accounts 2021 53 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION GRC International Group plc (GRC International Group or ’the Company’) is a public limited company limited by shares, incorporated and domiciled in England and Wales. The registered company number is 11036180 and the registered office is Unit 3 Clive Court, Bartholemew’s Walk, Cambridgeshire Business Park, Ely, Cambridgeshire, CB7 4EA. The principal activities of GRC International Group plc and its subsidiary companies (together, the ’Group’) are those of a one-stop shop for IT Governance including books, tools, learning and consultancy services. The Directors of GRC International Group are responsible for the financial information and contents of the consolidated financial statements. Principal accounting policies Basis of preparation The consolidated financial statements of GRC International Group plc and entities controlled by the Company (its subsidiaries) for the years presented has been prepared in accordance with international accounting standards in conformity with the requirements of the Companies Act 2006. The consolidated financial statements have been prepared on a historical cost basis, except for the measurement of the contingent consideration which is carried at its fair value. Basis of consolidation The results for the year ended 31 March 2021 and 31 March 2020 include the results of GRC International Group plc and its subsidiaries. A subsidiary is a company controlled directly by the Group. Control is achieved where the Group has the power over the investee, rights to variable returns and the ability to use the power to affect the investee’s returns. Income and expenses of subsidiaries acquired during the year are included in the Consolidated Income Statement from the effective date of control. When necessary, adjustments are made to the financial statements of subsidiaries to bring their accounting policies into line with those used by the Group. All intra-Group transactions, balances, income and expenses are eliminated in full on consolidation. The principal accounting policies adopted are set out below. These accounting policies comply with each IFRS that is mandatory for accounting periods ending on 31 March 2021. Going concern The Group has recorded a loss for the year of £2.6 million (2020: £3.2 million) and at 31 March 2021 its current liabilities exceeded its current assets by £5.2 million (2020: £2.7 million). Notwithstanding this, the Directors consider it appropriate to prepare the financial statements on a going concern basis. The key considerations relating to this judgement are described below. As set out above, the Group went through a transitional year of restructuring in FY20 and was looking forward to a strong FY21, continuing its H2 FY20 momentum and anticipating profitable results for the year. However, the global COVID-19 pandemic led to an immediate reduction in monthly billings as customers delayed projects, reduced spend seen as not immediately critical to day-to-day operations and focused on establishing new business processes and procedures to survive the short term. This unprecedented trading environment resulted in a reduction in revenues for April and May 2020, followed initially by a strong V-shaped recovery, but then a period of mixed results through the summer as the economy stuttered in an environment of ever-changing regulations and guidance. From late in Q3 the Group saw genuine performance improvements with momentum building through the rest of the year, and performance back to consistently positive monthly EBITDA before the year end and into the new financial year. In response to the pandemic the Board revisited its FY21 and FY22 forecasts, increased the regularity of its short and medium-term cash flow planning, implemented a number of key cost reduction measures and took advantage of government initiatives that have been introduced in the geographies that the Group operates in order to preserve liquidity, supplemented by deferring the payment of certain liabilities to HMRC which amounted to approximately £1.6 million. Additionally, in March 2021 certain subsidiaries of the Group joined the HMRC VAT deferral scheme to defer repayment of VAT liabilities totalling £0.4 million falling due in FY21 until FY22. Notwithstanding some easing of trading conditions and subsequent improvement in performance since the outbreak of the global pandemic reached the United Kingdom (which represents around 82% of the Group’s revenue in FY21), the Directors acknowledge that trading conditions will remain uncertain for the foreseeable future. Those uncertainties include: – The possibility of further local or national restrictions. – The lack of visibility over future levels of revenue in the context of weakened demand for the Group’s products and services. – Should the Group need to further reduce its scalable cost base, its ability to make those adjustments and realise the benefits from doing that on a timely basis. – The continued availability of existing financing, including HMRC arrangements (see below), existing borrowings and flexibility allowed by suppliers. – The ability to access new financing, including further government support in its various forms, sufficient to fund any further cash requirement over the foreseeable future. 54 GRC International Group plc Annual Report and Accounts 2021 To assess going concern the Directors prepared an integrated profit and loss, balance sheet and cash flow forecast by month to 31 March 2023. The Group’s base case forecast identifies that through the going concern review period the Group is able to meet its liabilities as they fall due and make settlement of the outstanding HMRC liabilities through FY22 in equal monthly instalments. The majority of the deferred payroll tax liabilities owed are now covered by formal ‘time to pay’ repayment plans agreed with HMRC. The repayment plans differ across the trading entities within the Group, but all split the deferred balance into equal monthly instalments, with the full balance being repaid by September 2022, and the balance owing as at the date of this report being £1.0 million. The Directors are in discussions with HMRC to agree the repayment plan for the remainder of the balance not yet covered by formal ‘time to pay’ arrangements and expect this to be formalised imminently. Additionally, the Directors prepared a sensitised forecast to the base case forecast where the COVID-19 pandemic was more prolonged than envisaged by the Directors at the time (the ‘worst-case forecast’). This worst-case forecast assumes that revenues between August 2021 and March 2023 are 40% below the base case (marginally below those actually achieved in FY21) and that cost reduction measures, to reflect the reduced level of billings, have been effected. The worst-case forecast does not identify a potential cash flow shortfall in any month and includes the same assumptions for settlement of the outstanding HMRC liabilities as in the base case forecast. The Directors are monitoring actual business performance and cash flow against the base case forecast and the worst-case forecast. Encouragingly, the Group has traded ahead of the revenue, EBITDA and cash flow expectations set out in the base case and the worst-case forecast. Furthermore, in the view of the Directors, any temporary cash flow shortfall can be mitigated through the deferment or removal of selected planned marketing, capital expenditure and other scheduled cash outflows. Based on the forecasts and the medium and longer-term planning in place, the Directors have identified that they have a reasonable expectation of being able to reduce costs sufficiently in the required timeframe should revenue levels cause this to be necessary, and that the Group will remain within its currently available facility levels, none of which has any financial covenant compliance requirements. Central to those facilities is the £700,000 unsecured loan facility provided by Andrew Brode which is at present 50% utilised, and which remains in place until at least 31 December 2022, although the Group does also have access to additional liquidity through its invoice discounting facility, which is not currently utilised. The Directors have reviewed the Group’s forecasts and projections to 31 March 2023 which, taking account of reasonably possible changes in trading performance, show that the Group is able to generate sufficient liquidity to continue in operational existence for the foreseeable future. On this basis, the Directors believe that the Group will be able to generate sufficient cash through its normal business trading to enable it to continue its operations, and continue to meet, as and when they fall due, its planned and committed liabilities for at least the next 12 months from the date of this report. For this reason, the Directors continue to adopt the going concern basis in the preparation of its financial statements. However, should the Group not be able to generate cash inflows sufficient to meet its current operational obligations and legacy deferred obligations as they fall due, it would need to secure additional funding with no guarantee such funding would be secured. These circumstances indicate the existence of a material uncertainty which may cast significant doubt over the Group’s and Company's ability to continue as a going concern. The financial statements do not include the adjustments that would be required should the going concern basis of preparation no longer be appropriate. Revenue The type of products and range of services sold across the Group fall within the following four revenue streams: – Consultancy – Publishing/Distribution – Learning – Software To determine whether to recognise revenue, the Group follows a five-step process: 1. Identifying the contract with a customer; 2. Identifying the performance obligations; 3. Determining the transaction price; 4. Allocating the transaction price to the performance obligations; 5. Recognising revenue when/as performance obligation(s) are satisfied. Revenue is recognised either at a point in time or over time, when the Group satisfies performance obligations by transferring the promised goods or services to its customer. The Group often enters into transactions involving a range of the Group’s products and services, for example for the delivery of consultancy, training, software and related after-sales service. In all cases, the total transaction price for a contract is allocated net of discounts amongst the various performance obligations based on their relative stand-alone selling prices. The transaction price for a contract excludes any amounts collected on behalf of third parties. GRC International Group plc Annual Report and Accounts 2021 55 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION CONTINUED Revenue continued The Group recognises contract liabilities for consideration received in respect of unsatisfied performance obligations and reports these amounts as deferred income in the statement of financial position. Similarly, if the Group satisfies a performance obligation before it receives the consideration, the Group recognises either a contract asset or a receivable in its statement of financial position, depending on whether something other than the passage of time is required before the consideration is due. In practice, contract assets rarely arise due to the timing of invoices raised under the terms of the Group’s contracts. All material contracts which span a financial reporting period will be reviewed on an individual basis with the five-step application of IFRS 15 applied, based upon the type of product sold. Customer rights to refunds are limited and are not considered material to the financial statements. Products and services Nature, timing of satisfaction of performance obligations and significant payment terms Consultancy – On-site and remote support consulting services, helping organisations to design and implement data protection and cyber security policies and procedures. Publishing/Distribution – The Group sells books, documentation templates and software via its websites, both that it publishes or writes itself, and also supplied by third parties. The Group also creates and sells sets of documentation templates that are used by customers to assist them to document IT systems and procedures. The Group recognises revenue over time as the services in the contract are performed, generally based on the consultants’ estimates of the progress of the work. Revenue from consultancy services which are either a performance obligation within a larger arrangement or are sold on a stand-alone basis is generally recognised over time where the Group agrees to provide labour hours/days. Contracts state a broad list of activities that the services may include. The contracts state daily/hourly rates and estimated amounts to be billed. Contracts state that the Group will not exceed the total amount without prior written approval. Where the performance obligations within an agreement are considered to represent services that are substantially the same, these will form a single performance obligation with labour days/hours representing the progress measure. Several contracts define the only obligation as support for customer-led projects, and again in these cases it will be considered that there is one performance obligation with labour hours being the progress measure. Revenue is recognised over a time, when a) the Group’s performance does not create an asset with an alternative use to the Group and b) the entity has an enforceable right for performance completed to date. This is true for all services provided on a time basis. The Group recognises revenue at the point in time when control of the asset is transferred to the customer. The product becomes under the control of the customer when the book/software/toolkit is delivered to them. This is when the customer has legal title to the asset or has physical possession of the asset. For the sale of physical soft copy books and CD-ROMs, revenue is recognised when the goods are delivered. For the sale of downloadable books, revenue is recognised when the goods are made available to download by the customer. Where a product with a subscription or licence is sold on behalf of a third party the revenue is recognised straight away as the Group has completed its performance obligation. The full cost of the product sold by the Group in respect of a third-party sale is charged to the Income Statement when the revenue is recognised. 56 GRC International Group plc Annual Report and Accounts 2021 Products and services Nature, timing of satisfaction of performance obligations and significant payment terms Learning – The Group sells ’in person’ classroom-based training courses related to data protection, cyber security, ISO 27001 certification and related topics. The courses range from one to five days in length and are held at hired premises. The Group also provides courses at customers’ premises for organisations that require training for a number of their employees. The courses are aimed at various different areas of IT governance and at different skill levels. Software – The Group creates and sells software solutions. Maintenance and Support (’M&S’) arrangements are usually sold on a stand- alone basis as a renewal of an existing arrangement usually running over a 12-month period. Generally, the first time M&S is sold is when the customer initially buys the software. There are no material rights to consider in connection with renewal options. Revenue is recognised on ‘Classroom Based Training Courses’ and ‘Online Training Courses’ over the duration of the Training Course. Revenue is recognised on ‘Distance Learning Based Training Courses,’ when the customer gains control of the course material, at the date the online course is made available to them. Once the course is made available the Group has fulfilled its contractual obligation to deliver. The date the user accesses and uses the course is not considered relevant. Revenue is recognised on ‘e-Learning Courses’ dependent on the type of service provided. ‘e-Learning’ is split into four types: – e-Learning Hosting Services – An additional annual fee for LMS (Learning Management System) hosting of the e-learning courses. Customers are not obliged to but can buy our standard ‘off-the-shelf’ ‘Hosting’ area. All hosted client courses will be hosted on our LMS. Each client will be given their own space, which can be branded with their logo and company colours. The e-learning course files hosted on our LMS will be the same for all clients, and each client will have a space in the course layout to add any extra information they need, such as documents, links and contact details. Revenue is recognised on ‘e-Learning Hosting Services’ over time as the customer has access to the hosting area. Revenue is then pro-rated equally over the period (normally 12 months) to which the service relates. – Revenue is recognised on ‘e-Learning Courses’ when the customer obtains control. The course becomes under the control of the customer when the online course is made available to access. – e-Learning Set Up Costs – Organisations/customers can contract the Group to ‘customise’ the e-learning courses to their organisation’s specifications (i.e. company logo/branding etc.). Revenue is recognised on ‘e-Learning Set Up Costs’ when the customer obtains control of the course material. The product becomes under the control of the customer when the online courses are made available to access. – e-Learning Training – Organisations/customers can contract the Group to provide training for the e-learning courses. This is a one-off fee and the Training is a pre-agreed number of hours or days as requested by the customer. Revenue is recognised on ‘e-Learning Training’ when the customer gains control. The product comes under the control of the customer on the first day of the Training Course. Revenue from the sale of software for a fixed fee is recognised when or as the Group gives access to the customer to download the software. Software revenue recognition: – Performance obligations are satisfied at a point in time when the Group has a right to payment for the software, the customer has legal right to use the software under the terms of the software licence agreement, and the Group has physically transferred the software to the customer. These criteria are all met at the point in time that the Group transfers the software. Where software in sold under a SaaS arrangement, revenue is recognised evenly over the period of the arrangement as the Group fulfills its performance obligations. – The Group does not undertake activities which significantly affect the intellectual property post delivery of the software which would prevent revenue being recognised at a point in time. – The Group does not provide free Maintenance and Support type services as part of the licensing arrangements. Revenue from the sale of Maintenance and Support arrangements are always sold on a stand-alone basis or as a renewal of an existing arrangement usually running over a 12-month period, as explained below. Furthermore the technical support and software updates are distinct. This is because the customer can benefit from the licence with or without the Maintenance and Support contract. – Technical support: the customer benefits from the technical support as that support is provided. The contracted support period is generally 12 months, so the customer obtains the benefit over the 12-month period. Accordingly, it is appropriate to recognise support revenue over a 12-month period. – Software updates: all software updates are unspecified within Maintenance and Support arrangements with updates being made as and when available. The customer will continue to receive updates during the Maintenance and Support period and accordingly will benefit from the updates as they are provided. Accordingly, it is appropriate to recognise revenue over a 12-month period. Exceptional administrative costs The Group presents separately those costs which, by their nature, are material and related to non-routine events such as business combinations or capital transactions. Finance income and costs Interest income and expense is recognised using the effective interest method which calculates the amortised cost of a financial asset or liability and allocates the interest income or expense over the relevant period. The effective interest rate is the rate that exactly discounts estimated future cash receipts or payments through the expected life of the financial asset or liability to the net carrying amount of the financial asset or liability. GRC International Group plc Annual Report and Accounts 2021 57 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION CONTINUED Goodwill Goodwill arising on business combinations is reviewed and tested on an annual basis or more frequently if there is indication that goodwill might be impaired. Goodwill is allocated to cash-generating units (’CGUs’), which are determined as the lowest level of detail available for the assets to generate cash inflows relating to goodwill. Goodwill represents the future economic benefits arising from business combinations which are not individually identified and separately recognised. Goodwill is initially measured as the excess of the aggregate of the consideration transferred and the fair value of non-controlling interest over the net identifiable assets acquired and liabilities assumed. If the consideration is lower than the fair value of the net assets of the subsidiary acquired, the difference is recognised in profit or loss. Goodwill is carried at cost less any accumulated impairment losses until disposal or termination of the previous acquired business when the profit or loss on disposal or termination will be calculated after charging the gross amount at current exchange rates of any such goodwill through the income statement. Intangible assets Acquired intangible assets An intangible asset is recognised if it is probable that the expected future economic benefits that are attributable to the asset will flow to the Group and the cost of the asset can be measured reliably. Internally developed intangible assets Expenditure on research activities is recognised as an expense as incurred. Costs that are directly attributable to a project’s development phase are recognised as intangible assets, provided they meet the following recognition requirements: – the development costs can be measured reliably; – the project is technically and commercially feasible; – the Group intends to and has sufficient resources to complete the project; – the Group has the ability to use or sell the software; and – the software will probably generate future economic benefits. Development costs not meeting these criteria for capitalisation are expensed as incurred. Directly attributable costs include an apportionment of employee costs incurred on internal development assets. Internal development assets include software, website costs, courseware, marketing tools, consultancy products and publishing products. Subsequent measurement The useful lives of all intangible assets are assessed as finite. Intangible assets with finite lives are amortised over the useful economic life and assessed for impairment whenever there is an indication that the intangible asset may be impaired. The amortisation period and the amortisation method for an intangible asset with a finite useful life are reviewed at least at the end of each reporting period. Changes in the expected useful life or the expected pattern of consumption of future economic benefits embodied in the asset are accounted for by changing the amortisation period or method prospectively. The amortisation expense on intangible assets with finite lives is recognised in the income statement within administrative expenses. Gains or losses arising from derecognition of an intangible asset are measured as the difference between the net disposal proceeds and the carrying amount of the asset and are recognised in the income statement when the asset is derecognised. Amortisation is calculated on a straight-line basis over the estimated useful life of the asset as follows: Trademarks Software Website costs Marketing tools Courseware Publishing products Consultancy products Customer relationships 10 years 5 years 5–10 years 3 years 10 years 4 years 10 years 12 years Any capitalised internally developed intangible asset that is not yet complete is not amortised but is subject to annual impairment testing. Subsequent expenditures on the maintenance of computer software are expensed as incurred. 58 GRC International Group plc Annual Report and Accounts 2021 Customer relationships Acquired customer relationships comprise principally of existing customer relationships which may give rise to future orders (customer relationships). Acquired customer relationships are recognised at fair value at the acquisition date and are expected to have a finite useful life of 12 years in line with the expected cash flows. Acquired customer relationships are stated at cost less accumulated amortisation and impairment. Property, plant and equipment Property, plant and equipment are stated at historical cost less depreciation less any recognised impairment losses. Cost includes expenditure that is directly attributable to the acquisition or construction of these items. Subsequent costs are included in the asset’s carrying amount only when it is probable that future economic benefits associated with the item will flow to the Group and the costs can be measured reliably. All other costs, including repairs and maintenance costs, are charged to the Income Statement in the period in which they are incurred. Depreciation is provided on all property, plant and equipment and is calculated as follows: Leasehold improvements Computer equipment Office equipment 10 years straight-line basis or the lease term if shorter 25–33% reducing balance basis 25% reducing balance basis Depreciation is provided on cost less residual value. The residual value, depreciation methods and useful lives are annually reassessed. Each asset’s estimated useful life has been assessed with regard to its own physical life limitations and to possible future variations in those assessments. Estimates of remaining useful lives are made on a regular basis for all machinery and equipment, with annual reassessments for major items. Changes in estimates are accounted for prospectively. Assets held under finance leases are depreciated over their expected useful lives on the same basis as owned assets. However, when there is no reasonable certainty that ownership will be obtained by the end of the lease term, assets are depreciated over the shorter of the lease term and their useful lives. The gain or loss arising on disposal or scrapping of an asset is determined as the difference between the sales proceeds, net of selling costs, and the carrying amount of the asset and is recognised in the Income Statement. Impairment of non-financial assets For the purposes of impairment testing, goodwill is allocated to each of the Group’s CGUs that is expected to benefit from the synergies of the combination. Each unit to which goodwill is allocated represents the lowest level within the Group that independent cash flows are monitored. A cash-generating unit to which goodwill has been allocated is tested for impairment annually, or more frequently when there is indication that the unit may be impaired. At each balance sheet date, the Directors review the carrying amounts of the Group’s non-current assets, other than goodwill, to determine whether there is any indication that those assets have suffered an impairment loss. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of the impairment loss, if any. Where the asset does not generate cash flows that are independent from other assets, the Directors estimate the recoverable amount of the cash-generating unit to which the asset belongs. Recoverable amount is the higher of fair value less costs of disposal and value in use. In assessing value in use, the estimated future cash flows are discounted to their present value using a pre-tax discount rate that reflects current market assessments of the time value of money and the risks specific to the asset for which the estimated future cash flows have not been adjusted. If the recoverable amount of an asset or cash-generating unit is estimated to be less than its carrying amount, the carrying amount of the asset or cash-generating unit is reduced to its recoverable amount. The impairment loss is allocated first to reduce the carrying amount of any goodwill allocated to the unit and then to the other assets of the unit pro rata based on the carrying amount of each asset in the unit. An impairment loss is recognised as an expense immediately. An impairment loss recognised for goodwill is not reversed in subsequent periods. Where an impairment loss on non-financial assets subsequently reverses, the carrying amount of the asset or cash-generating unit is increased to the revised estimate of its recoverable amount, but so that the increased carrying amount does not exceed the carrying amount that would have been determined had no impairment loss been recognised for the asset or cash-generating unit in prior periods. A reversal of an impairment loss is recognised in the Income Statement immediately. Inventory Inventory is stated at the lower of cost and net realisable value, being the estimated selling price less costs to complete and sell. Cost is based on the cost of purchase on a weighted average basis. At the balance sheet date, inventories are assessed for impairment. If inventories are impaired, the carrying amount is reduced to its selling price less costs to complete and sell. The impairment loss is recognised immediately in profit or loss. GRC International Group plc Annual Report and Accounts 2021 59 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION CONTINUED Cash at bank Cash at bank comprises cash on hand, deposits held at call with banks and other short-term highly liquid investments with original maturities of three months or less from inception. Financial instruments Recognition and derecognition Financial assets and financial liabilities are measured initially at fair value plus transaction costs. Financial assets and financial liabilities are measured subsequently as described below. Financial assets and financial liabilities are recognised when the Group becomes a party to the contractual provisions of the financial instrument. Financial assets are derecognised when the contractual rights to the cash flows from the financial asset expire, or when the financial asset and substantially all the risks and rewards are transferred. A financial liability is derecognised when it is extinguished, discharged, cancelled or expires. When a financial liability and a financial asset relating to the same contract exist these are offset. Classification and initial measurement of financial assets Except for those trade receivables that do not contain a significant financing component and are measured at the transaction price in accordance with IFRS 15, all financial assets are initially measured at fair value adjusted for transaction costs (where applicable). Financial assets are classified as ’Amortised cost’ financial assets. In the periods presented the Group does not have any financial assets categorised as either FVTPL or FVOCI. The classification is determined by both: – The entity’s business model for managing the financial asset. – The contractual cash flow characteristics of the financial asset. All income and expenses relating to financial assets that are recognised in profit or loss are presented within finance costs, finance income or other financial items, except for impairment of trade receivables which is presented within other administrative expenses. Financial assets at amortised cost Financial assets are measured at amortised cost if the assets meet the following conditions (and are not designated as FVTPL): – They are held within a business model whose objective is to hold the financial assets and collect its contractual cash flows. – The contractual terms of the financial assets give rise to cash flows that are solely payments of principal and interest on the principal amount outstanding. Subsequent measurement of financial assets After initial recognition, these are measured at amortised cost using the effective interest method. Discounting is omitted where the effect of discounting is immaterial. The Group’s cash and cash equivalents, trade and most other receivables fall into this category of financial instruments. Impairment of financial assets IFRS 9’s impairment requirements use forward-looking information to recognise expected credit losses – the expected credit loss (’ECL’) model. Instruments within the scope of these requirements include loans and other debt-type financial assets measured at amortised cost, trade receivables and loan commitments. The Group considers a broader range of information when assessing credit risk and measuring expected credit losses, including past events, current conditions, and reasonable and supportable forecasts that affect the expected collectability of the future cash flows of the instrument. In applying this forward-looking approach, a distinction is made between: – Financial instruments that have not deteriorated significantly in credit quality since initial recognition or that have low credit risk (‘Stage 1’); and – Financial instruments that have deteriorated significantly in credit quality since initial recognition and whose credit risk is not low (‘Stage 2’). Stage 3 would cover financial assets that have objective evidence of impairment at the reporting date. 12-month expected credit losses are recognised for the first category while ‘lifetime expected credit losses’ are recognised for the second and third category. Measurement of the expected credit losses is determined by a probability-weighted estimate of credit losses over the expected life of the financial instrument. 60 GRC International Group plc Annual Report and Accounts 2021 Trade and other receivables and contract assets The Group makes use of a simplified approach in accounting for trade receivables as well as contract assets and records the loss allowance as the lifetime expected credit losses. These are the expected shortfalls in contractual cash flows, considering the potential for default at any point during the life of the financial instrument. In calculating, the Group uses its historical experience, external indicators and forward- looking information to calculate the expected credit losses using a provision matrix. The Group assesses impairment of trade receivables on a collective basis and as they possess shared credit risk characteristics they have been grouped based on the days past due. Refer to note 14 for further details. Classification and measurement of financial liabilities The Group’s financial liabilities include trade and other payables, borrowings and contingent consideration. Financial liabilities are initially measured at fair value, and, where applicable, adjusted for transaction costs unless the Group designates a financial liability at fair value through profit or loss. Subsequently, financial liabilities are measured at amortised cost using the effective interest method except for financial liabilities designated at FVTPL, which are carried subsequently at fair value with gains or losses recognised in profit or loss. All interest-related charges and, if applicable, changes in an instrument’s fair value that are reported in profit or loss are included within finance costs or finance income. Borrowings Borrowings, including bank overdrafts, are classified as current liabilities unless the Group has an unconditional right to defer the settlement of the liability for at least 12 months after the balance sheet date. Contingent consideration Contingent consideration is recognised at fair value at the acquisition date and subsequently at FVTPL. Changes in deferred consideration arising from additional information, obtained within one year of the acquisition date, about facts or circumstances that existed at the acquisition date, are recognised as an adjustment to goodwill. Foreign currency The presentational currency for the Group’s consolidated financial statements is Sterling. Foreign currency transactions by Group companies are recorded in their functional currencies at the exchange rate at the date of the transaction. Monetary assets and liabilities have been translated at rates in effect at the balance sheet date, with any resulting exchange adjustments being charged or credited to the Income Statement, within administrative expenses. On consolidation the assets and liabilities of the subsidiaries with a functional currency other than Sterling are translated into the Group’s presentational currency at the exchange rate at the balance sheet date and the Income Statement items are translated at the average rate for the period. The exchange difference arising on the translation from functional currency to presentational currency of subsidiaries is classified as other comprehensive income and is accumulated within equity as a translation reserve. The balance of the foreign currency translation reserve relating to a subsidiary that is disposed of, or partially disposed of, is recognised in the Income Statement at the time of disposal. Current taxation Current taxation for each taxable entity in the Group is based on the local taxable income at the local statutory tax rate enacted or substantively enacted at the balance sheet date and includes adjustments to tax payable or recoverable in respect of previous periods. Deferred taxation Deferred taxation is calculated using the liability method, on temporary differences arising between the tax bases of assets and liabilities and their carrying amounts in the consolidated financial statements. However, if the deferred tax arises from the initial recognition of an asset or liability in a transaction other than a business combination that at the time of the transaction affects neither accounting nor taxable profit or loss, it is not accounted for. No deferred tax is recognised on initial recognition of goodwill or on investment in subsidiaries. Deferred tax is determined using tax rates and laws that have been enacted or substantively enacted by the balance sheet date and are expected to apply when the related deferred tax asset is realised or the deferred tax liability is settled. Deferred tax liabilities are provided in full, and are not discounted. Deferred tax assets are recognised to the extent that it is probable that future taxable profits will be available against which the temporary differences can be utilised. Changes in deferred tax assets or liabilities are recognised as a component of tax expense in the Income Statement, except where they relate to items that are charged or credited directly to equity, in which case the related deferred tax is also charged or credited directly to equity. Deferred income tax assets and liabilities are offset when there is a legally enforceable right to offset current tax assets against current tax liabilities and when the deferred income tax assets and liabilities relate to income taxes levied by the same taxation authority on either the same taxable entity or different taxable entities where there is an intention to settle the balances on a net basis. GRC International Group plc Annual Report and Accounts 2021 61 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION CONTINUED Employment benefits Provision is made in the financial statements for all employee benefits. Liabilities for wages and salaries, including non-monetary benefits and annual leave obliged to be settled within 12 months of the balance sheet date, are recognised in accruals. Contributions to defined contribution pension plans are charged to the Income Statement in the period to which the contributions relate. Leases For any new contracts entered into on or after 1 April 2019, the Group considers whether a contract is, or contains, a lease. A lease is defined as ‘a contract, or part of a contract, that conveys the right to use an asset (the underlying asset) for a period of time in exchange for consideration’. To apply this definition the Group assesses whether the contract meets three key evaluations which are whether: – the contract contains an identified asset, which is either explicitly identified in the contract or implicitly specified by being identified at the time the asset is made available to the Group; – the Group has the right to obtain substantially all of the economic benefits from use of the identified asset throughout the period of use, considering its rights within the defined scope of the contract; – the Group has the right to direct the use of the identified asset throughout the period of use. The Group assesses whether it has the right to direct ‘how and for what purpose’ the asset is used throughout the period of use. Measurement and recognition of leases as a lessee At lease commencement date, the Group recognises a right-of-use asset and a lease liability on the balance sheet. The right-of use asset is measured at cost, which is made up of the initial measurement of the lease liability, any initial direct costs incurred by the Group, an estimate of any costs to dismantle and remove the asset at the end of the lease, and any lease payments made in advance of the lease commencement date (net of any incentives received). The Group depreciates the right-of-use assets on a straight-line basis from the lease commencement date to the earlier of the end of the useful life of the right-of-use asset or the end of the lease term. The Group also assesses the right-of-use asset for impairment when such indicators exist. At the commencement date, the Group measures the lease liability at the present value of the lease payments unpaid at that date, discounted using the interest rate implicit in the lease if that rate is readily available or, if not, the Group’s incremental borrowing rate. Assets and liabilities arising from a lease are initially measured on a present value basis. Lease liabilities include the net present value of the following lease payments: – fixed payments (including in-substance fixed payments), less any lease incentives receivable; – variable lease payments that are based on an index or a rate; – amounts expected to be payable by the lessee under residual value guarantees; – the exercise price of a purchase option if the lessee is reasonably certain to exercise that option; and – payments of penalties for terminating the lease, if the lease term reflects the lessee exercising that option. Right-of-use assets are measured at cost comprising the following: – the amount of the initial measurement of lease liability; – any lease payments made at or before the commencement date less any lease incentives received; – any initial direct costs; and – restoration costs. Subsequent to initial measurement, the liability will be reduced for payments made and increased for interest. It is remeasured to reflect any reassessment or modification, or if there are changes in fixed payments. When the lease liability is remeasured, the corresponding adjustment is reflected in the right-of-use asset, or profit and loss if the right-of- use asset is already reduced to zero. The Group has elected to account for short-term leases and leases of low-value assets using the practical expedients available under IFRS 16. Instead of recognising a right-of-use asset and lease liability, the payments in relation to these are recognised as an expense in profit or loss on a straight-line basis over the lease term. Equity Equity comprises the following: – ’Share capital’ represents the nominal value of equity shares issued. – ’Share premium’ represents amounts subscribed for share capital, net of issue costs, in excess of nominal value. – ’Merger reserve’ represents the excess of the fair value of the consideration received for the issue of shares over the nominal value of shares issued in circumstances where the merger relief provisions of the Companies Act 2006 apply. – ’Share-based payment reserve’ represents the accumulated value of share-based payments. – ’Retained earnings’ represents the accumulated profits and losses attributable to equity shareholders. – ’Translation reserve’ represents the exchange differences arising from the translation of the financial statements of subsidiaries into the Group’s presentational currency. 62 GRC International Group plc Annual Report and Accounts 2021 Share-based payments Equity-settled share-based payments to employees and Directors are measured at the fair value of the equity instrument. The fair value of the equity-settled transactions with employees and Directors is recognised as an expense over the vesting period. The fair value of the equity instruments is determined at the date of grant, taking into account vesting conditions. The fair value of goods and services received is measured by reference to the fair value of options. The fair values of share options are measured using the Black-Scholes model. The expected life used in the model is adjusted, based on management’s best estimate of the effects of non-transferability, exercise restrictions and behavioural considerations. The cost of equity-settled transactions is recognised, together with a corresponding increase in equity, over the period in which the performance and/or service conditions are fulfilled, ending on the date on which the relevant employees become fully entitled to the award (the ’vesting date’). The cumulative expense recognised for equity-settled transactions at each reporting date until the vesting date reflects the extent to which the vesting period has expired and the Group’s best estimate of the number of equity instruments that will ultimately vest. The Income Statement charge or credit for a period represents the movement in cumulative expense recognised as at the beginning and end of that period. No expense is recognised for awards that do not ultimately vest, except for awards where vesting is conditional upon a market condition, which are treated as vesting irrespective of whether or not the market condition is satisfied, provided that all other performance and/or service conditions are satisfied. Where the terms of an equity-settled award are modified, the minimum expense recognised is the expense as if the terms had not been modified. An additional expense is recognised for any modification which increases the total fair value of the share-based payment arrangement, or is otherwise beneficial to the employee as measured at the date of modification. Where an equity-settled award is cancelled, it is treated as if it had vested on the date of cancellation, and any expense not yet recognised for the award is recognised immediately. However, if a new award is substituted for the cancelled award, and designated as a replacement award on the date that it is granted, the cancelled and new awards are treated as if they were a modification of the original award, as described in the previous paragraph. Where an equity-settled award is forfeited, the cumulative charge expensed up to the date of forfeiture is credited to the Income Statement. Segment reporting An operating segment is a component of an entity that engages in business activities from which it may earn revenues and incur expenses (including revenues and expenses related to transactions with other components of the same entity), whose operating results are regularly reviewed by the entity’s Chief Operating Decision Maker to make decisions about resources to be allocated to the segment and assess its performance, and for which discrete financial information is available. The Chief Operating Decision Maker has been identified as the Board of Executive Directors, at which level strategic decisions are made. Details of the Group’s reportable operating segments are provided in note 1. New and amended International Financial Reporting Standards adopted by the Group The following accounting standards, interpretations, improvements and amendments have become applicable for the current period and although the Group has adopted them, they have had no material impact on the Group. These comprise: – Amendments to IFRS 9, IAS 39 and IFRS 7: Interest Rate Benchmark Reform. – Amendments to References to the Conceptual Framework for IFRS Standards. – Amendments to IFRS 3: Definition of a Business. – Amendments to IAS 1 and IAS 8: Definition of Material. – Amendments to IFRS16: COVID-19 related Rent Concessions. Endorsed accounting standards effective in future periods The Directors considered the impact on the Group of other new and revised accounting standards, interpretations or amendments that are currently endorsed but not yet effective. The Directors do not expect any other standards to have a significant impact on the Group’s results. International Financial Reporting Standards in issue but not yet effective At the date of authorisation of the consolidated financial statements, the IASB and IFRS Interpretations Committee have issued standards, interpretations and amendments which are applicable to the Group. The following accounting standards and amendments that are applicable to the Group have been issued by the IASB but had either not been endorsed by the UK Endorsement Board or were not yet effective as at 31 March 2021. – IFRS 17 Insurance Contracts. The current effective date is 1 January 2023. This is not expected to be applicable to the Group. These amendments are not expected to be material to the Group, if adopted. New/revised International Financial Reporting Standards which are not considered likely to have an impact on the Group’s financial statements going forwards have been excluded from the above. Management anticipates that all relevant pronouncements will be adopted in the Group’s accounting policies for the first period beginning after the effective date of the pronouncement. GRC International Group plc Annual Report and Accounts 2021 63 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NATURE OF OPER ATIONS AND GENER AL INFORMATION CONTINUED Significant management judgements in applying accounting policies and key sources of estimation uncertainty The preparation of the consolidated financial statements requires management to make judgements, estimates and assumptions that affect the application of policies and reported amounts of assets and liabilities, income and expenses. These estimates, judgements and assumptions are based on historical experience and other factors that are believed to be reasonable under the circumstances. Actual results may differ from these estimates. The areas which require the most use of management estimation and judgement are set out below. The following are significant management judgements in applying the accounting policies of the Group that have the most significant effect on the financial statements. Capitalisation of internally developed intangible assets Determining whether the recognition requirements for the capitalisation of development costs are met requires judgement. Management considers the criteria set out in IAS 38 in advance of capitalising any project costs. After capitalisation, management monitors whether the recognition requirements continue to be met and whether there are any indicators that capitalised costs may be impaired. Should a different judgement be taken, the amounts capitalised may differ from those presented in note 11, affecting administrative expenses and the results for the year. Recognition of deferred tax assets The extent to which deferred tax assets can be recognised is based on an assessment of the probability that future taxable income will be available against which the deductible temporary differences and timing differences on capital allowances can be utilised. In addition, significant judgement is required in assessing the impact of any legal or economic limits or uncertainties in various tax jurisdictions. Judgement is also applied in the recognition of deferred tax assets in respect of losses, based on management’s view of the availability of future profits to offset such losses. The approach adopted in 2021 is that of not recognising any deferred tax asset. Identification of performance obligations in customer contracts The identification of performance obligations in customer contracts requires management to exercise judgement to determine both the nature of the performance obligations and when those obligations are delivered in order to recognise revenue appropriately in the correct amount and in the correct accounting period. Level of expected credit loss provision to hold or not to hold (note 15) The identification of any provision for any expected credit loss requires management to exercise judgement to determine the nature of the recoverability of debts outside of the normal credit terms. Going concern The identification by management of the Group to continue as a going concern is a key judgement and has been explained further on page 54. Estimation uncertainty Information about estimates and assumptions that have the most significant effect on recognition and measurement of assets, liabilities, income and expenses is provided below. Actual results may be substantially different. The estimates and assumptions that have a significant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next financial year are discussed below. Estimates and assumptions – Impairment testing of intangible assets acquired or internally generated (note 11): The recoverable amounts of groups of CGUs have been determined based on value-in-use calculations. The principal assumptions used to determine value-in-use relate to future cash flows and the time value of money. Further information is provided in the Intangible Assets note. – Impairment of goodwill and finite-lived intangible assets – estimate of future cash flows and determination of the discount rate (note 10): Estimation is required in determining whether goodwill and finite-lived intangible assets are impaired or not. The Group tests annually whether goodwill has suffered any impairment. The recoverable amounts of groups of CGUs have been determined based on value-in- use calculations. The principal assumptions used to determine value-in-use relate to future cash flows and the time value of money. Changes in the estimate of the weighted average cost of capital or future cash flows and growth rates over the assessment period could reduce the level of headroom. The key assumptions used for the value-in-use calculations and sensitivity analysis are set out in note 10. 64 GRC International Group plc Annual Report and Accounts 2021 NOTES TO THE FINANCIAL S TATEMENTS 1. Segmental reporting Operating segments For the purposes of segmental reporting, the Group’s Chief Operating Decision Maker (’CODM’) is considered to be the Board of Executive Directors. The Board identifies its operating segments based on the Group’s service lines, which represent the main product and services provided by the Group. In the opinion of the Board therefore, the Group operates as a single operating segment. Revenue by geographic destination Revenue across all operating segments is generated from the UK but includes overseas sales: UK Non-UK 2021 £’000 9,666 2,094 11,760 2020 £’000 11,680 2,466 14,146 2021 Non-UK revenue includes Rest of Europe £698,000 (2020: £939,000), United States of America £764,000 (2020: £863,000), Australia £84,000 (2020: £180,000) and Rest of the World £548,000 (2020: £484,000). 2021 Non-UK non-current assets includes Ireland £31,000 (2020: £33,000) and Germany £7,000 (2020: £7,000). Information about major customers No customers contributed 10% or more to the Group’s revenue in any period presented. 2. Revenue Revenue is all derived from continuing operations. Notwithstanding that the Group's revenues are often interdependent, the Group has disaggregated revenue into various categories in the following tables which is intended to depict how the nature, amount, timing and uncertainty of revenue and cash flows are affected by economic date: Consultancy Publishing and Distribution Software Training Total revenue The Group’s revenue is analysed by timing of delivery of goods or services as: Point in time delivery Over time Total revenue The revenue is analysed as follows for each revenue category: Sale of goods Provision of services Other operating Income Total 2021 £’000 8,106 750 1,147 1,757 11,760 2021 £’000 8,434 3,326 11,760 2021 £’000 740 11,020 11,760 148 11,908 2020 £’000 8,635 977 1,356 3,178 14,146 2020 £’000 9,023 5,123 14,146 2020 £’000 976 13,170 14,146 99 14,245 Included in Other Operating Income are grant receipts totaling £85,000 (2020: £Nil) claimed under the Government furlough scheme. GRC International Group plc Annual Report and Accounts 2021 65 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 2. Revenue continued Contract liabilities: deferred income At 1 April Amounts included in deferred income that were recognised as revenue in the period from the opening balance Amounts invoiced in the period and not recognised as revenue until later periods At 31 March Deferred income 2021 £’000 952 (952) 1,114 1,114 2020 £’000 971 (971) 952 952 The Group recognises deferred income as a contract liability. This balance equates to the value of the remaining performance obligations for revenue recognised over time, given the nature of the Group’s invoicing arrangements with customers. Contract assets and contract liabilities are included within ’trade and other receivables’ and ’trade and other payables’ respectively on the face of the Consolidated Balance Sheet. They arise from the Group’s contracts that cover multiple reporting periods as payments received from customers at each balance sheet date do not necessarily equal the amount of revenue recognised on the contracts. No material contract asset balances arise in the ordinary course of business. 3. Exceptional administrative costs Expenses relating to the acquisition of DQM 2021 £’000 – – 2020 £’000 358 358 The Group's exceptional administration costs comprise substantially of professional fees. These professional fees relate to the DQM deed of variation of contract and also to the fundraise to settle the outstanding contingent consideration. 4. Operating profit Operating profit is stated after charging: Cost of sales Wages and salaries Other direct costs including consultancy and training costs, books and manuals Other administration costs Wages and salaries Sales and marketing costs Depreciation of property, plant and equipment Loss of sale of fixed assets Amortisation of intangible fixed assets Auditor’s remuneration: – Fees payable for the audit of the annual accounts Foreign exchanges losses Other costs including office administration, legal and professional, IT and website costs 2021 £’000 2020 £’000 4,110 1,504 5,614 5,501 438 350 4 1,107 120 6 1,356 8,882 3,533 2,549 6,082 6,935 634 386 – 1,180 141 1 1,953 11,230 No non-audit fees were payable to the auditor in respect of services rendered in the year. Included in other operating income are grant receipts totalling £85,000 (2020: £Nil) under the Coronavirus Job Retention Scheme. The group has also taken advantage of government VAT deferrals as referred to in note 1 and additional lending under the Coronavirus Business Interruption Loan scheme as referred to in note 17. 66 GRC International Group plc Annual Report and Accounts 2021 5. Employees The aggregate payroll costs of the employees were as follows: Staff costs Wages and salaries Social security costs Pension costs Directors made gains of £26k on exercise of share options (2020: £364k). The average monthly number of persons employed by the Group during the year was as follows: By activity Administration Sales and distribution Remuneration of Directors is disclosed in the Remuneration Committee Report. Details of key management personnel and their remuneration are disclosed within note 26. 6. Net finance costs Interest on overdrafts Interest on loans Interest on lease liabilities Other interest 2021 £’000 8,769 938 207 9,914 2020 £’000 9,706 866 230 10,802 2021 68 81 149 2021 £’000 2 159 43 43 247 2020 92 95 187 2020 £’000 11 138 61 12 222 GRC International Group plc Annual Report and Accounts 2021 67 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 7. Taxation Analysis of credit in the year: Current tax – current period Current tax – adjustment in respect of prior period Deferred tax – current period movement Deferred tax – adjustment in respect of prior period Total tax credit Loss before taxation Loss by rate of tax (2021: 19%; 2020: 19%) Expenses not deductible for tax purposes Deferred tax asset not recognised Deferred tax – current period movement Adjustments to deferred tax in respect of prior period Other adjustments to current tax in respect of prior period Adjustment in respect of prior period: research and development tax credit Effects of change in tax rate Losses carried back Total tax credit Deferred tax in equity Change in estimated excess tax deductions related to share-based payments Total income tax recognised directly in equity 2021 £’000 – (157) (85) (22) (264) 2021 £’000 (2,835) (539) 11 528 (85) (22) 20 (177) – – (264) 2021 £’000 – – 2020 £’000 (60) (427) 50 (8) (445) 2020 £’000 (3,651) (694) 33 640 – (8) (243) (184) (41) 52 (445) 2020 £’000 269 269 The March 2021 Budget announced a further increase to the main rate of corporation tax to 25% from April 2023. This rate has not been substantively enacted at the balance sheet date. As a result deferred tax balances as at 31 March 2021 continue to be measured at 19%. If all of the deferred tax was to reverse at the amended rate the effect on the closing deferred tax position would be to increase the deferred tax liability by £1.3 million. At the balance sheet date, the Group has the following unused tax losses for which no deferred tax asset has been recognised on the basis that it is not considered probable that there will be future profits available to utilise the tax losses in the foreseeable future: Trading losses (UK) Trading losses (Ireland) Trading losses (USA) Non-trading loan relationship debits 2021 £’000 5,804 1,631 470 164 2020 £’000 4,901 1,446 232 2 At the balance sheet date, a deferred tax asset has not been recognised for excess unrelieved foreign tax of £20,435 (2020: £20,435) on the basis that it is not considered probable that there will be future taxable profits available to utilise the double tax relief credit. The group records tax credits for research and development tax credits in the financial statements when the claims have been quantified. The amount receivable has been deducted from other amounts payable to HMRC in accordance with the expected method of settlement. 68 GRC International Group plc Annual Report and Accounts 2021 Deferred tax The following are the major deferred tax liabilities and assets recognised by the Group and movements thereon during the current and prior reporting period. Deferred tax assets and liabilities are offset where the Group has a legally enforceable right to do so. At 1 April 2019 Charge/(credit) to profit or loss Credit direct to equity Other differences Deferred tax (asset)/liability at 31 March 2020 Charge/(credit) to profit or loss Prior year adjustment Foreign exchange Deferred tax at 31 March 2021 Asset (Non-UK) Liability (UK) Deferred tax at 31 March 2020 Asset (Non-UK) Liability (UK) Fixed asset timing differences £’000 Retirement benefit obligations £’000 Share-based payments £’000 Short-term timing differences £’000 Tax losses (Ireland) £’000 Tax losses (UK) £’000 Intangibles £’000 113 103 – (6) 210 (185) (25) – – – – 210 – 210 – (2) – – (2) (1) 1 – (2) – (2) (2) – (2) (261) (7) 269 (2) (1) – – – (1) – (1) (1) – (1) (1) (4) – – (5) 1 4 – – – – (5) – (5) (144) – – – (144) 138 (3) 9 – – – (144) (144) – 1 – – (2) (1) – 1 – – – – (1) – (1) 421 (40) – – 381 (38) – – 343 – 343 381 – 381 Total £’000 129 50 269 (10) 438 (85) (22) 9 340 – 340 438 (144) 582 8. Earnings per share Basic earnings per share is based on the loss after tax for the year and the weighted average number of shares in issue during each year. Loss attributable to equity holders of the Group (£) Weighted average number of shares in issue Basic loss per share (pence) 2021 £’000 2020 £’000 (2,571) 99,754,064 (2.58) (3,206) 68,689,792 (4.67) Diluted earnings per share is calculated by adjusting the average number of shares in issue during the year to assume conversion of all dilutive potential ordinary shares. Taking the Group’s share options into consideration in respect of the Group’s weighted average number of ordinary shares for the purposes of diluted earnings per share, is as follows: Number of shares Dilutive (potential dilutive) effect of share options Weighted average number of ordinary shares for the purposes of diluted earnings per share Diluted loss per share (pence) 2021 2020 99,754,064 – 99,754,064 68,689,792 – 68,689,792 (2.58) (4.67) Due to the losses incurred during the year, a diluted loss per share has not been calculated as this would serve to reduce the basic loss per share. There were 426,760 (2020: 1,680,680) share options outstanding at the end of the year that could potentially dilute basic earnings per share in the future. GRC International Group plc Annual Report and Accounts 2021 69 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 9. Subsidiaries Details of the Group’s subsidiaries are as follows: Name of subsidiary and registered office address Principal activity IT Governance Limited* Vigilant Software Limited* IT Governance Europe Limited 6th Floor, South Bank House, Barrow Street, Dublin 4 IT Governance USA Inc 420 Lexington Avenue, Suite 300, New York, NY 10170, USA IT Governance Publishing Limited* GRCI Law Limited* GRC Elearning Limited* IT Governance Europe Limited* IT Governance Consulting Limited* IT Governance Franchising Limited* IT Governance Sales Limited* IT Governance Software Limited* IT Governance Training Limited* ITG Certifications Limited* ITG Qualifications Limited* ITG Security Testing Limited* ITG Encryption Limited* Data Quality Management Limited** Data Quality Management Group Limited** Data2 Limited** DQM Group Holdings Limited** Information technology governance services Information technology Software development Information technology governance services Information technology governance services Information technology governance publication Information technology governance legal services Information technology governance internet-based training Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Dormant company*** Information technology governance services Dormant company*** Holding company*** Place of incorporation and operation England & Wales England & Wales Ireland USA England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales England & Wales % ownership held by the Group 2021 £’000 2020 £’000 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% Registered Office: Unit 3, Clive Court, Bartholomew’s Walk, Cambridge Business Park, Ely, Cambridgeshire CB7 4EA. * ** Registered Office: DQM House, Baker Street, High Wycombe, Buckinghamshire HP11 2RX. *** Dormant subsidiaries which have taken advantage of the s394A exemption from preparing individual accounts. Vigilant Software Limited, company number 05985888, IT Governance Publishing Limited, company number 06082604, GRCI Law Limited, company number 11311669, GRC Elearning Limited, company number 11247590 and DQM Group Holdings Limited, company number 10852386 which are included in the consolidated financial statements, are entitled to, and have opted to take, exemption from the requirement for their individual financial statements to be audited under section 479a of the Companies Act 2006 relating to subsidiary companies. 70 GRC International Group plc Annual Report and Accounts 2021 10. Goodwill Cost and NBV At 1 April Measurement period adjustments At 31 March 2021 Total £’000 6,804 – 6,804 2020 Total £’000 6,693 111 6,804 Goodwill arising from business combinations has been allocated to the Group’s DQM cash-generating unit (’CGU’). Goodwill is tested at least annually for impairment and whenever there are indications that goodwill might be impaired. For the DQM CGU, the carrying amount of goodwill has been assessed for impairment by comparing the carrying amount of the CGU in which it is included to the recoverable amount based on value in use of the CGU. The value in use calculation for the cash-generating unit uses: estimated future cash flows, for which the key assumptions are forecast revenue over the next five years, based on management’s estimates; the terminal growth rate for revenues beyond that period, which reflects a cautious approach for the purpose of measuring a value in use; and a pre-tax discount rate, which is based on management’s assessment of risk inherent in the estimated future cash flows. The pre-tax cash flows for the forecast period are derived from the most recent financial budget for the year ending 31 March 2022 approved by the Board. The extrapolation for the period 2023 to 2026 is based on management estimates with an assumption of no growth. The impairment model is built to take into account performance over a number of years. If FY22 were to be further impacted by COVID-19 into the second half of the year, and revenue dramatically reduced as a result, we would realistically expect a recovery to more normal levels in FY23 and then growth in the future. Therefore the approach taken in terms of using the FY22 budget for each year in the model, without any growth, is significantly more cautious in terms of an impairment model than using a very poor current year, a return to normal in FY23 and then growth going forwards. As of 31 March 2021, the value in use of the cash-generating unit was greater by £591k than the CGU’s carrying amount. The key assumptions used were the forecasts as explained above, the terminal growth rate of 2%, and the pre-tax discount rate of 6.49%. The changes in key assumptions that would give rise to a material impairment loss are as follows: a) The discount rate would have to increase by 0.3% to give rise to an impairment. b) Operating costs would have to rise by 8% to give rise to an impairment, assuming that revenue levels remain constant. c) If revenue was to fall by 4% (assuming margins remained the same) this would give rise to an impairment. GRC International Group plc Annual Report and Accounts 2021 71 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 11. Intangible assets Cost At 1 April 2019 Additions Foreign exchange movement At 31 March 2020 Additions Foreign exchange movement At 31 March 2021 Accumulated depreciation At 1 April 2019 Charge for year Foreign exchange movement At 31 March 2020 Charge for year Foreign exchange movement At 31 March 2021 Net book value At 31 March 2021 At 31 March 2020 At 1 April 2019 Marketing tools £’000 Publishing products £’000 Consultancy products and courseware £’000 Software and website costs £’000 Trademarks £’000 Customer relationships £’000 Total £’000 7,695 1,124 1 8,820 1,168 (3) 287 46 – 333 67 – 698 182 1 881 158 (3) 4,340 894 – 5,234 943 – 464 2 – 466 – – 1,843 – – 1,843 – – 400 1,036 6,177 466 1,843 9,985 203 31 – 234 32 – 266 134 99 84 253 73 (1) 325 90 (1) 1,420 854 – 2,274 783 – 4 50 – 54 46 – – 166 – 166 154 – 1,935 1,180 (1) 3,114 1,107 (1) 414 3,057 100 320 4,220 622 556 445 3,120 2,960 2,920 366 412 460 1,523 1,677 1,843 5,765 5,706 5,760 63 – – 63 – – 63 55 6 – 61 2 – 63 – 2 8 Amortisation is included within administrative expenses. Intangible assets includes capitalised related party costs incurred as further explained in note 26. All intangible assets have been developed internally with the exception of those arising on the business acquisition in 2019. The recoverable amounts of the CGUs for the purpose of monitoring impairment are determined from value-in-use calculations. A review of the carrying amounts of the Group’s non-current assets to determine whether there is an indication that these assets have suffered an impairment loss was carried out at the year-end. Having identified indicators of impairment, management concluded an impairment test to determine recoverable amount of the cash-generating unit, and conducted that no impairment of internally generated intangible had arisen as at 31 March 2021. 72 GRC International Group plc Annual Report and Accounts 2021 12. Property, plant and equipment Leasehold improvements £’000 Computer equipment £’000 Office equipment £’000 Right-of-use assets – properties* £’000 Cost At 1 April 2019 Additions IFRS 16 transition At 31 March 2020 Additions Disposals Foreign exchange movement At 31 March 2021 Accumulated depreciation At 1 April 2019 Charge for year Foreign exchange movement At 31 March 2020 Charge for year Disposal Foreign exchange movement At 31 March 2021 Net book value At 31 March 2021 At 31 March 2020 At 31 March 2019 139 1 – 140 21 – (1) 160 37 13 – 50 14 – – 64 96 90 103 734 5 – 739 8 – – 747 401 150 – 551 124 – – 675 72 188 333 86 5 – 90 6 – – 96 32 24 – 56 18 – – 74 22 35 53 * Under the modified retrospective approach in IFRS 16 ‘Leases’, the 2019 numbers are not restated. Depreciation is included within administrative expenses. 13. Inventories Finished goods for resale Amounts of inventories recognised as an expense during the period as cost of sales Amounts of inventories impaired/(written back) during the period – – 664 664 – (97) (2) 565 – 199 (5) 194 194 (57) (2) 329 236 470 – 2021 £’000 33 2021 £’000 76 2021 £’000 33 Total £’000 959 11 664 1,633 35 (97) (3) 1,568 470 386 (5) 851 350 (57) (2) 1,142 426 783 489 2020 £’000 61 2020 £’000 83 2020 £’000 (8) GRC International Group plc Annual Report and Accounts 2021 73 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 14. Trade and other receivables Trade receivables Less: provision for impairment of trade receivables Net trade receivables Other receivables Prepayments 2021 £’000 1,186 – 1,186 78 430 1,694 2020 £’000 1,543 (15) 1,528 129 590 2,247 None of the Company’s trade and other receivables are secured by collateral or credit enhancements. The Group applies the IFRS 9 simplified approach to measuring expected credit losses on a collective basis. To measure expected credit losses on a collective basis, trade receivables and contract assets are grouped based on a similar credit risk and ageing. The Group’s policy for monitoring default risk over receivables is based on the ongoing evaluation of the collectability and ageing analysis of trade and other receivables. Considerable judgement is required in assessing the ultimate realisation of these receivables, including reviewing the potential likelihood of default, the past collection history of each customer and the current economic conditions. The Group uses a third party credit scoring system to assess the creditworthiness of potential new customers before accepting them. Credit limits are defined by customer based on this information. All customer accounts are subject to review on a regular basis by senior management and actions are taken to address debt ageing issues. The expected loss rates are based on the Group’s historical credit losses experienced over a two-year period prior to the period end. The historical loss rates are then adjusted for current and forward-looking information on macroeconomic factors affecting the Group’s customers. The Group has identified gross domestic product growth rates, employment rates and inflation rates as the key macroeconomic factors in the countries in which the Group operates. The calculated expected credit loss allowance for the current and prior reporting periods has not been included as an impairment provision as the Directors consider it to be immaterial. The Directors consider that the carrying amount of trade and other receivables approximates to the fair value. Included in the Group’s trade receivable balance as at the year end were customer balances with a carrying amount of £356,000 (2020: £1,197,000) which are past due at the reporting date for which the Group has not recorded a provision as the Directors believe the amounts to be recoverable in full, with an immaterial remaining exposure for amounts remaining uncollected at the date the financial statements were approved and authorised for issue. The maturity profile of trade and other receivables is set out in the table below: In one year or less, or on demand The analysis of trade and other receivables by foreign currency is set out in the table below: UK pound US dollar Euro 2021 £’000 1,694 2021 £’000 1,581 67 46 1,694 2020 £’000 2,247 2020 £’000 2,158 11 78 2,247 The Group’s foreign currency receivables are denominated in the functional currency of the subsidiaries in which they arise. There is no impact on the loss for the year from foreign exchange rate movements on such financial instruments. 74 GRC International Group plc Annual Report and Accounts 2021 15. Cash and cash equivalents Cash at bank (GBP) Cash at bank (EUR) Cash at bank (USD) Cash at bank (AUD) Cash at bank (other currencies) 2021 £’000 155 33 45 – – 233 2020 £’000 221 20 – 3 1 245 All significant cash and cash equivalents were deposited with major clearing banks with at least ‘A’ rating. Details of bank overdrafts are given in note 18. 16. Trade and other payables Amounts falling due within one year: Trade payables Other taxation and social security Other payables Deferred income Accruals 17. Borrowings Secured Bank loans (i) Total secured borrowings Unsecured Bank loans Loans from related parties* Total unsecured borrowings Total borrowings 2021 £’000 1,223 2,737 451 1,114 461 5,986 2020 Non-current £’000 5 5 396 – 396 401 2020 £’000 1,220 1,043 204 855 307 3,629 Total £’000 528 528 591 728 1,319 1,847 Current £’000 2021 Non-current £’000 266 266 229 368 597 863 – – 460 – 460 460 Total £’000 266 266 689 368 1,057 1,323 Current £’000 523 523 195 728 923 1,446 * Further information relating to loans from related parties is set out in note 20. GRC International Group plc Annual Report and Accounts 2021 75 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 17. Borrowings continued (i) Secured liabilities and assets pledged as security Of the bank loans, £260,000 (2020: £426,000) is secured against future receivables. The remaining secured bank loans and overdrafts are secured against assets of the business. Lease liabilities are secured as the rights to the leased assets recognised in the financial statements revert to the lessor in the event of default. Secured bank loans Unsecured bank loans Loans from related parties Total Secured bank loans Unsecured bank loans Loans from related parties Total As at 1 April 2020 £’000 Cash proceeds from borrowings £’000 Repayments of capital £’000 Repayments of interest £’000 528 591 728 1,847 392 318 – 710 (654) (217) (378) (1,249) (71) (70) – (141) Interest accruing £’000 71 70 18 159 Foreign exchange £'000 As at 31 March 2021 £'000 – (3) – (3) 266 689 368 1,323 As at 1 April 2019 £’000 Cash proceeds from borrowings £’000 Repayments of capital £’000 Repayments of interest £’000 Interest accruing £’000 As at 31 March 2020 £’000 – 31 – 31 889 767 700 2,356 (361) (207) – (568) (22) (88) – (110) 22 88 28 138 528 591 728 1,847 The Group has a number of loans in the period presented, and they are summarised as follows: Expiry/maturity date Directors’ pension scheme loan Paypal Wesleyan Wesleyan Bute Capital You Lend LDF Finance No. 3 Ltd Portman Asset Finance Portman Asset Finance Unsecured loan facility provided by Andrew Brode Security pledged Unsecured Secured against future receivables Parent company guarantee Secured against assets of business Secured against assets of business Secured against future receivables Director’s Guarantee Director’s Guarantee Director’s Guarantee Unsecured Lloyds Bank – CBILS Loan USA Coronavirus government loan Unsecured Unsecured Term 60 Months 12 Months 60 Months 36 Months 14-16 Months 12 Months 36 Months 24 Months 60 Months Available to the Group until at least 31 December 2022 and will automatically renew for a further 12 months unless terminated by either party 72 Months 12 Months Effective interest rate April 2020 9.5% February 2022 4.26% – 10.49% September 2024 14.32% February 2022 22% February 2021 6.65% – 10.36% November 2021 August 2023 December 2021 December 2025 December 2022 16.67% 10.16% 29.28% 8.8% 5% above the Bank of England base rate October 2026 March 2022 2.45% 0.00% In addition, the Group has access to an invoicing discounting facility acquired within the DQM acquisition. 76 GRC International Group plc Annual Report and Accounts 2021 18. Financial instruments – risk management The Group is exposed through its operations to the following financial risks: – Credit risk – Interest rate risk – Foreign exchange risk – Other market price risk – Liquidity risk. In common with all other businesses, the Group is also exposed to risks that arise directly from its use of financial instruments. This note describes the Group’s objectives, policies and processes for managing those risks and the methods used to measure them. Further quantitative information in respect of these risks is presented throughout these financial statements. I. Principal financial instruments The principal financial instruments used by the Group, from which financial instrument risk arises, are as follows: – Trade receivables – Cash and cash equivalents – Trade and other payables – Bank overdrafts – Floating rate bank loans – Fixed rate bank loans – Other loans II. Financial instruments by category Financial assets Cash and cash equivalents Trade and other receivables Total financial assets Fair value through profit or loss Amortised cost 2021 £’000 – – – 2020 £’000 – – – 2021 £’000 233 1,186 1,419 All of the above financial assets’ carrying values are approximate to their fair values, as at each reporting date disclosed. Financial liabilities Trade and other payables Borrowings Lease payables Contingent consideration Total financial liabilities Fair value through profit or loss Amortised cost 2021 £’000 – – – – – 2020 £’000 – – – 100 100 2021 £’000 1,758 1,322 280 – 3,340 2020 £’000 247 1,528 1,775 2020 £’000 1,524 1,847 470 – 3,841 All of the above financial liabilities’ carrying values are considered by management to be approximate to their fair values, as at each reporting date disclosed. III. Financial instruments measured at fair value Classification of financial instruments The fair value hierarchy groups financial assets and liabilities into three levels based on the significance of inputs used in measuring the fair value of the financial assets and liabilities. The fair value hierarchy has the following levels: – Level 1: quoted prices (unadjusted) in active markets for identical assets or liabilities; – Level 2: inputs other than quoted prices included within level 1 that are observable for the asset or liability, either directly (i.e. as prices) or indirectly (i.e. derived from prices); and – Level 3: inputs for the asset or liability that are not based on observable market data (unobservable inputs). The level within which the financial asset or liability is classified is determined based on the lowest level of significant input to the fair value measurement. The Group did not hold any level 1 or 2 financial instruments in any of the periods presented. GRC International Group plc Annual Report and Accounts 2021 77 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 18. Financial instruments – risk management continued III. Financial instruments measured at fair value continued The reconciliation of the opening and closing fair value balance of level 3 financial instruments which comprises the Group’s contingent consideration liability is provided below: At 1 April 2020 Repaid in cash At 31 March 2021 Contingent consideration £’000 100 (100) – 19. Financial instrument risk exposure and management General objectives, policies and processes The Board has overall responsibility for the determination of the Group’s risk management objectives and policies and, whilst retaining ultimate responsibility for them, it has delegated the authority for designing and operating processes that ensure that effective implementation of the objectives and policies to the Group’s finance function. The Board receives monthly reports from the Group Finance Director through which it reviews the effectiveness of the processes put in place and the appropriateness of the objectives and policies it sets. The Group’s internal auditors also review the risk management policies and processes and report their findings to the Audit Committee. The overall objective of the Board is to set policies that seek to reduce risk as far as possible without unduly affecting the Group’s competitiveness and flexibility. Further details regarding these policies are set out below: Credit risk The Group’s credit risk is primarily attributable to its trade receivables, which are presented in note 14. In respect of trade and other receivables, the Group is not exposed to any significant credit risk exposure to any single counterparty; its counterparties have similar characteristics being small to medium sized UK businesses as well as a number of blue-chip organisations. Trade receivables consist of a large number of customers in various industries and geographical areas. Based on historical information about customer default rates management considers the credit quality of trade receivables that are not past due or impaired to be good. The credit risk on liquid funds is limited because the third parties are large international banks with a credit rating of at least A. The Group’s total credit risk amounts to the total of the sum of the receivables and cash and cash equivalents. At the 2021 year end, this amounts to £1,419k (2020: £1,773k; 2019: £2,625k). Interest rate risk The Group has secured and unsecured debt consisting of bank loans and other loans. The interest on most of the loans is fixed, and therefore interest rate risk is considered to be limited. Interest rate risk arising from borrowing at variable rates is not hedged. Foreign exchange risk Most of the Group’s transactions are carried out in GBP. Exposures to foreign currency exchange rates arise from the Group’s overseas sales and purchases, which are denominated in a number of currencies, primarily USD, EUR and AUD. Cash balances held in these currencies are relatively immaterial (see note 15) and transactional risk is considered manageable due to the values involved. The Group does not hold material non-GBP balances and currently does not consider it necessary to take any action to mitigate foreign exchange risk due to the immateriality of that risk. Liquidity risk Liquidity risk represents the risk that the Group will not be able to meet its financial obligations as they fall due. The Group’s approach to managing this risk is to ensure, as far as possible, that it will always have sufficient liquidity to meet its liabilities when due, under both normal and stressed conditions, without incurring unacceptable losses or risking damage to the Group’s reputation. Prudent liquidity risk management includes maintaining sufficient cash balances to ensure the Group can meet liabilities as they fall due, and ensuring adequate working capital using invoice financing arrangements. Further details are provided on page 54 in the Going Concern section. 78 GRC International Group plc Annual Report and Accounts 2021 The table below shows the undiscounted cash flows on the Group’s financial liabilities as at 31 March 2021 and 2020, on the basis of their earliest possible contractual maturity. At 31 March 2021 Trade payables Accruals Lease liabilities Other tax and social security Other loans At 31 March 2020 Trade payables Accruals Lease liabilities Other tax and social security Other loans Contingent consideration Total £’000 1,243 461 280 2,737 1,258 5,979 Total £’000 1,220 308 481 1,043 1,847 100 4,999 On demand £’000 1,122 – – – 368 1,490 On demand £’000 715 – – – 728 – 1,443 Within 2 months £’000 Within 2-6 months £’000 121 – – 359 97 577 – 461 98 1,053 193 1,805 Within 2 months £’000 Within 2-6 months £’000 505 – – – 138 – 668 – 308 119 1,043 263 100 1,758 6-12 months £’000 – – 98 1,325 140 1,563 6-12 months £’000 – – 82 – 316 – 448 1-2 years £’000 Greater than 2 years £’000 – – 72 – 134 206 – – 12 – 326 338 1-2 years £’000 Greater than 2 years £’000 – – 82 – 175 – 257 – – 198 – 227 – 425 20. Capital management The Group’s capital management objectives are: – to ensure the Group’s ability to continue as a going concern; and – to provide long-term returns to shareholders. The Group defines and monitors capital on the basis of the carrying amount of equity plus its outstanding loans, less cash and cash equivalents as presented on the face of the balance sheet as follows: Equity Borrowings (note 17) Less: cash and cash equivalents (note 15) 2021 £’000 6,906 1,323 (233) 7,996 2020 £’000 10,378 1,847 (245) 11,980 The Board of Directors monitors the level of capital as compared to the Group’s commitments and adjusts the level of capital as is determined to be necessary by issuing new shares or adjusting the level of debt. The Group is not subject to any externally imposed capital requirements. GRC International Group plc Annual Report and Accounts 2021 79 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 21. Leasing arrangements The following table outlines the maturity analysis of the lease liabilities: Contractual discounted cash flows Less than one year Two to five years More than five years Lease liabilities at 31 March Lease liabilities Total lease liabilities Lease liabilities Total lease liabilities 1 April 2020 £’000 (487) (487) Net cash flow £’000 168 168 1 April 2019 £’000 (664) (664) Release of liability £’000 35 35 Net cash flow £’000 181 181 The following amounts have been included in the Income Statement: Interest expense on lease liabilities (note 6) Operating costs relating to short-term leases and low-value assets Amounts recognised in the Income Statement 2021 £’000 197 83 – 280 Currency and non-cash movements £’000 4 4 Currency and non-cash movements £’000 (4) (4) 2021 £’000 (43) – (43) 2020 £’000 201 286 – 487 31 March 2021 £'000 (280) (280) 31 March 2020 £'000 (487) (487) 2020 £’000 (60) – (60) The Group has elected not to recognise right-of-use assets and lease liabilities for short-term leases (i.e. lease term less than 12 months) or low-value assets (i.e. under £5,000). The Group will continue to expense the lease payments associated with these leases on a straight-line basis over the lease term. At 1 April 2020, this was less than £1,000. The borrowing rate used on the lease liabilities is 10%. Variable lease payments that depend on an index or a rate are also less than £5,000. The Group subleases office space to Xanthos as outlined in note 26. 22. Retirement benefit plans Benefits from the contributory pension schemes to which the Group contributes are related to the cash value of the funds at retirement dates. The Group is under no obligation to provide any minimum level of benefits. The assets of the schemes are administered by trustees in funds independent of the Group. During the year £200,000 was recognised in the Income Statement in relation to pension contributions (2020: £230,000). As at 31 March 2021, £nil is payable to pension schemes (2020: £nil). 80 GRC International Group plc Annual Report and Accounts 2021 23. Share capital Authorised share capital The authorised share capital comprises 99,931,509 (2020: 99,577,589) ordinary shares of £0.001 each. 1 April 2019 64,484,172 ordinary shares of £0.001 Issued 1,680,000 ordinary shares of £0.001 1,288,910 ordinary shares of £0.001 3,278,353 ordinary shares of £0.001 28,846,154 ordinary shares of £0.001 31 March and 1 April 2020 99,577,589 ordinary shares of £0.001 353,920 ordinary shares of £0.001 31 March 2021 99,931,509 ordinary shares of £0.001 £’000 64 2 1 4 29 100 – 100 On 31 January 2020, 1,680,000 ordinary shares with a nominal value of 0.1p were issued at 0.003p per share as the result of the exercise of employee share options. On 18 February 2020, 28,846,154 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of a subscription and placing. On 18 February 2020, 1,288,910 ordinary shares with a nominal value of 0.1p were issued at 116.5p per share by way of issue. On 18 February 2020, 3,278,353 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of issue. On 30 September 2020, 353,920 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of an exercise of share options. 24. Share premium 1 April 2019 62,462,940 ordinary shares of £0.001 Issued 1,680,000 ordinary shares of £0.003 28,846,154 ordinary shares of £0.13 less issue costs 31 March and 1 April 2020 353,920 ordinary shares of £0.13 31 March 2021 £’000 9,588 4 3,589 13,181 45 13,226 Consideration received in excess of the nominal value of the 28,846,154 shares issued on 18 February 2020 as a result of the subscription and placing has been included in share premium, less registration and commission of £131,000. GRC International Group plc Annual Report and Accounts 2021 81 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE FINANCIAL S TATEMENTS CONTINUED NOTES TO THE FINANCIAL S TATEMENTS CONTINUED 25. Share-based payments The Group operates a share option scheme to which the employees of the Group may be invited to participate by the Remuneration Committee. If the options remain unexercised after a period of ten years from the date of grant, the options expire. Options are forfeited if the employee leaves the Group before the options vest. The options were granted on 12 February 2018. Details of the number of share options and the weighted average exercise price (’WAEP’) outstanding during the year are as follows: 2021 Outstanding at the beginning of the year – vested and exercisable Exercised Outstanding at the year end Number vested and exercisable at 31 March 2021 2020 Outstanding at the beginning of the year – vested and exercisable Exercised Outstanding at the year end Number vested and exercisable at 31 March 2020 Number of options 780,680 (353,920) 426,760 426,760 Number of options 2,460,680 (1,680,000) 780,680 780,680 WAEP £ 0.27 0.13 1.64 1.64 WAEP £ 0.08 0.03 0.27 0.27 As all options had vested prior to 31st March 2020, there is no share option expense recorded in the year ended 31 March 2021 or 31 March 2020. 26. Related party transactions Key management personnel are identified as the Directors, including non-statutory directors, and their remuneration is disclosed as follows: Remuneration of key management Remuneration Social security costs Pension contributions to defined contributions scheme Other related party borrowings transactions are as follows: Principal At 1 April 2019 Loans advance Loans repaid At 31 March 2020 Loans advance Loans repaid At 31 March 2021 Interest At 1 April 2019 Interest accrued Interest paid At 31 March 2020 Interest accrued Interest paid At 31 March 2021 2021 £’000 641 76 40 757 Directors’ pension scheme Andrew Brode £'000 £70,000 loan £'000 – 700 – 700 – (350) 350 – 28 – 28 18 (28) 18 10 – (10) – – – – – 1 (1) – – – – 2020 £’000 558 73 37 668 Total £'000 10 700 (10) 700 – (350) 350 – 29 (1) 28 18 (28) 18 82 GRC International Group plc Annual Report and Accounts 2021 Alan Calder and his wife are the trustees of the IT Governance Pension Fund. All loan notes terms are described in note 17. Interest is accounted for on an effective interest basis and included within borrowings on the balance sheet. Other related party transactions are as follows: Xanthos Limited is considered a related party entity as Alan Calder is a co-owner of that company with his spouse (who runs the business). Xanthos sub-leases office space from the Group, which is included within other income. During the year to 31 March 2021 this totalled £16k (2020: £20k). Transactions were carried out on an arm’s length basis. Outstanding amounts due from Xanthos at 31 March 2021 totalled £2k (2020: £2k). The Group also makes purchases from Xanthos. During the year to 31 March 2021, the Group made purchases totalling £523k from Xanthos (2020: £533k) of which £420k (2020: £420k) was capitalised. Outstanding amounts payable to Xanthos at 31 March 2021 totalled £103k (2020: £96k). 27. Ultimate controlling party In the opinion of the Directors, there is no one individual who exercises control over the Group. GRC International Group plc Annual Report and Accounts 2021 83 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT COMPANY BAL ANCE SHEE T FOR THE PERIOD ENDED 31 MARCH 2021 Assets Non-current assets Intangible assets Investments in subsidiaries Deferred tax asset Current assets Other receivables Current liabilities Trade and other payables Contingent consideration Borrowings Net current assets Net assets Equity Share capital Share premium Merger reserve Share-based payment reserve Retained earnings Shareholders’ funds Notes 2021 £’000 2020 £’000 3 4 5 6 7 8 9 10 11 607 10,817 2 11,426 6,629 6,629 (1,177) – (396) (1,573) 5,056 16,482 100 14,553 4,276 126 (2,573) 16,482 452 10,817 2 11,271 6,682 6,682 (846) – (728) (1,574) 5,108 16,379 100 14,508 4,276 171 (2,676) 16,379 As permitted by Section 408 of the Companies Act 2006, a separate income statement for the Company has not been presented. The Company’s profit for the period ended 31 March 2021 was £58,000 (2020: loss £611,000). Additionally, no cash flow statement is presented as permitted by FRS.101.8(L). The accompanying notes form part of the financial statements. The financial statements were approved by the Board of Directors and authorised for issue on 28 September 2021 and were signed on its behalf by: Chris Hartshorne Director Company registration number: 11036180 84 GRC International Group plc Annual Report and Accounts 2021 COMPANY S TATEMENT OF CHANGES IN EQUIT Y FOR THE PERIOD ENDED 31 MARCH 2021 At 1 April 2020 Profit for the period and total comprehensive income Transactions with owners – shares issued Share capital £'000 100 – – Share premium £'000 14,508 – 45 Merger reserve £'000 4,276 – – Share-based payment reserve £'000 171 – (45) Retained earnings £'000 (2,676) 58 45 Total £'000 16,379 58 45 At 31 March 2021 100 14,553 4,276 126 (2,573) 16,482 At 1 April 2019 Loss for the period and total comprehensive loss Transactions with owners Shares issued Cost of share issue Shares issued on the acquisition of DQM Deferred tax on share-based payments Total transactions with owners At 31 March 2020 Share capital £'000 64 – 31 – 5 – Share premium £'000 10,913 – 3,725 (130) – – 36 100 3,595 14,508 Merger reserve £'000 2,353 – – – 1,923 – 1,923 4,276 Share-based payment reserve £'000 440 – – – – (269) (269) Retained earnings £'000 (1,951) (725) – – – – – Total £'000 11,819 (725) 3,756 (130) 1,928 (269) 5,285 171 (2,676) 16,379 GRC International Group plc Annual Report and Accounts 2021 85 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE COMPANY FINANCIAL S TATEMENTS 1. Principal accounting policies The principal accounting policies are summarised below. They have all been applied consistently throughout the period. General information GRC International Group plc (the ‘Company‘) is a company incorporated in the United Kingdom under the Companies Act 2006. The address of the Registered Office is given on page 70 of this Annual Report and Accounts. The Company is a holding company that manages the other trading subsidiaries of the GRC International Group. Basis of preparation The financial statements have been prepared in accordance with Financial Reporting Standard 100 Application of Financial Reporting Requirements (‘FRS 100‘) and Financial Reporting Standard 101 Reduced Disclosure Framework (‘FRS 101‘) and the Companies Act 2006 (the ‘Act‘). The Company is a qualifying entity for the purposes of FRS 101. The financial statements have been prepared on a historical cost basis. As permitted by FRS 101, no share-based payment disclosures have been included in these financial statements. Details of the share option scheme can be found in note 25 of the Group financial statements. The Company has taken advantage of the following disclosure exemptions under FRS 101: – The requirement in paragraph 38 of IAS 1 ‘Presentation of Financial Statements’ to present comparative information in respect of: – paragraph 79(a)(iv) of IAS 1; – paragraph 73(e) of IAS 16 ‘Property, Plant and Equipment‘; – paragraph 118(e) of IAS 38 ‘Intangible Assets‘. – IFRS 2, ‘Share-based Payment’. – IFRS 7, ‘Financial Instruments: Disclosures‘. – The requirements of paragraphs 10(d), 10(f), 16, 38A, 38B, 38C, 38D, 40A, 40B, 40C, 40D, 111 and 134-136 of IAS 1 ‘Presentation of Financial Statements‘. – The requirements of IAS 7 ‘Statement of Cash Flows‘. – The requirements of paragraphs 30 and 31 of IAS 8 ‘Accounting Policies, Changes in Accounting Estimates and Errors‘. – The requirements of paragraph 17 and 18A of IAS 24 ‘Related Party Disclosures‘. – The requirements in IAS 24 ‘Related Party Disclosures‘ to disclose related party transactions entered into between two or more members of a group, provided that any subsidiary which is a party to the transaction is wholly owned by such a member. – The requirements of the second sentence of paragraph 110 and paragraphs 113(a), 114, 115, 118, 119(a) to (c), 120 to 127 and 129 of IFRS 15 ‘Revenue from Contracts with Customers‘. Going concern The Group has recorded a loss for the year of £2.6 million (2020: £3.2 million) and at 31 March 2021 its current liabilities exceeded its current assets by £5.2 million (2020: £1.9 million). Notwithstanding this, the Directors consider it appropriate to prepare the financial statements on a going concern basis. The key considerations relating to this judgement are described below. As set out above, the Group went through a transitional year of restructuring in FY20 and was looking forward to a strong FY21, continuing its H2 FY20 momentum and anticipating profitable results for the year. However, the global COVID-19 pandemic led to an immediate reduction in monthly billings as customers delayed projects, reduced spend seen as not immediately critical to day-to-day operations and focused on establishing new business processes and procedures to survive the short term. This unprecedented trading environment resulted in a reduction in revenues for April and May 2020, followed initially by a strong V-shaped recovery, but then a period of mixed results through the summer as the economy stuttered in an environment of ever-changing regulations and guidance. From late in Q3 the Group saw genuine performance improvements with momentum building through the rest of the year, and performance back to consistently positive monthly EBITDA before the year end and into the new financial year. In response to the pandemic the Board revisited its FY21 and FY22 forecasts, increased the regularity of its short and medium-term cash flow planning, implemented a number of key cost reduction measures and took advantage of government initiatives that have been introduced in the geographies that the Group operates in order to preserve liquidity, supplemented by deferring the payment of certain liabilities to HMRC which amounted to approximately £1.6 million. Additionally, in March 2021 certain subsidiaries of the Group joined the HMRC VAT deferral scheme to defer repayment of VAT liabilities totalling £0.4 million falling due in FY21 until FY22. Notwithstanding some easing of trading conditions and subsequent improvement in performance since the outbreak of the global pandemic reached the United Kingdom (which represents around 82% of the Group’s revenue in FY21), the Directors acknowledge that trading conditions will remain uncertain for the foreseeable future. Those uncertainties include: – The possibility of further local or national restrictions. – The lack of visibility over future levels of revenue in the context of weakened demand for the Group’s products and services. – Should the Group need to further reduce its scalable cost base, its ability to make those adjustments and realise the benefits from doing that on a timely basis. – The continued availability of existing financing, including HMRC arrangements (see below), existing borrowings and flexibility allowed by suppliers. – The ability to access new financing, including further government support in its various forms, sufficient to fund any further cash requirement over the foreseeable future. 86 GRC International Group plc Annual Report and Accounts 2021 To assess going concern the Directors prepared an integrated profit and loss, balance sheet and cash flow forecast by month to 31 March 2023. The Group’s base case forecast identifies that through the going concern review period the Group is able to meet its liabilities as they fall due and make settlement of the outstanding HMRC liabilities through FY22 in equal monthly instalments. The majority of the deferred payroll tax liabilities owed are now covered by formal ‘time to pay’ repayment plans agreed with HMRC. The repayment plans differ across the trading entities within the Group, but all split the deferred balance into equal monthly instalments, with the full balance being repaid by September 2022, and the balance owing as at the date of this report being £1.0 million. The Directors are in discussions with HMRC to agree the repayment plan for the remainder of the balance not yet covered by formal ‘time to pay’ arrangements and expect this to be formalised imminently. Additionally, the Directors prepared a sensitised forecast to the base case forecast where the COVID-19 pandemic was more prolonged than envisaged by the Directors at the time (the ‘worst-case forecast’). This worst-case forecast assumes that revenues until March 2023 are 40% below the base case (marginally below those actually achieved in FY21) and that cost reduction measures, to reflect the reduced level of billings, have been effected. The sensitised forecast does not identify a potential cash flow shortfall in any month and includes the same assumptions for settlement of the outstanding HMRC liabilities as in the base case forecast. The Directors are monitoring actual business performance and cash flow against the base case forecast and the worst-case forecast. Encouragingly, the Group has traded ahead of the revenue, EBITDA and cash flow expectations set out in the base case and the worst-case forecast. Furthermore, in the view of the Directors any temporary cash flow shortfall can be mitigated through the deferment or removal of selected planned marketing, capital expenditure and other scheduled cash outflows. Based on the forecasts and the medium and longer-term planning in place, the Directors have identified that they have a reasonable expectation of being able to reduce costs sufficiently in the required timeframe should revenue levels cause this to be necessary, and that the Group will remain within its currently available facility levels, none of which has any financial covenant compliance requirements. Central to those facilities is the £700,000 unsecured loan facility provided by Andrew Brode which is at present 50% utilised, and which remains in place until at least 31 December 2022, although the Group does also have access to additional liquidity through its uncommitted invoice discounting facility, which is not currently utilised. The Directors have reviewed the Group’s forecasts and projections to 31 March 2023 which, taking account of reasonably possible changes in trading performance, show that the Group is able to generate sufficient liquidity to continue in operational existence for the foreseeable future. On this basis, the Directors believe that the Group will be able to generate sufficient cash through its normal business trading to enable it to continue its operations, and continue to meet, as and when they fall due, its planned and committed liabilities for at least the next 12 months from the date of this report. For this reason, the Directors continue to adopt the going concern basis in the preparation of its financial statements. However, should the Group not be able to generate cash inflows sufficient to meet its current operational obligations and legacy deferred obligations as they fall due, it would need to secure additional funding with no guarantee such funding would be secured. These circumstances indicate the existence of a material uncertainty which may cast significant doubt over the Group’s ability to continue as a going concern. As in the FY20 statutory accounts, the Board expects that the Independent Auditor’s Report will contain a material uncertainty related to going concern. The financial statements do not include the adjustments that would be required should the going concern basis of preparation no longer be appropriate. Investments Investments in subsidiaries and associates are measured at cost less impairment. For investments in subsidiaries acquired as part of a Group reorganisation for consideration, including the issue of shares qualifying for merger relief, cost is measured by reference to the nominal value of the shares issued plus fair value of other consideration. Any premium is ignored. For other acquisitions, investments in subsidiaries and associates are measured at fair value at the transaction date. Intangible assets Internally developed intangible assets Expenditure on research activities is recognised as an expense as incurred. Costs that are directly attributable to a project’s development phase are recognised as intangible assets, provided they meet the following recognition requirements: – the development costs can be measured reliably; – the project is technically and commercially feasible; – the Group intends to and has sufficient resources to complete the project; – the Group has the ability to use or sell the software; and – the software will probably generate future economic benefits. GRC International Group plc Annual Report and Accounts 2021 87 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE COMPANY FINANCIAL S TATEMENTS CONTINUED 1. Principal accounting policies continued Development costs not meeting these criteria for capitalisation are expensed as incurred. Directly attributable costs include an apportionment of employee costs incurred on internal development assets. Internal development assets include software, website costs, courseware, marketing tools, consultancy products and publishing products. Subsequent measurement The useful lives of all intangible assets are assessed as finite. Intangible assets with finite lives are amortised over the useful economic life and assessed for impairment whenever there is an indication that the intangible asset may be impaired. The amortisation period and the amortisation method for an intangible asset with a finite useful life are reviewed at least at the end of each reporting period. Changes in the expected useful life or the expected pattern of consumption of future economic benefits embodied in the asset are accounted for by changing the amortisation period or method prospectively. The amortisation expense on intangible assets with finite lives is recognised in the income statement as administrative expenses. Gains or losses arising from derecognition of an intangible asset are measured as the difference between the net disposal proceeds and the carrying amount of the asset and are recognised in the income statement when the asset is derecognised. Amortisation is calculated on a straight-line basis over the estimated useful life of the asset as follows: Software Website costs Courseware Consultancy products 5 years 5–10 years 10 years 10 years Financial instruments Recognition and derecognition Financial assets and financial liabilities are recognised when the Company becomes a party to the contractual provisions of the financial instrument. Financial assets are derecognised when the contractual rights to the cash flows from the financial asset expire, or when the financial asset and substantially all the risks and rewards are transferred. A financial liability is derecognised when it is extinguished, discharged, cancelled or expires. Classification and initial measurement of financial assets Except for those trade receivables that do not contain a significant financing component and are measured at the transaction price in accordance with IFRS 15, all financial assets are initially measured at fair value adjusted for transaction costs (where applicable). Financial assets are classified into the following categories: – amortised cost; – fair value through profit or loss (‘FVTPL‘); – fair value through other comprehensive income (‘FVOCI‘). In the period presented the Company does not have any financial assets categorised as FVOCI or FVTPL. The classification is determined by both: – the entity’s business model for managing the financial asset; and – the contractual cash flow characteristics of the financial asset. All income and expenses relating to financial assets that are recognised in profit or loss are presented within finance costs, finance income or other financial items, except for impairment of trade receivables which is presented within other administrative expenses. Subsequent measurement of financial assets Financial assets at amortised cost Financial assets are measured at amortised cost if the assets meet the following conditions: – they are held within a business model whose objective is to hold the financial assets and collect its contractual cash flows; and – the contractual terms of the financial assets give rise to cash flows that are solely payments of principal and interest on the principal amount outstanding. After initial recognition, these are measured at amortised cost using the effective interest method. Discounting is omitted where the effect of discounting is immaterial. The Company’s cash and cash equivalents and most other receivables fall into this category of financial instruments. Classification and measurement of financial liabilities The Company’s financial liabilities include trade and other payables and contingent consideration. Financial liabilities are initially measured at fair value, and, where applicable, adjusted for transaction costs unless the Company designated a financial liability at fair value through profit or loss. 88 GRC International Group plc Annual Report and Accounts 2021 Subsequently, financial liabilities are measured at amortised cost using the effective interest method except for derivatives and financial liabilities designated at FVTPL, which are carried subsequently at fair value with gains or losses recognised in profit or loss. All interest-related charges and, if applicable, changes in an instrument’s fair value that are reported in profit or loss are included within finance costs or finance income. Deferred consideration Deferred consideration is recognised at fair value at the acquisition date and subsequently at FVTPL. Changes in deferred consideration arising from additional information, obtained within one year of the acquisition date, about facts or circumstances that existed at the acquisition date, are recognised as an adjustment to the investment value. Impairment of assets At each balance sheet date, the Directors review the carrying amounts of the Company’s non-current assets to determine whether there is any indication that those assets have suffered an impairment loss. If any such indication exists, the recoverable amount of the asset is estimated in order to determine the extent of the impairment loss, if any. Where the asset does not generate cash flows that are independent from other assets, the Company estimates the recoverable amount of the cash-generating unit to which the asset belongs. Recoverable amount is the higher of fair value less costs to sell and value in use. In assessing value in use, the estimated future cash flows are discounted to their present value using a pre-tax discount rate that reflects current market assessments of the time value of money and the risks specific to the asset for which the estimates of future cash flows have not been adjusted. If the recoverable amount of an asset or cash-generating unit is estimated to be less than its carrying amount, the carrying amount of the asset or cash-generating unit is reduced to its recoverable amount. If the recoverable amount of a cash-generating unit is less than its carrying amount, the impairment loss is allocated first to reduce the carrying amount of any goodwill allocated to the unit and then to the other assets of the unit pro rata based on the carrying amount of each asset in the unit. An impairment loss is recognised as an expense immediately. Where an impairment loss subsequently reverses, the carrying amount of the asset or cash-generating unit is increased to the revised estimate of its recoverable amount, but so that the increased carrying amount does not exceed the carrying amount that would have been determined had no impairment loss been recognised for the asset or cash-generating unit in prior periods. A reversal of an impairment loss is recognised in the Income Statement immediately. Taxation Current tax, including UK corporation tax and foreign tax, is provided at amounts expected to be paid (or recovered) using the tax rates and laws that have been enacted or substantively enacted by the balance sheet date. Deferred tax is recognised in respect of all timing differences that have originated but not reversed at the balance sheet date where transactions or events that result in an obligation to pay more tax in the future or a right to pay less tax in the future have occurred at the balance sheet date. Timing differences are differences between the Company’s taxable profits and its results as stated in the financial statements that arise from the inclusion of gains and losses in tax assessments in periods different from those in which they are recognised in the financial statements. Unrelieved tax losses and other deferred tax assets are recognised only to the extent that, on the basis of all available evidence, it can be regarded as more likely than not that there will be suitable taxable profits from which the future reversal of the underlying timing differences can be deducted. Foreign currency The functional currency of GRC International Group plc is considered to be UK Sterling because that is the currency of the primary economic environment in which the Company operates. Transactions in foreign currencies are recorded at the rate of exchange at the date of the transaction. Monetary assets and liabilities denominated in foreign currencies at the balance sheet date are reported at the rates of exchange prevailing at that date. Exchange differences are recognised in profit or loss in the period in which they arise. Share-based payments The Company grants to its employees rights to its equity instruments of GRC International Group plc. The fair value of awards granted is recognised as an employee expense with a corresponding increase in equity. The fair value is measured at grant date and spread over the period during which the employees become unconditionally entitled to receive the awards. The fair value of the awards granted is measured using a pricing model, taking into account the terms and conditions upon which the awards were granted. The amount recognised as an expense is adjusted to reflect the actual value of share awards that vest except where forfeiture is only due to share prices not achieving the threshold for vesting. Where the Company grants awards over its own shares to the employees of its subsidiaries, it recognises an increase in the cost of investment in its subsidiaries equivalent to the equity-settled share-based payment charge recognised in its subsidiaries’ financial statements with the corresponding credit being recognised directly in equity. GRC International Group plc Annual Report and Accounts 2021 89 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE COMPANY FINANCIAL S TATEMENTS CONTINUED 1. Principal accounting policies continued Equity Equity comprises the following: – ‘Share capital‘ represents the nominal value of equity shares issued. – ‘Share premium‘ represents amounts subscribed for share capital, net of issue costs, in excess of nominal value. – ‘Merger reserve‘ represents the excess of the fair value of the consideration received for the issue of shares over the nominal value of shares issued. – ‘Share-based payment reserve‘ represents the accumulated value of share-based payments. – ‘Retained earnings‘ represents the accumulated profits and losses attributable to equity shareholders. Dividends Dividends are recognised in the period in which they are approved by the Company’s shareholders, or in the case of an interim dividend, when the dividend is paid. Dividends receivable from subsidiaries are recognised when either received in cash or applied to reduce a creditor balance with a subsidiary. Estimation uncertainty Information about estimates and assumptions that have the most significant effect on recognition and measurement of assets, liabilities, income and expenses is provided below. Actual results may be substantially different. The Company makes certain estimates and assumptions regarding the future. Estimates and judgements are continually evaluated based on historical experience and other factors, including expectations of future events that are believed to be reasonable under the circumstances. In the future, actual experience may differ from these estimates and assumptions. The estimates and assumptions that have a significant risk of causing a material adjustment to the carrying amounts of assets and liabilities within the next financial year are discussed below. Estimates and assumptions – Level of expected credit loss provision to hold or not hold (note 6). Estimation is required in determining the extent of credit losses that may be incurred in the future. The estimate is reviewed for circumstances present at each reporting date and the level of provision adjusted accordingly. – Impairment of investments (note 4). Estimation is required in determining whether investments are impaired or not. The Company tests whether investments have suffered any impairment when indicators of impairment are identified. The recoverable amount of the Company’s investments have been determined based on value in use calculations which incorporate elements of judgement and estimation in relation to projected future cash flows and the discount rate applied. 90 GRC International Group plc Annual Report and Accounts 2021 2. Employees Staff costs Wages and salaries Social security costs Share-based payment charge Pension costs The average monthly number of persons employed by the Company during the year was as follows: 2021 £’000 2,796 297 – 85 3,178 2020 £’000 3,134 345 – 66 3,545 2021 2020 By activity Administration Sales and distribution Remuneration of Directors is disclosed in the Remuneration Committee Report. 3. Intangible assets Cost At 1 April 2019 Additions At 31 March 2020 Additions At 31 March 2021 Accumulated depreciation At 1 April 2019 Charge for year At 31 March 2020 Charge for year At 31 March 2021 Net book value At 31 March 2021 At 31 March 2020 4. Investments in subsidiaries Cost and net book amount At 31 March 2020 and 31 March 2021 17 34 51 Consultancy products and courseware £’000 Software and website costs £’000 75 – 75 105 180 – 8 8 7 15 165 67 267 162 429 124 553 – 44 44 67 111 442 385 40 4 44 Total £’000 342 162 504 229 733 – 52 52 74 126 607 452 Investments in subsidiaries £’000 10,817 The carrying value of investments in subsidiaries relates to the Company’s directly held investments in IT Governance Limited and DQM Data Quality Group Holdings Limited. Further information about subsidiaries is provided in note 9 of the consolidated financial statements. GRC International Group plc Annual Report and Accounts 2021 91 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE COMPANY FINANCIAL S TATEMENTS CONTINUED 5. Deferred tax Deferred tax assets and liabilities are offset where the Group has a legally enforceable right to do so. The deferred tax asset is recognised to the extent that it is probable that future taxable profits will be available against which the asset can be utilised by way of parent company management services charges. Deferred tax asset at 1 April 2019 Charge to profit and loss Debit direct to equity Deferred tax asset at 31 March 2020 and 31 March 2021 6. Other receivables Amount owed by subsidiary undertakings Provision for expected credit loss Other receivables Prepayments Share-based payments £’000 261 10 (269) 2 2020 £’000 7,783 (1,167) 6,616 – 66 6,682 2021 £’000 7,712 (1,196) 6,516 45 68 6,629 The movement from changes in amounts owed to the Company from its subsidiary undertakings and has been debited to the Income Statement. The provision is calculated based on a percentage of the balances outstanding at the period end according to the Directors' estimate of the level of credit loss that may arise. 7. Trade and other payables Trade payables Other tax and social security Accruals Other payables 8. Contingent consideration At 1 April 2019 Repaid in cash Issue of ordinary shares Adjustment to investment At 31 March 2020 and 31 March 2021 2021 £’000 235 614 197 131 1,177 2020 £’000 305 266 227 48 846 Contingent consideration £’000 3,747 (1,626) (1,928) (193) – 92 GRC International Group plc Annual Report and Accounts 2021 9. Borrowings Unsecured Loans from related parties Total unsecured borrowings Total borrowings 2021 Current £’000 Non-current £’000 396 396 396 – – – Total £’000 396 396 396 2020 Current £’000 Non-current £’000 728 728 728 – – – Total £’000 728 728 728 Further information relating to loans from related parties is set out in note 26 in the Group's financial statements. Amount advanced £'000 Security pledged Term Unsecured loan facility provided by Andrew Brode 700 Unsecured Available to the Group until at least 31 December 2022 and will automatically renew for a further 12 months unless terminated by either party Effective interest rate 5.0% above the Bank of England base rate 10. Share capital Ordinary shares of £0.001 each 2021 Number 99,931,509 £’000 100 2021 Number 99,577,589 Authorised share capital The authorised share capital comprises 99,931,509 (2020: 99,577,589) ordinary shares of £0.001 each. 1 April 2019 64,484,172 ordinary shares of £0.001 Issued 1,680,000 ordinary shares of £0.001 1,288,910 ordinary shares of £0.001 3,278,353 ordinary shares of £0.001 28,846,154 ordinary shares of £0.001 31 March and 1 April 2020 99,577,589 ordinary shares of £0.001 353,920 ordinary shares of £0.001 31 March 2021 99,931,509 ordinary shares of £0.001 £’000 100 £’000 64 2 1 3 29 100 – 100 On 31 January 2020, 1,680,000 ordinary shares with a nominal value of 0.1p were issued at 0.003p per share as the result of the exercise of employee share options. On 18 February 2020, 28,846,154 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of a subscription and placing. On 18 February 2020, 1,288,910 ordinary shares with a nominal value of 0.1p were issued at 116.5p per share by way of issue. On 18 February 2020, 3,278,353 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of issue. On 30 September 2020, 353,920 ordinary shares with a nominal value of 0.1p were issued at 13p per share by way of an exercise of share options. GRC International Group plc Annual Report and Accounts 2021 93 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT NOTES TO THE COMPANY FINANCIAL S TATEMENTS CONTINUED 11. Share premium 1 April 2019 1,680,000 ordinary shares of £0.003 28,846,154 ordinary shares of £0.13 less issue costs 31 March and 1 April 2020 353,920 ordinary shares of £0.13 31 March 2021 £’000 9,588 4 3,589 13,181 45 13,226 Consideration received in excess of the nominal value of the 28,846,154 shares issued on 18 February 2020 as a result of the subscription and placing has been included in share premium, less registration and commission of £131,000. 94 GRC International Group plc Annual Report and Accounts 2021 GRC International Group plc Annual Report and Accounts 2021 95 FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT 96 GRC International Group plc Annual Report and Accounts 2021 G R C I n t e r n a t i o n a l G r o u p p l c A n n u a l R e p o r t a n d A c c o u n t s 2 0 2 1 GRC International Group plc Unit 3, Clive Court Bartholomew’s Walk Cambridgeshire Business Park Ely CB7 4EA T: 0330 999 0222 www.grci.group

Continue reading text version or see original annual report in PDF format above