UNITED STATES SECURITIES AND
EXCHANGE COMMISSION
Washington, D.C. 20549
FORM 10-K
(Mark One)
☒
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the fiscal year ended December 31, 2024
or
☐
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
For the transition period from to
Commission File Number: 001-33852
VirnetX Holding Corporation
(Exact name of registrant as specified in its charter)
Delaware
77-0390628
(State or other jurisdiction of incorporation or organization)
(I.R.S. Employer Identification No.)
308 Dorla Court,
Suite 206
Zephyr Cove, Nevada
89448
(Address of principal executive offices)
(Zip Code)
Registrant’s telephone number, including area code: 775-548-1785
Securities registered pursuant to Section 12(b) of the Act:
Title of each class
Trading Symbol(s)
Name of each exchange on which registered
Common Stock, par value $0.0001 per share
VHC
NYSE
Securities registered pursuant to section 12(g) of the Act:
None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act. Yes ☐ No ☒
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or Section 15(d) of the Act. Yes
☐ No ☒
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the
Securities Exchange Act of
1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing
requirements for the past 90 days. Yes ☒ No ☐
Indicate by check mark whether the registrant has submitted electronically, every Interactive Data File required to be submitted
pursuant to Rule 405 of
Regulation S-T (§ 232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).
Yes ☒ No ☐
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer,
smaller reporting company, or an
emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth
company” in Rule 12b-2 of the Exchange Act.
Large accelerated filer ☐
Accelerated filer ☐
Non-accelerated filer ☒
Emerging growth company ☐
Smaller reporting company ☒
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for
complying with any
new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its
internal
control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared
or issued its audit report. ☐
If
securities are registered pursuant to Section 12(b) of the Act, indicate by check mark whether the financial statements of the registrant included in
the filing reflect the correction of an error to previously issued financial statements. ☐
Indicate by check mark whether any of those error corrections are restatements that required a recovery analysis of incentive-based compensation
received by any of the registrant’s
executive officers during the relevant recovery period pursuant to §240.10D-1(b). ☐
Indicate
by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act). Yes ☐ No ☒
The aggregate market value of the voting and non-voting common equity held by non-affiliates of the registrant as of June 28,
2024, was $21,989,863
based upon the closing price of the common shares of the registrant on June 28, 2024. This calculation does not
reflect a determination that certain persons
are affiliates of the registrant for any other purpose.
4,238,581 shares of
the registrant’s Common Stock were outstanding as of March 7, 2025.
DOCUMENTS INCORPORATED BY REFERENCE
The information required by Part III of this Annual Report on Form 10-K, to the extent not set forth herein, is incorporated by reference from the
registrant’s definitive proxy statement to be filed with the Securities and Exchange Commission not later than 120 days after December 31, 2024 relating to
the registrant’s 2025 Annual Meeting of Stockholders.
INDEX
Page
PART I
Item 1.
Business
2
Item 1A.
Risk Factors
8
Item 1B.
Unresolved Staff Comments
19
Item 1C.
Cybersecurity
20
Item 2.
Properties
21
Item 3.
Legal Proceedings
22
Item 4.
Mine Safety Disclosure
22
PART II
Item 5.
Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
22
Item 6.
[Reserved]
22
Item 7.
Management’s Discussion and Analysis of Financial Condition and Results of Operations
23
Item 7A.
Quantitative and Qualitative Disclosures about Market Risk
27
Item 8.
Financial Statements and Supplementary Data
27
Item 9.
Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
47
Item 9A.
Controls and Procedures
47
Item 9B.
Other Information
47
Item 9C.
Disclosure Regarding Foreign Jurisdictions that Prevent Inspections
48
PART III
Item 10.
Directors, Executive Officers and Corporate Governance
48
Item 11.
Executive Compensation
48
Item 12.
Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
48
Item 13.
Certain Relationships and Related Transactions, and Director Independence
49
Item 14.
Principal Accounting Fees and Services
49
PART IV
Item 15.
Exhibits and Financial Statement Schedules
49
SPECIAL NOTE REGARDING FORWARD LOOKING STATEMENTS
We have included or incorporated by reference in this Annual Report on Form 10-K (this “Report”), and from time to time we may make statements that
may constitute “forward-looking statements”
within the meaning of Section 27A of the Securities Act of 1933, as amended (the “Securities Act”), and
Section 21E of the Securities Exchange Act of 1934, as amended (the “Exchange Act”). These forward-looking statements are based upon our
current
expectations, estimates, assumptions, and beliefs concerning future events and conditions and may discuss, among other things, anticipated future
performance (including sales and earnings), products, expected growth, future business
plans and costs (including investments, partnerships and
collaborations, marketing and business development, staffing strategies and entering into another sector), the impact of potential litigation, the expectation
of future stockholder
distributions, statements regarding our efforts and ability to maintain compliance with the New York Stock Exchange (“NYSE”)
continued listing standard, our beliefs and statements regarding general industry and market conditions and growth
rates, as well as general domestic and
international economic conditions. Any statement that is not historical in nature is a forward-looking statement and may be identified by the use of words
and phrases such as “anticipates,” “believes,”
“estimates,” “expects,” “intends,” “plans,” “predicts,” “projects,” “will be,” “will continue,” “will likely
result in,” and similar expressions. Readers are cautioned not to place undue reliance on forward-looking statements. Forward-looking
statements are
necessarily subject to risks, uncertainties, and other factors, many of which are outside our control, which could cause actual results to differ materially
from such statements and from our historical results and experience.
These risks, uncertainties and other factors include, but are not limited to those
described in Item 1A – Risk Factors of this Report and elsewhere in this Report and those described from time to time in our reports filed with the
Securities
and Exchange Commission (the “SEC”). Readers are cautioned that it is not possible to predict or identify all the risks, uncertainties and other
factors that may affect future results and that the risks described herein should not be considered
a complete list. Any forward-looking statement speaks
only as of the date on which such statement is made, and we undertake no obligation to update or revise any forward-looking statement, whether as a result
of new information, future events
or otherwise.
Among others, the forward-looking statements appearing in this Report that may not occur include statements that pertain to the activities we have
undertaken to commercialize our products and
patent portfolio in and outside of the United States including VirnetX One™, War Room™, VirnetX
Matrix™ and our Secured Domain Name Registry and Technology. These statements may imply that the worldwide market for our commercialized
products is
large and will result in significant future revenue for us. However, commercialization of products such as ours is subject to significant obstacles
and risks that may delay or prevent future revenues for us.
EXCEPT AS REQUIRED BY LAW, WE UNDERTAKE NO OBLIGATION TO UPDATE OR REVISE ANY FORWARD- LOOKING
STATEMENT AS A RESULT OF NEW INFORMATION, FUTURE EVENTS OR OTHERWISE.
1
Index
PART I
Item 1.
Business
The Company
We are an Internet security software and technology company with patented technology for Zero Trust Network Access (“ZTNA”) based secure network
communications.
VirnetX’s software and technology solutions, including its Secure Domain Name Registry and Technology, VirnetX One™, War Room™,
and VirnetX Matrix™ are designed to be device and location-independent, and enable a secure real-time communication
environment for all types of
enterprise applications, services, and critical infrastructures. Our technology generates secure connections on a “single-click” basis, significantly
simplifying the deployment of secure real-time communication
solutions by eliminating the need for end-users to enter any encryption information.
Our product portfolio includes sophisticated technologies, products and services that are available for sale worldwide. Our next-generation, VirnetX One™
platform builds upon our patented
Secure Domain Name Registry and Technology to further enhance the security and efficiency of our patented secure
communication links. VirnetX One™ is a security-as-a-service platform that protects enterprise applications, services, and
infrastructure from cyber-
attacks. Our platform allows government organizations, businesses, and other enterprises of all sizes to add a “security umbrella” as an added layer on top
of their existing infrastructure to further reduce risk and
bolster security against ever-growing cyberthreats to data, operating systems, other infrastructure
products and gateway security controllers.
Our War Room™ software product provides safe and secure video conferencing meeting environment where sensitive communications and data is invisible
to those not authorized to view it. War
Room™ validates permissions of all the users, and devices requesting access to any secure meeting room prior to
granting access. We believe our War Room™ will be an attractive solution for government and law enforcement agencies as well as all
professional sectors
such as legal, financial, and medical where limiting access to confidential data is a critical requirement.
Our VirnetX Matrix™ product provides superior security for internet-enabled enterprise applications and their connected devices, and for control systems
currently deployed by those
enterprises (e.g., file servers, data back-up systems, VPN/firewalls). VirnetX Matrix™ provides a true “zero-trust” access
protection, “single-click” ease of use, and is a highly-effective added layer of protection that is deployed simply,
without the need for changes to an
enterprise’s existing, in-place infrastructure. We believe VirnetX Matrix™ is an attractive solution for all businesses, cloud and on-premise application
service providers, and original equipment manufacturers
(“OEMs”), looking to improve visibility and management of their networks to mitigate morphing
attacks on their networks and for real time access and control of their users.
We continue to augment our product strategy to provide secure AI to the marketplace. In addition to our investments with L2 Holdings,
LLC (“OmniTeq”),
an artificial intelligence and machine learning (AI/ML) solutions provider and OP Media, Inc, a dynamic software platform provider, we participated in a
Cooperative Research and Development Agreement (CRADA) with the Air Force
(AF) Research Laboratory Intelligence Systems Directorate (AFRL/RI)
to facilitate collaboration on cybersecurity and Zero Trust technologies to support integrated surveillance and reconnaissance operations as well as AF and
joint targeting
processes. This CRADA continues through 2030 and allows VirnetX to apply for security clearances for its employees. We are also
beginning to integrate AI/ML capabilities into VirnetX Matrix™ to enhance its zero-trust security, threat detection,
and network resilience by enabling
autonomous threat response, adaptive access control, and self-healing network architectures.
We have undertaken activities to commercialize our products and intellectual property in and outside the United States including
VirnetX One™, War
Room™, VirnetX Matrix™ and our Secured Domain Name Registry and Technology. We believe our product portfolio to secure devices and systems are
suitable in areas such as national defense, local, state, Federal and foreign
governments, critical infrastructure, law enforcement, healthcare, finance, legal,
oil and gas, medical, and related support industries. We continue to actively pursue new sales opportunities in and outside of the United States.
2
Index
Our employees include the core development team behind our inventions, technology, and software. Some members of this team have worked together for
over twenty years and were on the same team
that invented and developed this technology while working at Leidos, Inc., or Leidos, (f/k/a Science
Applications International Corporation, or SAIC). The team has continued its research and development work to refine our unique network
security
technology and make it more secure and easy to deploy.
Our portfolio of intellectual property is the foundation of our business model. We currently own U.S. and foreign patents/validations/pending applications.
Our patent portfolio is primarily
focused on securing real-time communications over the Internet, and related services, and is used in all our technology and
products, some of which were acquired by our principal operating subsidiary, VirnetX, Inc., from Leidos in 2006.
Industry Overview & Trends
We have seen an exponential increase in dynamic and persistent cyber threats to the U.S. national security operational framework, and
critical infrastructure
from state-sponsored adversaries, organized cybercriminal groups, and rogue actors employing advanced cyber capabilities. These threats include denial-
of-service (DoS), signal jamming, data spoofing, malware injection,
and direct attacks on ground and satellite-based communication networks
infrastructure. In the commercial sector, satellite networks that provide communication, navigation, and imagery services are vulnerable to exploitation,
posing risks to
critical infrastructure and civilian services. For government systems, adversaries have been targeting vulnerabilities in proliferated
constellations, mission-critical data streams, and multi-domain integration efforts. We believe that our
proven proactive, integrated approach to
cybersecurity ensures the resilience of defense architectures across the entire conflict continuum.
The shift to remote work and expansion of the enterprise network perimeter has driven the growth of ZTNA solutions. The Zero Trust
concept treats all
networks like the Internet, where all users and devices are untrusted by default. Their location within the network is not a factor for deciding trust. Each
user and device on the network requires authentication and
authorization, based on policy, prior to accessing any applications or resources on the network.
ZTNA facilitates security around remote work, because Zero Trust policies enable granular access control, end-to-end encryption of network
communications and remove application visibility from the public Internet which reduces the potential attack surface.
Cloud computing growth has rapidly expanded as enterprises continue to move applications and services to the cloud. The cloud offers
scalability,
operations and development efficiency and remote access benefits for their workforce. The cloud technology adoption is expected to continue to increase
quite significantly in industries where the work-from-home initiative is
helping to sustain enterprise business functions. However, shifting critical data to
the cloud has resulted in security concerns and the need for enterprises to control access and gain visibility into how information is being used, who is
accessing it and where it is going. We believe our scalable technology allows enterprises to secure applications and services regardless of whether hosting
is on-premise or in the cloud.
As billions of connected Internet of Things (“IoT”) devices come online in support of enterprise operations, products, and industrial
controls they will need
to be secured and integrated into the enterprise. Facilitated by advancements in 4G/Advanced LTE and high-speed 5G networks, IoT devices will be able to
operate from any network, transmit higher volumes of data including
video streaming and sensor data collection and require real-time decisions based on
that data. Without next generation security, these IoT devices represent a large attack surface that manages and controls critical enterprise infrastructure.
These IoT devices can operate from anywhere and will need to be secured with the same level of network security and ZTNA solutions enterprises are
already deploying for their remote workforce. We believe that the market opportunity for our
software and technology solutions is large and expanding as
secure domain names are now an integral part of securing the next generation 5G and 4G/LTE Advanced wireless networks and IoT communications.
3
Index
Our Approach & Strategy
We believe that VirnetX One™ software products are positioned to help enterprises adapt to the rapidly evolving threat landscape in work environments
and the growing need to secure
communications regardless of a user’s location, network, or device.
VirnetX One™ products deliver ZTNA, allowing enterprises to secure their information, control access and gain visibility into how information is being
used, who is accessing it and where it
is going. Our patented technology allows enterprises to license our technology for integration into their products and
services, easily deploy our technology through our VirnetX One™ family of products for endpoint security or securing their
communications with our
mobile and desktop applications.
Our strategy is to become the market leader in securing real-time communications over the Internet and to establish our VirnetX One™ as the industry
standard security platforms. Key elements of our strategy are
to:
•
Direct sales efforts with larger users, particularly those engaged in defense and other governmental or national initiatives.
•
Actively recruit partners in various vertical markets, including critical infrastructure, intelligence, defense, healthcare, finance, legal,
government to help us expand our enterprise customer base.
•
Promote our next-generation VirnetX One™ platform as a solution for delivering ZTNA, and securing enterprise applications, services, and
infrastructure.
•
Combine with VirnetX One™ platform with technologies from the companies we have invested in, namely OmniTeq and OPMedia, to
enhance their offerings and provide supplemental sales channels for VirnetX One™
•
Continue to grow our technology licensing program to commercialize our intellectual property.
•
Grow registration of VirnetX Secure Domain Names as the network segmentation component of our ZTNA solution. Establish VirnetX as the
exclusive, universal registry of secure domain names and enable our
customers to act as registrars for their users and broker secure
communication between devices.
•
Promote War RoomTM video conferencing product in the general market for sale to end-user enterprises, directly and with
partners, with
targeted promotions and other marketing programs to assist remote workers and offer an industry leading secure meeting solution.
•
Promote VirnetX MatrixTM applications, services, and infrastructure.
•
Integrate advanced AI/ML algorithms and models into the VirnetX OneTM platform for enhancements.
•
Explore quantum cryptographic solutions and blockchain applications to improve zero-trust security, to future-proof our software.
Competitive Strengths
We believe the following competitive strengths will enable our success in the marketplace:
•
Unique patented technology. We are focused on developing innovative technology for securing real-time communications over the Internet
and establishing the exclusive
secure domain name registry in the United States and other key markets around the world. Our unique solutions
combine industry standard encryption methods and communication protocols with our patented techniques for automated DNS lookup
mechanisms. Our technology and patented approach enable users to create a secure communication link by generating secure domain names.
We currently own U.S. and foreign patents/validations/pending applications. Our portfolio includes
patents and pending patent applications in
the United States and other key markets that support our secure domain name registry service for the Internet.
•
Scalable licensing business model. We are actively engaged in pursuing additional licensing agreements with industry participants OEMs,
service providers and system
integrators within the IP-telephony, mobility, mobile-to-mobile communications, fixed-mobile convergence, and
unified communications end-markets.
4
Index
•
Highly experienced research and development team. Our research and development team is comprised of nationally recognized network
security and encryption technology
scientists and experts that have worked together as a team for over ten years. During their careers, this
team has developed several cutting-edge technologies for U.S. national defense, intelligence, and civilian agencies, many of which
remain
critical to our national security today. Prior to joining VirnetX, our team worked for Leidos, during which time they invented the core
technology that is the foundation of our current technology and software. Based on the
collective knowledge and experience of our
development team, we believe that we have one of the most experienced and sophisticated groups of security experts researching vulnerability
and threats to real-time communication over the
Internet and developing solutions to mitigate these problems.
License and Service Offerings
We offer a diversified portfolio of licenses, software and service offerings focused on securing real-time communications over the Internet. We believe
software products will allow
enterprises to seamlessly integrate ZTNA protection into their networks to secure their applications, services, virtualized
resources, and data as it moves into the cloud. Enterprises can quickly deploy VirnetX One software products to protect
legacy applications, secure new
cloud-based services and remove application visibility from the public Internet. Enterprises can move towards more granular network access control to
protect their network at the edge and away from legacy VPN
technologies. VirnetX One family of software products enables remote employees to securely
interact with on-premise and cloud-based applications, regardless of their location. Enterprises can use VirnetX One platform to secure open-source
applications powering communications, data and analytics, infrastructure, and business services with a focus on making those applications easier to secure,
access and manage.
We believe our software products and technologies provide the foundation for securing real-time communications and collaboration applications for the
enterprise remote workforce. We are
exploring creating a marketplace of applications secured by our VirnetX One platform. This approach will allow us to
offer a portfolio of certified applications that can be deployed by the enterprise customers in their business networks with
confidence in keeping their
confidential data and communications secure. This marketplace strategy will allow us to offer more flexible licensing options to solve specific customer
use-cases, align with partner product offerings and create
upsell opportunities for our products.
Customers and Market Development
We have undertaken activities to commercialize our products and intellectual property in and outside the United States including VirnetX OneTM, War
RoomTM, VirnetX MatrixTM, and our Secured
Domain Name Registry and Technology. We believe our product portfolio to secure devices and systems are
stable in areas such as City, County and State Governments, Healthcare, Finance, Legal, Oil and Gas, Medical, Law Enforcement, National
Defense and
related support industries. We continue to actively pursue new opportunities in and one of United States.
During 2024, due to exponential increase in dynamic and persistent cyber threats to the U.S. national security operational framework,
we decided to
increase our focus on offering our VirnetX OneTM platform and its family of products and solutions to the Department of Defense for addressing these
challenges using our proven proactive, integrated approach to
cybersecurity that ensures the resilience of defense architectures across the entire conflict
continuum. As a part of this effort, we engaged in several significant actions:
•
We established an advisory board comprised of four retired senior U.S. Air Force leaders to assist and advise on business development and
operational direction of VirnetX’s Zero Trust Network Access security technology as a necessary layer of security for defense communications
and data management to Department of Defense government officials and commercial contractors.
•
We participated in the U.S. Navy Expeditionary Combat Command (NECC) sponsored technology demonstrations during the Rim of the Pacific
(RIMPAC)
2024, a large-scale international maritime exercise at Ford Island, Oahu, Hawaii, and successfully demonstrated our VirnetX One
Matrix and VirnetX’s War Room secure video conferencing from ship to shore environments. We believe our
technology and solutions can fill
defense needs for security, stealth, and flexibility in myriad day-to-day static situations to the most challenging operations in conflict or
humanitarian assistance.
•
We participated in a Cooperative Research and Development Agreement (CRADA) with the Air Force (AF) Research Laboratory Intelligence
Systems
Directorate (AFRL/RI) to facilitate collaboration on cybersecurity and Zero Trust technologies to support integrated surveillance and
reconnaissance operations as well as AF and joint targeting processes. The work conducted under this
CRADA is expected to provide the avenue
to secure and obfuscate AF targeting, processing, dissemination, and intelligence technology, enabling AF to take advantage of the latest research
and developments in commercially available
cybersecurity technology and reduce its IT attack surface in a joint, all-domain environment.
•
We hired Dr. John Anthony Jamison as new VirnetX Chief Technical Officer (CTO). Dr. Jamison brings a wealth of technology experience in the
intelligence community and will be instrumental as expand our participation in national defense projects and initiatives.
•
We successfully conducted a rigorous functional and penetration testing of our VirnetX One Matrix solution by Pacific Northwest National
Laboratory (PNNL) with support from Johns Hopkins University Applied Physics Laboratory (JHU-APL) at the request of The United States
Space Force (USSF).
Throughout 2024, we continued to actively engage in discussions with certain third-parties to pitch the capabilities of VirnetX OneTM.
We have continued
our engagement with Solution Synergy, WeSecure, Samsung, Every Data Corporation, and Object Security and are working on a number of projects to
deploy our VirnetX MatrixTM product. Although there can be no assurance
in this regard, we believe that there are opportunities for Company products'
sales directly to, resale arrangements with and/or adoption as vendor standards by, one or more of these third parties.
We have Patent License Agreements with Aastra USA, Inc. Avaya, Inc., Microsoft Corporation, Mitel Networks Corporation, NEC Corporation
and NEC
Corporation of America, Siemens Enterprise Communications GmbH & Co. KG, and Siemens Enterprise Communications Inc. to license certain of our
patents, for a one-time payment and an ongoing royalty for all future sales through the
expiration of the licensed patents with respect to certain current and
future IP-encrypted products.
5
Index
We are seeking further licensing of our technology, to developers and original equipment manufacturers, or OEMs, of chips, servers, Desktop, mobile
devices such as smart phones, tablets,
laptops, net books, and other devices, within the IP-telephony, mobility, fixed- mobile convergence, and unified
communications markets including 5G and 4G/LTE. We have published our royalty rates and guidelines on our website. All forward
moving licenses have
adhered to these guidelines and have met or exceeded these rates and we will use these rates and guidelines in all future license negotiations.
Marketing and Sales
We employ a leveraged, partner-oriented marketing and sales strategy for software product and services offerings. We have successfully signed several
Resellers & Managed Service Provider
Agreements in various market segments, including healthcare, finance, legal, government, etc., to assist us in selling
our software products to their customers. We plan to directly market our software products, domain name registry services to
large enterprises and
government organizations along with our service provider and system integrator customers.
We believe significant opportunities exist for our VirnetX One™, War Room™, VirnetX Matrix™ products and services in areas such as Local and State
Governments, Power and Energy generation,
Healthcare, Finance, Legal, Oil and Gas, Medical, Law Enforcement, National Defense and related support
industries. We are actively pursuing a number of sales opportunities, in and outside the United States, for as we seek to extend out our
customer base
globally. We expect to leverage our relationship with OmniTeq and Op Media to extend our offering to departments and agencies within the federal
government.
We have signed a non-exclusive Distribution and Service Agreement with IP Dream, a Japanese based strategic technology developer and service provider,
to sell our software products as well as
VirnetX’s Secure Domain Name technology to its clients in Japan and greater Asia. Jointly with IP Dream, we are
currently pursuing several OEM opportunities with some of the largest services providers in Japan. Along with our efforts with IP
Dream, we continue to
explore alternative strategies to pursue opportunities to work with other third parties in Japan, and elsewhere, using an approach that will seek to capitalize
on these opportunities in part by placing more emphasis on the
use of our own employees.
We intend to continue to license our patent portfolio, technology, and software, including our secure domain name registry service, to domain infrastructure
providers, communication service
providers as well as to system integrators. We intend to seek further license of our technology and software products, to
enterprise customers, developers and original equipment manufacturers, or OEMs, of chips, servers, Desktop, mobile devices
such as smart phones, tablets,
laptops, net books, and other devices, within the IP-telephony, mobility, fixed- mobile convergence, and unified communications markets including 5G and
4G/LTE.
Intellectual Property and Patent Rights
Our intellectual property is primarily comprised of trade secrets, patented know-how, issued and pending patents, copyrights and technological innovation.
We currently own U.S. and foreign patents/validations/pending applications. Our portfolio includes many patents that describe unique systems and methods
for securing real- time communications
over the Internet, as well as related services such as the establishment and maintenance of a secure domain name
registry. Our software and technology solutions also may have additional applications relating to operating systems and network
security. A complete list of
our U.S. licensees is available on our website located at http://www.virnetx.com. Each patent is publicly accessible on U.S. Patent and Trademark Office
website at http://www.uspto.gov. Some of our issued U.S. and
foreign patents expire at various times during the period from 2024 to 2034.
Notwithstanding anything to the contrary set forth in any of our filings under the Securities Act or the Exchange Act that might incorporate future filings,
the information set forth on the
United States Patent and Trademark Office (the “USPTO”) website, shall not be deemed to be a part of or incorporated by
reference into any such filings. We do not warrant the accuracy, completeness or adequacy of the USPTO website, and
expressly disclaim liability for
errors or omissions on such website.
6
Index
Assignment of Patents
Some of our issued patents and pending patent applications were acquired by our principal operating subsidiary, VirnetX, Inc., from Leidos, pursuant to an
Assignment Agreement dated December
21, 2006, and a Patent License and Assignment Agreement dated August 12, 2005, as amended on November 2,
2006, including documents prepared pursuant to the November amendment, and as further amended on March 12, 2008. We recorded the assignment
from
Leidos, with the U.S. Patent Office on December 21, 2006.
Key terms of these agreements are as follows:
•
Patent Assignment. Leidos, unconditionally and irrevocably conveyed, transferred, assigned, and quitclaimed all its right, title, and interest
in and to the patents and
patent applications, as specifically set forth in the assignment document recorded with the U.S. Patent Office,
including, without limitation, the right to sue for past infringement.
•
License to Leidos, Outside the Field of Use. Effective March 12, 2008, we granted to Leidos, a non-exclusive, royalty free, fully paid,
perpetual, worldwide,
irrevocable, sub licensable and transferable right and license permitting Leidos, and its assignees to make, have made,
import, use, offer for sale, and sell products and services covered by, and to make improvements to, the patents and
patent applications we
acquired from Leidos, solely outside our field of use.
•
Compensation Obligations. As consideration for the assignment of the patents and for the rights we obtained from Leidos, as amended, we
are required to make payments to
Leidos, based on cash or certain other values generated from those patents. The amount of such payments
depends upon the type of value generated, and certain categories are subject to maximums and other limitations. In 2010, we met our
maximum royalty payment requirement; however, Leidos is also entitled under certain circumstances to receive a portion of the proceeds paid
to us for certain acquisitions of VirnetX and the settlement of certain patent infringement
claims of ours.
Government Regulation
We are subject to various federal, state, local, and foreign laws and regulations, including those relating to privacy, data protection and security, intellectual
property, employment and
labor, workplace safety, consumer protection, anti-bribery, import and export controls, immigration, federal securities, and tax.
Additional laws and regulations relating to these areas likely will be passed in the future, and these or existing
laws and regulations may be interpreted or
enforced in new or expanded manners, each of which could result in significant limitations on how we operate our business.
In particular, the laws governing online secure communications remain unsettled in various respects, even in areas where there has been legislative action.
Uncertainty regarding the
interpretation and enforcement of laws governing matters such as intellectual property, privacy, data protection and libel in the
context of online communications and media is likely to remain. New and existing legislation, or changes in its
interpretation and enforcement, may
interfere with the growth in use of online secure communications and decrease the acceptance of online secure communications as a viable solution, which
could adversely affect our business.
Due to the Internet’s increasing and evolving use, new laws regulating secure communications may be adopted. These laws and regulations may cover,
among other things, issues relating to
privacy, data protection, cybersecurity, pricing, taxation, telecommunications over the Internet, content, copyrights,
distribution and quality of products and services. We intend to work to comply with all new applicable laws and regulations
as they are adopted and put in
force. New and evolving laws and regulations, and changes in their enforcement and interpretation, may have material impacts upon our development and
commercialization plans or business practices, and may
significantly increase our compliance costs and otherwise adversely affect our business, financial
condition, and results of operations.
The U.S. government has controlled the authoritative domain name system, or DNS, root server since the inception of the Internet. On July 1, 1997, the
President of the United States directed
the U.S. Secretary of Commerce to privatize the management of the domain name system in a manner that increases
competition and facilitates international participation in its management.
7
Index
On September 29, 2006, the U.S. Department of Commerce extended its delegation of authority by entering into a new agreement with the Internet
Corporation for Assigned Names and Numbers, or
ICANN, a California non-profit corporation headquartered in Marina Del Rey, California. ICANN is
responsible for managing the accreditation of registry providers and registrars that manage the assignment of top- level domain names associated
with the
authoritative DNS root directory. Although it is possible to create and manage other DNS root directories privately without accreditation from ICANN, the
possibility of conflicting name and number assignments makes it less likely that
users would widely adopt a top-level domain name associated with an
alternative DNS root directory provided by a non-ICANN- accredited registry service.
Employees and Human Capital
As of December 31, 2024, we had 23 full and part time employees, most of whom work remotely. We have had a work-from-home workforce since our
inception. The emphasis of our employees is on
our technology research and product development with 15 employees focused on this effort. Our team has
been working on enhancing our products and adding new functionality. We also continue building our sales and marketing teams to expand our
product-
lines and customer base.
In addition to our regular employees, we also engage with consultants on a regular basis. These consultants can be involved in our product development,
customer relations, legal, and/or
regulatory compliance and reporting. We have experienced low employee turnover rates over the years with both
employees and consultants participating in our equity incentive plan.
Available Information
We file or furnish various reports, such as registration statements, periodic and current reports, proxy statements and other materials with the SEC. Our
website address is
http://www.virnetx.com. You may obtain, free of charge on our website, copies of our annual reports on Form 10-K, quarterly reports on
Form 10-Q, current reports on Form 8-K, and amendments to those reports filed or furnished pursuant to
Section 13(a) or 15(d) of the Exchange Act, as
soon as reasonably practicable after we electronically file such material with, or furnish it to, the SEC. The information we post is intended for reference
purposes only; none of the information
posted on our website is part of this report or incorporated by reference herein.
The SEC also maintains website at http://www.sec.gov that contains reports, proxy and other information statements, and other information regarding
issuers, including us, that file
electronically with the SEC.
Item 1A.
Risk Factors
Our operations and financial results are subject to various risks and uncertainties, including those described below, which could adversely affect our
business, financial condition, results
of operations, cash flows, and the trading price of our common and capital stock. You should carefully consider the
risks and uncertainties described below in addition to the other information set forth in this Report, including in
“Management’s Discussion and Analysis of
Financial Condition and Results of Operations” and our consolidated financial statements and related notes, before making any investment in our common
stock. The risks and uncertainties described below
are not the only ones we face. Additional risks and uncertainties not presently known to us or that we
currently believe to be immaterial may also adversely affect our business. If any of these risk factors occur, you could lose substantial
value or your entire
investment in our shares.
Risks Related to Our Business and Our Financial Reporting
Our operating results may not be consistent and may be difficult to predict and we may not be able to achieve or sustain profitability in the future.
We had a net loss of $6.2 million for the quarter ended December 31, 2024. We had a net loss of $18.2 million for the year ended December 31, 2024. As of
December 31, 2024, we had an
accumulated deficit of $204.7 million. Our operating results have fluctuated in the past due to several factors and may
fluctuate in the future due to the same or similar factors, which include but are not limited to the following:
8
Index
•
Time and resources required to accelerate transition to new product development and sales strategies targeting large enterprises, government
customers, service provider partnerships and grant funding;
•
Our success depends in part on establishing and maintaining relationships with third parties to integrate our family of cybersecurity products and
services into their operations and develop solutions key
to the defense market, critical infrastructure and threat intelligence service;
•
Customer adoption of our VirnetX One™ platform and software products and services;
•
The number of product license sales of VirnetX War Room™, VirnetX Matrix™ and associated services;
•
Adoption of VirnetX OneTM platform by third party application providers of secure communications;
•
Intensely competitive market with established companies that have larger customer bases, and greater resources than we do;
•
Prolonged economic uncertainties or downturns, globally or in certain regions or industries, could materially adversely affect our business; and
•
Government export and import control regulations on selling products with encryption technology in certain international markets.
These fluctuations may make our business particularly difficult to manage, adversely affect our business and operating results, make our operating results
difficult for investors to predict
and, further, cause our results to fall below investor’s expectations and adversely affect the market price of our common
stock. If we fail to increase our revenue to offset any increases in our operating expenses, we may not achieve or sustain
profitability in the future.
Our success depends in part on establishing and maintaining relationships with third parties to incorporate our products and services into their
operations.
Part of our business strategy is to enter into partnerships, strategic investments, and other cooperative arrangements with other companies and government
agencies. We have invested in and we
continue to seek to invest in or acquire businesses, technologies, or other assets that we believe could complement or
expand our business. In addition, we are regularly involved in cooperative efforts with respect to the incorporation of our
products into products of others
and vice versa, collaborative research and development efforts with government and university laboratories, distributor and reseller arrangements and
service provider partnerships. These relationships are
generally non-exclusive, and some of our partners also have cooperative relationships with certain of
our competitors or offer some products and services that are competitive with ours. If we lose third-party relationships, if these
relationships are not
commercially successful, or if we are unable to enter into third-party relationships on commercially reasonable terms in the future, our business could be
negatively impacted.
We expect that we will experience long and unpredictable sales cycles, which may impact our operating results.
The sales cycle between initial customer contact and execution of a contract or license agreement with a customer or purchaser of our products can vary
widely. We expect that our sales cycles
will be long and unpredictable due to several factors, including but not limited to:
•
The need to educate potential customers about our product and service capabilities;
•
Our customers’ budgetary constraints and timing of their budget cycles;
•
Delays caused by time-consuming internal review processes customary with potential customers including large governments agencies and institutions
in the space and defense industries; and
•
Long sales cycles may increase the risk that our financial resources are exhausted before we are able to generate significant revenue.
9
Index
In addition, potential customers of our products include local, state, federal and foreign government agencies, as well as institutions in the space and
defense industries. Sales processes to
government authorities can be extensive and unpredictable. Government authorities generally have complex
budgeting, purchasing, and regulatory processes that govern their capital spending, and their spending is likely to be adversely impacted
by economic
conditions. In addition, in many instances, sales to government authorities may require field trials and may be delayed by the time it takes for government
officials to evaluate multiple competing bids, negotiate terms, and award
contracts.
For these reasons, the sales cycle associated with our products is subject to a number of significant risks that are beyond our control. Consequently, if
customer orders are delayed or not
realized, our revenues and results of operations could be materially and adversely affected.
We have limited technical resources and are at an early stage in commercialization of our VirnetX One™ platform and software products.
Part of our business includes the internal development of commercial products we seek to monetize. This aspect of our business may require significant
capital, time and resources and we
cannot guarantee that it will be successful or meet our expectations. Based on the scale of our technical resources, our
limited historical financial data upon which to base our projected revenue or planned operating expenses related to our
software products and services, we
may not be able to effectively:
•
Implement an effective marketing strategy to promote awareness of our products;
•
Attract and retain customers for our products;
•
Generate revenues or profit from product sales;
•
Provide appropriate levels of customer training and technical support for our products;
•
Rapidly anticipate and adapt to changes in the market and evolving customer requirements;
•
Protect our products from any system failures or other breaches.
In addition, a high percentage of our expenses are and will continue to be fixed. Accordingly, if we do not generate revenue as and when anticipated, our
losses may be greater than expected
and our operating results will suffer.
The market in which we participate is intensely competitive, and if we do not compete effectively, our operating results could be harmed.
The market for ZTNA security solutions is rapidly evolving and highly competitive as new entrants and traditional network solutions companies offer
cloud-based cybersecurity solutions. Many
of our competitors and potential competitors have established brand recognition, larger customer bases, and
greater resources than we do. Our primary competitors in the ZTNA market include Appgate, Cloudflare, and Illumio. In the enterprise
market, our primary
competitors include Zscaler (ZPA), Palo Alto Networks (Prisma Access), Cisco (Umbrella), Citrix (Secure Private Access), Netskope (Private Access for
ZTNA) and Cato Networks. As we expand our product offerings and use cases,
we will begin to compete with companies that offer bundled security-as-a-
service solutions that include Secure Access Service Edge (SASE) and Security Service Edge (SSE). With the introduction of new technologies and market
entrants, we expect
competition to intensify in the future. For example, disruptive technologies such as generative AI has and may continue to
fundamentally alter the market for our services in unpredictable ways and reduce customer demand. If we fail to compete
effectively, our business will be
harmed. Some of our competitors offer their products or services at lower prices or for free as part of a broader bundled product sale or enterprise license
arrangement, which has placed pricing pressure on our
business. If we are unable to achieve our target pricing levels, our operating results will be
negatively impacted. For us to compete effectively, we need to introduce new products and services in a timely and cost-effective manner, meet
customer
expectations and needs at prices that customers are willing to pay, and continue to enhance the features and functionalities of our cloud content
management platform. In addition, pricing pressures and increased competition could
result in reduced sales, lower margins, losses or the failure of our
services to achieve or maintain widespread market acceptance, any of which could harm our business.
10
Index
Many of our competitors are able to devote greater resources to the development, promotion and sale of their products or services. In addition, many of our
competitors have established
marketing relationships and major distribution agreements with government agencies, channel partners, consultants, system
integrators and resellers. Competitors may offer products or services at lower prices or with greater depth than our
services. Our competitors may be able to
respond more quickly and effectively to new or changing opportunities, technologies, standards or customer requirements. Furthermore, some potential
customers, particularly large enterprises, may elect
to develop their own internal solutions. For any of these reasons, we may not be able to compete
successfully against our competitors.
Our products are highly technical and may contain undetected errors, which could cause harm to our reputation and adversely affect our business.
Our products are highly technical and complex and, when deployed, may contain errors or defects. Despite testing, some errors in our products may only be
discovered after a product has been
installed and used by customers. Any errors or defects discovered in our products after commercial release could result
in failure to achieve market acceptance, loss of revenue or delay in revenue recognition, loss of customers and increased
service and warranty cost, any of
which could adversely affect our business, operating results, and financial condition. In addition, we could face claims for product liability, tort, or breach
of warranty, including claims relating to changes
to our products made by our channel partners. The performance of our products could have unforeseen or
unknown adverse effects on the networks over which they are delivered as well as on third-party applications and services that utilize our
services, which
could result in legal claims against us, harming our business. Furthermore, we expect to provide implementation, consulting, and other technical services in
connection with the implementation and ongoing maintenance of our
products, which typically involves working with sophisticated software, computing,
and communications systems. We expect that our contracts with customers will contain provisions relating to warranty disclaimers and liability limitations,
which
may not be upheld. Defending a lawsuit, regardless of its merit, is costly and may divert management’s attention and adversely affect the market’s
perception of us and our products. In addition, if our business liability insurance coverage
proves inadequate or future coverage is unavailable on
acceptable terms or at all, our business, operating results, and financial condition could be adversely impacted.
Malfunctions of third-party communications infrastructure, hardware and software expose us to a variety of risks that we cannot control.
Our business will depend upon, among other things, the capacity, reliability, security, and unimpeded access of the infrastructure owned by third parties that
we will use to deploy our
offerings. We have no control over the operation, quality, or maintenance of a significant portion of that infrastructure or whether
those third parties will upgrade or improve their equipment. We depend on these companies to maintain the
operational integrity of our connections. If one
or more of these companies is unable or unwilling to supply or expand their levels of service to us in the future, our operations could be severely
interrupted. Also, to the extent that the
number of users of networks utilizing our current or future products suddenly increases, the technology platform and
secure hosting services which will be required to accommodate a higher volume of traffic may result in slower response times or
service interruptions.
System interruptions or increases in response time could result in a loss of potential or existing users and, if sustained or repeated, could reduce the appeal
of the networks to users. In addition, users depend on
real-time communications; outages caused by increased traffic could result in delays and system
failures. These types of occurrences could cause users to perceive that our solution does not function properly and could therefore adversely affect
our
ability to attract and retain licensees, strategic partners, and customers.
System failure or interruption or our failure to meet increasing demands on our systems could harm our business.
The success of our license and service offerings will depend on the uninterrupted operation of various systems, secure data centers and other computer and
communication networks that we
establish. To the extent, the number of users of networks utilizing our future products suddenly increases, the technology
platform and hosting services which will be required to accommodate a higher volume of traffic may result in slower
response times, service interruptions
or delays or system failures. Our systems and operations will also be vulnerable to damage or interruption from, among other things:
11
Index
•
Power loss, transmission cable cuts and other telecommunications failures;
•
Damage or interruption caused by fire, earthquake, and other natural disasters;
•
Computer viruses, electronic break-ins, sabotage, vandalism or software defects; and
•
Physical or electronic break-ins, sabotage, intentional acts of vandalism, terrorist attacks and other events beyond our control.
System interruptions or failures and increases or delays in response time could result in a loss of potential or existing users and, if sustained or repeated,
could reduce the appeal of the
networks to users. These types of occurrences could cause users to perceive that our solution does not function properly and
could therefore adversely affect our ability to attract and retain licensees, strategic partners, and customers, and
result in lost revenue, customer
dissatisfaction, or lawsuits against us.
If we are not able to adequately protect our patent rights and trade secrets, our business would be negatively impacted.
We believe our patents are valid, enforceable, and valuable. Notwithstanding this belief, third parties may make claims of infringement with respect to our
products or services or invalidity
claims with respect to our patents or become aware of our trade secrets by way of leaks from bad actors within or outside
of our employee base or otherwise, and such claims could give rise to material cost for defense or settlement or both, and
such claims or leaks could
jeopardize or substantially delay a successful outcome of litigation we are or may become involved in, divert resources away from our other activities, limit
or cease our related revenues, or otherwise materially and
adversely affect our business. Even if we are successful in protecting our intellectual property
rights, they may not ultimately provide us with any competitive advantages and may be less valuable than we currently expect. These risks may be
heightened in countries other than the United States where laws regarding patent protection are less developed and may be negatively affected by the fact
that legal standards in the United States and elsewhere for protection of intellectual
property rights in Internet-related businesses are uncertain and still
evolving. In addition, there are a significant number of United States and foreign patents and patent applications in our areas of interest, and we expect that
significant
litigation in these areas will continue and will add uncertainty to the value of certain patents and other intellectual property rights in our areas of
interest. If we are unable to protect our intellectual property rights or otherwise realize
value from them, our business would be negatively affected.
12
Index
If we experience security breaches or incidents, we could be exposed to liability and our reputation and business could suffer.
We expect to retain certain confidential and proprietary customer information in our secure data centers and secure domain name registry, as well as
personal data and other confidential and proprietary information relating to our business. It
will be critical to our business strategy that our facilities and
infrastructure, including our secure domain name servers, remain secure and are perceived by the marketplace to be secure. Our secure domain name
registry operations will also
depend on our ability to maintain our computer and telecommunications equipment in effective working order and to
reasonably protect our systems against interruption, and potentially depend on protection by other registrars in the shared
registration system.. Additionally,
we maintain confidential and proprietary business information, including trade secrets. We expect to have to expend significant time and money to maintain
or increase the security of our products, facilities,
and infrastructure. Security technologies are constantly being tested by computer professionals,
academics and “hackers.” Advances in computer capabilities and the techniques for attacking security solutions, new discoveries in the field of
cryptography or other events or developments could result in compromises or breaches of our security measures and could make some or all our products
obsolete or unmarketable. Likewise, we may need to dedicate engineering and other resources to
mitigate or eliminate security vulnerabilities and may find
it necessary or appropriate to repair or replace products already sold or licensed to our customers. Despite the security measures that we and our service
providers utilize, our
infrastructure and that of our service providers may be vulnerable to physical break-ins, ransomware, computer viruses, other
malicious code attacks by hackers, phishing attacks, social engineering, or similar disruptive problems. There can be
no assurances our security measures
or those of our service providers will prevent security breaches or incidents. Any disruption or security breach or incident that we or our service providers
suffer or are perceived to suffer, including any
such disruption, breach or incident resulting in a loss of, or damage to, data or systems, or inappropriate
disclosure, access, loss, or other processing of confidential, financial, proprietary or personal information, including data related to
our personnel, could
result in loss, disclosure or other unauthorized processing of such data, could delay our research and development or commercialization efforts, could
compel us to comply with breach notification laws and regulations,
subject us to mandatory corrective action, and otherwise subject us to liability under
laws and regulations that protect the privacy and security of personal information. It is possible that we may have to expend additional financial and other
resources to address such problems. Remote work by our personnel and those of third parties has resulted in increased vulnerability to cyber-attacks.
Additionally, geopolitical tensions and conflicts may create increased risks of cyber-attacks.
As a provider of Internet security software and technology, we
may be the target of dedicated efforts by hackers and other third parties to overcome or defeat our security measures. Any physical or electronic break-in or
other security breach
or incident or compromise impacting our products, or any information stored at our secure data centers and domain name registration
systems, including any compromise due to human error or employee or contractor malfeasance, may jeopardize the
security of information stored on our
premises or in the computer systems and networks of our customers. Additionally, any such data security incident, or the perception that one has occurred
could also result in adverse publicity, harm to our
reputation and competitive position, and therefore adversely affect the market’s perception of the security
of electronic commerce and communications over IP networks as well as the security or reliability of our services, which could have a
material adverse
impact on our business, financial condition, and results of operations.
A security breach or other security incident, or the perception any such event has occurred, could require a substantial level of financial resources to
address and otherwise respond to, may
be difficult to identify or address in a timely manner, and could result in claims, investigations, inquiries, and other
proceedings or actions by private parties or governmental entities that may divert management’s attention and require the
expenditure of significant time
and resources, and which may cause us to incur substantial fines, penalties, or other liability and related legal and other costs. Cybersecurity risks pose a
particularly significant risk to our business given
our focus on providing internet security software and secure communications technology. Any actual or
perceived security breach or other security incident may also harm our reputation, result in a loss of customers, and make it more difficult
or impossible for
us to successfully market to others. Any of the foregoing matters could harm our business, operating results and financial condition.
Our products are subject to governmental export and import controls that could subject us to liability or impair our ability to compete in
international
markets.
Because we incorporate encryption technology into our products, certain of our products are subject to U.S. export controls and may be exported outside
the U.S. only with the required export
license or through an export license exception. If we were to fail to comply with U.S. export licensing requirements,
U.S. customs regulations, U.S. economic sanctions, or other laws, we could be subject to substantial civil and criminal
penalties, including fines,
incarceration for responsible employees and managers, and the possible loss of export or import privileges. Obtaining the necessary export license for a
particular sale may be time-consuming and may result in the
delay or loss of sales opportunities. Furthermore, U.S. export control laws and economic
sanctions prohibit the shipment of certain products to U.S. embargoed or sanctioned countries, governments, and persons. Even though we take precautions
to
ensure that we comply with all relevant regulations, any failure by us or any partners to comply with such regulations could have negative consequences
for us, including reputational harm, government investigations, and penalties.
In addition, various countries regulate the import of certain encryption technology, including through import permit and license requirements, and have
enacted laws that could limit our
ability to distribute our products or could limit our end-customers’ ability to implement our products in those countries.
Changes in our products or changes in export and import regulations may create delays in the introduction of our products
into international markets,
prevent our end-customers with international operations from deploying our products globally or, in some cases, prevent or delay the export or import of
our products to certain countries, governments, or persons
altogether. Any change in export or import regulations, economic sanctions, or related
legislation, shift in the enforcement, or scope of existing regulations, or change in the countries, governments, persons, or technologies targeted by such
regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential end-customers
with international operations. Any decreased use of our products or limitation on
our ability to export to or sell our products in international markets would
likely adversely affect our business, financial condition, and results of operations.
13
Index
Privacy and data security concerns, data collection and transfer restrictions and related domestic or foreign regulations may limit the use and adoption
of our solutions and adversely affect our business.
Personal privacy, information security, and data protection are significant issues in the United States, Europe, and many other jurisdictions where we have
operations or offer our products.
The regulatory framework governing the collection, processing, storage and use of confidential and proprietary business
information and personal data is rapidly evolving. The United States federal, various state and foreign governments have
adopted or proposed requirements
regarding the collection, distribution, use, security, storage, and other processing of personal information and other data relating to individuals, and federal
and state consumer protection laws are being
applied to enforce regulations related to the online collection, use and dissemination of data.
Further, many foreign countries and governmental bodies, including the European Union (“EU”), where we conduct business, have laws and regulations
concerning the collection and use of
personal data obtained from their residents or by businesses operating within their jurisdiction. These laws and
regulations often are more restrictive than those in the United States. Laws and regulations in these jurisdictions apply broadly
to the collection, use,
storage, disclosure, and security of data that identifies or may be used to identify or locate an individual.
We also expect that there will continue to be new proposed laws, regulations and industry standards concerning privacy, data protection and information
security in the United States, the EU,
and other jurisdictions. For example, the European Commission maintains a General Data Protection Regulation (the
“GDPR”) that imposes stringent data protection requirements and provides for substantial penalties for noncompliance. The United
Kingdom has enacted a
Data Protection Act and legislation referred to as the UK GDPR that substantially implements the GDPR and provides for a penalty regime similar to the
GDPR. We may be required to incur substantial expense in order to make
significant changes to our products and operations to address compliance with the
GDPR and similar legislation, such as the UK GDPR and UK Data Protection Act, all of which may adversely affect our revenue and product sales.
California has
enacted legislation, the California Consumer Privacy Act (the “CCPA”) that, among other things, requires covered companies to provide
disclosures to California consumers, and afford such consumers abilities to opt-out of certain sales of
personal information. The CCPA was modified and
expanded by the California Privacy Rights Act (the “CPRA”), which was approved by California voters in the November 2020 election. Additionally, other
U.S. states continue to propose, and in
certain cases adopt, privacy-focused legislation. For example, Connecticut, Virginia, Utah and Colorado enacted
legislation similar to the CCPA and CPRA that took effect in 2023; Florida, Montana, Oregon, and Texas have enacted similar
legislation that has became
effective in 2024; Delaware, Nebraska, Maryland, New Hampshire, New Jersey, Minnesota, Tennessee, and Iowa have enacted similar legislation that has
or will become effective in 2025; and Indiana, Kentucky, and Rhode
Island have enacted similar legislation that will become effective in 2026. We cannot
yet fully determine the impact these or future laws, regulations and standards may have on our business, but they may require us to modify our data
processing
practices and policies and to incur substantial costs and expenses in efforts to comply. Privacy, data protection and information security laws and
regulations are often subject to differing interpretations, may be inconsistent among
jurisdictions, and may be alleged to be inconsistent with our current or
future practices. Additionally, we may be bound by contractual requirements applicable to our collection, use, processing, and disclosure of various types of
data,
including personal data, and may be bound by, or voluntarily comply with, self-regulatory or other industry standards relating to these matters. These
and other requirements could reduce demand for our products, increase our costs, impair our
ability to grow our business, or restrict our ability to store and
process data or, in some cases, impact our ability to offer our service in some locations and may subject us to liability. Any failure or perceived failure to
comply with
applicable laws, regulations, industry standards, and contractual obligations may adversely affect our business. Further, in view of new or
modified federal, state, or foreign laws and regulations, industry standards, contractual obligations
and other legal obligations, or any changes in their
interpretation, we may find it necessary or desirable to fundamentally change our business activities and practices or to expend significant resources to
modify our product and otherwise
adapt to these changes. We may be unable to make such changes and modifications in a commercially reasonable manner
or at all, and our ability to develop new products and features could be limited.
14
Index
The costs of compliance with and other burdens imposed by laws, regulations and standards may limit the use and adoption of our service and reduce
overall demand for it, or lead to
significant fines, penalties, or liabilities for any noncompliance. Privacy, information security, and data protection
concerns, whether valid or not valid, may inhibit market adoption of our platform, particularly in certain industries and
foreign countries.
Our business has been, and may continue to be, negatively affected by activist shareholders.
Responding to actions and communications by activist shareholders is costly and time-consuming, has diverted the attention of management, our Board of
Directors and our employees, and may be
disruptive to our operations. Additionally, perceived uncertainties as to our future direction as a result of
shareholder activism may lead to the perception of a change in the direction of our business or other instability, which may be
exploited by our competitors,
cause concern to our current or potential customers, and make it more difficult to attract and retain qualified personnel. Furthermore, if customers choose to
delay, defer or reduce transactions with us or do
business with our competitors instead of us, then our business, financial condition and operating results
would be adversely affected. In addition, our share price could experience periods of increased volatility as a result of shareholder
activism.
Risks Related to Ownership of Our Common Stock
We do not regularly pay dividends on our common stock and thus stockholders must look to appreciation of our common stock to realize a gain on their
investments.
Our dividend policy is within the discretion of our Board of Directors and will depend upon various factors, including our business, financial condition,
results of operations, capital
requirements, and investment opportunities. We therefore cannot make assurances that our Board of Directors will determine
to pay regular or special dividends in the future. Accordingly, unless our Board of Directors determines to pay
dividends, stockholders will be required to
look to appreciation of our common stock to realize a gain on their investment, which may not occur.
The exercise of our outstanding stock options and warrants, and the issuance of RSUs and restricted stock would result in a dilution of our current
stockholders’ voting power and an increase in the number of shares eligible for future resale in the public market which may negatively impact the
market price of our stock.
The exercise of our outstanding vested stock options and warrants, and the vesting of RSUs and restricted stock dilutes the ownership interests of our
existing stockholders. As of December
31, 2024, we had outstanding options, warrants and RSUs to purchase an aggregate of 265,040 shares of common
stock representing approximately 6.25% of our total shares outstanding of which 242,352 were vested. To the extent outstanding stock
options or warrants
are exercised and RSUs vest, additional shares of common stock will be issued, existing stockholders’ percentage voting interests will decline and the
number of shares eligible for resale in the public market will increase.
Such increase may have a negative effect on the value or market trading price of our
common stock.
Investors may have limited influence because ownership of our common stock is limited.
As of December 31, 2024, our executive officers and directors beneficially owned approximately 18% of our outstanding common stock. Because of their
beneficial ownership interest, our
officers and directors could significantly influence stockholder actions of which you disapprove or that are contrary to
your interests. This ability to exercise significant influence could prevent or significantly delay another company from
acquiring or merging with us.
15
Index
Our protective provisions in our amended and restated certificate of incorporation and amended and restated bylaws could make it difficult for a third
party to
successfully acquire us even if you would like to sell your stock to them.
We have protective provisions in our amended and restated certificate of incorporation (“Restated Charter”) and amended and restated bylaws (“Restated
Bylaws”) that could delay, discourage, or prevent a third party from acquiring control of us
without the approval of our Board of Directors. These
protective provisions include:
•
A staggered Board of Directors: Only one or two of five directors will be up for election at any given annual meeting, delaying the ability of
stockholders to affect a change in control of us because it
would take two annual meetings to effectively replace a majority of the Board of Directors.
•
Blank check preferred stock: Our Board of Directors has the authority to establish the rights, preferences, and privileges of our 10,000,000 authorized,
but unissued, shares of preferred stock. Therefore,
this stock may be issued at the discretion of our Board of Directors with preferences over your
shares of our common stock in a manner that is materially dilutive to you. In addition, blank check preferred stock can be used to create a
“poison pill”
which is designed to deter a hostile bidder from buying a controlling interest in our stock without the approval of our Board of Directors. We have not
adopted such a “poison pill;” but our Board of Directors can do so in
the future, very rapidly and without stockholder approval.
•
Advance notice requirements for director nominations and for business to be brought before stockholder meetings: Stockholders wishing to submit
director nominations or raise matters to a vote of the
stockholders must provide notice to us within very specific date windows and in very specific
form to have the matter voted on at a stockholder meeting. This gives our Board of Directors and management more time to react to stockholder
proposals generally and could also permit us to disregard a stockholder proposal to the extent such proposal is not submitted in accordance with the
Restated Bylaws.
•
No stockholder actions by written consent: No stockholder or group of stockholders may take action by written consent. Along with the advance notice
requirements described above, this provision also gives
our Board of Directors and management more time to react to proposed stockholder actions.
•
Super majority requirement for stockholder amendments to the Restated Bylaws: Stockholder proposals to alter or amend our Restated Bylaws or to
adopt new bylaws can only be approved by the affirmative
vote of at least 66 2/3% of the outstanding shares of our common stock.
•
No ability of stockholders to call a special meeting of the stockholders: A special meeting of the stockholders, other than as required by statute, may be
called at any time by the Board of Directors, the
chairman of the Board of Directors, or the president, and any power of stockholders to call a special
meeting of stockholders is specifically denied. Accordingly, stockholders, even those who represent a significant percentage of our
shares of common
stock, may need to wait for the annual meeting before nominating directors or raising other business proposals to be voted on by the stockholders.
In addition, the provisions of Section 203 of the Delaware General Corporation Law govern us. These provisions may prohibit large stockholders,
particularly those owning 15% or more of our
outstanding voting stock, from merging or combining with us for a certain period of time.
These and other provisions in our Restated Charter, our Restated Bylaws and under Delaware law could discourage potential takeover attempts, reduce the
price that investors might be willing
to pay for shares of our common stock in the future and result in the market price being lower than it would be without
these provisions.
Our Restated Bylaws designate a state or federal court located within the State of Delaware as the exclusive forum for substantially all disputes
between
us and our stockholders, which could limit our stockholders’ ability to choose the judicial forum for disputes with us or our directors, officers, or
employees.
Our Restated Bylaws provide that, unless we consent in writing to the selection of an alternative forum, the sole and exclusive forum for (1) any derivative
action or proceeding brought on
our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, stockholders,
officers, or other employees to us or our stockholders, (3) any action arising pursuant to any provision of the Delaware
General Corporation Law, or our
Restated Charter or Restated Bylaws or (4) any other action asserting a claim that is governed by the internal affairs doctrine shall be the Court of Chancery
of the State of Delaware (or, if the Court of
Chancery does not have jurisdiction, another State court in Delaware or the federal district court for the District
of Delaware), in all cases subject to the court having jurisdiction over indispensable parties named as defendants.
16
Index
However, notwithstanding the exclusive forum provisions, our Restated Bylaws explicitly state that they would not preclude the filing of claims brought to
enforce any liability or duty
created under federal securities laws, including the Securities Act or the Exchange Act.
Any person or entity purchasing or otherwise acquiring any interest in any of our securities shall be deemed to have notice of and consented to this
provision. This exclusive-forum provision
may limit a stockholder’s ability to bring a claim in a judicial forum of its choosing for disputes with us or our
directors, officers, or other employees, which may discourage lawsuits against us and our directors, officers, and other
employees. If a court were to find
this exclusive-forum provision in our Restated Bylaws to be inapplicable or unenforceable in an action, we may incur additional costs associated with
resolving the dispute in other jurisdictions, which could
harm our results of operations.
General Risk Factors
Failure to meet the NYSE’s continued listing requirements could result in the suspension of trading of our common stock and a subsequent delisting of
our common stock.
On August 28, 2024, we received a written notification from the NYSE that as of August 27, 2024, we were not in compliance with the continued listing
standards set forth in Section 802.01B of
the NYSE Listed Company Manual because the average global market capitalization over a consecutive 30
trading-day period and stockholders’ equity were both less than $50 million. In accordance with applicable NYSE procedures, we submitted a
plan to the
NYSE on October 11, 2024, and provide quarterly updates advising it of the definitive actions we have taken, are taking and plan to take that would bring
us into conformity with the standard set forth in Section 801.01B within 18
months of receipt of the written notification. The written notification has no
immediate impact on our ongoing business operations, reporting requirements with the SEC or the listing of our common stock on the NYSE at this time,
subject to the
Company’s continued compliance with the plan and NYSE’s other continued listing standards. We are considering all available options to
regain compliance with NYSE’s continued listing standards but can provide no assurances that we will be able
to satisfy the requirements of the NYSE.
Our common stock could also be delisted if our average global market capitalization over a consecutive 30 trading-day period is less than $15 million. Our
average global market capitalization
over a consecutive 30 trading-day period may fall below $15 million based on continued volatility and fluctuations in
the market price of our common stock. In the event that our stock price does not meet the global market capitalization
requirement, the NYSE will
promptly suspend our common stock from trading on the NYSE and will simultaneously begin the process to delist our common stock, subject to our right
to appeal under NYSE rules. While we may appeal this decision,
there is no assurance that any appeal we undertake will be successful.
If shares of our common stock are delisted from the NYSE, there may be no public market for our common stock. Any over-the-counter or other market
that does develop would likely be
characterized by decreased liquidity and greater volatility, which may materially and adversely affect the value of our
common stock. A delisting of our common stock could negatively impact the Company and holders of our common stock, including
by reducing the
willingness of investors to hold our common stock because of the resulting decreased price, liquidity and trading of our common stock, limited availability
of price quotations, and reduced news and analyst coverage. These
developments may also require brokers trading in our common stock to adhere to more
stringent rules and may limit our ability to raise capital by issuing additional shares of common stock in the future. Delisting may adversely impact the
perception of our financial condition, cause reputational harm with investors, our employees and parties conducting business with us, and limit our access
to debt and equity financing. The perceived decrease in value of employee equity
incentive awards may reduce their effectiveness in encouraging
performance and retention.
17
Index
We may need to raise additional capital to support our business growth, and this capital may be dilutive, may cause our stock price to drop or may not
be available on
acceptable terms, if at all.
We may need to raise additional capital, which may not be available to us when needed or may not be available on terms acceptable to us, to support our
business growth or to respond to business opportunities, challenges, or unforeseen
circumstances, including sales under our past and any future shelf
registration statements. Our ability to obtain additional capital, if and when required, will depend on our business plans, investor demand, our operating
performance, the
condition of the capital markets, the terms of our current contractual obligations and other factors.
If we raise additional funds through the issuance of equity, equity-linked or debt securities, including those under our past and any future shelf registration
statements, those securities
may have rights, preferences, or privileges senior to the rights of our common stock, and our existing stockholders may
experience dilution. Additionally, we are unable to predict the future success of any future offerings. Sales of a
substantial number of shares of our common
stock in the public market, or the perception that these sales or other financings might occur, could depress the market price of our common stock, and
could also impair our ability to raise capital
through the sale of additional equity securities. If we issue debt securities or incur indebtedness, we could
experience increased future payment obligations and a need to comply with restrictive covenants, such as limitations on our ability to
incur additional debt,
limitations on our ability to acquire, sell or license intellectual property rights and other operating restrictions that could adversely impact our ability to
conduct our business. If we are unable to obtain additional
capital or are unable to obtain additional capital on satisfactory terms, our ability to continue to
support our business growth or to respond to business opportunities, challenges, or other circumstances could be adversely affected, and our
business may
be harmed.
The departure of Kendall Larsen, our Chief Executive Officer and President, and/or other key personnel could compromise our ability to execute our
strategic plan and materially harm our business.
Our success depends on the skills, experience, and performance of our key personnel. Due to the specialized nature of our business and limited staff, we are
particularly dependent on Kendall
Larsen, our Chief Executive Officer and President. We have no employment agreements with any of our key executives
that prevent them from leaving us at any time. In addition, we do not maintain key person life insurance for any of our officers
or key employees. The loss
of Mr. Larsen, or our failure to retain other key personnel or plan for the succession of key personnel, would jeopardize our ability to execute our strategic
plan and materially harm our business.
We will need to recruit and retain additional qualified personnel to successfully grow our business.
Our future success will depend, in part, on our ability to attract and retain qualified engineering, operations, marketing, sales and executive personnel.
Inability to attract and retain such
personnel could adversely affect our business. Competition for engineering, operations, marketing, sales, and executive
personnel is intense, particularly in the technology and Internet sectors and in the regions where we conduct our business.
We may need to invest
significant amounts of cash and equity to attract and retain employees and expend significant time and resources to identify, recruit, train and integrate such
employees, and we may never realize returns on these
investments. Additionally, we can provide no assurance that we will attract or retain such personnel.
War, terrorism, other acts of violence, or natural or manmade disasters as well as macroeconomic conditions may affect the markets in which we
operate,
our clients and our service delivery.
Our business may be adversely affected by instability, disruption, or destruction in a geographic region in which we operate, regardless of cause, including
war, terrorism, riot, civil
insurrection, or social unrest, and natural or manmade disasters, including famine, flood, fire, earthquake, storm, or pandemic
events and spread of disease. Our business may also be adversely affected by further downturn in macroeconomic
conditions, including inflation and rising
interest rates, tariffs, trade wars, global political and economic uncertainty and tensions, such as the ongoing Russia-Ukraine and Israel-Hamas conflicts, as
well as any related political or economic
response, counter responses or otherwise, financial services sector instability, a reduction in business confidence
and activity, financial market volatility, unexpected changes in tax law or policy, and other factors. Such events can adversely
affect our operations or the
economy as a whole and may cause our customers to delay their decisions on spending for the services we provide and perpetuate significant changes in
regional and global economic conditions and cycles. These events
may also pose risks to our personnel and to physical facilities and operations, which
could adversely affect our financial results.
18
Index
Trading in our common stock is limited and the price of our common shares may be subject to volatility.
Our common stock is currently listed on the NYSE and was previously listed on the NYSE American LLC (formerly the NYSE MKT LLC). Over the past
years, the market price of our common stock has experienced significant fluctuations. Between January
1, 2024, and December 31, 2024, the adjusted
closing price on the NYSE for our common stock ranged between $3.62 and $9.22. The price of our common stock may continue to be volatile as a result
of several factors, some of which are beyond our
control. These factors include, but are not limited to, the following:
•
Annual variations, actual or anticipated, in our operating results;
•
Significant changes in our management;
•
Large purchases or sales of common stock or derivative transactions related to our stock;
•
Actual or anticipated announcements of new products or services by us or competitors;
•
General conditions in the markets in which we compete; and
•
General social, political, economic, and financial conditions, including significant volatility in the global financial markets.
In addition, we believe there has been and may continue to be substantial trading in derivatives of our stock, including short selling activity or related
similar activities, which are beyond
our control, and which may be beyond the full control of the SEC and Financial Institutions Regulatory Authority
(“FINRA”). While the SEC and FINRA rules prohibit some forms of short selling and other activities that may result in stock price
manipulation, such
activity may nonetheless occur without detection or enforcement. We have held conversations with regulators concerning trading activity in our stock;
however, there can be no assurance that should there be any illegal
manipulation in the trading of our stock, it will be detected, prosecuted, or successfully
eradicated. Significant short selling market manipulation could cause our stock trading price to decline, to become more volatile, or both. For more
information regarding trading in our common stock and listing on the NYSE, see additional risk factors included elsewhere in this Annual Report on Form
10-K.
We have broad discretion in how we apply our funds, and we may not use these funds effectively, which could affect our results of operations and cause
our stock price to decline.
Our management has broad discretion in the application of our existing cash, cash equivalents and investments and could spend these funds in ways that do
not improve our results of operations
or enhance the value of our common stock. Pending their use, we may invest our available funds in a manner that
does not produce income or that loses value. The failure by our management to apply our available funds effectively could result in
financial losses that
could cause the price of our common stock to decline and delay the development of our products.
In addition, an entity that, among other things, is or holds itself out as being engaged primarily, or proposes to engage primarily, in the business of
investing, reinvesting, owning,
trading, or holding certain types of securities would be deemed an Investment Company under the Investment Company Act
of 1940 (the “1940 Act”). If we do not manage our investments and business in a manner that meets the requirements for an
exemption under the 1940 Act,
we may be deemed to be an investment company under the 1940 Act and subject to additional limitations on operating our business including limitations
on the issuance of securities, which may make it difficult for
us to raise capital.
Item 1B.
Unresolved Staff Comments
None.
19
Index
Item 1C.
Cybersecurity
Cybercriminals, hackers, and threat-actors are becoming more sophisticated and effective every day. To mitigate threats to our business, we take a
comprehensive
approach to cybersecurity risk management and make securing the data that our customers and other stakeholders entrust to us a top
priority. We are committed to safeguarding the confidentiality, integrity, and availability of all physical and
electronic information assets to ensure that
regulatory, operational, and contractual requirements are fulfilled. Our Board of Directors and our management are actively involved in the oversight of our
risk management program, of which cybersecurity represents an important component. As described in more detail below, we have established policies,
processes and practices
for assessing, identifying, and managing material risks from cybersecurity threats. We have devoted significant resources to
implement and maintain security measures to meet regulatory requirements and customer expectations, and we intend to
continue to make significant
investments to maintain the security of our data and cybersecurity infrastructure. Notwithstanding the extensive approach we take to
cybersecurity, we may
not be successful in preventing or mitigating a cybersecurity incident that could have a material adverse effect on us. While we have technology and
processes in place to detect and respond to cybersecurity threats, we are
continually at risk from the evolving cybersecurity threat landscape. We have not
previously experienced a cybersecurity event that was determined to be material, and our business strategy, results of operations and financial condition
have not been materially affected by risks from cybersecurity threats. For
additional information regarding risks from cybersecurity threats, please refer to
Item 1A, “Risk Factors,” in this Annual Report on Form 10-K.
Risk Management and Strategy
We have developed detailed policies, processes and practices for assessing, identifying, and managing material risks from cybersecurity threats as a part of
our
overall risk management program and are based on frameworks established by the National Institute of Standards and Technology (“NIST”), and other
applicable industry standards. This does not imply that we meet any particular technical standards,
specifications or requirements, however, we do use these
frameworks as a guide to help us identify, assess, and manage cybersecurity risks relevant to our business. Our cybersecurity program in particular focuses
on the following key areas:
Collaboration
Our cybersecurity risks are identified and addressed through a comprehensive, cross-functional approach. Key security, risk, and compliance stakeholders
meet regularly
to develop strategies for preserving the confidentiality, integrity and availability of our own and our customer’s information, identifying,
preventing and mitigating cybersecurity threats, and effectively responding to cybersecurity incidents. We
maintain controls and procedures that are
designed to ensure prompt escalation of certain cybersecurity incidents so that decisions regarding such incidents can be made by management, the Board
of Directors, and legal counsel in a timely manner.
Risk Assessment
We conduct cybersecurity risk assessments annually, quarterly and upon certain triggering events. Such risk assessments take into account information from
internal
stakeholders, known information security vulnerabilities, and information from external sources (e.g., security incidents that have impacted other
companies, industry trends, and recommendations from our IT vendors). The results of the assessment
are used to drive alignment on, and prioritization of,
initiatives to enhance our security controls, make recommendations to improve processes, and inform a broader enterprise-level risk assessment that is
presented to our Board of Directors and
members of senior management.
Technical Safeguards
We regularly assess and deploy technical safeguards designed to protect our information systems and infrastructure from cybersecurity threats. Such
safeguards are
regularly evaluated and improved based on vulnerability assessments, cybersecurity threat intelligence and incident response experience.
Incident Response and Recovery Planning
We have established comprehensive incident response and management plans and continue to regularly test and evaluate the effectiveness of those plans.
Our incident
response and management plans address — and guide our employees, management, and Board of Directors on — our response to a
cybersecurity incident. In the event of an incident, we intend to follow our incident response playbook, which outlines the
steps to be followed from
incident detection to mitigation, recovery and notification, including notifying functional areas (e.g., legal), as well as the Board of Directors and senior
management, as appropriate.
20
Index
Third-Party Risk Management
We have implemented controls designed to identify and mitigate cybersecurity threats associated with our use of third-party service providers. Such
providers are subject to security risk assessments at the time of onboarding, contract renewal, and upon detection of an increase in risk profile. We use a
variety of inputs in such risk assessments, including information supplied by providers and third parties. In addition, we encourage our providers to meet
appropriate security procedures, controls and responsibilities and investigate security incidents that have impacted our third-party providers, as appropriate.
Education and Awareness
Our policies require each of our employees to contribute to our cybersecurity efforts. We regularly remind employees of the importance of handling and
protecting
customer and employee data, including through privacy and security trainings to enhance employee awareness of how to detect and report
cybersecurity threats and cybersecurity incidents.
Governance
Board Oversight
The Nominating and Corporate Governance Committee (the “Committee”) and senior management oversee our cybersecurity risk processes and policies.
The Committee receives regular reports from senior management about the prevention, detection, mitigation, and
remediation of cybersecurity incidents,
including security risks and information security vulnerabilities. The Committee also ensures that procedures for safeguarding the Company’s information
technology (“IT”) systems are documented and
implemented, monitors the effectiveness of the Company’s cybersecurity program for protecting against
internal and external threats as well as disaster recovery and disruption mitigation, and addresses deficiencies as the threat and business
landscape continues
to evolve. The Board of Directors receives regular updates from the Committee based on such oversight and communications with senior management
regarding cybersecurity risk resulting from risk and control maturity assessments, progress of risk reduction initiatives, external auditor feedback and
relevant internal and industry cybersecurity incidents.
Our Board of Directors has technical and industry expertise in risk management, computer security and information technology matters. Specifically, the
chairperson of
the Committee has 40 years of experience in the cybersecurity field, was a former sub-chairman of the NIST Board of Assessment for
Programs/National Research Council and holds CISSP, CRISC and CDPSE certifications.
Management’s Role
Our Chief Technology Officer (“CTO”), Director of IT (Information Technology), and Vice President of Platform Engineering (collectively, the “Security
Team”) have primary responsibility for assessing and managing cybersecurity risks. The Security Team reviews security performance metrics, identifies
security risks, and assesses the status of approved security enhancements. The
Security Team also considers and makes recommendations on security
policies and procedures, security service requirements, and risk mitigation strategies.
Our CTO, holding a Doctorate in Strategic Intelligence, has served in various roles in technology research and military intelligence for 27 years. Our
Director of IT,
holding a degree in Computer Technology, has served in various roles in information technology for 30 years. Our Vice President of
Platform Engineering has served in various roles in information technology and information security for over 33
years.
Item 2.
Properties
Our principal executive offices are located at 308 Dorla Court, Suite 206, Zephyr Cove, Nevada, 89448. We lease this property, which comprises
approximately 2,090 square feet of office
space, from a third party for a term that ends in October 2026. Additionally, we lease a facility in Farmington,
Utah. The space includes 28,970 square feet to be used for technical integration and training. The lease continues through April
2029. We believe that our
office and facility leases are suitable and appropriately support our current business needs.
21
Index
Item 3.
Legal Proceedings
See Note 12 in the notes to our consolidated financial statements.
Item 4.
Mine Safety Disclosure
Not applicable.
PART II
Item 5.
Market for the Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities
Market Information
Our common stock currently trades under the symbol “VHC” on the NYSE.
Holders of Record
As of December 31, 2024, we had 48 stockholders of record. Because many of our shares of common stock are held of record by brokers and other
institutions on behalf of stockholders, we are
unable to estimate the total number of beneficial stockholders represented by such record holders.
Dividend Policy
See Note 8 in the notes to our consolidated financial statements and our risk factor titled "We do not regularly pay dividends on our common stock and thus
stockholders must
look to appreciation of our common stock to realize a gain on their investments."
Since our founding as a public company in 2007, each time we have been successful in generating cash relating to the successful outcome of litigation, we
have made a special distribution to
common shareholders. In 2010, a distribution of $10 per common share closely followed a litigation outcome that
resulted in our receipt of $200 million. In 2020, a distribution of $20 per share closely followed a litigation outcome that
resulted in our receipt of $454
million. In 2023, we paid a one-time capital dividend of $20 per share of common stock, to shareholders. Over the course of VirnetX’s history as a public
company, VirnetX has distributed over $165.9 million in
cash to shareholders.
Securities Authorized for Issuance under Equity Compensation Plan
See Item 12, Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters for information regarding securities
authorized for issuance.
Recent Sales of Unregistered Securities
None.
Item 6.
[Reserved]
22
Index
Item 7.
Management’s Discussion and Analysis of Financial Condition and Results of Operations (Dollar
amounts in this section are in
thousand)
The Company
We are an Internet security software and technology company with patented technology for Zero Trust Network Access (“ZTNA”) based secure network
communications. VirnetX’s software and
technology solutions, including its Secure Domain Name Registry and Technology, VirnetX One™, War Room™,
and VirnetX Matrix™ are designed to be device and location-independent, and enable a secure real-time communication environment for all
types of
enterprise applications, services, and critical infrastructures. Our technology generates secure connections on a “single-click” basis, significantly
simplifying the deployment of secure real-time communication solutions by
eliminating the need for end-users to enter any encryption information.
Our product portfolio includes sophisticated technologies, products and services that are available for sale worldwide. Our next-generation, VirnetX One™
platform builds upon our patented
Secure Domain Name Registry and Technology to further enhance the security and efficiency of our patented secure
communication links. VirnetX One™ is a security-as-a-service platform that protects enterprise applications, services, and
infrastructure from cyber-
attacks. Our platform allows government organizations, businesses, and other enterprises of all sizes to add a “security umbrella” as an added layer on top
of their existing infrastructure to further reduce risk and
bolster security against ever-growing cyberthreats to data, operating systems, other infrastructure
products and gateway security controllers.
Our War Room™ software product provides safe and secure video conferencing meeting environment where sensitive communications and data is invisible
to those not authorized to view it. War
Room™ validates permissions of all the users, and devices requesting access to any secure meeting room prior to
granting access. We believe our War Room™ will be an attractive solution for government and law enforcement agencies as well as
all professional sectors
such as legal, financial, and medical where limiting access to confidential data is a critical requirement.
Our VirnetX Matrix™ product provides superior security for internet-enabled enterprise applications and their connected devices, and for control systems
currently deployed by those
enterprises (e.g., file servers, data back-up systems, VPN/firewalls). VirnetX Matrix™ provides a true “zero-trust” access
protection, “single-click” ease of use, and is a highly-effective added layer of protection that is deployed simply,
without the need for changes to an
enterprise’s existing, in-place infrastructure. We believe VirnetX Matrix™ is an attractive solution for all businesses, cloud and on-premise application
service providers, and original equipment
manufacturers (“OEMs”), looking to improve visibility and management of their networks to mitigate morphing
attacks on their networks and for real time access and control of their users.
We continue to augment our product strategy to provide secure AI to the marketplace. In addition to our investments with L2
Holdings, LLC (“OmniTeq”),
an artificial intelligence and machine learning (AI/ML) solutions provider and OP Media, Inc, a dynamic software platform provider, we participated in a
Cooperative Research and Development Agreement (CRADA) with
the Air Force (AF) Research Laboratory Intelligence Systems Directorate (AFRL/RI)
to facilitate collaboration on cybersecurity and Zero Trust technologies to support integrated surveillance and reconnaissance operations as well as AF and
joint targeting processes. This CRADA continues through 2030 and allows VirnetX to apply for security clearances for its employees. We are also
beginning to integrate AI/ML capabilities into VirnetX Matrix™ to enhance its zero-trust security,
threat detection, and network resilience by enabling
autonomous threat response, adaptive access control, and self-healing network architectures.
We have undertaken activities to commercialize our products and intellectual property in and outside the United States including
VirnetX One™, War
Room™, VirnetX Matrix™ and our Secured Domain Name Registry and Technology. We believe our product portfolio to secure devices and systems are
suitable in areas such as national defense, local, state, Federal and foreign
governments, critical infrastructure, law enforcement, healthcare, finance, legal,
oil and gas, medical, and related support industries. We continue to actively pursue new sales opportunities in and outside of the United States.
Our employees include the core development team behind our inventions, technology, and software. Some members of this team have worked together for
over twenty years and were on the same
team that invented and developed this technology while working at Leidos, Inc., or Leidos, (f/k/a Science
Applications International Corporation, or SAIC). The team has continued its research and development work to refine our unique network
security
technology and make it more secure and easy to deploy.
Our portfolio of intellectual property is the foundation of our business model. We currently own U.S. and foreign patents/validations/pending applications.
Our patent portfolio is primarily
focused on securing real-time communications over the Internet, and related services, and is used in all our technology and
products, some of which were acquired by our principal operating subsidiary, VirnetX, Inc., from Leidos in 2006.
23
Index
Litigation
We are subject to various legal proceedings, the outcomes of which are inherently uncertain. We record any potential gains related to legal proceedings only
after cash is collected. We
record a liability when it is probable that a loss has been incurred and the amount is reasonably estimable, the determination of
which requires significant judgment. Resolution of legal matters in a manner inconsistent with management’s
expectations could have a material impact on
our financial condition and operating results. See Note 12 in the notes to our consolidated financial statements for more information.
Commitments and Related Party Transactions
We lease our offices in Nevada under an operating lease with a third party expiring in October 2025. We recognize rent expense on a straight-line basis
over the term of the lease.
We have a facility lease in Utah to be used for technical integration and as a training facility. This lease requires monthly payments and expires in April
2029.
We have a non-exclusive service agreement for the use of an aircraft from K2 Investment Fund LLC (“LLC”) for business travel for our employees. Our
Chief Executive Officer and Chief
Administrative Officer are the managing partners of the LLC and control the equity interests of the LLC. We pay for the
Company’s business usage of the aircraft at a rate of $9.8 per flight hour.
We have a facility lease in California, used for corporate, promotional and marketing purposes. The lease expires in 2035.
Critical Accounting Policies and Estimates
The preparation of financial statements in conformity with U.S. GAAP requires us to make estimates and assumptions that affect the reported amounts of
assets and liabilities and disclosure
of contingent assets and liabilities at the date of the financial statements and the reported amounts of revenues and
expenses during the reported period. The critical accounting policies we employ in the preparation of our consolidated
financial statements are those which
involve income taxes, fair value of financial instruments and stock-based compensation.
Use of Estimates
We prepare our consolidated financial statements in accordance with U.S. GAAP. In doing so, we have to make estimates and assumptions that affect our
reported amounts of assets,
liabilities, revenues, and expenses, as well as related disclosure of contingent assets and liabilities. In some cases, we could
reasonably have used different accounting policies and estimates. In some cases, changes in the accounting
estimates are reasonably likely to occur from
period to period. Accordingly, actual results could differ materially from our estimates. To the extent that there are material differences between these
estimates and actual results, our
financial condition or results of operations will be affected. We base our estimates on past experience and other
assumptions that we believe are reasonable under the circumstances, and we evaluate these estimates on an ongoing basis. We
refer to accounting estimates
of this type as critical accounting policies and estimates, which we discuss further below. We have reviewed our critical accounting policies and estimates
with the Audit Committee of our Board of Directors.
Investments
Investments classified as available-for-sale are recorded at fair market value. Unrealized gains and losses are reported as other comprehensive income.
Realized gains and losses are
recorded in income in the period they are realized using specific identification of each security’s cost basis. We invest our
excess cash primarily in highly liquid debt instruments including corporate, government and federal agency
securities, with contractual maturities less than
two years. By policy, we limit the amount of credit exposure to any one issuer.
24
Index
We have elected the investment measurement alternative for other investments without readily determinable fair values. During 2023, we invested $2,000
in L2 Holdings LLC and $500 in OP
Media Inc. These investments are carried at our initial cost less any impairment because we do not have the ability to
exercise significant influence over operating and financial matters. For these investments, we adjust the carrying value
for any purchases or sales of our
ownership interests. Periodically, we evaluate these investments for impairment. If we identify an impairment, we reduce the carrying value for the
impairment loss with a charge to earnings. We have not
identified any impairment as of December 31, 2024.
Income Taxes
We account for income taxes using the asset and liability method. The asset and liability method require the recognition of deferred tax assets and liabilities
for expected future tax
consequences of temporary differences that currently exist between the tax basis and financial reporting basis of our assets and
liabilities. We calculate current and deferred tax provisions based on estimates and assumptions that could
differ from actual results reflected on the income
tax returns filed during the following years. Adjustments based on filed returns are recorded when identified in the subsequent years. The effect on deferred
taxes for a change in tax rates
is recognized in income in the period that the tax rate change is enacted. In assessing our deferred tax assets, we consider
whether it is more likely than not that all or some portion of the deferred tax assets will not be realized.
A valuation allowance is provided for deferred income tax assets when, in our judgment, based upon currently available information and other factors, it is
more likely than not that all or
a portion of such deferred income tax assets will not be realized. The determination of the need for a valuation allowance is
based on an on-going evaluation of current information including, among other things, historical operating results,
estimates of future earnings in different
taxing jurisdictions and the expected timing of the reversals of temporary differences. We believe the determination to record a valuation allowance to
reduce a deferred income tax asset is a
significant accounting estimate because it is based, among other things, on an estimate of future taxable income in
the United States and certain other jurisdictions, which is susceptible to change and may or may not occur, and because the
impact of adjusting a valuation
allowance may be material. In determining when to release the valuation allowance established against our net deferred income tax assets, we consider all
available evidence, both positive and negative. We
continually assess our ability to generate sufficient taxable income during future periods in which our
deferred tax assets may be realized. If and when we believe it is more likely than not that we will recover our deferred tax assets, we
will reverse the
valuation allowance if any, as an income tax benefit in our statements of operations.
We account for our uncertain tax positions in accordance with U.S. GAAP. The U.S. GAAP method of accounting for uncertain tax positions utilizes a two-
step approach to evaluate tax
positions. Step one, recognition, requires evaluation of the tax position to determine if based solely on technical merits it is
more likely than not to be sustained upon examination. Step two, measurement, is addressed only if a position is
more likely than not to be sustained. In
step two, the tax benefit is measured as the largest amount of benefit, determined on a cumulative probability basis, which is more likely than not to be
realized upon ultimate settlement with tax
authorities. If a position does not meet the more likely than not threshold for recognition in step one, no benefit
is recorded until the first subsequent period in which the more likely than not standard is met, the issue is resolved with
the taxing authority, or the statute
of limitations expires. Positions previously recognized are derecognized when we subsequently determine the position no longer is more likely than not to
be sustained. Evaluation of tax positions, their
technical merits, and measurements using cumulative probability are highly subjective management
estimates. Actual results could differ materially from these estimates.
Fair Value
Fair value is the price that would result from an orderly transaction between market participants at the measurement date. A fair value hierarchy prioritizes
the inputs used to measure fair
value. The hierarchy gives the highest priority to unadjusted quoted prices in active markets for identical assets or liabilities
(Level 1 measurement) and the lowest priority to unobservable inputs (Level 3 measurement). Level 2 measurements
utilize either directly or indirectly
observable inputs in markets other than quoted prices in active markets.
Our financial instruments are stated at amounts that equal, or approximate, fair value. When we estimate fair value, we utilize market data or assumptions
that we believe market
participants would use in pricing the financial instrument, including assumptions about risk and inputs to the valuation technique.
We use valuation techniques, primarily the income and market approach, which maximizes the use of observable
inputs and minimize the use of
unobservable inputs for recurring fair value measurements.
25
Index
Stock-based Compensation
We account for stock-based compensation using the fair value recognition method in accordance with U.S. GAAP. We recognize these compensation costs
on a straight-line basis over the
requisite service period of the award, which is generally a vesting term of 4 years. We recognize forfeitures, if any, when
they occur. In addition, we record stock-based compensation expense for awards granted to non-employees at fair value
of the consideration received or the
fair value of the equity instruments issued, as they vest, over the performance period. See Note 6 in the notes to our consolidated financial statements for
more information.
Results of Operations
Revenue
2024
2023
Revenue
$
5 $
7
Revenue generated in 2024 was $5, compared to $7 in 2023.
Research and Development Expenses
2024
2023
Research and Development
$
6,038 $
9,713
Research and development costs include expenses paid to outside development consultants and compensation-related expenses for our engineering staff.
Research and development costs are
expensed as incurred. Our research and development expenses in 2024 were $6,038 compared to $9,713 in 2023. The
decrease in 2024 was primarily due to a reduction in engineering compensation costs.
Selling, General and Administrative Expenses
2024
2023
Selling, General and Administrative
$
14,364 $
21,739
Selling, general and administrative expenses include compensation costs for management and administrative personnel, as well as expenses for outside
legal, accounting, and consulting
services. Our selling, general and administrative expenses in 2024 were $14,364 compared to $21,739 in 2023. The
decrease in 2024 was primarily due to a reduction in legal and outside services as well as reduced compensation costs.
Interest and Other Income, net
2024
2023
Interest and Other Income
$
2,225 $
3,495
Interest and other income in 2024 was $2,225 compared to $3,495 in 2023, due to decrease in investments.
Effective Income Tax Rate
A reconciliation of the United States federal statutory income tax rate to our effective income tax rate is as follows:
2024
2023
United States federal statutory rate
21.00%
21.00%
State taxes, net of federal benefit
(0.01)%
(0.01)%
Valuation allowance
(20.50)%
(20.31)%
Stock based compensation
(0.62)%
(0.58)%
R&D Credit
1.55%
2.20%
Other
(1.41)%
(2.02)%
Effective income tax rate
0.01%
0.28%
26
Index
The Company’s effective tax rate for 2024 and 2023 was substantially lower than the statutory Federal income tax rate primarily due to our valuation
allowance.
Liquidity and Capital Resources
As of December 31, 2024, our cash and cash equivalents totaled $23,296 and our short-term investments totaled $14,786 compared to $26,289 and
$27,258, respectively, as of December 31, 2023.
We expect that our cash and cash equivalents and short-term investments as of December 31, 2024, will be
sufficient to fund our current level of selling, general and administration costs and provide related working capital for the foreseeable
future. Over the
longer term, we expect to derive the majority of our future revenue from license fees and royalties associated with our patent portfolio, technology,
software and secure domain name registry and product sales.
Item 7A.
Quantitative and Qualitative Disclosures about Market Risk
Consistent with the rules applicable to “smaller reporting companies,” we have omitted the information required by Item 7A.
Item 8.
Financial Statements and Supplementary Data
Set forth below, are the audited consolidated financial statements for our company accompanied by all reports thereon of Farber Hass Hurley LLP
(PCAOB
No. 223).
27
Index
FINANCIAL STATEMENTS
Financial Statements Index
Page
Report of Farber Hass Hurley LLP, Independent Registered Public Accounting Firm
29
Consolidated Balance Sheet at December 31, 2024 and December 31, 2023
31
Consolidated Statements of Operations of VirnetX Holding Corporation for the years ended December 31, 2024 and 2023
32
Consolidated Statements of Comprehensive (Loss) of VirnetX Holding Corporation for the years ended December 31, 2024 and 2023
33
Consolidated Statements of Stockholders’ Equity of VirnetX Holding Corporation for the years ended December 31, 2024 and 2023
34
Consolidated Statements of Cash Flows of VirnetX Holding Corporation for the years ended December 31, 2024 and 2023
35
Notes to Consolidated Financial Statements of VirnetX Holding Corporation
36
28
Index
REPORT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM
To the Board of Directors and
Stockholders of VirnetX Holding Corporation
Opinion on the Financial Statements
We have audited the accompanying consolidated balance sheets of VirnetX Holding Corporation (the “Company”) as of December 31, 2024 and 2023, and
the related
consolidated statements of operations, comprehensive loss, stockholders’ equity, and cash flows for each of the years in the two-year period
ended December 31, 2024, and the related notes (collectively referred to as the “financial
statements”). In our opinion, the financial statements present
fairly, in all material respects, the financial position of the Company as of December 31, 2024 and 2023, and the results of its operations and its cash flows
for each of the years
in the two-year period ended December 31, 2024, in conformity with accounting principles generally accepted in the United States of
America.
Basis for Opinion
These financial statements are the responsibility of the Company’s management. Our responsibility is to express an opinion on the Company’s financial
statements
based on our audits. We are a public accounting firm registered with the Public Company Accounting Oversight Board (United States)
(“PCAOB”) and are required to be independent with respect to the Company in accordance with the U.S. federal
securities laws and the applicable rules
and regulations of the Securities and Exchange Commission and the PCAOB.
We conducted our audits in accordance with the standards of the PCAOB. Those standards require that we plan and perform the audit to obtain reasonable
assurance
about whether the financial statements are free of material misstatement, whether due to error or fraud. The Company is not required to have, nor
were we engaged to perform, an audit of its internal control over financial reporting. As part of
our audits, we are required to obtain an understanding of
internal control over financial reporting, but not for the purpose of expressing an opinion on the effectiveness of the Company’s internal control over
financial reporting. Accordingly,
we express no such opinion.
Our audits included performing procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud, and
performing
procedures that respond to those risks. Such procedures included examining, on a test basis, evidence regarding the amounts and disclosures in
the financial statements. Our audits also included evaluating the accounting principles used and
significant estimates made by management, as well as
evaluating the overall presentation of the financial statements. We believe that our audits provide a reasonable basis for our opinion.
Critical Audit Matter
The critical audit matter communicated below is a matter arising from the current period audit of the financial statements that was communicated or
required to be
communicated to the audit committee and that: (1) relate to accounts or disclosures that are material to the financial statements and (2)
involved our especially challenging, subjective, or complex judgments. The communication of the critical
audit matter does not alter in any way our
opinion on the financial statements, taken as a whole, and we are not, by communicating the critical audit matter below, providing a separate opinion on the
critical audit matter or on the accounts or
disclosures to which it relates.
29
Description of the Matter
Other Investments
As discussed in Note 2 to the financial statements, in 2023 the Company purchased equity interests in two private
entities. Given that
the entities do not have a readily determinable fair market value, the investments in the entities
are measured at cost minus impairment, plus or minus adjustments resulting from observable price changes in
orderly transactions for
the identical or a similar investment of the same issuer minus impairment, if any in
accordance with Financial Accounting Standards Board Accounting Standards Codification Topic 321:
Investments - Equity Securities. Management must
consider various factors, including the Company’s ability to
apply significant influence to the overall operations of the entities and also evaluate the investments as of each
reporting period to determine if there are any factors
that would impact the recorded value of Other Investments
reflected on the consolidated balance sheet.
Our determination that the classification and the valuation of Other Investments is a critical audit matter results
from the significant
judgment by management when assessing the recognition method, the limited availability of
public information related to the entities, and the subjectivity of the qualitative factors involved in the assessment.
This in turn led to a
high degree of auditor judgment, subjectivity, and effort in performing procedures relating to
management’s assessment of the recognition method and valuation of Other Investments.
Audit Procedures
Our principal audit procedures related to the Company’s Other Investments included the following:
- We evaluated
management’s analysis regarding their ability to apply significant influence in the operations
of the entities by obtaining information of the ownership percentage of the entities, composition of the
respective boards, and any other
relevant factors in determining their recognition method being recognized
as cost in accordance with Accounting Standards Codification 321.
- We also evaluated
management’s assessment of impairment factors or any observable transactions of the
entities through the year to determine whether an adjustment in the recognized value was necessary. This
includes testing management’s internal
analysis as well as reviewing for any publicly available data
regarding any factors or events that could impact the entities’ values.
/s/ Farber Hass Hurley LLP
We have served as the Company’s auditor since 2008.
Chatsworth, California
March 17, 2025
30
Index
VIRNETX HOLDING CORPORATION
CONSOLIDATED BALANCE SHEETS
(in thousands, except share amounts)
As of
December 31, 2024
As of
December 31, 2023
ASSETS
Current assets:
Cash and cash equivalents
$
23,296 $
26,289
Investments available for sale
14,786
27,258
Accounts receivables
—
2
Prepaid expenses and other current assets
122
282
Total current assets
38,204
53,831
Prepaid expenses and other assets
8,838
4,014
Property and equipment, net
67
67
Other investments
2,500
2,500
Total assets
$
49,609 $
60,412
LIABILITIES AND STOCKHOLDERS’ EQUITY
Current liabilities:
Accounts payable and accrued liabilities
$
336 $
440
Accrued payroll and related expenses
257
316
Other liabilities, current
6,602
498
Total current liabilities
7,195
1,254
Other liabilities
2,791
3,145
Total liabilities
9,986
4,399
Commitments and contingencies (Note 4)
Stockholders’ equity:
Preferred stock, par value $0.0001 per share Authorized: 10,000,000 shares at December 31, 2024
and
December 31, 2023, Issued and outstanding: 0 shares at December 31, 2024 and December 31, 2023
—
—
Common stock, par value $0.0001 per share
Authorized: 100,000,000 shares at December 31, 2024 and December 31, 2023, Issued and outstanding:
4,238,581
and 3,618,431 shares, at December 31, 2024 and December 31, 2023, respectively
—
—
Additional paid-in capital
244,293
242,520
Accumulated deficit
(204,670)
(186,495)
Accumulated other comprehensive loss
—
(12)
Total stockholders’ equity
39,623
56,013
Total liabilities and stockholders’ equity
$
49,609 $
60,412
See accompanying notes to consolidated financial statements.
31
Index
VIRNETX HOLDING CORPORATION
CONSOLIDATED STATEMENTS OF OPERATIONS
(in thousands, except share and per share amounts)
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Revenue
$
5 $
7
Operating expense:
Research and development
6,038
9,713
Selling, general and administrative expenses
14,364
21,739
Total operating expense
20,402
31,452
(Loss) from operations
(20,397)
(31,445)
Interest and other income, net
2,225
3,495
(Loss) before taxes
(18,172)
(27,950)
Income tax (provision) benefit
(3)
79
Net (loss)
$
(18,175) $
(27,871)
Basic (loss) per share
$
(5.05) $
(7.79)
Diluted (loss) per share
$
(5.05) $
(7.79)
Weighted average shares outstanding basic
3,596
3,579
Weighted average shares outstanding diluted
3,596
3,579
See accompanying notes to consolidated financial statements.
32
Index
VIRNETX HOLDING CORPORATION
CONSOLIDATED STATEMENTS OF COMPREHENSIVE (LOSS)
(in thousands)
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Net (loss)
$
(18,175) $
(27,871)
Other comprehensive (loss) income, net of tax:
Change in unrealized gain on investments, net
15
306
Change in foreign currency translation, net
(3)
(4)
Total other comprehensive gain, net of tax
12
302
Comprehensive (loss)
$
(18,163) $
(27,569)
See accompanying notes to consolidated financial statements.
33
Index
VIRNETX HOLDING CORPORATION
CONSOLIDATED STATEMENTS OF STOCKHOLDERS’ EQUITY
(in thousands, except share amounts)
Year Ended
December 31,
2024
2023
Total shareholders’ equity, beginning balances
$
56,013 $
152,244
Common stock and additional paid-in capital:
Beginning balances
242,520
239,753
Common stock issued for options/RSUs/RS, net
(129)
(11)
Stock-based compensation
1,902
2,778
Ending balances
244,293
242,520
Accumulated deficit
Beginning balances
(186,495)
(87,195)
Net (loss)
(18,175)
(27,871)
Dividends
—
(71,429)
Ending balances
(204,670)
(186,495)
Accumulated other comprehensive loss:
Beginning balances
(12)
(314)
Change in unrealized investment (loss) gain, net
15
306
Change in foreign currency translation, net
(3)
(4)
Ending balances
—
(12)
Total shareholders’ equity, ending balances
$
39,623 $
56,013
Dividends per share
$
— $
20
See accompanying notes to consolidated financial statements.
34
Index
VIRNETX HOLDING CORPORATION
CONSOLIDATED STATEMENTS OF CASH FLOWS
(in thousands)
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Cash flows from operating activities:
Net (loss)
$
(18,175) $
(27,871)
Adjustments to reconcile net (loss) to net cash from operating activities:
Depreciation
21
9
Stock-based compensation
1,902
2,778
Bad debt
1
15
Changes in assets and liabilities:
Prepaid expenses and other current assets
848
(3,369)
Accounts payable and accrued liabilities
(104)
67
Other liabilities
238
3,596
Accrued payroll and related expenses
(59)
5
Accounts receivable
1
(3)
Net cash used in operating activities
(15,327)
(24,773)
Cash flows from investing activities:
Purchase of property and equipment
(22)
(65)
Purchase of investments at cost
—
(2,500)
Purchase of investments
(28,625)
(47,215)
Proceeds from sale or maturity of investments
41,110
85,721
Net cash provided by investing activities
12,463
35,941
Cash flows from financing activities:
Dividend
—
(71,429)
Withholding taxes paid on cashless exercise of restricted stock and restricted stock units
(129)
(11)
Net cash used in financing activities
(129)
(71,440)
Net (decrease) in cash and cash equivalents
(2,993)
(60,272)
Cash and cash equivalents, beginning of period
26,289
86,561
Cash and cash equivalents, end of period
$
23,296 $
26,289
Cash paid for income taxes
$
3
—
Non-cash transaction
ROU asset and lease liability
$
5,512 $
3,689
See accompanying notes to consolidated financial statements.
35
Index
VIRNETX HOLDING CORPORATION
NOTES TO CONSOLIDATED FINANCIAL STATEMENTS
(in thousands except share, per share and per device amounts)
Note 1 − Formation and Business of the Company
VirnetX Holding Corporation, which we refer to as “we”, “us”, “our”, “the Company” or “VirnetX”, is engaged in the business of commercializing a
portfolio of patents. We seek to derive revenue from selling our software products including VirnetX War Room™ and VirnetX Matrix™ and licensing our
technology, including VirnetX One™, to various original equipment manufacturers (“OEMs”) and others,
that use our technologies in the development and
manufacturing of their own products within the IP-telephony, mobility, fixed-mobile convergence, and unified communications markets or who seek to
secure their systems and applications.
Our portfolio of intellectual property is the foundation of our business model. We currently own U.S. and foreign patents/validations/pending
applications.
Our patent portfolio is primarily focused on securing real-time communications over the Internet, as well as related services such as the establishment and
maintenance of a secure domain name registry. Our patented methods also have
additional applications in the key areas of device operating systems and
network security. The subject matter of all our U.S and foreign patents and pending applications relates generally to securing communications over the
Internet and such covers
all our technology and other products. Some of our issued U.S. and foreign patents expire at various times during the period from
2024 to 2034.
Note 2 − Summary of Significant Accounting Policies
The preparation of financial statements in conformity with accounting principles
generally accepted in the United States requires us to make estimates and
assumptions that affect the reported amounts of assets and liabilities and disclosure of contingent assets and liabilities at the date of the financial statements
and the
reported amounts of revenues and expenses during the reported period. The critical accounting policies we employ in the preparation of our
consolidated financial statements are those which involve impairment of long-lived assets, income taxes, fair
value of financial instruments and stock-based
compensation.
Use of Estimates
We prepare our consolidated financial statements in accordance with U.S. GAAP. In
doing so, we have to make estimates and assumptions that affect our
reported amounts of assets, liabilities, revenues, and expenses, as well as related disclosure of contingent assets and liabilities. In some cases, we could
reasonably have used
different accounting policies and estimates. In some cases, changes in the accounting estimates are reasonably likely to occur from
period to period. Accordingly, actual results could differ materially from our estimates. To the extent that there
are material differences between these
estimates and actual results, our financial condition or results of operations will be affected. We base our estimates on past experience and other
assumptions that we believe are reasonable under the
circumstances, and we evaluate these estimates on an ongoing basis. We refer to accounting estimates
of this type as critical accounting policies and estimates, which we discuss further below. We have reviewed our critical accounting policies and
estimates
with the Audit Committee of our Board of Directors.
Basis of Consolidation
The consolidated financial statements include the accounts of VirnetX Holding
Corporation and our wholly owned subsidiaries. All intercompany balances
and transactions have been eliminated.
Revenue Recognition
The Company derives revenue from licensing and royalty fees from contracts with
customers which often span several years. We account for this revenue
in accordance with Accounting Standards Codification (“ASC”) Topic 606, Revenue from Contracts with Customers. A performance obligation is a
promise in a contract to transfer a
distinct good or service to the customer. A contract’s transaction price is allocated to each distinct performance obligation
and recognized as revenue when, or as, the performance obligation is satisfied. Our revenue arrangements may consist of
multiple-element arrangements,
with revenue for each unit of accounting recognized as the product or service is delivered to the customer.
36
Index
With the licensing of our patents, performance obligations are generally satisfied
at a point in time as work is complete when our patent rights are
transferred to our customers. We generally have no further obligation to our customers regarding our technology.
Certain contracts may require our customers to enter into a hosting arrangement
with us and for these arrangements, revenue is recognized over time,
generally over the life of the servicing contract.
The Company actively monitors and enforces its intellectual property (“IP”) rights, including seeking appropriate compensation from third parties that
utilize the Company’s IP without a license. As a result, the Company may, from time to
time, receive payments as part of a settlement or compensation for
a patent infringement dispute. Proceeds received are allocated to each element identified in the settlement or compensation, based on the fair value of each
element. Generally,
settlements and compensation may include the following elements: the value of a license or royalty agreement, cost reimbursement,
damages, and interest. Elements identified related to licensing and royalty are recognized as revenue. Elements
identified as reimbursed costs are generally
recorded as a reduction to the reported expenses. Elements identified as damages or interest are generally recorded in other income in the condensed
consolidated statement of operations.
Licensing Costs
Included in
operating expenses are licensing costs.
Contingent Gains
ASC Topic 450-30-25, Contingent Gains, prohibits recognition of contingent gains
until realized. Accordingly, we do not record contingent gains ahead of
such realization. Management generally considers any such gains as realized only upon the collection of cash.
Cash and Cash Equivalents
We consider all highly liquid investments purchased with original maturities of
three months or less at the date of purchase to be cash equivalents. Our cash
and cash equivalents are not subject to significant interest rate risk due to the short maturities of these investments.
Investments
Investments classified as available-for-sale are recorded at fair market value.
Unrealized gains and losses are reported as other comprehensive income.
Realized gains and losses are recorded in income in the period they are realized using specific identification of each security’s cost basis. We invest our
excess cash
primarily in highly liquid debt instruments including corporate, government and federal agency securities, with contractual maturities less than
two years.
By policy, we limit the amount of credit exposure to any one issuer.
We elected the investment measurement alternative for other investments
without readily determinable fair values. During 2023, we invested $2,000 in L2
Holdings LLC and $500 in OP Media Inc. These investments are carried at our initial cost because we do not have the ability to exercise significant
influence over
operating and financial matters. For these investments, we adjust the carrying value for any purchases or sales of our ownership interests and
other observable transactions. Periodically, we evaluate these investments for impairment. If we
identify an impairment, we reduce the carrying value for
the impairment loss with a charge to earnings. We have not identified any
impairment as of December 31, 2024.
Concentration of Credit Risk and Other Risks and Uncertainties
Our cash and cash equivalents are primarily maintained at two major financial institutions in the United States. Deposits held with these financial
institutions may exceed the amount of insurance provided on
such deposits. A portion of those balances are insured by the Federal Deposit Insurance
Corporation (“FDIC”). In 2024, we had, at times, funds that were uninsured. We do not believe that we are subject to any unusual financial risk beyond the
normal risk associated with commercial banking relationships. We have not experienced any losses on our deposits of cash and cash equivalents.
37
Index
Fair Value
The carrying amounts of our financial instruments, including cash equivalents,
accounts payable, and accrued liabilities, approximate fair value because of
their generally short maturities.
Property and Equipment
Property and equipment are stated at historical cost, less accumulated
depreciation, and amortization. Depreciation and amortization are computed using the
accelerated and straight-line methods over the estimated useful lives of the assets, which range from five to seven years. Repair and maintenance costs are
charged
to expense as incurred.
Leases
The Company determines if an arrangement is a lease at inception in accordance with ASC Topic 842. Operating lease right-of-use (“ROU”) assets are
included in Prepaid expenses, and other assets, and lease
liabilities are included in other liabilities in the Condensed Consolidated Balance Sheets. ROU
assets represent the Company’s right to use an underlying asset for the lease term and lease liabilities represent the Company’s obligation to make
lease
payments arising from the lease. ROU assets and lease liabilities are recognized at the commencement date based on the present value of lease payments
over the lease term, using the incremental borrowing rate, U.S. prime rate, of 8.5% in both 2023 and 2024.
Intangible Assets
We record intangible assets at cost, less accumulated amortization. Amortization
of intangible assets is provided over their estimated useful lives, which
can range from 3 to 15 years, on either a straight-line basis or as revenue is generated by the assets.
Impairment of Long-Lived Assets
We identify and record impairment losses on long-lived assets used in operations
when events and changes in circumstances indicate that the carrying
amount of an asset might not be recoverable, but not less than annually. Recoverability is measured by comparison of the anticipated future net
undiscounted cash flows to the
related assets’ carrying value. If such assets are deemed impaired, the impairment to be recognized is measured by the
amount by which the carrying amount of the assets exceeds the projected discounted future net cash flows arising from the asset.
Research and Development
Research and development costs include expenses paid to outside development
consultants and compensation related expenses for our engineering staff.
Research and development costs are expensed as incurred.
Income Taxes
We account for income taxes using the asset and liability method. The asset and
liability method requires the recognition of deferred tax assets and
liabilities for expected future tax consequences of temporary differences that currently exist between the tax basis and financial reporting basis of our assets
and liabilities.
We calculate current and deferred tax provisions based on estimates and assumptions that could differ from actual results reflected on the
income tax returns filed during the following years. Adjustments based on filed returns are recorded when
identified in the subsequent years. The effect on
deferred taxes for a change in tax rates is recognized in income in the period that the tax rate change is enacted. In assessing our deferred tax assets, we
consider whether it is more likely than
not that all or some portion of the deferred tax assets will not be realized.
38
Index
The 2017 U.S. Tax Cuts and Jobs Act changes IRC Section
174, regarding capitalization of book research and development (“R&D”) expenses for income
tax purposes. Effective for tax years beginning in 2022 IRC Section 174 requires the capitalization of book R&D expenses which are capitalized and
amortized over 5 years for domestic R&D expenses and over 15 years for foreign R&D expenses. To date there has been limited guidance from the IRS on
how to quantify the amount of book R&D expenses subject to capitalization, including
the indirect expenses supporting the R&D function. Due to the
limited guidance, some assumptions were made in our estimates.
A valuation allowance is provided for deferred income tax assets when, in our
judgment, based upon currently available information and other factors, it is
more likely than not that all or a portion of such deferred income tax assets will not be realized. The determination of the need for a valuation allowance is
based on an
on-going evaluation of current information including, among other things, historical operating results, estimates of future earnings in different
taxing jurisdictions and the expected timing of the reversals of temporary differences. We believe the
determination to record a valuation allowance to
reduce a deferred income tax asset is a significant accounting estimate because it is based, among other things, on an estimate of future taxable income in
the United States and certain other
jurisdictions, which is susceptible to change and may or may not occur, and because the impact of adjusting a valuation
allowance may be material. In determining when to release the valuation allowance established against our net deferred income
tax assets, we consider all
available evidence, both positive and negative. We continually assess our ability to generate sufficient taxable income during future periods in which our
deferred tax assets may be realized. If and when we believe it is
more likely than not that we will recover our deferred tax assets, we will reverse the
valuation allowance as an income tax benefit in our statements of operations.
We account for our uncertain tax positions in accordance with U.S. GAAP, which
utilizes a two-step approach to evaluate tax positions. Step one,
recognition, requires evaluation of the tax position to determine if based solely on technical merits it is more likely than not to be sustained upon
examination. Step two,
measurement, is addressed only if a position is more likely than not to be sustained. In step two, the tax benefit is measured as the
largest amount of benefit, determined on a cumulative probability basis, which is more likely than not to be
realized upon ultimate settlement with tax
authorities. If a position does not meet the more likely than not threshold for recognition in step one, no benefit is recorded until the first subsequent period
in which the more likely than not standard
is met, the issue is resolved with the taxing authority, or the statute of limitations expires. Positions previously
recognized are derecognized when we subsequently determine the position no longer is more likely than not to be sustained.
Evaluation of tax positions,
their technical merits, and measurements using cumulative probability are highly subjective management estimates. Actual results could differ materially
from these estimates.
Stock-Based Compensation
We account for stock-based compensation using the fair value recognition method in
accordance with U.S. GAAP. We recognize these compensation costs
on a straight-line basis over the requisite service period of the award, which is generally a vesting term of 4 years. We recognize forfeitures, if any, when
they occur. In addition, we record stock-based compensation expense for awards granted to non-employees at fair value of the
consideration received or the
fair value of the equity instruments issued, as they vest, over the performance period (See Note 6 - Stock-Based Compensation).
Earnings per Share
Basic earnings per share are computed by dividing earnings available to common
stockholders by the weighted average number of outstanding common
shares during the period. Diluted earnings per share is computed by dividing net income by the weighted average number of shares outstanding during the
period increased to include
the number of additional shares of common stock that would have been outstanding if the potentially dilutive securities had
been issued. Additionally, weighted average shares outstanding for both basic and diluted earnings per share include all vested restricted shares issued and
outstanding.
New Accounting Pronouncements
In November 2023, the FASB issued ASU 2023-07, Segment Reporting (Topic 280): Improvements to Reportable Segment Disclosures. The amendments
in this ASU require disclosures, on an annual and interim basis, of significant
segment expenses that are regularly provided to the chief operating officer
decision maker (“CODM”), as well as the aggregate amount of other segment items included in the reported measure of segment profit or loss. The ASU
requires that a public
entity disclose the title and position of the CODM and an explanation of how the CODM uses the reported measure(s) of segment
profit or loss in assessing segment performance and deciding how to allocate resources. The Company adopted ASU 2023-07 on
January 1, 2024.
In December 2023, the FASB issued ASU No. 2023-09, Income
Taxes (Topic 740): Improvements to Income Tax Disclosures, which requires
disaggregated information about an entity’s effective tax rate reconciliation as well as information on income tax paid. The guidance in this ASU is
effective for public
companies with annual periods beginning after December 15, 2024. We plan to adopt the guidance for the fiscal year ending December
31, 2025. We are currently evaluating the effect adoption of this ASU will have on our consolidated financial
statements.
39
Index
Note 3 − Property and Equipment
Our major classes of property and equipment were as follows:
December 31
2024
2023
Office furniture
$
165 $
143
Computer equipment
92
92
Total
257
235
Less accumulated depreciation
(190)
(168)
Total property and equipment, net
$
67 $
67
Depreciation expense for 2024 and 2023 was $21
and $9, respectively.
Note 4 − Commitments, Contingencies and Related Party Transactions
We have a non-exclusive service agreement for the use of an aircraft from K2 Investment Fund LLC (“LLC”) for business travel for our employees. Our
Chief Executive Officer and Chief Administrative Officer are the managing partners and control the equity interests of the LLC. The agreement provided
for the use of the plane at an initial rate of $8.1 per flight hour, which increased to $9.8 per flight hour in
April 2024, includes no minimum usage
requirement, contains other terms and conditions normal in such transactions and can be cancelled by either us or the LLC with 30 days’ notice. Neither
party has exercised their termination rights. We incurred approximately $1,556
and $1,097 in rental fees and reimbursements to the LLC in 2024 and 2023,
respectively.
See Note 13 for further discussion of our lease commitments.
Note 5 − Stock Plan
Our stockholders approved the Amended and Restated Equity Incentive Plan (the “A&R Plan”) at our annual shareholders’ meeting in June 2024,
which
added 1,000,000 shares to the plan. Our prior plan expired March 29, 2023; no further awards will be made under the prior plan, and
the A&R Plan will
govern awards granted under the prior plan. The A&R Plan provides for the granting of stock options, restricted stock units (“RSUs”) and restricted stock.
Options granted under the A&R Plan are granted with an exercise
price equal to the fair value of the of our stock on the date of grant. RSUs and restricted
stock are granted at the fair value of our stock on the date of grant because they have no exercise price. The fair value of options, RSUs and restricted
stock
are expensed over the vesting periods. All options, RSUs and restricted stock are subject to forfeiture if service terminates prior to the shares vesting. At
December 31, 2024, there were 575,055 shares available for grant under the A&R Plan.
Note 6 − Stock-Based Compensation
The following tables summarize information and activity under the plan for the indicated periods.
Options Outstanding
Options Vested and Exercisable
Range of
Exercise Prices
Number
Outstanding
Weighted
Average
Remaining
Contractual
Life (Years)
Weighted
Average
Exercise
Price
Number
Exercisable
Weighted
Average
Remaining
Contractual
Life (Years)
Weighted
Average
Exercise
Price
$ 10.00 - 29.80
35,438
7.45 $
28.47
24,219
7.47 $
27.85
$ 47.00
- 138.40
222,254
3.81 $
90.17
216,883
3.74 $
90.32
257,692
4.31 $
81.69
241,102
4.12 $
84.04
40
Index
Options
Number
Weighted
Average
Exercise
Price
Weighted
Average
Remaining
Contractual
Life (Years)
Aggregate
Intrinsic
Value
Outstanding, December 31, 2022
340,798
$
106.60
— $
—
Options granted
1,875
10.00
—
—
Options exercised
—
—
—
—
Options cancelled
(12,656)
510.21
—
—
Outstanding, December 31, 2023
330,017
$
90.63
— $
—
Options granted
—
—
—
—
Options exercised
—
—
—
—
Options cancelled
(72,325)
123.61
—
—
Outstanding, December 31, 2024
257,692
$
81.69
4.31 $
—
Options exercisable, December 31, 2024
241,102
$
84.04
4.12 $
—
RSUs
Number
Weighted
Average
Grant Date
Fair Value
Aggregate
Intrinsic
Value
Outstanding, December 31, 2022
27,605
$
73.00 $
—
RSUs granted
1,250
10.00
—
RSUs vested
(11,405)
83.81
—
RSUs cancelled
—
—
—
Outstanding, December 31, 2023
17,450
$
60.81 $
—
RSUs granted
—
—
—
RSUs vested
(7,971)
70.88
—
RSUs cancelled
(3,376)
58.91
—
Outstanding, December 31, 2024
6,103
$
49.20 $
—
Restricted Stock
Number
Weighted
Average
Grant Date
Fair Value
Aggregate
Intrinsic
Value
Outstanding, December 31, 2022
—
$
— $
—
Restricted stock granted
36,927
9.12
—
Restricted stock vested
(3,617)
9.19
—
Restricted stock cancelled
(604)
9.60
—
Outstanding, December 31, 2023
32,706
$
9.11 $
—
Restricted stock granted
649,000
5.91
—
Restricted stock vested
(12,866)
9.35
—
Restricted stock cancelled
(36,025)
7.97
—
Outstanding, December 31, 2024
632,815
$
5.95 $
1,215
Intrinsic value is calculated as the difference between the per-share market price of our common stock on the last trading day of 2024, which was $7.85 and
the grant price of the awards. For awards exercised, the intrinsic value is the difference between market price and the exercise price on the
date of exercise.
41
Index
Stock-based compensation expense is included in operating expense for each period as follows:
Stock-Based Compensation by Type of Award
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Stock options
$
1,240 $
1,960
RSUs
333
778
Restricted stock
329
40
Total stock-based compensation expense
$
1,902 $
2,778
As of December 31, 2024, there was $4,412
of unrecognized stock-based compensation expense; $551 related to unvested stock options, $162 related to
unvested RSUs, and $3,699 related to unvested
restricted stock. These costs are expected to be recognized over a weighted-average period of 1.14 years for
options, 1.12 years for RSUs, and 3.53 years for
restricted stock.
The fair value of each option grant was estimated on the date of grant using the Black-Scholes option pricing model using the following weighted
average
assumptions:
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Expected stock price volatility
—%
81.39%
Risk-free interest rate
—%
3.9%
Expected life term
—
5.5 years
Expected dividends
—%
0%
Based on the Black-Scholes option pricing
model, the weighted average estimated fair value of employee stock options granted was $6.96 per share during
2023. The expected
life was determined using the simplified method outlined in ASC 718, “Compensation - Stock Compensation”. Expected volatility of
the stock options was based upon historical data and other relevant factors.
Note 7 − Earnings Per Share
Basic earnings per share are based on the weighted average number of shares outstanding for a period. Diluted earnings per share are based upon the
weighted average number of shares and potentially dilutive common shares outstanding. Potential common shares outstanding principally include stock
options, RSUs and unvested restricted stock under our stock plan and warrants. During 2024 and 2023 we
incurred losses; therefore, the effect of any
common stock equivalent would be anti-dilutive.
The table below sets forth the basic and diluted loss per share calculations:
Year Ended December 31,
2024
2023
Net (loss)
$
(18,175) $
(27,871)
Basic weighted average number of shares outstanding
3,596
3,579
Effect of dilutive securities
—
—
Diluted weighted average number of shares outstanding
3,596
3,579
Basic (loss) per share
$
(5.05) $
(7.79)
Diluted (loss) per share
$
(5.05) $
(7.79)
42
Index
Note 8 − Common Stock
Each share of common stock has the right to one vote. The holders of common stock are entitled to receive dividends whenever funds are legally available
and when declared by our Board of Directors, subject to the prior
rights of holders of all classes of stock outstanding having priority rights as to dividends.
Our amended and restated certificate of incorporation authorize us to issue up to 100,000,000 shares of $0.0001 par value common stock.
Effective
October 25, 2023, every 20 shares of our common stock outstanding was combined into one share of common stock. Proportional adjustments
were also made to the number of restricted stock, common stock issuable upon the exercise of options, warrants as well as common stock issuable upon the
vesting of RSUs. The exercise price of all equity awards were also proportionally adjusted. The
accompanying financial statements include the effect of
this adjustment on all periods presented.
Dividends
In 2023, we paid a one-time capital dividend of $20 per share of common stock to shareholders. The timing and
amount of future dividends, if any, will
depend on market conditions, corporate business and financial considerations and regulatory requirements.
Warrants
In 2020, we issued warrants for the purchase of 1,250
shares of common stock at an exercise price of $115 per share, exercisable on the date of grant,
expiring in April 2025. The weighted average fair value at the grant date was $83.20 per warrant. The fair value at the grant date was estimated utilizing the
Black-Scholes valuation model with the following weighted average assumptions (i) dividend yield on our common stock of 0 percent (ii) expected stock
price volatility of 97
percent (iii) a risk-free interest rate of 0.27 percent and (iv) and expected option term of 5 years.
Warrants
Issued
Exercise
Price
Outstanding and
Exercisable
December 31, 2024
Issued
Exercised
Terminated /
Cancelled
Outstanding and
Exercisable
December 31, 2023
Expiration Date
1,250 $
115
1,250
—
—
—
1,250
April 30, 2025
Note 9 − Employee Benefit Plan
We sponsor a defined contribution 401(k) plan covering substantially all our employees. Our matching contribution to the plan was approximately $189
and $229 in 2024 and 2023,
respectively.
Note 10 − Income Taxes
The income tax provision (benefit) is comprised of the following:
Year Ended
December 31, 2024
Year Ended
December 31, 2023
Current:
Federal
$
— $
—
State
3
2
Foreign
—
—
3
2
Deferred:
Federal
—
(79)
State
—
(2)
—
(81)
Total income tax (benefit) provision
$
3 $
(79)
43
Index
A reconciliation of the United States federal statutory income tax rate to our effective income tax rate is as follows:
Year Ended
December 31, 2024
Year Ended
December 31, 2023
United States federal statutory rate
21.00%
21.00%
State taxes, net of federal benefit
(0.01)%
(0.01)%
Valuation allowance
(20.50)%
(20.31)%
Stock based compensation
(0.62)%
(0.58)%
R&D Credit
1.55%
2.20%
Other
(1.41)%
(2.02)%
Effective income tax rate
0.01%
0.28%
Deferred tax assets (liabilities) consist of the following:
As of
December 31, 2024
As of
December 31, 2023
Deferred tax assets:
Reserves and accruals
$
2,066 $
65
Research and development credits and other credits
1,115
1,110
Net operating loss carry forward
17,907
15,262
Stock based compensation
3,451
4,360
Other
2,796
2,382
Total deferred tax assets
$
27,335 $
23,179
Valuation allowance
(25,460)
(23,179)
Deferred tax assets after valuation allowance
$
1,875
—
Total deferred tax liability
ROU
$
(1,870)
—
Depreciation and amortization
(5)
—
Net deferred tax assets
$
— $
—
Pursuant to IRC Section
174, we capitalized direct and indirect research and development costs for our tax return totaling $5,251 in 2024 $8,599 in 2023,
of which $3,273 will be
amortized in our 2024 tax return and $1,888 will be amortized in our 2023 tax return. Unamortized capitalized R&D expenditures
as of
December 31, 2024 total $18,989 and after deducting amortization amounts the net captizaized R&D expenditures total $13,315.
At December 31, 2024,
we had federal and state net operating loss carryforwards of approximately $85,241 and $109,618, respectively. Federal net
operating loss carryforwards do not expire. None of the state net operating loss carryforward is apportioned to a deferred tax asset, because
currently we do
not have operations in states where losses accumulated. The state net operating loss carryforward begins expiring in 2029.
We provide valuation allowances
for our net deferred tax assets, including NOL carryforwards generated during the years, based on our evaluation of positive and negative evidence,
including our history of operating losses and the uncertainty of
generating future taxable income that would enable us to realize our deferred tax assets.
We are required to
recognize the financial statement effects of a tax position when it is more likely than not, based on the technical merits, that the position
will be sustained upon examination. At December 31, 2024, we have no uncertain tax positions. Our policy is to recognize interest and penalties, if any,
accrued on any unrecognized tax benefits, as a component of
income tax expense. We had no interest or penalties accrued in 2024.
Our tax years for 2005
and forward are subject to examination by the U.S. tax authority and various state tax authorities. These years are open because
NOLs and tax credits generated in these years were utilized in 2020. The statute of limitations for these years shall
expire three years after the date of filing
2020 income tax returns.
44
Index
Note 11 − Fair Value Measurement
Fair value is the price that would result from an orderly transaction between market participants at the measurement date. A fair value hierarchy prioritizes
the inputs used to measure fair value. The hierarchy gives the highest priority to
unadjusted quoted prices in active markets for identical assets or liabilities
(Level 1 measurement) and the lowest priority to unobservable inputs (Level 3 measurement). Level 2 measurements utilize either directly or indirectly
observable inputs
in markets other than quoted prices in active markets.
Our financial instruments
are stated at amounts that equal, or approximate, fair value. When we estimate fair value, we utilize market data or assumptions
that we believe market participants would use in pricing the financial instrument, including assumptions about risk and
inputs to the valuation technique.
We use valuation techniques, primarily the income and market approach, which maximizes the use of observable inputs and minimize the use of
unobservable inputs for recurring fair value measurements.
Mutual funds: Valued at the quoted net asset value (NAV) of shares held.
U.S. agency and treasury securities: Fair value measured at the closing price reported on the active market on which the individual securities are traded.
The following table shows the adjusted cost, gross unrealized gains, gross unrealized losses, and fair value of our financial assets as of December
31, 2024
and 2023 (in thousands):
December 31, 2024
Adjusted
Cost
Unrealized
Gains
Unrealized
Losses
Fair
Value
Cash
and Cash
Equivalents
Investments
Available
for Sale
Cash
$
1,777
$
—
$
— $
1,777 $
1,777 $
—
Level 1:
Mutual funds
20,077
—
—
20,077
20,077
—
U.S. agency and treasury securities
16,204
25
(1)
16,228
1,442
14,786
36,281
25
(1)
36,305
21,519
14,786
Total
$
38,058
$
25
$
(1) $
38,082 $
23,296 $
14,786
December 31, 2023
Adjusted
Cost
Unrealized
Gains
Unrealized
Losses
Fair
Value
Cash
and Cash
Equivalents
Investments
Available
for Sale
Cash
$
1,452
$
—
$
— $
1,452 $
1,452 $
—
Level 1:
Mutual funds
20,040
—
—
20,040
20,040
—
U.S. agency and treasury securities
32,046
27
(18)
32,055
4,797
27,258
52,086
27
(18)
52,095
24,837
27,258
Total
$
53,538
$
27
$
(18) $
53,547 $
26,289 $
27,258
The maturities of our investments generally range from within one to two years. Actual maturities could differ from contractual maturities due to call or
prepayment
provisions.
Note 12 − Litigation
From time to time, we are subject to various legal proceedings, the outcomes of which
are inherently uncertain. We record any potential gains related to
legal proceedings only after cash is collected. We record a liability when it is probable that a loss has been incurred and the amount is reasonably estimable,
the determination of
which requires significant judgment. As additional information becomes available, we reassess our potential liability and may revise
our estimates. Such resolutions could have a material impact on future quarterly or annual results of operations.
45
Index
One or more potential intellectual property infringement claims may also be available
to us against certain other companies who have the resources to
defend against any such claims. Although we believe these potential claims are likely valid, commencing a lawsuit can be expensive and time-consuming,
and there is no assurance that we
could prevail on such potential claims if we made them.
Note 13 − Leases
In October 2023, we renewed our lease for office space in Nevada with a third party recording an ROU asset and lease liability of $102. The lease requires
monthly payments of $4.6
and expires in October 2025. At December 31, 2024 and 2023, our ROU asset and lease liability totaled $42 and $93,
respectively. Lease expense totaled $56
in 2024 and $55 in 2023.
In October 2023, we executed a facility lease in Utah to be used for technical integration and as a training facility recording an ROU asset and a lease
liability of $3,587. This operating lease requires monthly payments starting at $72,
includes periodic increases, provides six months of free rent, and
expires in April 2029. At December 31, 2024, our ROU asset and
lease liability totaled $2,963 and $3,430, respectively. At December 31,
2023, our ROU
asset and lease liability totaled $3,479 and $3,546, respectively. Lease expense totaled $838 in 2024 and $140 in 2023.
The
weighted average remaining life of the office and facility leases discussed above is approximately 8 years, and the related
lease liability is as follows:
Due in 2025
$
6,946
Due in 2026
$
927
Due in 2027
$
954
Due in 2028
$
983
Thereafter
$
336
Total undiscounted lease liability
$
10,146
Less: imputed interest
$
(757)
Total lease liability
$
9,389
We also lease a
facility for corporate promotional and marketing purposes in California which was prepaid at inception and expires in 2025. In March 2024,
we renewed the lease recording an ROU asset and lease liability of $5,512. The renewal period begins in 2025, continues for 10 years through 2035,
requires either a single payment of $6,000, or annual
payments each March, beginning in 2025 starting at $600 and increasing annually for a total
commitment of approximately $7,500. (In January 2025, the Company elected the 10
annual payments option which will result in an adjustment to the
carrying amount of the ROU asset and lease liability of just over $600.)
At December 31, 2024, the ROU asset totaled $5,739 and our lease liability totaled
$5,917; at December 31, 2023, the ROU asset totaled $349 and our
lease liability was nil. Lease expense totaled $527 in 2024 and $300 in 2023.
We have a service agreement for the use of
an aircraft from a related party discussed in more detail in Note 4. We incurred approximately $1,556 and
$1,097 in rental fees and reimbursements to the LLC in 2024 and 2023, respectively.
Note 14 - Segment Reporting
The Company views its operations and makes decisions regarding how to allocate resources and manages its business as one reportable segment and one
reporting unit. The Company's Chief Executive Officer, who is the chief operating decision maker ("CODM"), regularly assesses performance of the
aggregated single operating and reporting segment and decides how to allocate resources based on net
income calculated on the same basis as net income
reported in the Company's consolidated statements of income and other comprehensive income. The CODM is also regularly provided with expense
information at a level consistent with that disclosed
in the Company's consolidated statements of income and other comprehensive income.
46
Index
Item 9.
Changes in and Disagreements with Accountants on Accounting and Financial Disclosure
None.
Item 9A.
Controls and Procedures
Evaluation of Disclosure Controls and Procedures
Under the supervision and with the participation of our management, including our Chief Executive Officer and Chief Financial Officer, we conducted an
evaluation of the effectiveness of the
design and operation of our disclosure controls and procedures, as defined in Rules 13a-15(e) and 15d-15(e) under the
Securities Exchange Act of 1934, as amended, December 31, 2024.
The purpose of this evaluation was to determine whether as of December 31, 2024 our disclosure controls and procedures were effective to provide
reasonable assurance that the information we
are required to disclose in our filings with the SEC, (i) is recorded, processed, summarized and reported
within the time periods specified in the SEC’s rules and forms and (ii) accumulated and communicated to our management, including our
Chief Executive
Officer and Chief Financial Officer, as appropriate to allow timely decisions regarding required disclosure.
Based on their evaluation, our Chief Executive Officer and Chief Financial Officer have concluded that as of December 31, 2024, our disclosure controls
and procedures were effective.
Changes in Internal Control Over Financial Reporting
There were no changes in our internal controls over financial reporting (as such term is defined in rules 13a-15(f) under the Securities Exchange Act of
1934, as amended) during the fiscal
year ended December 31, 2024, that have materially affected, or are reasonably likely to materially affect, our internal
controls over financial reporting.
Management’s Report on Internal Control Over Financial Reporting
Our management is responsible for establishing and maintaining adequate internal control over financial reporting for the Company. Internal control over
financial reporting is a process to
provide reasonable assurance regarding the reliability of our financial reporting for external purposes in accordance with
accounting principles generally accepted in the United States of America. Internal control over financial reporting
includes maintaining records that in
reasonable detail accurately and fairly reflect our transactions; providing reasonable assurance that transactions are recorded as necessary for preparation of
our financial statements; providing
reasonable assurance that receipts and expenditures of Company assets are made in accordance with management
authorization; and providing reasonable assurance that unauthorized acquisition, use or disposition of Company assets that could have
a material effect on
our financial statements would be prevented or detected on a timely basis. Because of its inherent limitations, internal control over financial reporting is not
intended to provide absolute assurance that a misstatement
of our financial statements would be prevented or detected.
Management conducted an evaluation of the effectiveness of our internal control over financial reporting based on the framework in Internal Control –
Integrated Framework (2013) issued by the Committee of Sponsoring Organizations of the Treadway Commission. Based on this evaluation, management
concluded that the Company’s internal control over financial reporting was effective as
of December 31, 2024. There were no changes in our internal
control over financial reporting during the period ended December 31, 2024, that have materially affected, or are reasonably likely to materially affect, our
internal control over
financial reporting.
Item 9B.
Other Information
Securities Trading Plans of Directors and Executive Officers.
During the three months ended December 31, 2024, the Company did not adopt,
modify or terminated and no directors or officers, as defined in Rule 16a-
1(f), adopted, modified or terminated a “Rule 10b5-1
trading arrangement” or a “non-Rule 10b5-1 trading arrangement,” each as defined in Regulation S-K
Item 408.
47
Index
Item 9C.
Disclosure Regarding Foreign Jurisdictions that Prevent Inspections
None.
PART III
Item 10.
Directors, Executive Officers and Corporate Governance
The information required by this item will be contained in our definitive proxy statement to be filed with the SEC in connection with our 2025 Annual
Meeting of Stockholders (the “Proxy
Statement”), which is expected to be filed not later than 120 days after the end of our fiscal year ended December 31,
2024 and is incorporated in this report by reference.
Item 11.
Executive Compensation
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Item 12.
Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Securities Authorized for Issuance Under the Equity Compensation Plans
Our Amended and Restated Equity Incentive Plan (the “A&R Plan”) was approved by our shareholders in June 2023. Our prior plan expired March 29,
2023; no further awards will be made
under the prior plan, and the A&R Plan will govern awards granted under the prior plan. The A&R Plan allows us to
grant stock options, restricted stock units (“RSUs”) and restricted stock. Options granted under the A&R Plan are
granted with an exercise price equal to
the fair value of the of our stock on the date of grant. RSUs and restricted stock are granted at the fair value of our stock on the date of grant. The fair value
of options, RSUs and restricted stock
are expensed over the vesting periods. All awards are subject to forfeiture if service terminates prior to the shares
vesting. At December 31, 2024, there were 575,055 shares available for grant under the A&R Plan.
Plan Category
Number of
Securities to be
Issued Upon
Exercise of
Outstanding
Options and
RSUs
Weighted-Average
Exercise Price of
Outstanding
Options and RSUs
Number of
Securities
Remaining
Available for
Future Issuance
Under Equity
Compensation
Plans
Equity compensation plans approved by security holders
263,790
$80.94
575,055
Equity compensation plans not approved by security holders
—
—
Total
263,790
$80.94
575,055
During 2024, we granted restricted stock awards totaling 45,000 to non-employee members of our Board of Directors, 65,000 to our advisory board
members, and 539,000 restricted stock awards
to our employees.
48
Index
Item 13.
Certain Relationships and Related Transactions, and Director Independence
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
Item 14.
Principal Accounting Fees and Services
The information required by this item will be set forth in the Proxy Statement and is incorporated herein by reference.
PART IV
Item 15.
Exhibits and Financial Statement Schedules
(a)
The following documents are filed as part of this Annual Report on Form 10-K
(1)
Financial Statements: See the Index to Consolidated Financial Statements under Item 8 of this Annual Report on Form 10-K.
(2)
Financial Statement Schedule: Financial statement schedules are omitted because they are not applicable, or the required information is shown
in the financial
statements or notes thereto. All other schedules are omitted because of the absence of conditions under which they are required
or because the required information is given in the financial statements or the notes thereto.
(3)
Exhibits: The documents listed in the Exhibit Index of this Annual Report on Form 10-K are incorporated by reference or are filed with this
Annual Report on Form
10-K, in each case as indicated therein (numbered in accordance with Item 601 of Regulation S-K).
49
Index
EXHIBIT INDEX
Exhibit
Number
Description
Incorporated by reference herein
Form
Exhibit
No.
Filing Date
File No.
Filed
Herewith
3.1
Amended and Restated Certificate of Incorporation of the
Company, as amended.
8-K
3.1
11/01/2007
000-26895
3.2
Certificate of Amendment to the Amended and Restated
Certificate of Incorporation of the Company.
8-K
3.1
10/25/2023
001-33852
3.3
Amended and Restated Bylaws of the Company.
8-K
3.1
1/27/2023
001-33852
4.1
Specimen Common Stock Certificate.
S-3
4.1
07/30/2018
333-226413
4.2
Form of Senior Indenture.
S-3
4.2
07/30/2018
333-226413
4.3
Form of Subordinated Indenture.
S-3
4.4
07/30/2018
333-226413
4.4
Description of Capital Stock.
X
10.1
Form of Indemnification Agreement.
10-K
10.1
03/18/2019
001-33852
10.2*
2007 Stock Plan, as amended.
10-Q
10.2
05/10/2012
001-33852
10.3*
Amended Form of Stock Option Agreement – 2007 Stock Plan. 10-Q
4.5
05/10/2011
001-33852
10.4*
Form of Restricted Stock Unit Award Agreement – 2007 Stock
Plan.
10-Q
10.3
05/10/2012
001-33852
10.5*
2013 Equity Incentive Plan, as amended.
DEF 14A
Appendix A
04/13/2021
001-33852
10.6*
Amended and Restated 2013 Equity Incentive Plan.
8-K
10.1
06/18/2024
001-33852
10.7*
Form of Stock Option Agreement – 2013 Equity Incentive Plan
and Amended and Restated 2013 Equity Incentive Plan.
10-K
10.6
03/02/2015
001-33852
10.8*
Form of Restricted Stock Unit Agreement – 2013 Equity
Incentive Plan and Amended and Restated 2013 Equity
Incentive Plan.
10-K
10.7
03/02/2015
001-33852
10.9*
Form of Restricted Stock Agreement – Amended and Restated
2013 Equity Incentive Plan.
10-Q
10.2
08/11/2023
001-33852
10.10
Patent License and Assignment Agreement by and between the
Company and Leidos, Inc. (formerly Science Applications
International Corporation)
dated as of August 12, 2005.
8-K
10.4
07/12/2007
000-26895
10.11**
Amendment No. 1 to Patent License and Assignment
Agreement by and between the Company and Leidos, Inc.
dated as of November 2, 2006.
8-K
10.6
07/12/2007
000-26895
10.12
Amendment No. 2 to Patent License and Assignment
Agreement by and between VirnetX, Inc. and Leidos, Inc. dated
as of March 12, 2008.
8-K
10.1
03/18/2008
001-33852
10.13
Security Agreement by and between the Company and Leidos,
Inc. dated as of August 12, 2005.
8-K
10.5
07/12/2007
000-26895
10.14
Assignment Agreement between the Company and Leidos, Inc.
dated as of December 21, 2006.
8-K
10.7
07/12/2007
000-26895
10.15
Professional Services Agreement by and between the Company
and Leidos, Inc. dated as of August 12, 2005.
8-K
10.8
07/12/2007
000-26895
10.16**
Settlement and License Agreement, by and between Microsoft
Corporation and VirnetX, Inc., dated May 14, 2010.
10-Q/A
10.1
01/31/2011
001-33852
50
Index
10.17**
Amended Settlement and License Agreement, by and between
Microsoft Corporation and VirnetX, Inc., dated December 17,
2014.
10-K
10.23
03/02/2015
001-33852
10.18*
Hire Letter by and between Katherine Allanson and the
Company, dated as of September 1, 2021.
10-Q
10.1
11/08/2021
001-33852
10.19*
Offer Letter by and between Darl C. McBride and the
Company, dated as of December 22, 2023.
10-K/A
10.19
04/18/2024
001-33852
10.20
Warrant to Purchase Shares of Common Stock of the Company
by and between the Company and Odeon Capital Group LLC,
dated as of
April 29, 2020.
10-Q
10.2
05/15/2023
001-33852
10.21*
Outside Director Compensation Policy, as adopted on
November 30, 2023.
10-K/A
10.22
04/18/2024
001-33852
19.1
Insider Trading and Disclosure Compliance Proagram, as
adopted
on March 30, 2023.
X
21.1
Subsidiaries of VirnetX Holding Corporation.
10-K
21.1
03/16/2024
001-33852
23.1
Consent of Farber Hass Hurley LLP, Independent Registered
Public Accounting Firm.
X
24.1
Power of Attorney (contained on signature page hereto)
X
31.1
Chief Executive Officer Certification pursuant to Rule 13a-
14(a) of the Securities
Exchange Act.
X
31.2
Chief Financial Officer Certification pursuant to Rule 13a-14(a)
of the Securities
Exchange Act.
X
32.1†
Chief Executive Officer Certification pursuant to 18 U.S.C.
Section 1350 as adopted
pursuant to Section 906 of the
Sarbanes-Oxley Act of 2002
X
32.2†
Chief Financial Officer Certification pursuant to 18 U.S.C.
Section 1350 as adopted
pursuant to Section 906 of the
Sarbanes-Oxley Act of 2002.
X
97.1*
Compensation Recovery Policy of the Company as adopted
November 8, 2023.
10-K/A
97.1
04/18/2024
001-33852
101.INS
XBRL Instance Document
X
101.SCH
XBRL Taxonomy Extension Schema Document
X
101.CAL
XBRL Taxonomy Extension Calculation Linkbase Document
X
101.DEF
XBRL Taxonomy Extension Definition Linkbase Document
X
101.LAB
XBRL Taxonomy Extension Label Linkbase Document
X
101.PRE
XBRL Taxonomy Extension Presentation Linkbase Document
104
Cover Page Interactive Data File (formatted as inline XBRL
and contained in Exhibit 101)
X
*
Indicates management contract or compensatory plan.
**
Confidential treatment has been granted by the SEC as to certain portions of this exhibit.
*** Portions of this exhibit have been omitted pending a determination by the SEC as to whether these portions should be granted confidential treatment.
†
The certifications attached as Exhibit 32.1 and 32.2 that accompany this Report are not deemed filed with the Securities and Exchange Commission
and are not to be incorporated by reference into any
filing of VirnetX Holding Corporation under the Securities Act or the Exchange Act, whether
before or after the date of this Report, irrespective of any general incorporation language contained in such filing.
51
Index
SIGNATURES
Pursuant to the requirements of Section 13 or 15(d) of the Securities Exchange Act of 1934, the registrant has duly caused this Annual Report on Form 10-
K to be signed on its behalf by the
undersigned, thereunto duly authorized.
VirnetX Holding Corporation
By: /s/ Kendall Larsen
Name: Kendall Larsen
Title: Chief Executive Officer and President
Dated: March 17, 2025
52
Index
POWER OF ATTORNEY
KNOW ALL PERSONS BY THESE PRESENTS, that each person whose signature appears below constitutes and appoints Kendall Larsen as his attorney-
in-fact, with full power of substitution, for him
in any and all capacities, to sign any amendments to this Annual Report on Form 10-K, and to file the same,
with exhibits thereto and other documents in connection therewith with the Securities and Exchange Commission, hereby ratifying and
confirming all that
said attorney-in-fact, or his substitute or substitutes may do or cause to be done by virtue hereof.
Pursuant to the requirements of the Securities Exchange Act of 1934, this Annual Report on Form 10-K has been signed below by the following persons on
behalf of the registrant and in the
capacities indicated.
Name
Capacity
Date
/s/Kendall Larsen
Director, Chief Executive Officer and President
March 17, 2025
Kendall Larsen
(Principal Executive Officer)
/s/Katherine Allanson
Chief Financial Officer
March 17, 2025
Katherine Allanson
(Principal Financial Officer and
Principal Accounting Officer)
/s/Heidy Chow
Director
March 17, 2025
Heidy Chow
/s/Gary Feiner
Director
March 17, 2025
Gary Feiner
/s/Michael F. Angelo
Director
March 17, 2025
Michael F. Angelo
/s/Thomas M. O’Brien
Director
March 17, 2025
Thomas M. O’Brien
53
Exhibit 4.4
DESCRIPTION OF CAPITAL STOCK
The following description of the capital stock of VirnetX Holding Corporation (“us”, “our,” “we”, or the “Company”) is a
summary. We have
adopted an amended and restated certificate of incorporation (“Certificate of Incorporation”) and amended and restated bylaws (“Bylaws”), as each may be
amended and restated from time to time, and this description summarizes
the provisions that are included in such documents. Because it is only a summary,
it does not contain all the information that may be important to you. For a complete description of the matters set forth in this Exhibit, you should refer to
our
Certificate of Incorporation and Bylaws, each previously filed with the Securities and Exchange Commission and incorporated by reference as exhibits
to the Annual Report on Form 10-K of which this Exhibit is a part, and to the applicable
provisions of Delaware law.
General
Our authorized capital stock consists of 100,000,000 shares of common stock with a $0.0001 par value per share, and 10,000,000
shares of
preferred stock with a $0.0001 par value per share, all of which shares of preferred stock are undesignated. Our board of directors may establish the rights
and preferences of the preferred stock from time to time. All outstanding
shares of our common stock are fully paid and non-assessable. The rights,
preferences and privileges of the holders of our common stock are subject to, and may be adversely affected by, the rights of the holders of shares of any
series of
preferred stock that we may designate and issue in the future.
Common Stock
We have one class of common stock.
Dividend Rights
Subject to any preferential rights of any outstanding preferred stock, holders of our common stock are entitled to receive
ratably the dividends, if
any, as may be declared from time to time by the board of directors out of funds legally available therefor.
Voting Rights
Each holder of our common stock is entitled to one vote for each share on all matters to be voted upon by the stockholders and
there are no
cumulative rights.
Right to Receive Liquidation Distributions
If there is a liquidation, dissolution or winding up of our company, holders of our common stock would be entitled to share in
our assets remaining
after the payment of liabilities and any preferential rights of any outstanding preferred stock.
No Preemptive or Similar Rights
Holders of our common stock have no preemptive or conversion rights or other subscription rights, and there are no redemption or
sinking fund
provisions applicable to the common stock.
Preferred stock
Our board of directors is authorized to issue shares of preferred stock in one or more series without stockholder approval. Our
board of directors
has the discretion to determine the rights, preferences, privileges and restrictions, including voting rights, dividend rights, conversion rights, redemption
privileges and liquidation preferences, of each series of preferred
stock. There are no restrictions presently on the repurchase or redemption of any shares of
our preferred stock. We have no present plans to issue any shares of preferred stock nor are any shares of our preferred stock presently outstanding.
Anti-Takeover Effects
Provisions of Delaware law and our Certificate of Incorporation and Bylaws could make the acquisition of our company through
tender offer, a
proxy context or other means more difficult and could make the removal of incumbent officers and directors more difficult. We expect these provisions to
discourage coercive takeover practices and inadequate takeover bids and to
encourage persons seeking to acquire control of our company to first negotiate
with our board of directors. We believe that the benefits provided by our ability to negotiate with the proponent of an unfriendly or unsolicited proposal
outweigh
the disadvantages of discouraging these proposals. We believe the negotiation of an unfriendly or unsolicited proposal could result in an
improvement of its terms.
Certificate of Incorporation and Bylaws
Our Certificate of Incorporation and Bylaws provide for the following:
•
Undesignated Preferred Stock. The ability to authorize undesignated
preferred stock makes it possible for our board of directors to issue one or
more series of preferred stock with voting or other rights or preferences that could impede the success of any attempt to change control of our
company. These
and other provisions may have the effect of deferring hostile takeovers or delaying changes in control or management of our
company.
•
Stockholder Meetings. Our Bylaws provide that a special meeting of
stockholders may be called only by resolution adopted by the board of
directors.
•
Requirements for Advance Notification of Stockholder Nominations and
Proposals. Our Bylaws establish advance notice procedures with respect
to stockholder proposals and the nomination of candidates for election as directors, other than nominations made by or at the direction of the board
of
directors or a committee of the board of directors.
•
Board Classification. Our board of directors is divided into three
classes. The directors in each class will serve for a three-year term, one class
being elected each year by our stockholders. This system of electing and removing directors may tend to discourage a third party from making a
tender offer
or otherwise attempting to obtain control of us, because it generally makes it more difficult for stockholders to replace a majority of
the directors.
•
Stockholder Meetings; Limits on Ability of Stockholders to Act by Written
Consent. We have provided in our Certificate of Incorporation that our
stockholders may not act by written consent. This limit on the ability of our stockholders to act by written consent may lengthen the amount of
time
required to take stockholder actions. As a result, a holder controlling a majority of our capital stock would not be able to amend our Bylaws
or remove directors without holding a meeting of our stockholders called in accordance with
our Bylaws.
•
Amendment of Bylaws. Any amendment of our Bylaws requires approval by
holders of at least two-thirds of our outstanding capital stock entitled
to vote generally in the election of directors.
Delaware Anti-Takeover Statute
We are subject to Section 203 of the Delaware General Corporation Law, an anti-takeover law. In general, Section 203 prohibits a
publicly held
Delaware corporation from engaging in a “business combination” with an “interested stockholder” for a period of three years following the date the person
became an interested stockholder, unless:
•
prior to the date of the transaction, the board of directors of the corporation approved either the business combination or the transaction which
resulted in
the stockholder becoming an interested stockholder;
•
the stockholder owned at least 85% of the voting stock of the corporation outstanding at the time the transaction commenced, excluding for
purposes of
determining the number of shares outstanding (a) shares owned by persons who are directors and also officers, and (b) shares owned
by employee stock plans in which employee participants do not have the right to determine confidentially
whether shares held subject to the plan
will be tendered in a tender or exchange offer; or
•
on or subsequent to the date of the transaction, the business combination is approved by the board and authorized at an annual or special meeting
of
stockholders, and not by written consent, by the affirmative vote of at least two-thirds of the outstanding voting stock that is not owned by the
interested stockholder.
Generally, a “business combination” includes a merger, asset or stock sale, or other transaction resulting in a financial
benefit to the interested
stockholder. An “interested stockholder” is a person who, together with affiliates and associates, owns or, within three years prior to the determination of
interested stockholder status, did own 15% or more of a
corporation’s outstanding voting securities. We expect the existence of this provision to have an
anti-takeover effect with respect to transactions our board of directors does not approve in advance. We also anticipate that Section 203 may also
discourage attempts that might result in a premium over the market price for the shares of common stock held by stockholders.
Transfer Agent and Registrar
The transfer agent and registrar for the common stock is Equiniti Trust Company, LLC.
Listing
Our common stock is listed on the NYSE under the symbol “VHC.”
Exhibit 19.1
VIRNETX HOLDING CORPORATION
INSIDER TRADING AND DISCLOSURE COMPLIANCE PROGRAM
(As amended March 30, 2023)
In order to take an active role in the prevention of insider trading and reporting violations by its officers, directors,
employees, consultants, and
other related individuals, and in compliance with federal and state securities laws and regulations that govern trading in securities and to help minimize
legal and reputational risk, VirnetX Holding Corporation
(together with its affiliates and subsidiaries, the “Company”) has adopted the policies and
procedures described in this Insider Trading and Disclosure Compliance Program (the “Compliance Program”).
I.
Adoption of Insider Trading Policy.
The Company has adopted the VirnetX Holding Corporation Insider Trading Policy attached hereto as Attachment A (the “Policy”), which
prohibits trading based on material non-public information regarding the Company (“Inside Information”).
It is your responsibility to understand and follow this Compliance Program and Policy. Insider trading is illegal and a violation of
the Policy. In
addition to your own liability for insider trading, the Company, as well as individual directors, officers and other supervisory personnel, could face liability.
Even the appearance of insider trading can lead to government
investigations or lawsuits that are time-consuming, expensive and can lead to criminal and
civil liability, including damages and fines, imprisonment and bars on serving as an officer or director of a public company, not to mention irreparable
damage to both your and the Company’s reputation.
II.
Designation of Certain Persons.
A.
Section 16 Individuals Must Pre-Clear All Trades. The Board of Directors of the Company (the “Board”) has determined those
persons who are “executive officers” and who are thus, along with the members of the Board
(collectively, the “Section 16 Individuals”),
subject to the reporting and liability provisions of Section 16 of the Securities Exchange Act of 1934, as amended (the “1934 Act”) and
the related rules and regulations. These Section 16 Individuals are subject to both the blackout periods and the pre-clearance procedures
imposed by the Policy. Except
for pre-approved trading plans as discussed in “Exceptions to the General Policies” in the Policy, Section
16 Individuals must pre-clear all trades, even those occurring during an open trading window, in order to ensure compliance with
the
Section 16 reporting requirements for such trades.
B.
Everyone Else is Subject To Blackouts. The
Company has determined that all of its officers, directors, employees, and certain of its
consultants are subject to the black-out periods imposed by the Policy. Under special circumstances, certain persons who are not Section
16
Individuals may come to have access to Inside Information for a period of time. During such period, such persons will also be subject
to the pre-clearance procedures applicable to Section 16 Individuals. Individuals subject to quarterly
blackout periods will be informed by
the Compliance Officer that they are listed on the covered persons list maintained by the Compliance Officer (the “Covered Persons
List”).
III.
Oversight of Policy. The Board, assisted by
the Compliance Officer, shall oversee the implementation and enforcement of the Policy.
IV.
Appointment of Compliance Officer. The
Company has appointed Kendall Larsen (or his designee) as the Company’s Insider Trading
Compliance Officer (the “Compliance Officer”). In order to ensure compliance with the
Policy and in particular Section V.E. of the Policy, the
Compliance Officer is authorized to designate one or more persons to assist in administering the Policy.
V.
Duties of Compliance Officer.
The duties of the Compliance Officer include, but are not limited to, the following:
A.
Pre-clearing all transactions involving the Company’s stock by the Section 16 Individuals, in order to determine compliance with the
Policy, insider trading laws, Section 16 of
the 1934 Act, Rule 144 promulgated under the Securities Act of 1933, and other applicable
securities laws, as adopted and amended from time to time.
B.
Assisting in the preparation and filing of Section 16 reports (Forms 3, 4, and 5) for all Section 16 Individuals, and other applicable reports
(whether filed by the Company or
the individual), including providing memoranda and other appropriate materials to its officers and
directors regarding compliance with Section 16, its related rules, and other applicable disclosure rules.
C.
Serving as the designated recipient at the Company of copies of reports filed with the SEC by Section 16 Individuals under Section 16 of
the 1934 Act and other reports required
by applicable disclosure rules.
D.
Providing upon hire and making available, reminders to all Section 16 Individuals and other individuals subject to disclosure rules
regarding their obligations to report or to
assist the Company in complying with its reporting obligations.
E.
Establishing procedures designed to ensure that the Company will be in a position to comply with any securities law disclosure rules,
either currently in force or that may be
adopted in the future, that apply to the Company and relate to insider transactions involving
Company stock. The procedures may include requiring an insider to notify the Compliance Officer sufficiently in advance of engaging in
a
transaction both to allow pre-clearance of the transaction for purposes of the Policy and to prepare any reports the Company is required
to file, and requiring an insider to make available to the Company all information necessary for the
Company to comply with applicable
disclosure rules.
F.
Performing periodic cross-checks of available materials, which may include Forms 3, 4, and 5, Form 144, officer and director
questionnaires, and reports received from the
Company’s stock administrator and transfer agent, to determine trading activity by officers,
directors, and others who have, or may have, access to Inside Information.
G. Making available the Policy (or a summary of the Policy) to all individuals subject to the Policy, and providing the Policy and other
appropriate materials to new employees and
consultants, and otherwise ensuring that appropriate education of affected individuals is
accomplished.
H. Providing periodic reports on ongoing compliance matters, including any disciplinary actions, regarding the Policy to the Board if
requested, on a quarterly basis, and
otherwise assisting the Board in implementation of the Policy and this Compliance Program.
ATTACHMENT A
TO INSIDER TRADING AND DISCLOSURE COMPLIANCE PROGRAM
VIRNETX HOLDING CORPORATION
INSIDER TRADING POLICY
This Insider Trading Policy (the “Policy”) sets forth the policies
regarding trading in the stock and other securities of VirnetX Holding Corporation
(together with its affiliates and subsidiaries, the “Company”) and, where applicable, the disclosure of
such transactions.
Persons Covered by this Policy
This Policy applies to all directors, officers, employees and certain consultants, contractors and advisors of the Company.
References in this Policy
to “you” (as well as general references to directors, officers, employees, consultants, contractors and advisors of the Company) should also be understood
to include members of your immediate family, persons with whom you
share a household, persons that are your economic dependents and any other
individuals or entities whose transactions in securities you influence, direct or control. Therefore, you
are not only separately responsible for your own
compliance with this Policy, but also for making sure these other individuals and entities comply with this Policy.
This Policy continues to apply even if you leave the Company or are otherwise no longer affiliated with or providing services to the
Company, for
as long as you remain in possession of material nonpublic information. In addition, if you are subject to a trading blackout under this Policy at the time you
leave the Company, you must abide by the applicable trading restrictions
until at least the end of the relevant blackout period.
Types of Transactions Covered by this Policy
Except for pre-approved trading plans as discussed in “Exceptions to the General Policies,” this Policy applies to all transactions
involving the
securities of the Company or the securities of other companies as to which you possess material nonpublic information obtained in connection with your
service with the Company. This Policy therefore applies to:
1. any purchase, sale, loan or other transfer or disposition of any equity securities (including common stock, options, restricted stock units,
warrants and preferred stock) and debt securities (including debentures, bonds and notes) of the
Company and such other companies, whether
direct or indirect (including transactions made on your behalf by money managers), and any offer to engage in the foregoing transactions;
2. any disposition in the form of a gift of any securities of the Company;
3. any distribution
to holders of interests in an entity if the entity is subject to this Policy; and
4. any other
arrangement that generates gains or losses from or based on changes in the prices of such securities including derivative
securities (for example, exchange‑traded put or call options, swaps, caps and collars), hedging, pledging or margin
transactions, short sales and
certain arrangements regarding participation in benefit plans, and any offer to engage in the foregoing transactions.
There are no exceptions from insider trading laws or this Policy based on the size of the transaction or the type of consideration received.
General Statement
Nonpublic information relating to the Company or its business is the property of the Company. The Company prohibits the unauthorized
disclosure of any such nonpublic information acquired in the work-place or otherwise as a result of an individual’s employment or other relationship with
the Company, as well as the misuse of any material nonpublic information about the Company or
its business in securities trading.
Insider Trading Compliance Officer
The Company has designated Kendall Larsen (or his designee) as its current Insider Trading Compliance Officer (the “Compliance Officer”).
Please direct your questions as to any of the matters discussed in this Policy to the Compliance Officer.
General Policies
The following are the general rules of the Policy that apply to all Company officers, employees, directors, and certain consultants,
contractors and
advisors except as discussed in “Exceptions to the General Policies.” It is very important that you understand and follow these rules. If you violate them,
you may be subject to disciplinary action by the Company (including
termination of your employment for cause). You could also be in violation of
applicable securities laws (and subject to civil and criminal penalties, including fines and imprisonment). Note that it is your individual responsibility to
comply with
the laws against insider trading. This Policy is intended to assist you in complying with these laws, but you must always exercise appropriate
judgment in connection with any trade in the Company’s stock, including consulting with your legal and
financial advisors as needed. We advise you to
seek assistance if you have any questions.
The terms “material information” and “nonpublic information” are defined in “Definitions used in this Policy.”
Officers, directors, and other personnel designated by the Company from time to time are subject to certain additional policies and
restrictions as
indicated in this Policy. The terms “blackout period” and “trading window” are defined in the Additional Policies section.
1.
Don’t trade while in possession of material nonpublic information. From time to time you may come into possession of material nonpublic
information as a result of your service or relationship with the Company. You may not buy, sell, trade or otherwise transact in any stock of the
Company or other securities involving the Company’s stock at any time
while you possess material nonpublic information concerning the
Company (whether during a “blackout period,” if applicable, or at any other time). It is not
an excuse that you did not “use” the information in
your transaction. You must wait to trade until newly released material information has been public for at least two full
trading days. The term
“trading day” means a day on which national stock exchanges are open for trading. A “full” trading day has elapsed when, after the public
disclosure, trading in the relevant security has opened and then
closed.
Similarly, do not trade in the stock of the Company’s customers, vendors, suppliers, other business partners, or competitors while
you possess
material nonpublic information concerning the foregoing parties and the Company that was obtained through your service with the Company or in
the course of your relationship with the Company. For example, you may be involved in a
proposed transaction involving a prospective business
relationship or transaction with another company. If information about that transaction constitutes material nonpublic information for that other
company, you would be prohibited from engaging
in transactions involving the securities of that other company (as well as transactions involving
Company securities, if that information is material to the Company). It is important to note that “materiality” is different for different companies.
Information that is not material to the Company may be material to another company.
2.
Don’t trade during blackout periods. The
Company prohibits all officers, directors, employees, and certain other individuals designated by the
Company from trading during black-out periods (whether regularly scheduled blackout periods, or special blackout periods implemented from
time to time). It is your responsibility to know when the Company’s regularly
quarterly blackout periods begin and end. If you are informed that
the Company has implemented a special blackout period, you may not disclose the fact that
trading has been suspended to anyone, including other
Company employees (who may themselves not be subject to the blackout), family members (other than those subject to this Policy who would be
prohibited from trading because you are),
friends, or brokers. You should treat the imposition of a special blackout period as material nonpublic
information. Please see the “Blackout Period” under “Definitions used in this Policy” for more information regarding special blackout
periods.
Remember to cancel any “limit” orders or other pending trading orders you have in place during a blackout period (unless the orders
were made
pursuant to an approved Rule 10b5-1 trading program).
3.
Pre-clear trades involving Company stock. If
you are unsure about whether information you possess would qualify as material nonpublic
information and whether you therefore should refrain from trading in the Company’s stock, you should pre-clear any transactions involving
Company
stock that you intend to engage in with the Compliance Officer. If the Compliance Officer is seeking to pre-clear a transaction, he or she
should pre-clear the transaction with the Chief Financial Officer and/or the chair of the Audit
Committee of the Board.
All executive officers, directors, and certain other officers, employees and consultants designated by the Company, must refrain from trading in
the Company’s stock, even during an open trading window, unless they
first comply with the Company’s pre-clearance procedures. These pre-
clearance procedures are intended to decrease insider trading risks associated with transactions by individuals with regular or special access to
material nonpublic information.
All trades must be executed within two business days of any pre-clearance. In pre-clearing a trade, and in addition to reviewing the
substance of
the proposed trade, the Compliance Officer may consider whether it will be possible for both the individual and the Company to comply with any
applicable public reporting requirements. You should contact the Compliance Officer at least 3 days before you intend to engage in any
transaction to allow enough time for pre-clearance procedures.
You are required to pre-clear all transactions involving Company stock if you are a Section 16 Individual or if you are not Section
16 Individual
but come to have access to Inside Information for a period of time. If you are or become subject to the Company’s pre--clearance procedures, you
will be notified by the Compliance Officer. If you are notified that you are subject to
the Company’s pre-clearance procedures, you may not
engage in any transaction involving Company’s securities until the special blackout period has ended. Please see the “Blackout Period” under
“Definitions used in this Policy” for more information
regarding special blackout periods.
Even after pre-clearance, a person may not trade the Company’s securities if they become subject to a blackout period or aware of
material
nonpublic information prior to the trade being executed.
4.
Don’t give nonpublic information to others.
Don’t give nonpublic information concerning the Company (commonly referred to as “tipping”) to
any other person, including other directors, officers, employees, consultants, contractors or advisors whose roles do not require them to have
the
information, and including friends, family members, business associates, investors or consulting firms, without prior written authorization from
the Compliance Officer, and don’t make recommendations or express opinions about trading
in the Company’s stock under any circumstances,
regardless of whether you derive any profit or personal benefit from doing so.
5.
Don’t discuss Company information with the press, analysts, or other persons
outside of the Company. Announcements of Company
information is regulated by Company policy (separate from this Policy) and may only be made by persons specifically authorized by the Company
to make
such announcements. Laws and regulations govern the nature and timing of such announcements to outsiders or the public and
unauthorized disclosure could result in substantial liability for you, the Company, and its management. If you
receive inquiries from any third
party about Company information, you should notify the Compliance Officer immediately.
6.
Don’t participate in Internet message boards, blogs, or social media platforms in
which the Company, its business, or its stock is
discussed.
7.
Reporting violations. If you believe someone
is violating this Policy or otherwise using material nonpublic information that they learned through
their position at the Company to trade securities, you should report it to the Compliance Officer, or if the Compliance Officer is
implicated in your
report, then you should report it to the Company’s Chief Financial Officer. If your situation requires that your identity be kept secret, your
anonymity will be preserved to the greatest extent reasonably possible.
8.
Don’t engage in speculative transactions involving the Company’s stock. Don’t engage in any transactions that suggest you are speculating in
the Company’s stock (that is, that you are trying to profit in short-term movements, either increases or decreases, in the stock price).
9.
Don’t engage in hedging or derivative transactions involving Company stock. You may not, directly or indirectly, engage in hedging or
derivative transactions, including (a) trade in publicly-traded options, such as puts and calls, and other derivative securities with respect to the
Company’s securities (other than stock options, restricted stock units and other
compensatory awards issued to you by the Company) or (b)
purchase financial instruments (including prepaid variable forward contracts, equity swaps, collars and exchange funds), or otherwise engage in
transactions, that hedge or offset,
or are designed to hedge or offset, any decrease in the market value of Company equity securities either (i)
granted to you by the Company as part of your compensation or (ii) held, directly or indirectly, by you.
10. Pledging Transactions. You may not pledge
the Company's securities as collateral for any loan or as part of any other pledging transaction.
11. Margin Accounts. You may not hold the
Company's common stock in margin accounts.
12. Don’t engage in short sales involving Company stock. You may not engage in short sales (meaning the sale of a security that must be borrowed
to make delivery) or “selling short against the box” meaning the sale of a security with a delayed delivery) with respect to Company securities.
Short sales may signal to the market possible bad news about the Company or a general lack of confidence in the Company’s prospects, and an
expectation that the value of the Company’s securities will decline.
13. Observe the Section 16 liability rules applicable to officers, directors, and 10%
stockholders. Certain officers of the Company, directors, and
10% stockholders must also conduct their transactions in Company stock in a manner designed to comply with the “short-swing” trading rules
of
Section 16(b) of the 1934 Act. The practical effect of these provisions is that officers and directors who purchase and sell, or sell and purchase,
Company securities within a six-month period must disgorge all profits to the Company
whether or not they had any nonpublic information at the
time of the transactions. Certain exemptions to the “short-swing” trading rules may apply, such as the exercise of stock options granted by an
independent compensation committee. However, due to the complexity of these provisions and the potential for Section 16 liability, please
direct any questions you have regarding such transactions to the Compliance
Officer before engaging in any transactions involving
Company stock.
14. Comply with public securities law reporting requirements. Federal securities laws require that officers, directors, large stockholders, and
affiliates of the Company publicly report transactions in Company stock (on Forms 3, 4, and 5 under Section 16, Form 144 with
respect to
restricted and control securities, and, in certain cases, Schedules 13D and 13G). The Company takes these reporting requirements very seriously
and requires that all persons subject to public reporting of Company stock
transactions adhere to the rules applicable to these forms. Where issues
arise as to whether reporting is technically required (particularly issues that turn on facts specific to the transaction and the individuals involved, or
on
unsettled issues of law), the Company encourages its insiders to choose to comply with the spirit and not the letter of the law — in other words,
to err on the side of fully and promptly reporting the transaction even if not technically
required to do so.
In addition, where the Company is required to report transactions by individuals, the Company expects full and timely cooperation by
the
individual.
15. Make sure your family members do not violate this Policy. Please remember that this Policy does apply to members of your immediate family,
persons with whom you share a household, your economic dependents and any other individuals or entities whose transactions in
securities you
influence, direct or control. Therefore, you are responsible for making sure that such persons and entities do not engage in any transaction
that would
violate this Policy, in addition to separately ensuring you do not as well.
Exceptions to the General Policies
The following limited exceptions to the general insider trading policies apply:
1.
Purchases Under Employee Stock Option and Stock Purchase Plans. The exercise (without a sale or any other associated market activity) of
stock options under the Company’s stock option plans and the
purchase of shares under the Company’s employee stock purchase plan, if any, are
exempt from this Policy, since the other party to the transaction is the Company itself and the price does not vary with the market but is fixed by
the terms
of the option agreement or the plan.
Note, however, that any subsequent sale of shares acquired
under a Company stock plan is subject to this Policy.
2.
Compensation Awards from the Company. The
receipt and vesting of stock options, restricted stock units, restricted stock or other equity
compensation awards from the Company.
3.
Transactions Related to Tax Withholding Requirements. Net share withholding with respect to equity awards, as applicable, is exempt from
this Policy where shares are withheld by the Company in order to satisfy tax withholding requirements, either as required by
either the Board (or a
committee thereof) or the award agreement governing such equity award, or as you elect, if permitted by the Company, so long as the election is
irrevocable and made in writing at a time when a trading blackout is
not in place and you are not in possession of material nonpublic information.
Sell to cover transactions are exempt from this Policy where shares are sold on your behalf upon vesting of equity awards and sold
in order to
satisfy tax withholding requirements, as required by either the Board (or a committee thereof) or the award agreement governing such equity
award or as you elect, if permitted by the Company, so long as the election is irrevocable and
made in writing at a time when a trading blackout is
not in place and you are not in possession of material nonpublic information; however, this exception does not apply to any other market sale for
the purposes of paying required withholding.
4.
10b5-1 Trading Plans. The Company may
permit its directors, officers and employees to adopt written 10b5-1 trading plans in order to mitigate
the risk of trading on material nonpublic information. These plans allow for individuals to enter into a prearranged trading plan as
long as the plan
is not established or modified during a blackout period or when the individual is otherwise in possession of material nonpublic information. To be
approved by the Company and qualify for the exception to this Policy, any
10b5 1 trading plan adopted by a director, officer or employee must be
submitted to the Compliance Officer for approval and comply with the requirements set forth in the Company’s policy entitled “Requirements for
Trading Plans.” If the
Compliance Officer is the requester, then the Company’s Chief Financial Officer must approve the written 10b5-1 trading
plan.
5.
Stock Split or Stock Dividend. Changes in
the number of the Company’s securities you hold due to a stock split or a stock dividend that applies
equally to all securities of a class or similar transactions are exempt from this Policy.
6.
Transfers by Will or the Laws of Descent and Distribution, or Change in Form of
Ownership. The trading restrictions under this Policy do
not apply to transfers by will or the laws of descent and distribution, provided that prior written notice is provided to the Compliance
Officer,
distributions or transfers for tax planning or estate planning purposes that effect only a change in the form of beneficial interest and in which your
beneficial ownership and pecuniary interest in the transferred Company
securities does not change.
7.
Other Exceptions. Any other exception from
this Policy must be approved by the Compliance Officer, in consultation with the Board or an
independent committee of the Board. Please be aware that even if a transaction falls within one of the exceptions described above, you will need
to
separately assess whether the transaction complies with applicable law. If you have any questions, please consult with the Compliance Officer.
Application of Policy after Company Service Terminates
If your service to the Company terminates at a time when you have or think you may have material nonpublic information about the
Company or
its business partners, the prohibition on trading on such information continues until such information is absorbed by the market following public
announcement of it by the Company or another authorized party, or until such time as the
information is no longer material. If you have questions as to
whether you possess material nonpublic information after your services to the Company have terminated, you should direct questions to the Compliance
Officer.
Potential Criminal and Civil Liability and/or Disciplinary Action
The penalties for insider trading can include disgorging profit made or loss avoided by trading, paying civil fines and/or criminal
penalties, and/or
serving a jail term. You can also be liable for improper transactions by any person to whom you have disclosed nonpublic information or made
recommendations on the basis of such information as to trading in the Company’s
securities (“tippee liability”). The Securities and Exchange Commission
(the “SEC”) has imposed large penalties even when the disclosing person did not profit from the trading. In
addition, cases involving trading through
foreign accounts, trading by family members and friends, and trading involving only a small number of shares have been successfully prosecuted. To this
regard, the SEC, the stock exchanges, and the
Financial Industry Regulatory Authority use sophisticated electronic surveillance techniques to uncover
insider trading. Employees of the Company who violate this Policy shall also be subject to disciplinary action by the Company, which may include
ineligibility for future participation in the Company’s equity incentive plans or termination of employment for cause.
In addition, the Company, as well as individual directors, officers, and other supervisory personnel, may be subject to liability as
“controlling
persons” for failure to take appropriate steps to prevent insider trading by those under their supervision, influence, or control.
Definitions used in this Policy
1.
Material Information. It is not possible to
define all categories of “material” information, but information should be regarded as material if a
reasonable investor would be substantially likely to consider it important in deciding whether to buy, hold or sell securities of the
Company or
view as significantly altering the total mix of information available in the marketplace about the Company as an issuer of the securities. In general,
any information that could reasonably be expected to affect the market price
of a security is likely to be material. Either positive or negative
information may be material.
While it may be difficult to determine whether particular information is material or not, there are some categories of
information that are
particularly sensitive and that should almost always be considered material. Examples include:
a.
financial results, key metrics, financial condition, earnings pre-announcements, guidance, projections or forecasts, particularly if
inconsistent with the Company’s guidance or
the expectations of the investment community;
b.
restatements of financial results, or material impairments, write-offs or restructurings;
c.
changes in independent auditors, or notification that the Company may no longer rely on an audit report;
d.
business plans, budgets customer lists and customer target lists;
e.
creation of significant financial obligations, or any significant default under or acceleration of any financial obligation;
f.
impending bankruptcy or financial liquidity problems;
g.
significant developments involving business relationships, including actual or pending execution, modification or termination of significant
agreements or orders with
customers, suppliers, distributors, manufacturers or other business partners;
h.
significant information relating to the operation of product or service, such as new products or services, major modifications or performance
issues, defects or recalls,
significant pricing changes or other announcements of a significant nature;
i.
significant developments in research and development or relating to intellectual property;
j.
significant legal or regulatory developments, whether positive or negative, actual or threatened, including litigation or resolving litigation;
k.
major events involving the Company’s securities, including calls of securities for redemption, adoption of stock repurchase programs,
option repricings, stock splits, changes
in dividend policies, public or private securities offerings, modification to the rights of security
holders or notice of delisting;
l.
significant corporate events, such as a pending or proposed merger, joint venture or tender offer, a significant investment, the acquisition or
disposition of a significant
business or asset or a change in control of the Company;
m. major personnel changes, such as changes in senior management or employee layoffs;
n.
data breaches or other cybersecurity events;
o.
updates regarding any prior material disclosure that has materially changed; and
p.
the existence of a special blackout period.
If you have any questions regarding whether information you possess is material or not, you should contact the Compliance
Officer. In general, it
is advisable to resolve any close questions as to the materiality of any information by assuming that the information is material.
2.
Nonpublic Information. Nonpublic information
is that which is not generally known or made available to the public. Information about the
Company is considered to be nonpublic even if it is known within the Company but is not yet broadly disclosed to the general public for a
sufficient period to be reflected in the price of the security. The Company generally discloses information to the public either via press release or
in the regular quarterly and annual reports that the Company is required to file with
the SEC. At least two full trading days must pass after the
dissemination of information before such information is considered public. However, depending upon the form of the announcement and the
nature of the information, it is possible
that information may not be fully absorbed by the marketplace until a later time. Any questions as to
whether information is nonpublic should be directed to the Compliance Officer.
If you have any questions regarding whether any information you possess is nonpublic or has been publicly disclosed, you
should contact the
Compliance Officer.
3.
Blackout Period. During the end of each
fiscal quarter and until public disclosure of the financial results for that quarter, persons subject to this
Policy may possess material nonpublic information about the expected financial results for the quarter. Even if you don’t
actually possess any such
information, any trades by you during that period may give the appearance that you are trading on inside information. Accordingly, the Company
has designated a regularly scheduled quarterly “blackout period” on
trading beginning with the twenty-fifth day of the last month of each quarter
and ending at the start of the third full trading day after disclosure of the quarter’s financial results.
In addition to the regularly-scheduled blackout periods, the
Company may from time to time designate other periods of time as a special blackout
period (for example, if there is some development with the Company’s business that merits a suspension of trading by Company personnel). The
Company may not
widely announce the commencement of a special black-out period, as that information is itself sensitive information. You also
may not disclose to anyone else that the Company has imposed a special blackout period. To the extent applicable to you,
special blackout periods
also cover your immediate family members, persons with whom you share a household, persons who are your economic
dependents, and any
entity whose transactions in securities you influence, direct or control. For this reason, it is extremely important that you adhere to the pre-
clearance procedures outlined in this Policy to ensure that you do not trade
during any special blackout period. Please see Exhibit A for a checklist
regarding the Company’s pre-clearance procedures.
4.
Trading Window. The period outside a
blackout period is referred to as the “trading window.” Trading windows that occur between the regularly-
scheduled quarterly blackout periods can be “closed” by the imposition of a special blackout period if there are developments
meriting a
suspension of trading by Company personnel.
No Safe Harbor
This Policy is meant to help you comply with securities laws, but they are not a safe harbor. Regardless of any blackout period or
10b5-1 trading
plan, it is still illegal to trade securities on the basis of material nonpublic information. The personal consequences to you for insider trading are serious, so
please use good judgment. You may, from time to time, have to forego a
trade even if you planned to make it before learning material nonpublic
information and even if you believe you may suffer an economic loss or forego profit by waiting.
Amendments
The Company is committed to continuously reviewing and updating its policies, and therefore reserves the right to amend this Policy
at any time,
for any reason, subject to applicable law.
Questions
Please direct questions you have regarding this Policy and any transactions in Company securities to the Compliance Officer.
INSIDER TRADING POLICY
ACKNOWLEDGMENT
I certify that I have read, understand and agree to comply with the VirnetX Holding Corporation Insider Trading Policy (the “Policy”). I agree that
I will be subject to sanctions imposed by the Company, in its discretion, for violation of the Policy, and that the Company may give stop-transfer and other
instructions
to the Company’s transfer agent against the transfer of Company securities as necessary to ensure compliance with the Policy. I acknowledge
that one of the sanctions to which I may be subject as a result of violating the Policy is termination of my
employment including termination for cause.
Date
Signature
Printed Name
EXHIBIT A
PRE‑CLEARANCE CHECKLIST
Person proposing to trade:
Proposed trade (type and amount):
Manner of trade:
Proposed trade date:
Affiliate of the Company:
☐ Yes ☐ No
☐
No blackout period. The proposed
trade will not be made during a quarterly or special blackout period.
☐
No prohibition under Insider Trading Policy. The person confirmed that the proposed transaction is not prohibited under the Insider Trading
Policy.
☐
Section 16 compliance.* The person
confirmed that the proposed trade will not give rise to any potential liability under Section 16 as a result of
matched past (or intended future) transactions.
☐
Form 4 filing.* A Form 4 has been or
will be completed and will be timely filed with the SEC, if applicable.
☐
Rule 144 compliance (Response required only from affiliates of the Company).
☐
The “current public information” requirement has been met (i.e., all 10‑Ks, 10‑Qs and other relevant
reports during the last 12 months have
been filed);
☐
The shares that the person proposes to trade are not restricted or, if restricted, the applicable holding period has been met;
☐
Volume limitations (greater of 1% of outstanding securities of the same class or the average weekly trading volume during the last four
weeks) are not exceeded, and the
person is not part of an aggregated group;
☐
The manner of sale requirements will be met (a “brokers’ transaction” or directly with a market maker or a “riskless principal transaction”);
and
☐
A Form 144, if applicable, has been completed and will be timely filed with the SEC.
☐
Rule 10b‑5 concerns. The person has
been reminded that trading is prohibited when in possession of any material nonpublic information regarding
the Company that has not been adequately disclosed to the public. The individual has discussed with the Compliance Officer any
information known
to the individual or the Compliance Officer that the individual believes may be material.
* Applies if the individual is a director or an
officer subject to Section 16 of the Securities Exchange Act of 1934.
Date:
(Signature of Compliance Officer)
(Print name of Compliance Officer)
I am not aware of material nonpublic information regarding the Company. I am not trading on the basis of any material nonpublic information. The
transaction is in
accordance with the Insider Trading Policy and applicable law. I intend to comply with any applicable reporting and disclosure
requirements on a timely basis. I understand that I must execute the trade by the end of the second trading day
after the date on which the trade is cleared
by the Compliance Officer. I understand that by signing below, I am not obligated to execute the trade.
(Signature of person proposing trade)
EXHIBIT 23.1
CONSENT OF INDEPENDENT REGISTERED PUBLIC ACCOUNTING FIRM
We hereby consent to the incorporation by reference in the Registration Statements Form S-8 (No. 333-149883, 333-196064, 333-218467, 333-258131,
333-272677, and 333-281554) of our report dated March 17, 2025, relating to the consolidated financial statements of VirnetX Holding Corporation (the
“Company”), appearing in this Annual Report on Form 10-K of the Company for the year ended
December 31, 2024.
/s/ Farber Hass Hurley LLP
Chatsworth, California
March 17, 2025
EXHIBIT 31.1
CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER PURSUANT TO SECURITIES EXCHANGE ACT OF 1934 RULES 13a-14(a)
AND 15d-14(a), AS ADOPTED PURSUANT TO SECTION 302 OF THE SARBANES-OXLEY
ACT OF 2002
I, Kendall Larsen, certify that:
1.
I have reviewed this Annual Report on Form 10-K of VirnetX Holding Corporation for the fiscal year ended December 31, 2024;
2.
Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the
statements made, in light of the circumstances under which
such statements were made, not misleading with respect to the period covered by this
report;
3.
Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the
financial condition, results of operations and cash flows
of the registrant as of, and for, the periods presented in this report;
4.
The registrant’s other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in
Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal
control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-
15(f)) for the registrant and have:
(a)
Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to
ensure that material information relating to the registrant,
including its consolidated subsidiaries, is made known to us by others within those
entities, particularly during the period in which this report is being prepared;
(b)
Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our
supervision, to provide reasonable assurance regarding the
reliability of financial reporting and the preparation of financial statements for external
purposes in accordance with generally accepted accounting principles;
(c)
Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the
effectiveness of the disclosure controls and procedures, as of the end
of the period covered by this report based on such evaluation; and
(d)
Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent
fiscal quarter (the registrant’s fourth fiscal quarter in
the case of an annual report) that has materially affected, or is reasonably likely to materially
affect, the registrant’s internal control over financial reporting; and
5.
The registrant’s other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the
registrant’s auditors and the audit committee of the
registrant’s board of directors (or persons performing the equivalent functions):
(a)
All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably
likely to adversely affect the registrant’s ability to record,
process, summarize and report financial information; and
(b)
Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control
over financial reporting.
/s/ Kendall Larsen
Kendall Larsen
President and Chief Executive Officer
(Principal Executive Officer)
Date: March 17, 2025
EXHIBIT 31.2
CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER PURSUANT TO SECURITIES EXCHANGE ACT OF 1934 RULES 13a-14(a) AND
15d-14(a), AS ADOPTED PURSUANT TO SECTION 302 OF THE SARBANES-OXLEY
ACT OF 2002
I, Katherine Allanson, certify that:
1.
I have reviewed this Annual Report on Form 10-K of VirnetX Holding Corporation for the fiscal year ended December 31, 2024;
2.
Based on my knowledge, this report does not contain any untrue statement of a material fact or omit to state a material fact necessary to make the
statements made, in light of the circumstances under which
such statements were made, not misleading with respect to the period covered by this
report;
3.
Based on my knowledge, the financial statements, and other financial information included in this report, fairly present in all material respects the
financial condition, results of operations and cash flows
of the registrant as of, and for, the periods presented in this report;
4.
The registrant’s other certifying officer and I are responsible for establishing and maintaining disclosure controls and procedures (as defined in
Exchange Act Rules 13a-15(e) and 15d-15(e)) and internal
control over financial reporting (as defined in Exchange Act Rules 13a-15(f) and 15d-
15(f)) for the registrant and have:
(a)
Designed such disclosure controls and procedures, or caused such disclosure controls and procedures to be designed under our supervision, to
ensure that material information relating to the registrant,
including its consolidated subsidiaries, is made known to us by others within those
entities, particularly during the period in which this report is being prepared;
(b)
Designed such internal control over financial reporting, or caused such internal control over financial reporting to be designed under our
supervision, to provide reasonable assurance regarding the
reliability of financial reporting and the preparation of financial statements for external
purposes in accordance with generally accepted accounting principles;
(c)
Evaluated the effectiveness of the registrant’s disclosure controls and procedures and presented in this report our conclusions about the
effectiveness of the disclosure controls and procedures, as of the end
of the period covered by this report based on such evaluation; and
(d)
Disclosed in this report any change in the registrant’s internal control over financial reporting that occurred during the registrant’s most recent
fiscal quarter (the registrant’s fourth fiscal quarter in
the case of an annual report) that has materially affected, or is reasonably likely to materially
affect, the registrant’s internal control over financial reporting; and
5.
The registrant’s other certifying officer and I have disclosed, based on our most recent evaluation of internal control over financial reporting, to the
registrant’s auditors and the audit committee of the
registrant’s board of directors (or persons performing the equivalent functions):
(a)
All significant deficiencies and material weaknesses in the design or operation of internal control over financial reporting which are reasonably
likely to adversely affect the registrant’s ability to record,
process, summarize and report financial information; and
(b)
Any fraud, whether or not material, that involves management or other employees who have a significant role in the registrant’s internal control
over financial reporting.
/s/ Katherine Allanson
Katherine Allanson
Chief Financial Officer
(Principal Financial Officer and Principal Accounting Officer)
Date: March 17, 2025
EXHIBIT 32.1
CERTIFICATION OF PRINCIPAL EXECUTIVE OFFICER PURSUANT TO 18 U.S.C. SECTION 1350, AS ADOPTED PURSUANT TO
SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
In connection with the Annual Report of VirnetX Holding Corporation (the “Company”) on Form 10-K for the fiscal year ended December 31, 2024 as
filed with the Securities and Exchange Commission
on March 17, 2025 (the “Report”), I, Kendall Larsen, President and Chief Executive Officer of the
Company, certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that, to my knowledge:
(1)
The Report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and
(2)
The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the
Company.
/s/ Kendall Larsen
Kendall Larsen
President and Chief Executive Officer
(Principal Executive Officer)
Date: March 17, 2025
EXHIBIT 32.2
CERTIFICATION OF PRINCIPAL FINANCIAL OFFICER PURSUANT TO 18 U.S.C. SECTION 1350, AS ADOPTED PURSUANT TO
SECTION 906 OF THE SARBANES-OXLEY ACT OF 2002
In connection with the Annual Report of VirnetX Holding Corporation (the “Company”) on Form 10-K for the fiscal year ended December 31, 2024 as
filed with the Securities and Exchange Commission
on March 17, 2025 (the “Report”), I, Katherine Allanson, Chief Financial Officer of the Company,
certify, pursuant to 18 U.S.C. Section 1350, as adopted pursuant to Section 906 of the Sarbanes-Oxley Act of 2002, that, to my knowledge:
(1)
The Report fully complies with the requirements of Section 13(a) or 15(d) of the Securities Exchange Act of 1934; and
(2)
The information contained in the Report fairly presents, in all material respects, the financial condition and results of operations of the
Company.
/s/ Katherine Allanson
Katherine Allanson
Chief Financial Officer
(Principal Financial Officer and Principal Accounting Officer)
Date: March 17, 2025