UNITED STATES
SECURITIES AND EXCHANGE COMMISSION
Washington, D.C. 20549
FORM
(Mark One)
|
|
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the fiscal year ended
or
|
|
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 |
For the transition period from to
Commission File Number:
(Exact name of registrant as specified in its charter)
|
|
|
|
(State or other jurisdiction of incorporation or organization) |
(I.R.S. Employer |
|
|
|
|
|
|
|
(Address of principal executive offices) |
(Zip Code) |
Registrant’s telephone number, including area code: (
Securities registered pursuant to Section 12(b) of the Securities Act:
|
Title of each class |
|
Trading symbol(s) |
|
Name of each exchange on which registered |
|
|
|
|
|
|
The |
Securities registered pursuant to Section 12(g) of the Act: None
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
Indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Act. Yes ☐
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
Indicate by check mark whether the registrant has submitted electronically every Interactive Data File required to be submitted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit such files).
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer, a non-accelerated filer, a smaller reporting company, or an emerging growth company. See the definitions of “large accelerated filer,” “accelerated filer,” “smaller reporting company,” and “emerging growth company” in Rule 12b-2 of the Exchange Act.
|
|
|
☒ |
|
Accelerated filer |
|
☐ |
|
Non-accelerated filer |
|
☐ |
|
Small reporting company |
|
|
|
|
|
|
|
Emerging growth company |
|
|
If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act. ☐
Indicate by check mark whether the registrant has filed a report on and attestation to its management’s assessment of the effectiveness of its internal control over financial reporting under Section 404(b) of the Sarbanes-Oxley Act (15 U.S.C. 7262(b)) by the registered public accounting firm that prepared or issued its audit report.
Indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Act). Yes
The aggregate market value of the voting and non-voting common equity held by non-affiliates of the registrant, based on the closing price of the registrant’s common stock on June 30, 2020 (the last business day of the registrant’s most recently completed second fiscal quarter), as reported on the Nasdaq Global Market on such date, was approximately $
The number of shares of registrant’s Common Stock outstanding as of February 23, 2021 was
DOCUMENTS INCORPORATED BY REFERENCE
Portions of the registrant’s Definitive Proxy Statement for its 2021 Annual Meeting of Stockholders to be filed with the Securities and Exchange Commission pursuant to Regulation 14A not later than 120 days after the end of the fiscal year covered by this Annual Report on Form 10-K are incorporated by reference into Part III of this Annual Report on Form 10-K.
EVERBRIDGE, INC. AND SUBSIDIARIES
FORM 10-K
TABLE OF CONTENTS
|
|
|
|
|
Page |
|
|
|
|
|
|
|
Item 1. |
|
|
5 |
|
|
Item 1A. |
|
|
23 |
|
|
Item 1B. |
|
|
55 |
|
|
Item 2. |
|
|
55 |
|
|
Item 3. |
|
|
55 |
|
|
Item 4. |
|
|
55 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Item 5. |
|
|
56 |
|
|
Item 6. |
|
|
59 |
|
|
Item 7. |
|
Management’s Discussion and Analysis of Financial Condition and Results of Operations |
|
61 |
|
Item 7A. |
|
|
82 |
|
|
Item 8. |
|
|
83 |
|
|
Item 9. |
|
Changes in and Disagreements With Accountants on Accounting and Financial Disclosure |
|
85 |
|
Item 9A. |
|
|
85 |
|
|
Item 9B. |
|
|
86 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Item 10. |
|
|
87 |
|
|
Item 11. |
|
|
87 |
|
|
Item 12. |
|
Security Ownership of Certain Beneficial Owners and Management and Related Stockholder Matters |
|
87 |
|
Item 13. |
|
Certain Relationships and Related Transactions, and Director Independence |
|
87 |
|
Item 14. |
|
|
87 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Item 15. |
|
|
88 |
|
|
Item 16. |
|
|
91 |
|
|
|
|
|
92 |
2
PART I
Forward-Looking Statements
This Annual Report on Form 10-K, including the sections entitled “Business,” “Risk Factors,” and “Management’s Discussion and Analysis of Financial Condition and Results of Operations,” contains forward-looking statements that involve risks and uncertainties, as well as assumptions that, if they never materialize or prove incorrect, could cause our results to differ materially from those expressed or implied by such forward-looking statements. Statements that are not purely historical are forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. Forward-looking statements are often identified by the use of words such as, but not limited to, “anticipate,” “believe,” “can,” “continue,” “could,” “estimate,” “expect,” “intend,” “may,” “plan,” “project,” “seek,” “should,” “target,” “will,” “would” or the negative or plural of these words and similar expressions or variations intended to identify forward-looking statements. These forward-looking statements include, but are not limited to, statements concerning the following:
|
|
• |
our ability to continue to add new customers, maintain existing customers and sell new products and professional services to new and existing customers; |
|
|
• |
uncertain impacts that the COVID-19 pandemic may have on our business, strategy, operating results, financial condition and cash flows, as well as changes in overall level of software spending and volatility in the global economy; |
|
|
• |
the effects of increased competition as well as innovations by new and existing competitors in our market; |
|
|
• |
our ability to adapt to technological change and effectively enhance, innovate and scale our solutions; |
|
|
• |
our ability to effectively manage or sustain our growth and to attain and sustain profitability; |
|
|
• |
our ability to diversify our sources of revenue; |
|
|
• |
our ability to integrate acquired companies, to complete potential acquisitions, and to integrate complementary businesses and technologies; |
|
|
• |
our ability to maintain, or strengthen awareness of our brand; |
|
|
• |
perceived or actual security, integrity, reliability, quality or compatibility problems with our solutions, including related to security breaches in our customers systems, unscheduled downtime or outages; |
|
|
• |
statements regarding future revenue, hiring plans, expenses, capital expenditures, capital requirements and stock performance; |
|
|
• |
our ability to attract and retain qualified employees and key personnel and further expand our overall headcount; |
|
|
• |
our ability to grow, both domestically and internationally; |
|
|
• |
our ability to stay abreast of new or modified laws and regulations that currently apply or become applicable to our business both in the United States and internationally, including laws and regulations related to export compliance; |
|
|
• |
our ability to maintain, protect and enhance our intellectual property; |
|
|
• |
costs associated with defending intellectual property infringement and other claims; and |
|
|
• |
the future trading prices of our common stock and the impact of securities analysts’ reports on these prices. |
These statements represent the beliefs and assumptions of our management based on information currently available to us. Such forward-looking statements are subject to risks, uncertainties and other important factors that could cause actual results and the timing of certain events to differ materially from future results expressed or implied by such forward-looking statements. Factors that could cause or contribute to such differences include, but are not
3
limited to, those identified above, and those discussed in the section titled “Risk Factors” included under Part I, Item 1A. Furthermore, such forward-looking statements speak only as of the date of this report. Except as required by law, we undertake no obligation to update any forward-looking statements to reflect events or circumstances that occur after the date of this report.
4
Item 1. Business.
Unless otherwise stated in this Annual Report, references to "Everbridge," "we," "us," and "our" refer to Everbridge, Inc. and its consolidated subsidiaries.
Overview
Everbridge is a global software company that provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to keep people safe and businesses running. During public safety threats including active shooter situations, terrorist attacks or severe weather conditions, as well as critical business events such as Information Technology (“IT”) outages, cyber-attacks or other incidents such as product recalls or supply-chain interruptions, over 5,600 global customers rely on our Critical Event Management platform to quickly and reliably aggregate and assess threat data, locate people at risk and responders able to assist, automate the execution of pre-defined communications processes through the secure delivery to over 100 different communication devices, and track progress on executing response plans. Our customers use our platform to identify and assess hundreds of different types of threats to their organizations, people, assets or brand. Our solutions enable organizations to deliver intelligent, contextual messages to, and receive verification of delivery from, hundreds of millions of recipients, across multiple communications modalities such as voice, SMS and e-mail, in over 200 countries and territories, in several languages and dialects – all simultaneously. Our Critical Event Management platform is comprised of a comprehensive set of software applications that address the full spectrum of tasks an organization has to perform to manage a critical event, including Mass Notification, Safety Connection, Incident Management, IT Alerting, Visual Command Center, Public Warning, Community Engagement, Risk Center, Crisis Management, Secure Collaboration, and Control Center. As all of our applications leverage our Critical Event Management platform, customers can use a single contacts database, rules engine of algorithms and hierarchies and user interface to accomplish multiple objectives. We believe that our broad suite of integrated, enterprise applications delivered via a single global platform is a significant competitive advantage in the market for Critical Event Management solutions, which we refer to generally as CEM.
In critical situations, the speed at which threats are assessed and information is transmitted and accessed is essential. For example, United States Department of Homeland Security research indicates that the average duration of an active shooter event at a school is approximately 12.5 minutes, while the average police response time to such events is 18 minutes. Accordingly, organizations must be able to aggregate multiple types of threat and incident data and determine whether their people, assets, or suppliers could be impacted, rapidly deliver messages that are tailored to multiple, specific audiences, in precise locations and be assured of delivery. Further, the proliferation of mobile and digital communications has resulted in individuals spending less time in a fixed office location, and this trend makes it more complicated for organizations to protect their employees. These developments have made it imperative that organizations be able to locate travelling or remote workers to determine who might be impacted by a critical event, and that critical communications be delivered via voice, SMS, and email, as well as to social media, outdoor signage and personal computers. During public safety threats and critical business events, the ability to gather, organize and analyze data in real time, and to enable secure, scalable, reliable and automated communications to people can be essential to saving lives, protecting assets and maintaining businesses. Further, the ability to rapidly organize a response by locating available responders and using automation to reduce the time required to initiate action can also result in significant economic savings, as, for example, each minute of unplanned IT downtime costs organizations an average of approximately $8,900, according to the Ponemon Institute.
The following situations reflect examples of how our applications aggregate and assess data and enable improved management of critical events:
|
|
• |
When an active shooter situation or terrorist attack occurs, organizations can quickly identify employees in the affected area, including employees not at their usual business location, in order to confirm that they are safe and provide tailored instructions. For example, shelter-in-place instructions may be provided to people in an impacted building while evacuation instructions are provided to those in an adjacent building. At the same time, first responders and hospitals can use multiple modes of alerting to mobilize resources and call in staff to provide emergency care. |
5
|
|
• |
When a pandemic such as COVID-19 is underway, corporate, government and healthcare organizations can navigate the complexity of operating during the shutdown phases, supplement or complement existing manual contact tracing efforts and prepare to bring back the workforce and reopen society. |
|
|
• |
When a hurricane is imminent, local emergency management departments can alert affected communities with relevant safety and evacuation instructions while companies can put in place emergency plans to notify employees of office closures while coordinating work assignments to maintain the continuity of core operations. |
|
|
• |
When emergency operations are required or supply chain events occur, companies can consolidate separate command centers using one common data set to aggregate and assess data on severe weather, political unrest and other types of threats to their own and suppliers’ operations, thereby reducing costs while gaining efficiencies. |
|
|
• |
When IT systems fail, IT administrators can shorten the time required to alert cross-department responders, use scheduling information to determine availability and quickly assemble appropriate personnel on a conference bridge, thereby reducing the costs incurred from downtime. |
|
|
• |
When a patient is suspected of having a stroke, an on-call specialist can provide a patient assessment via video communications during the ambulance trip and the emergency room can be readied for an immediate stroke treatment, accelerating critical time to treatment. |
|
|
• |
When a cyber incident shuts down an IT network, management can alert employees of the network shutdown via a secure, alternate communication path. |
|
|
• |
When a power line is down, utility workers can utilize pre-configured incident management templates to alert affected customers and responders and provide service updates. |
|
|
• |
When engine readings in critical equipment detect a malfunction, technicians with the appropriate skills can be automatically alerted and quickly deployed to minimize downtime and avoid revenue loss or service interruption. |
|
|
• |
When readings from an implanted medical device are abnormal, that information can be automatically routed to the individual’s healthcare provider to enable timely medical care. |
|
|
• |
When a young child goes missing, local officials can send alerts to and receive tips from their communities to aid in locating and returning the child. |
|
|
• |
When a financial services firm experiences disruptions in service, clients can be promptly notified and audit confirmations can be provided to document delivery. |
Our customer base has grown from 867 customers at the end of 2011 to more than 5,600 customers as of December 31, 2020. As of December 31, 2020, our customers were based in 70 countries and included eight of the 10 largest U.S. cities, nine of the 10 largest U.S.-based investment banks, 47 of the 50 busiest North American airports, nine of the 10 largest global consulting firms, eight of the 10 largest global automakers, nine of the 10 largest U.S.-based health care providers, and seven of the 10 largest technology companies in the world. We provide our applications to customers of varying sizes, including enterprises, small businesses, non-profit organizations, educational institutions and governmental agencies. Our customers span a wide variety of industries including technology, energy, financial services, healthcare and life sciences, manufacturing, media and entertainment, retail, higher education and professional services.
We derive substantially all of our revenue from subscriptions to our critical communications applications, which represented 85%, 88% and 92% of our total revenue in 2020, 2019 and 2018, respectively. We derived approximately 50% of our revenue in 2020 from sales of our Mass Notification application. Our pricing model is based on the number of applications subscribed to and, per application, the number of people, locations and things connected to our platform, as well as the volume of communications. We also offer premium services including data feeds for social media, threat intelligence and weather. We generate additional revenue by expanding the number of applications that our customers subscribe to and the number of contacts and devices connected to our platform.
6
Industry Background
Over the past two decades, methods to assess critical events and to automate, accelerate and digitally transform the process of managing and responding to such events have evolved rapidly, in tandem with advances in technology, to include automated or system-generated responses, such as voice calls, text messages, emails, social media and outdoor digital signage. In critical situations, the speed at which threats are assessed and information is transmitted are essential.
Evolution of Critical Event Management Solutions
Traditional solutions for critical communications have not kept pace with the increasingly digital world, the evolving threat landscape and the opportunity to leverage technological innovation to more effectively gain situational awareness and to communicate with people. These solutions are often developed in-house or are not truly enterprise grade in scale and reliability, leaving many organizations to manually evaluate multiple streams of threat data and to use analog, one-way and people-based modalities to communicate with relevant stakeholders. These solutions lack the scale to reliably address the breadth of the different critical challenges that organizations increasingly face, the sophistication required to address evolving needs with aggregated data and analysis for threat assessment, automated workflows and the ability to rapidly deliver messages that are contextually tailored to multiple, specific audiences, in precise locations, using a variety of different communication modalities. Traditional solutions also typically determine a person’s location for threat assessment and availability for response, and send notifications, based upon a static work or home address. Given the mobile and increasingly remote nature of today’s workforce, solutions now need to be able to dynamically locate who is near a critical event and send instructions to impacted parties and responders based upon where they actually are.
CEM solutions digitally transform the response to natural, manmade and digital crises, building upon the strengths of modern critical communications with vital data, analytics, correlation, and seamless orchestration. Organizations today typically manage critical events across the organization in silos that use disparate data sources and unintegrated tools, making it difficult to achieve a common operational view of threats and of the status of response. Utilizing a common contact base, consistent rules engines, threat databases that are integrated with information on the location of an organization’s people, assets and suppliers, and a common visualization platform, CEM solutions can provide a more integrated solution which can improve management control and visibility and lower costs. The ability to cohesively and rapidly share information and collaborate across the organization underlies creating a common operational approach.
Key Benefits of Our Solutions and Competitive Strengths
Everbridge was founded with a vision to help organizations keep their people (employees, contractors, customers, residents, visitors) safe and operations running amid the many types of public safety and critical business events that pose threats. Our CEM solutions enable organizations to assess threats, locate impacted people and assets, and manage and respond to critical events, all on a single platform. Key benefits of our solutions and competitive strengths include the following:
|
|
• |
Comprehensive, Enterprise-Scale Platform. The core of our solutions is our Critical Event Management platform, which provides multiple layers of redundancy to assure uptime and delivery of communications regardless of volume or throughput requirements. The platform is secure, scalable and reliable, enabling the delivery and verification of tens of millions of different communications virtually anywhere, in any volume, in near real-time. In 2020, we delivered over 5 billion interactions, or about 158 interactions per second, through our globally distributed data centers. |
|
|
• |
Digital Transformation. Our solutions help enable our customers’ digital transformation efforts by automating business continuity, risk reduction, and operational resilience. Customers can use our solutions’ situational awareness capabilities to know where their people are, how to reach them and how to ensure that they are protected, while also remaining updated on the status of their facilities, customers, inventory, and goods in transit. As part of digital transformation initiatives, our solutions support operational risk reduction for better operational resiliency. |
7
|
|
• |
Out-of-the-Box, Scalable and Mobile Applications. Our SaaS-based applications are out-of-the box, enterprise-ready and can be utilized without customer development, testing or ongoing maintenance. Regardless of a customer or prospect’s size or needs, our applications are built to scale to its largest and most complex critical communications requirements. |
|
|
• |
Aggregated Threat Data and Analysis. Our software gathers and analyzes information from weather data feeds, public safety and threat data feeds, social media, IT ticketing systems and monitoring systems, as well as inputs and feedback from two-way and polling messages. Data can be geo-mapped and threat and incident data can be used to automatically trigger simple or complex workflows that are tied to standard operating procedures or run-books. |
|
|
• |
Contextual Communications. We enable intelligence and personalization in the critical communications process by delivering contextual communications. Our customers can deliver and escalate critical communications broadly to a mass population or to a targeted subset of individuals based on geographic location, skill level, role and communication modality preferences for rich, two-way collaboration. |
|
|
• |
Dynamic Location Awareness. Our platform can provide organizations with the ability to send and receive notifications based on the last known locations of people, not just based on a static office or home address. Our platform integrates with a variety of sources of location information, including building access control systems and corporate network access solutions. This location-specific approach enables organizations to quickly determine which individuals may be affected by a public safety threat or able to respond to a critical business event, and to provide targeted and relevant instructions and two- way communications. |
|
|
• |
Large, Dynamic and Rich Communications Data Asset. As of December 31, 2020, our data asset consists of our contacts databases that manage approximately 490 million contact profiles and connections from more than 5,600 customers based in 70 countries. Our contacts databases, which we refer to as contact stores, are initially created through an upload of contacts from the customer and are automatically updated with the most current contact information provided by the customer or by individuals who opt-in to receive notifications from our Community Engagement application. Our contact stores are repositories for all contact details, attributes and business rules and preferences, such as a person’s last-known location, language spoken, special needs, technical certifications and on-call status. |
|
|
• |
Multi-channel Visualization. Our platform provides the ability to create an integrated view of threats, incidents and the status of response, all within the context of the locations of an organization’s people, assets and suppliers. Multiple channels of information can be displayed side-by-side so different facets of a critical event can be monitored simultaneously, and the same data can be displayed on personal computer screens and on a large command center wall to provide flexibility in deployment. |
|
|
• |
Robust Security, Industry Certification and Compliance. Our platform is built on a secure and resilient infrastructure with multiple layers of redundancy. Many of our enterprise applications are designed to meet rigorous security and compliance requirements for financial services firms, healthcare institutions, the U.S. federal government and other regulated industries, including facilitating compliance with FINRA and HIPAA standards. Our solutions received designation under the Support Anti-terrorism by Fostering Effective Technology Act of 2002 (“SAFETY Act”), and certification by U.S. Department of Homeland Security that places us on the approved product list for homeland security. Our solutions are also accredited under the Federal Information Security Management Act of 2002 (“FISMA”). Our Everbridge Suite solution also achieved authorization under the Federal Risk and Authorization Management Program (“FedRAMP”) in 2018, that required satisfying a rigorous security and risk management review process and which we believe provides an advantage for selling into the U.S. federal sector. In 2019, our Critical Event Management platform received certification under International Organization for Standardization, or ISO, 27001 and also received Cloud Computing Compliance Controls Catalogue (“C5”) accreditation under the Federal Office for Information Security in Germany. In 2020, we received ISO 27701 compliance, the privacy extension to ISO 27001, and successfully renewed our FedRAMP Agency Authorization. |
8
|
|
• |
Automated Workflows. Our platform automates the workflows required to complete a critical notification, including establishing the individuals within an organization authorized to send messages, the groups of stakeholders to whom messages will be sent and the content of messages to be sent to different groups of relevant stakeholders, in each case based on incident type. We believe that this automation reduces the amount of time required to send critical notification as well as the associated cost. Our platform also enables customers to automatically establish procedures for improving the success of communication efforts. |
|
|
• |
Globally Local. Our platform is designed to be utilized globally while accounting for local cultural, linguistic, regulatory and technological differences. We have relationships with suppliers and carriers in multiple countries to ensure delivery in compliance with local, technical and regulatory requirements. We have localized our user interface in several languages and dialects. |
|
|
• |
Next-Generation, Open Architecture. We developed our platform to easily integrate our applications with other systems. Our solutions provide open Application Program Initiatives (“API”s), and configurable integrations, enabling our platform to work with our customers’ and partners’ pre-existing processes and solutions, increasing the business value we deliver. |
|
|
• |
Actionable Reporting and Analytics. Our platform provides real-time dashboards, advanced map-based visualization and ad-hoc reporting across notifications, incidents and contacts. This information is easily accessed for required after-event reviews, continuous process improvements and regulatory compliance. |
Our Growth Strategy
We intend to drive growth in our business by building on our position as a global provider of critical event management, critical communications and enterprise safety applications. Key elements of our growth strategy include:
|
|
• |
Accelerate Our Acquisition of New Customers. We have multiple paths of entry into new customers with our portfolio of applications, which are used for a wide variety of use cases across a diverse set of verticals markets. We intend to capitalize on the breadth of our solutions and the technological advantages of our CEM platform to continue to attract new customers. In parallel, we plan to attract new customers by investing in sales and marketing and expanding our channel partner relationships. |
|
|
• |
Further Penetrate Our Existing Customers. We believe that there is a significant opportunity within our existing customer base to expand their use of our platform, both by selling new applications and features to our existing customers and selling to additional departments in their organizations. Our dollar-based net retention rate, which we define as revenue generated from existing customers including recurring revenue, expansion revenue, downgrades, and cancels, was over 110% for fiscal 2020. We also believe that we have a significant opportunity to increase the lifetime value of our customer relationships as we educate customers about the benefits of our current and future applications that they do not already utilize and of taking an integrated CEM approach. New applications added, which represent the total dollar value of new agreements entered into within the prior 12 months, exclusive of renewals, have grown from 6% of our sales in the first quarter of 2016 to 66% of our sales in the fourth quarter of 2020. |
|
|
• |
Expand Our Partner Ecosystem: We continue to expand our strategic partnerships with our channel partners, technology partners, and system integrators. We intend to further expand our partner ecosystem to open up new channels to market and to enable our customers to succeed with our technology and platform in their operations and business processes. |
9
|
|
• |
Develop New Applications to Target New Markets and Use Cases. Our platform is highly flexible and can support the development of new applications to meet evolving safety and operational challenges. For example, throughout 2020, we announced a number of applications under the heading COVID-19 Shield, an extension to our CEM platform offering public health information, risk insights, wellness checks, logistics awareness and vaccine appointment management. We deployed our CEM Platform for a variety of COVID-19 uses, including to power countrywide communications about the pandemic, deliver health checks at higher education institutions, and coordinate vaccine distribution for a number of municipalities and organizations. We intend to continue to develop new applications for use cases in a variety of new markets and to leverage our platform and our existing customer relationships as a source of new applications, industry use cases, features and solutions. |
|
|
• |
Expand Our International Footprint. We intend to continue to expand our local presence in regions such as Europe, the Middle East and Asia to leverage our relationships with local carriers and our ability to deliver messages to over 200 countries and territories in several languages and dialects as well as expand our channel partnerships and also to opportunistically consider expanding in other regions. |
|
|
• |
Maintain Our Technology and Thought Leadership. We will continue to invest in our core CEM platform and our applications to maintain our technology leadership position. For example, we believe that we are the only company today that provides a full, integrated CEM solution and that we provide the first solution to offer dynamic versus static location awareness integrated with analysis and communications for the employee safety and security marketplace. Further, we believe we have a competitive advantage through our commitment to innovation and thought leadership that has enabled us to take market share from our competitors and accelerate our growth. |
|
|
• |
Opportunistically Pursue Acquisitions. We plan to continue to selectively pursue acquisitions of complementary businesses, technologies and teams that allow us to penetrate new markets and add features and functionalities to our platform. |
Our Platform
Since inception, our SaaS-based critical communications platform was architected on a single code base to deliver multi-tenant capability and the speed, scale and resilience necessary to communicate, collaborate and orchestrate the response to critical events, when they occur.
Additional core technical attributes of our platform include:
|
|
• |
Monitors more than 100 types of threat data and aggregates more than 25,000 of risk data elements for situation assessment and risk monitoring. |
|
|
• |
Multi-tenant architecture that supports multiple layers of redundancy to maximize uptime and delivery of critical content, regardless of volume or throughput requirements. |
|
|
• |
Dynamic spatial/geographic information system capability to geo-target communications by zip code, street address or a specific radius from a location. |
|
|
• |
Support for two-way communications and alerting on over 100 different modalities, including wireless phones, landlines, hand-held communication and other voice-capable devices, desktop, satellite communication, cell broadcast, location-based SMS, SMS, two-way radios, TV, outdoor digital signage, sirens and internet enabled devices, social media, websites. |
|
|
• |
Designed to meet rigorous security and compliance requirements for financial services firms, healthcare institutions, the U.S. federal government and other regulated industries, including facilitating compliance with health care requirements such as HIPAA privacy and security standards including FedRAMP, the European Union’s General Data Protection Regulation, or GDPR, and ISO 27001. |
|
|
• |
Extensive set of APIs and configuration capabilities to allow customers and partners to easily integrate our platform with other systems. Our APIs’ two-way invocation capabilities enable third-party systems to flexibly and easily integrate with our platform. |
10
|
|
• |
Multi-channel visualization capabilities support integrated views of threats, incidents and status of response to improve management visibility and control. |
|
|
• |
Supports easy-to-use native mobile applications, including multiple secure mobile applications for message initiation, management and reporting. |
|
|
• |
Supports push notifications and two-way conversations that enable mobile users to send and receive secure messages such as text, pictures, videos and the users’ current geographic locations. |
Our Contact Stores
Our contact stores manage approximately 490 million contact profiles and connections from more than 5,600 customers based in 70 countries as of December 31, 2020, up from 15 million contact profiles as of December 31, 2012. They are initially created through an upload of contacts from the customer and are automatically updated with the most current contact information provided by the customer or by individuals who opt-in to receive notification from our Community Engagement application. Our contact stores are simultaneously enriched by geographic, situational and other real-time data. Our contact stores are repositories for all contact details, attributes and business rules and preferences, such as a person’s last-known location, language spoken, special needs, technical certifications and on-call status.
We leverage the data contained in our contact stores in a number of significant ways. Our data asset across multiple verticals enables us to develop best practices for reaching the intended contact, on the correct device, at the right location, at the appropriate time. We also use these data to better understand our customer base and their emerging use cases in order to improve our existing applications and develop new applications.
Everbridge Network
An important component of our platform is our Everbridge Network, which allows our customers to share relevant situational awareness information with each other. Public safety agencies, for example, can publish information to the Everbridge Network about incidents that might prove disruptive to the movement of people, goods and services for businesses within a certain area. If any of those businesses are also customers of ours, they will receive this information from a source they know is vetted and reliable and will be able to take timely steps to mitigate or remediate the situation.
Our Applications
Through our CEM platform, we deliver reliable enterprise-ready applications that provide organizations with the ability to assess threats, locate people, automate actions, monitor incident response, and deliver contextual communications in any volume, in near-real time. We have designed our applications’ user interface to be easy to use. We understand that since some of our applications will be utilized to manage complex situations or to send large volumes of messages to key stakeholders during stressful situations, streamlining the user interface to reduce user errors and anxiety is essential. We conduct extensive usability testing and design reviews with our stakeholders, and have applied in our designs the lessons learned over more than a decade of working with critical communications users and professionals.
Our applications enable:
|
|
• |
Communications to key stakeholders during emergency situations. |
|
|
• |
Corporate communications with customers and employees. |
|
|
• |
Automated outreach to on-call personnel. |
|
|
• |
Integrated threat assessment and visualization. |
|
|
• |
Integration of physical security data with location awareness data gathered from travel, network and access systems to rapidly find and communicate with employees during disruptive events. |
11
|
|
• |
Securely designed and efficiently implemented communications among healthcare providers and patients. |
|
|
• |
Community engagement and collaboration with citizens and businesses. |
|
|
• |
Critical IoT communications between machines and from machines to people. |
|
|
• |
Mobile response plan deployment and management of incidence response. |
Our applications include:
|
|
• |
Mass Notification. Our secure, scalable and reliable Mass Notification application is our most established application and enables enterprises and governmental entities to send contextually aware notifications to individuals or groups to keep them informed before, during and after natural or man-made disasters and other emergencies. We provide robust analytics, map-based targeting, flexible group management, distributed contact data, language localization, multiple options for contact data management and a globally-optimized approach to voice and SMS routing. We also support community engagement functionality, which provides a direct link between residents and emergency management departments with the goal of fostering public safety. |
|
|
• |
Safety Connection. Our Safety Connection application enables organizations to send notifications based on dynamic last known location of an individual, including the airport, street, building floor or conference room at which the individual was most recently present, while actively incorporating threat and other data to allow for targeted and relevant communications. When fully deployed, the application can also aggregate near real-time data from multiple sources, including building access control systems, wired and wireless network access points, travel management systems and mobile application check-ins. We believe that Safety Connection represents a significant advance in helping organizations use critical communications to keep their constituents safe, as many current solutions use only static office and residential locations that are not sufficiently location-aware relative to an increasingly mobile workforce. |
|
|
• |
Incident Management. Our Incident Management application enables organizations to automate workflows and make their communications contextually relevant using drag and drop business rules to determine who should be contacted, how they should be contacted and what information is required. We believe that this application decreases costly human errors and reduces downtime, while simultaneously capturing required compliance information. We also support cross-account collaboration and situational intelligence sharing during crises for corporations and communities. |
|
|
• |
IT Alerting. Our IT Alerting application enables IT professionals to alert and communicate with key members of their teams during an IT incident or outage, including during a cyber security breach. The application integrates with IT service management platforms, including ServiceNow, and uses automatic escalation of alerts, on-call scheduling and mobile alerting to automate manual tasks and keep IT teams collaborating during an incident. We also provide real-time shift calendars with integrated on-call notifications to help users better manage employee resources and get the right message to the right person, at the right time through automated staffing. Taken together, our IT Alerting application has the potential to provide meaningful savings to organizations by reducing mean-time-to-repair. Each minute of unplanned downtime costs organizations an average of approximately $8,900 according to Ponemon Institute, while 59% of Fortune 500 companies experience 1.6 hours of downtime per week, according to Dunn & Bradstreet. IHS, Inc. estimates information and communication technology downtime costs North American organizations $700 billion per year. |
|
|
• |
Visual Command Center. Our Visual Command Center application enables customers to monitor and integrate more than 100 types of threat data, as well as information on internal incidents, to generate and visualize an alert when potential risks occur within proximity of an organization’s physical locations, suppliers, assets or people. The solution improves the ability to more quickly understand and assess the impact of threats, execute the correct response, and monitor on-going resolution in order to mitigate risk to personnel safety, business continuity, assets and supply chain operations. |
12
|
|
• |
Public Warning. Our Public Warning application is used to reach international mobile populations on a regional or country-wide scale. It leverages existing telecom infrastructure to anonymously reach mobile phone users within a geographic area with two-way SMS communications without requiring an existing database of mobile phone numbers. Multichannel alerting can also be accomplished via mobile push notifications, cell broadcast, voice, email, or messaging to electronic display boards or radio. The application has been selected to be part of the national warning system for 11 countries in Europe, Asia, Oceania, the Middle East, Africa, and the Americas, supporting five European Union (EU) countries in conjunction with the EU mandate requiring member countries to have a population-wide alerting system in place by June 2022. These Public Warning customers include Australia, Cambodia, Greece, the Netherlands, Peru, Sweden and a number of the largest states in India. In compliance with GDPR, our Public Warning solution neither collects nor stores personally identifiable information (PII) data. |
|
|
• |
Community Engagement. Our Community Engagement application integrates emergency management and community outreach by providing local governments with a unified solution to connect residents to their public safety department, public information resources, and neighbors via social media and mobile applications. This creates a stronger and more engaged community improving the communication reach for emergency personnel, while providing residents with real-time emergency and community information, and allows residents to anonymously opt-in and provide tips. |
|
|
• |
Risk Center. Our Risk Center solution aggregates data from over 25,000 data sources to assess more than 100 types of incidents and provide 24x7 incident information and analysis. A team of analysts, leveraging automation tools, verify risk incidents. |
|
|
• |
Crisis Management. Our Crisis Management application provides mobile access to crisis, recovery and brand protection plans, as well as the capability to manage a crisis or event through role-based assignments and status updates. Organizations can enhance their overall crisis management efforts by making plans readily available to responders on the most popular mobile platforms regardless of their location. The application also simplifies updating plans for changes to personnel or processes, and enhances visibility into response progress during a critical event. |
|
|
• |
Secure Collaboration. Our Secure Collaboration solution allows contacts to exchange messages, voice, images, and video chat through our mobile application while providing security for their communications. The application facilitates HIPAA-compliant communications and is designed to comply with FedRAMP, Sarbanes-Oxley, and other compliance requirements from mobile devices or web browsers. |
|
|
• |
Control Center. Our Control Center physical security application is used for mission-critical control in enterprises and public safety. This solution correlates events from disparate safety and security systems into a common operating picture to provide real-time situation awareness. The application provides users with actionable alerts, next step actions, and automated reporting to better manage risks, ensure compliance with operating procedures and support business continuity. Automated workflows enable rapid risk management and consistent responses, reducing the risk of human error. It also facilitates device activation to help operational control to protect people and infrastructure. Dynamic reports and dashboards provide real-time actionable insights for operational and executive teams. The Control Center application is an open platform, integrating hundreds of security and operational technologies. |
|
|
• |
COVID-19 Shield. In the first quarter of 2020, we launched COVID-19 Shield, a new set of coronavirus protection solutions designed to protect the safety of employees and customers, maintain business operations, safeguard supply chains, and reduce costs and liabilities stemming from the impact of the global coronavirus pandemic. In the second quarter of 2020, we launched several additional software solutions, including (1) COVID-19 Return to Work, a software solution designed to help businesses and governments navigate the complexity of operating during the next phase of the COVID-19 pandemic and prepare to bring back the workforce and reopen society; (2) COVID-19 Shield: Contact Tracing, a solution for corporate, government and healthcare organizations to supplement or complement existing manual contact tracing efforts; and (3) Control Center, a physical security information management software platform, which includes features designed to help organizations return to work by integrating and managing data and analytics from video cameras, thermal cameras, badge access and other building |
13
|
|
systems, and by automating the response to help organizations ensure the safety and protection of employees, as well as compliance with social distancing and personal protective equipment policies. In the fourth quarter of 2020, we announced COVID-19 Shield: Vaccine Distribution, an extension to our CEM platform offering risk insights, logistics awareness and vaccine appointment management. These new products were built off of our existing platforms. |
We also have expanded our CEM platform through a series of recent acquisitions, including Techwan SA (“Techwan”), CNL Software Limited (“CNL Software”) and SnapComms Limited (“SnapComms”), to further augment its physical security, public safety and internal communications capabilities.
With industry-leading redundancy, scalability and uptime, the Everbridge platform reaches over 650 million people in more than 200 countries and territories.
Our Technology
The design and development of our applications, and our critical communication and critical event management platforms include the following key attributes:
|
|
• |
Robust, Enterprise-Grade Scalability and Reliability. Given the mission-critical nature of our solutions, our multi-tenant platform was designed to provide a robust, high level of resiliency, scalability and redundancy. We use multiple geographically distributed service providers and communications carriers to achieve a high degree of redundancy, fault tolerance and cost-effective operations. We have multiple layers of redundancy and a horizontal scaling model across our infrastructure to deliver high availability and performance. Similarly, we leverage redundant downstream communications providers to enable our services to remain uninterrupted even if a particular provider encounters technical difficulties. |
|
|
• |
Multi-Modal, Globally Local Communications Delivery. We optimize international call routing across hundreds of telecommunications providers to enable higher voice quality, improved delivery rates during emergencies and the ability to configure local caller IDs to improve recognition and answer rates. We also work with multiple SMS providers to identify regulatory hurdles and deploy and actively manage an optimal mix of national and international SMS codes to ensure high delivery and response rates. |
|
|
• |
Security and Compliance. Our solutions received designation under the SAFETY Act, and certification by U.S. Department of Homeland Security that places us on the approved product list for homeland security. Our solutions are also accredited under FISMA. Our Everbridge Suite solution also achieved authorization under FedRAMP in 2018, that required satisfying a rigorous security and risk management review process and which we believe provides an advantage for selling into the U.S. federal sector. In 2019, our Critical Event Management platform received ISO 27001 certification and also received C5 accreditation under the Federal Office for Information Security in Germany. |
|
|
• |
Hybrid Infrastructure. To provide highly scalable and global solutions, we employ redundant, geographically diverse production implementations of our platform infrastructure in multiple SOC 2-compliant data center facilities in North America and Europe. Within each data center, we utilize a hybrid-cloud architecture that enables us to leverage both proprietary and third-party infrastructure services to enable “on-demand” capacity and performance without substantial upfront investment. Our architecture enables our platform to dynamically determine the best location from which to deliver critical communications on behalf of our customers and solves many international communications delivery challenges by utilizing in-country or in-region telephony, messaging and data communication providers. Our infrastructure is continuously maintained and monitored by dedicated engineers based in redundant network operations centers in the Los Angeles and Boston areas. |
14
|
|
• |
Dynamic Location Detection. Our platform can create and update dynamic data sets containing a contact’s last-known location, including the airport, street, building floor or conference room at which the contact was most recently present. Multiple data sources can be aggregated including building access control and badging systems, wired and wireless network access points, and corporate travel management and office hoteling systems. These data are used to best locate a contact in an emergency or critical business situation, independent of the contact’s home or office location. Contacts can also share their location via a three-in-one mobile panic button application, which sends a panic message to the applicable organization’s security team, and also includes the ability to send audio and video content, to check-in to capture and report geo-location data and to establish a safe corridor through a potentially unsafe area. |
Our Comprehensive Customer Support Services
We are committed to the success of our customers. We demonstrate this commitment by offering a comprehensive set of support services to help our customers get started quickly, follow best practices, and realize on-going value from our critical communications solution. Our support services include:
|
|
• |
Rapid Onboarding. We leverage a proven methodology and domain expertise, honed through thousands of customer on-boardings worldwide, to enable rapid use of our platform and compliance with industry best practices. The average implementation time for standard implementations for new customers purchasing our solutions is 6.5 hours. |
|
|
• |
Everbridge University. We offer online education, training and professional development through Everbridge University, with role-based training modules that can be customized to meet a customer’s needs and that can facilitate formalized knowledge transfer and ensure ongoing self-sufficiency. |
|
|
• |
Dedicated Account Management. We assign dedicated account managers to all customers. Account managers perform regular service reviews and post-incident analyses of customer communications to incorporate communication best practices and recommend additional applications to meet the customer’s critical communications needs. |
|
|
• |
24/7 Technical Support & Emergency Live Operator Service. We have established geographically redundant technical support centers in the Los Angeles, California; Boston, Massachusetts; and London, United Kingdom areas. From these support centers, we offer our customers 24/7 support by phone, email or through our online support center. In addition, our support centers offer a 24/7 emergency live operator service to assist customers with sending critical communications. |
|
|
• |
Premium Support Services. With an understanding of the critical role that our solution plays, we have assembled an expert professional services organization to deliver premium support service packages to our customers. Our professional services team includes certified emergency management and critical communications practitioners. We believe that we help customers achieve faster time-to-value by providing on-site project management, consultation with a certified critical communications professional, creation of client-specific message and scenarios, development of ad-hoc report templates and on-site emergency and incident management reviews. |
15
Our Customers
Our customer base has grown from 867 customers at the end of 2011 to more than 5,600 customers as of December 31, 2020. We define a customer as a contracting entity from which we generated $200 or more of revenue in the prior month, either directly or through a channel partner. At the end of 2011 we had 20 customers with contracts valued at $100,000 or more, whereas as of December 31, 2020 we had 573 customers with contracts valued at $100,000 or more, including 49 customers with contracts in excess of $500,000. As of December 31, 2020, our customers were based in 70 countries and included eight of the 10 largest U.S. cities, nine of the 10 largest U.S.-based investment banks, 47 of the 50 busiest North American airports, nine of the 10 largest global consulting firms, eight of the 10 largest global automakers, nine of the 10 largest U.S.-based health care providers, and seven of the 10 largest technology companies in the world. We provide our applications to customers of varying sizes, including enterprises, small businesses, non-profit organizations, educational institutions and governmental agencies. Our customers span a wide variety of industries including technology, energy, financial services, healthcare and life sciences, manufacturing, media and entertainment, retail, higher education, and professional services. For the year ended December 31, 2020, 63% of our revenue was generated from enterprise customers, 26% from government and government-related customers and 11% from healthcare-related customers.
Sales and Marketing
Our sales and marketing organizations collaborate to create brand preference, efficiently and effectively generate leads, build a strong sales pipeline and cultivate customer relationships to help drive revenue growth. Our marketing strategy consists of a strong thought-leadership program, digital marketing engine and a diversified sales organization designed to efficiently sell across vertical markets to organizations of all sizes. We have dedicated sales teams focused on corporate customers, healthcare organizations and government customers, which covers U.S. federal, state and local governmental entities.
Sales
We sell our solutions through our telephone and direct inside sales teams, a direct field sales team and a growing partner channel. Our global sales teams focus on both new customer acquisition and up-selling and cross-selling additional and new offerings, respectively, to our existing customers. Our sales teams are organized by geography, consisting of the Americas; Asia Pacific, Europe, the Middle East and Africa (collectively, “EMEA”); as well as by target organization size. Our inside sales team focuses typically on small and middle-market transactions, while larger or more complex transactions are generally handled by our direct field sales teams. Our highly trained sales engineers help define customer use cases, manage pilots and train channel partners.
In addition to the vertical and geographic distribution of our salesforce, we have dedicated teams of account executives focused on net new accounts and growth of existing accounts, account managers responsible for renewal of existing accounts, and business development representatives targeting new and growth business opportunity creation. Our sales representatives use phone, email and web meetings to interact with prospects and customers. In 2020, we increased the headcount of our sales organization, and we intend to continue to invest in building our global sales and go-to-market organizations.
We also sell through channel partners both domestically and internationally. To help integrate our applications with other third-party services and take advantage of current and emerging technologies, we seek to enter into alliances with leading technology companies.
16
Marketing
We focus our marketing efforts on increasing the strength of the Everbridge brand, communicating product advantages and business benefits, generating leads for our salesforce and channel partners, leveraging geographic market strengths and driving product adoption. We run campaigns that take advantage of a network effect in which success within a region encourages other organizations within that area to choose our solutions, in part to be using a system consistent with that of other entities in the area with which they may share information or best practices. We deliver targeted content to demonstrate our thought leadership in critical communications best practices and use digital advertising methods to drive conversion of potential prospects, which convert to opportunities for our sales organization.
Our marketing team focuses on inbound marketing through our industry-leading content, resources, and sharing customer best practices. We rely on multiple marketing and sales automation tools to efficiently market to, and automatically identify qualified individuals using product and industry specific criteria. We use multiple marketing tactics to engage with prospective customers including: email marketing, event marketing, print and digital advertising, and webinar events. We engage with existing customers to provide vertically-based education and awareness and to promote expanded use of our current and new software offerings within these customers. We also host regional and national events to engage both customers and prospects, deliver product training and foster community.
Research and Development
We invest substantial resources in research and development and leverage offshore development in multiple geographies to implement a “follow the sun” engineering strategy and to increase the efficiency of our overall development efforts. We enhance our core technology platform and applications, develop new end market-specific solutions and applications, and conduct application and quality assurance testing. Our technical and engineering team monitors and tests our applications on a regular basis, and we maintain a regular release process to refine, update, and enhance our existing applications.
Our Competition
The market for CEM solutions is highly fragmented, intensely competitive and constantly evolving. We compete with an array of established and emerging companies, many of whom are single product or single market focused, as well as in-house solutions. We view CEM as a holistic solution that allows organizations to digitally transform their critical event management processes. These processes are siloed in a variety of ways in different organizations. Similarly, solutions from competitors in the field often are siloed by smaller functions across the holistic CEM solution. CEM includes Mass Notification, Risk Control, Public Warning, IT Alerting and Incident Management, and Control Center systems. The primary competitors for our Mass Notification applications include BlackBerry Limited, F24 AG, OnSolve, LLC, and Rave Wireless, Inc. The primary competitors for our Risk Control application include Anvil Group and WorldAware, Inc. The primary competitors for our Public Warning application include Celltick, Intersec and Genasys, Inc. For IT Alerting and Incident Management, our primary competitors are PagerDuty, Inc. and xMatters, Inc. For Control Center, our primary competitor is Genetec. Some competitors in siloed solutions are beginning to converge and build strategies that follow our CEM platform strategy. With the introduction of new technologies and market entrants, we expect the competitive environment to remain intense going forward.
We believe that we compete favorably with respect to all of these factors and that we are well positioned as a leading provider of targeted and contextually relevant critical communications.
Intellectual Property
Our future success and competitive position depend in part on our ability to protect our intellectual property and proprietary technologies. To safeguard these rights, we rely on a combination of patent, trademark, copyright and trade secret laws and contractual protections in the United States and other jurisdictions.
17
We have numerous issued patents and patent applications pending. We cannot assure you that any patents will issue from any patent applications, that patents that issue from such applications will give us the protection that we seek or that any such patents will not be challenged, invalidated, or circumvented. Any patents that may issue in the future from our pending or future patent applications may not provide sufficiently broad protection and may not be enforceable in actions against alleged infringers.
We have registered the “Everbridge”, “Nixle” and “Visual Command Center” names in the United States and have registered the “Everbridge” name in the European Union. We have registrations and/or pending applications for additional marks in the United States; however, we cannot assure you that any future trademark registrations will be issued for pending or future applications or that any registered trademarks will be enforceable or provide adequate protection of our proprietary rights.
We also license software from third parties for integration into our offerings, including open source software and other software available on commercially reasonable terms. We cannot assure you that such third parties will maintain such software or continue to make it available.
We are the registered holder of a variety of domestic and international domain names that include everbridge.com, as well as similar variations on that name.
In order to protect our unpatented proprietary technologies and processes, we rely on trade secret laws and confidentiality agreements with our employees, consultants, vendors and others. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer or otherwise obtain and use them. In addition, others may independently discover our trade secrets, in which case we would not be able to assert trade secret rights, or develop similar technologies and processes. Further, the contractual provisions that we enter into may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights.
If we become more successful, we believe that competitors will be more likely to try to develop solutions that are similar to ours and that may infringe our proprietary rights. It may also be more likely that competitors or other third parties will claim that our solutions infringe their proprietary rights.
Patent and other intellectual property disputes are common in our industry and we have been involved in such disputes from time to time in the ordinary course of our business. Some companies, including some of our competitors, own large numbers of patents, copyrights and trademarks, which they may use to assert claims against us. Third parties may in the future assert claims of infringement, misappropriation or other violations of intellectual property rights against us. They may also assert such claims against our customers whom we typically indemnify against claims that our solution infringes, misappropriates or otherwise violates the intellectual property rights of third parties. As the numbers of products and competitors in our market increase and overlaps occur, claims of infringement, misappropriation and other violations of intellectual property rights may increase. Any claim of infringement, misappropriation or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business.
Government Regulation
The legal environment of Internet-based businesses is evolving rapidly in the United States and elsewhere. The manner in which existing laws and regulations are applied in this environment, and how they will relate to our business in particular, both in the United States and internationally, is often unclear. For example, we sometimes cannot be certain which laws will be deemed applicable to us given the global nature of our business, including with respect to such topics as data privacy and security, pricing, advertising, taxation, and intellectual property ownership and infringement.
Our customers, and those with whom they interact using our product and platform solutions, upload and store personally identifiable information and other data into our solutions and provide access to such data, generally
18
without any restrictions imposed by us. This presents legal challenges to our business and operations, such as rights of privacy related to the data used in connection with our solutions. Both in the United States and internationally, we must monitor and comply with a host of legal concerns regarding the data stored and processed in our solutions by customers. We must also monitor and comply with these issues directly in the operation of our business in these jurisdictions.
We are subject to data privacy and security regulation by data protection authorities in countries throughout the world, by the U.S. federal government, and by the states in which we conduct our business. In recent years, there have been a number of well-publicized data breaches involving the improper use and disclosure of personal information of individuals. Many governing authorities have responded to these incidents by enacting laws requiring holders of personal information to maintain safeguards and to take certain actions in response to a data breach, such as providing prompt notification of the breach to affected individuals and public officials, or amending existing laws to expand compliance obligations. In the European Union, U.S. companies must meet specified privacy and security standards, such as the European General Data Protection Regulation, or the GDPR, which governs the protection of individuals with regard to the processing of personal data, and on the free movement of such data established in the European Union to certain non-European Union countries, such as the United States. Additionally, the data protection laws of each of the European member countries require comprehensive data privacy and security protections for consumers with respect to personal data collected about them. In February 2016, the European Union and U.S. officials announced an agreement, which established the EU-U.S. Privacy Shield, or the Privacy Shield, as a means for legitimating the transfer of personal data by U.S. companies doing business in Europe from the European Economic Area to the U.S. However, on July 16, 2020, the European Court of Justice invalidated the Privacy Shield. As a result, we are no longer using the Privacy Shield as a legal mechanism for the transfer of data between the EU and the U.S. However, the European Court of Justice upheld the validity of Standard Contractual Clauses, which we will continue to use as a legal mechanism for the transfer of data between the EU and the U.S. We have and will continue to engage in efforts to ensure that data transfers from the European Economic Area comply with the GDPR and the data protection legislation of individual member states.
In the United States, many federal, state, and foreign government bodies and agencies have adopted, or are considering adopting, laws and regulations regarding the collection, use, and disclosure of personal information. California recently enacted the California Consumer Privacy Act, or CCPA, that among other things, requires covered entities to provide new disclosures to California consumers, affords such consumers new abilities to opt-out of certain sales of personal information, and gives such consumers a private right of action to enforce data breaches resulting from the covered entity's violation of its duty to implement and maintain reasonable security measures.
For a discussion of risks related to these various areas of government regulation, see Risk Factors set forth in Part I, Item 1A of this Annual Report on Form 10-K.
Human Capital Management
Culture and Governance
Culture
We believe that our culture has been a key contributor of our success to-date and that our mission, with the critical nature of the solutions that we provide, promotes a sense of greater purpose and fulfillment for our employees. We have invested in building an intentional global culture and believe it represents one of our most important and sustainable sources of competitive advantage.
Governance
Our Board of Directors and Board committees provide oversight on certain human capital matters. The Compensation Committee of our Board of Directors acts on behalf of the Board to review, adopt and approve our compensation strategy, policies, plans and programs, including, among others, reviewing and approving corporate performance goals and objectives relevant to the compensation of our executive officers and other senior management, evaluating and approving the compensation plans and programs advisable for us, and administration of our equity compensation plans, stock purchase plan, bonus plans, and other similar plans and programs.
19
Diversity and Inclusion
We prioritize diversity, equity and inclusion (“DEI”) to create a workplace that reflects the customers and populations we serve. We demonstrate our commitment to DEI by focusing on several key initiatives. This includes aligning our hiring and recruiting practices to attract a diverse and talented workforce; creating employee resource groups dedicated to celebrating and empowering communities within our organization, including women, employees of color, employees who identify as LGBTQ, and members of the military and first responders; holding open forums for company-wide discussion and dialogue on civil unrest and equal justice; and supporting a growing ecosystem of minority-owned and led suppliers and partners. As of December 31, 2020, 32% of our global workforce was female, 28% of vice president and above roles globally were female, and non-Caucasian employees represented 25% of our U.S. workforce. We are committed to increasing the diversity of our workforce, and during the year ended December 31, 2020, 36% of our U.S. hires were female and 26% were non-Caucasian.
Labor Practices and Policies
Work Hours, Wages and Benefits
We compensate employees competitively relative to the industry and local labor market. We work to ensure full compliance with applicable wage, work hours, overtime and benefits laws. We assess the current business environment and labor market to refine our compensation and benefits programs.
In addition to salaries, our compensation and benefit programs (which may vary by country and location) include annual bonuses, stock-based compensation awards, an Employee Stock Purchase Plan, retirement savings plans, healthcare and insurance benefits, health savings and flexible spending accounts, paid time off, volunteer time off, parental leave, adoption assistance and military leave, among many other benefits.
Safe and Healthy Workplace and Workplace Security
We seek to comply with all health and safety laws applicable to our business. To this end, we consult with employees to help keep work areas safe and free of hazardous conditions. Additionally, we are committed to maintaining a workplace free from violence, harassment, intimidation and other unsafe or disruptive conditions due to internal and external threats. We believe it is paramount to use our own CEM solutions to help us achieve our health and safety goals. We continue to take a variety of measures, including by using our own CEM solutions, to communicate to our employees and help keep them safe.
COVID-19 Pandemic
In March 2020, the World Health Organization declared the outbreak of COVID-19 a pandemic. We have taken, and are continuing to take, a variety of measures to ensure the availability and functioning of our critical infrastructure, to promote the safety and security of our employees and to support the communities in which we operate. These measures include requiring remote working arrangements for employees where practicable, among other modifications. We are following evolving public and private sector policies and initiatives to reduce the transmission of COVID-19, such as the imposition of travel restrictions, the promotion of social distancing and the adoption of work-from-home arrangements. All of these policies and initiatives have been and may continue to impact our operations. We formed a dedicated, cross-functional task force to monitor the evolving pandemic conditions globally and provide guidance and resources to support employees during the crisis. As a result, and according to data compiled by global investment firm Battery Ventures during the COVID-19 pandemic, and employee feedback shared on Glassdoor during this time, Everbridge was named the third highest-rated public cloud computing company to work for during COVID-19. We will continue to actively monitor the situation and may take further actions that alter our business operations as may be required or that we determine are in the best interests of our employees, customers, suppliers and stockholders.
Workforce, Recruiting, Development and Retention
Workforce Size
As of December 31, 2020, we had 1,344 full-time employees, including 332 in data center operations and customer support, 482 in sales and marketing, 363 in research and development and 167 in general and administrative. As of December 31, 2020, we had 830 full-time employees in the United States and 514 full-time employees
20
internationally. None of our U.S. employees are covered by collective bargaining agreements. We believe our employee relations are good and we have not experienced any work stoppages.
Recruiting
Our key talent philosophy is to develop talent from within and supplement with external hires. Our talent acquisition team uses internal and external resources to recruit highly skilled and talented workers, and we encourage employee referrals for open positions. Measurements of our progress include the percentage of internal candidates sourced and attrition rates. During 2020, 7.3% of positions were filled by candidates sourced internally and our attrition rate was 14.8%. We also develop our talent pipeline with programs such as our internship program. During 2020, we hired 15 interns across various departments and geographies, of which eight were female, resulting in gender diversity of over 50 percent.
Workforce Development
We are committed to investing in our employees through professional training and development to ensure the highest possible performance for our customers while retaining our employees to grow their careers at Everbridge. We achieve this through several avenues, including skills training within functional departments, education reimbursement and a Manager Development Program. The Manager Development Program was created to help grow our people managers and provide a path to leadership. We offer a wide variety of content and resources to maximize development. Since the program started in 2019, nearly 100 employees have participated in training and overall satisfaction with the program, measured by internal surveys, is 88%.
The Everbridge Performance Management Program was designed to meet several key objectives including providing feedback to enhance performance, providing developmental guidance to grow skills, experience and careers, aligning individual effort to organizational objectives and recognizing achievements and contributions. During 2020, participation in the annual review process was 100%.
The Nominating and Corporate Governance Committee of our Board of Directors develops and periodically reviews with our Chief Executive Officer plans for succession to the offices of our executive officers and makes recommendations to the Board with respect to the selection of appropriate individuals to succeed to these positions.
Employee Engagement and Satisfaction
We conduct an annual employee engagement survey to gauge overall employee satisfaction. The survey is an opportunity for employees to provide anonymous feedback on topics ranging from leadership and management, to opportunities for career growth, to work-life balance and diversity, equity and inclusion. The results of the survey are used to develop our annual corporate and department business plans as well as direct the efforts of our People team.
We have been designated as a 2020 “Great Place To Work” in the United States. Based on employee feedback, we have been recognized for our culture, mission and leadership by Great Place to Work®, a global evaluator of workplace culture. In addition, in a survey conducted by Comparably measuring employee sentiment across over 60,000 U.S. companies, we ranked top 50 in the largest company category for Best Company Culture and Best CEO. We have also been honored by the U.S. Department of Defense for promoting a supportive work environment for members of the U.S. National Guard and Reserve.
Facilities
Our principal executive offices are located in Burlington, Massachusetts, where we occupy an approximately 73,500 square-foot facility under a lease expiring on May 31, 2024, and in Pasadena, California, where we occupy an approximately 19,000 square-foot facility under a lease expiring on December 31, 2023. We also have additional offices in the United States as well as internationally including China, Germany, India, Netherlands, New Zealand, Norway, Singapore, Sweden, Switzerland and United Kingdom.
21
Legal Proceedings
From time to time we may become involved in legal proceedings or be subject to claims arising in the ordinary course of our business. We are not presently a party to any legal proceedings that, if determined adversely to us, would individually or taken together have a material adverse effect on our business, operating results, financial condition or cash flows. Regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
Corporate Information
Our principal executive offices are located at 25 Corporate Drive, Suite 400 Burlington, Massachusetts. Our telephone number is (818) 230-9700. Our website address is www.everbridge.com.
“Everbridge, Inc.,” the Everbridge logo, and other trademarks or service marks of Everbridge, Inc. appearing in this Annual Report on Form 10-K are the property of Everbridge, Inc. This Annual Report on Form 10-K contains additional trade names, trademarks and service marks of others, which are the property of their respective owners. Solely for convenience, trademarks and trade names referred to in this Annual Report on Form 10-K may appear without the ® or TM symbols.
Available Information
Our Annual Report on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K and amendments to reports filed pursuant to Sections 13(a) and 15(d) of the Securities Exchange Act of 1934, as amended, are made available free of charge on or through our website at http://ir.everbridge.com as soon as reasonably practicable after such reports are filed with, or furnished to, the Securities and Exchange Commission (“SEC”). The SEC also maintains a website, www.sec.gov, which contains reports and other information regarding issuers that file electronically with the SEC. We are not, however, including the information contained on our website, or information that may be accessed through links on our website, as part of, or incorporating such information by reference into, this Annual Report on Form 10-K.
22
Item 1A. Risk Factors.
Our operations and financial results are subject to various risks and uncertainties including those described below. You should consider carefully the risks and uncertainties described below, in addition to other information contained in this Annual Report on Form 10-K, including our consolidated financial statements and related notes, as well as our other public filings with the Securities and Exchange Commission. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, may also become important factors that adversely affect our business. If any of the following risks or others not specified below materialize, our business, financial condition and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline.
Summary of Risk Factors
Investing in our common stock involves a high degree of risk because our business is subject to numerous risks and uncertainties, as fully described below. The principal factors and uncertainties that make investing in our common stock risky include, among others:
Risks Related to Our Business and Our Industry
|
|
• |
If our business does not grow as we expect, or if we fail to manage our growth effectively, our operating results and business prospects would suffer. |
|
|
• |
We have not been profitable on a consistent basis historically and may not achieve or maintain profitability in the future. |
|
|
• |
If we are unable to renew or increase sales of our Mass Notification application, or if we are unable to increase sales of our other applications or add new applications, our business and operating results could be adversely affected. |
|
|
• |
We operate in an emerging, evolving, and competitive market, and if we cannot expand our platform and applications to meet the demands of this market or effectively compete against competitors, our revenue may decline and we may incur operating losses. |
|
|
• |
Our quarterly operating results may vary from period to period, which could result in our failure to meet expectations with respect to operating results and cause the trading price of our stock to decline. |
|
|
• |
Our failure to effectively complete and integrate acquired technologies, assets or businesses may harm our financial results. |
|
|
• |
Because our long-term growth strategy involves further expansion of our sales to customers outside the United States, our business will be susceptible to risks associated with international operations. |
Risks Related to Cybersecurity, and Reliability
|
|
• |
Compromise or unauthorized access to our data or the data of our customers or their employees could harm our business and our customers, cause customers to curtail or cease their use of our applications, damage our reputation, and cause us to incur significant liabilities. |
|
|
• |
Interruptions or delays in service from our third-party data center providers could impair our ability to make our platform and applications available to our customers, resulting in customer dissatisfaction, damage to our reputation, loss of customers, limited growth, and reduction in revenue. |
Risks Related to Data Privacy Government Regulation
|
|
• |
We are subject to governmental laws and regulations, particularly related to privacy, data protection and information security, and our actual or perceived failure to comply with such obligations could harm our business. |
|
|
• |
Compliance with governmental laws and regulations could impair our efforts to maintain and expand our customer base, and thereby decrease our revenue. |
|
|
• |
If our applications fail to function in a manner that allows our customers to operate in compliance with regulations and/or industry standards, our revenue and operating results could be harmed. |
23
|
|
• |
Risks Related to Our Intellectual Property. |
|
|
• |
If we fail to protect our intellectual property and proprietary rights adequately, our business could be harmed. |
|
|
• |
An assertion by a third party that we are infringing its intellectual property could subject us to costly and time-consuming litigation or expensive licenses that could harm our business and results of operations. |
|
|
• |
The use of open source software in our platform and applications may expose us to additional risks and harm our intellectual property. |
Risks Related to Ownership of Our Common Stock
|
|
• |
Our stock price may be volatile and you may lose some or all of your investment. |
|
|
• |
We may fail to meet our publicly announced guidance or other expectations about our business and future operating results, which would cause our stock price to decline. |
|
|
• |
Conversion of the $450 million aggregate principal amount of 0.125% convertible senior notes due December 15, 2024 (the “2024 Notes”) and $115 million aggregate principal amount of 1.50% convertible senior notes due November 1, 2022 (the “2022 Notes”) will dilute the ownership interest of existing stockholders, including holders who had previously converted their Notes, or may otherwise depress the price of our common stock. |
|
|
• |
We are obligated to maintain a system of effective internal control over financial reporting and any failure to maintain the adequacy of these internal controls may harm investor confidence in our company and, as a result, the value of our common stock. |
|
|
• |
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of us more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock. |
Risks Related to Our Indebtedness
|
|
• |
We issued convertible notes that have rights senior to our common stock. |
|
|
• |
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt. |
|
|
• |
The conditional conversion feature of the 2024 Notes and 2022 Notes, may adversely affect our financial condition and operating results. |
General Risks
|
|
• |
The ongoing COVID-19 pandemic could materially and adversely affect our business, results of operations and financial condition. |
|
|
• |
Legislative actions and new accounting pronouncements are likely to impact our future financial position or results of operations. |
|
|
• |
We may have additional tax liabilities from sales taxes, inability to use net operating losses, or changes in regulations, any or all of which could change our effective tax rate or tax liability and have an adverse effect on our results of operations. |
|
|
• |
We face exposure to foreign currency exchange rate fluctuations. |
24
Risks Related to Our Business and Our Industry
If our business does not grow as we expect, or if we fail to manage our growth effectively, our operating results and business prospects would suffer.
The number of our full-time employees were 1,344, 948 and 777 as of December 31, 2020, 2019 and 2018, respectively. In 2020, we made a significant investment in our sales organization, growing our headcount by 40%, and our revenue increased by $70.3 million for the year ended December 31, 2020 compared to 2019, due in part to the increase in our customer base.
However, our business may not continue to grow as quickly or at all in the future, which would adversely affect our revenue and business prospects. Our business growth depends on a number of factors including:
|
|
• |
our ability to execute upon our business plan effectively; |
|
|
• |
our ability to accelerate our acquisition of new customers; |
|
|
• |
our ability to further sell to our existing customers new applications and features and to additional departments in their organizations; |
|
|
• |
our ability to develop new applications to target new markets and use cases; |
|
|
• |
our ability to expand our international footprint; |
|
|
• |
the growth of the market in which we operate; |
|
|
• |
our ability to maintain our technology leadership position; and |
|
|
• |
our ability to acquire and integrate complementary business, technologies and teams we need. |
Further, our growth has placed, and will continue to place, a strain on our managerial, operational, financial and other resources, and our future operating results depend to a large extent on our ability to successfully manage our anticipated expansion and growth. To manage our growth successfully and handle the responsibilities of being a public company, we believe we must effectively, among other things:
|
|
• |
increase our customer base and upsell and cross-sell additional and new applications to our existing customers; |
|
|
• |
invest in sales and marketing and expand our channel partner relationships; |
|
|
• |
develop new applications that target new markets and use cases; |
|
|
• |
expand our international operations; and |
|
|
• |
improve our platform and applications, financial and operational systems, procedures and controls. |
We intend to continue our investment in sales and marketing, platform and applications, research and development, and general and administrative functions and other areas to grow our business. We are likely to recognize the costs associated with these investments earlier than some of the anticipated benefits and the return on these investments may be lower, or may develop more slowly, than we expect, which could adversely affect our operating results.
If we are unable to manage our growth effectively in a manner that preserves the key aspects of our corporate culture, we may not be able to take advantage of market opportunities or develop new applications or upgrades to our existing applications and we may fail to satisfy customer requirements, maintain the quality and security of our applications, execute on our business plan or respond to competitive pressures, which could result in our financial results suffering and a decline in our stock price.
25
We have not been profitable on a consistent basis historically and may not achieve or maintain profitability in the future.
We have posted a net loss in each year since inception, including net losses of $93.4 million, $52.3 million and $47.5 million in the years ended December 31, 2020, 2019 and 2018, respectively. As of December 31, 2020, we had an accumulated deficit of $293.3 million. While we have experienced significant revenue growth in recent periods, we are not certain whether or when we will obtain a high enough volume of sales of our applications to sustain or increase our growth or achieve or maintain profitability in the future. Our ability to achieve or maintain profitability also has been and will continue to be impacted by non-cash stock-based compensation. We also expect our costs to increase in future periods, which could negatively affect our future operating results if our revenue does not increase. In particular, we expect to continue to expend substantial financial and other resources on:
|
|
• |
sales and marketing, including a significant expansion of our sales organization, both domestically and internationally; |
|
|
• |
research and development related to our platform and applications, including investments in our research and development team; |
|
|
• |
continued international expansion of our business; and |
|
|
• |
general and administration expenses, including legal and accounting expenses related to being a public company. |
These investments may not result in increased revenue or growth in our business. If we are unable to increase our revenue at a rate sufficient to offset the expected increase in our costs, our business, financial position and results of operations will be harmed, and we may not be able to achieve or maintain profitability over the long term. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays and other unknown factors that may result in losses in future periods. If our revenue growth does not meet our expectations in future periods, our financial performance may be harmed, and we may not achieve or maintain profitability in the future.
To date, we have derived a substantial portion of our revenue from the sale of our Mass Notification application. If we are unable to renew or increase sales of this application, or if we are unable to increase sales of our other applications, our business and operating results could be adversely affected.
While we have introduced several new event management applications over the last few years, we derived approximately 50%, 61% and 62% of our revenue from sales of our Mass Notification application in 2020, 2019 and 2018, respectively, and expect to continue to derive a substantial portion of our revenue from sales of this application in the near term. As a result, our operating results could suffer due to:
|
|
• |
any decline in demand for our Mass Notification application; |
|
|
• |
pricing or other competitive pressures from competing products; |
|
|
• |
the introduction of applications and technologies that serve as a replacement or substitute for, or represent an improvement over, our Mass Notification application; |
|
|
• |
technological innovations or new standards that our Mass Notification application do not address; and |
|
|
• |
sensitivity to current or future prices offered by us or competing solutions. |
Because of our reliance on our Mass Notification application, our inability to renew or increase sales of this application or a decline in prices of this application would harm our business and operating results more seriously than if we derived significant revenue from a variety of applications. Any factor adversely affecting sales of our historical or new applications, including release cycles, market acceptance, competition, performance and reliability, reputation and economic and market conditions, could adversely affect our business and operating results.
26
If we are unable to develop upgrades to our platform, develop new applications, sell our platform and applications into new markets or further penetrate our existing market, our revenue may not grow.
Our ability to increase sales will depend in large part on our ability to enhance and improve our platform and applications, introduce new applications in a timely manner, develop new use cases for our platform and further penetrate our existing market. The success of any enhancement to our platform or new applications depends on several factors, including the timely completion, introduction and market acceptance of enhanced or new applications, the ability to maintain and develop relationships with channel partners and communications carriers, the ability to attract, retain and effectively train sales and marketing personnel and the effectiveness of our marketing programs. Any new application that we develop or acquire may not be introduced in a timely or cost-effective manner, and may not achieve the broad market acceptance necessary to generate significant revenue. Any new markets into which we attempt to sell our applications, including new vertical markets and new countries or regions, may not be receptive. Our ability to further penetrate our existing markets depends on the quality of our platform and applications and our ability to design our platform and applications to meet consumer demand. Any failure to enhance or improve our platform and applications as well as introduce new applications may adversely affect our revenue growth and operating results.
If we are unable to attract new customers or sell additional applications to our existing customers, our revenue and revenue growth will be harmed.
A part of our growth strategy is to add new customers and sell additional applications to our existing customers. Our ability to maintain existing customers, sell them new applications and to add new customers will depend in significant part on our ability to anticipate industry evolution, practices and standards and to continue to introduce and enhance the applications we offer on a timely basis to keep pace with technological developments. However, we may prove unsuccessful in developing new applications and improving existing applications. In addition, the success of any new application depends on several factors, including the timely completion, introduction and market acceptance of the application. Any new applications we develop or acquire might not be introduced in a timely or cost-effective manner and might not achieve the broad market acceptance necessary to generate significant revenue. If any of our competitors implements new technologies before we are able to implement them or better anticipates market opportunities, those competitors may be able to provide more effective or cheaper products than ours. As a result, we may be unable to renew our agreements with existing customers, attract new customers or grow or maintain our business from existing customers, which could harm our revenue and growth.
Failure to effectively develop and expand our sales and marketing capabilities could harm our ability to increase our customer base and achieve broader market acceptance of our platform and applications.
To increase total customers and achieve broader market acceptance of our platform and applications, we will need to expand our sales and marketing organization, including the vertical and geographic distribution of our salesforce and our teams of account executives focused on new accounts, account managers responsible for renewal and growth of existing accounts, and business development representatives targeting new and growth business opportunity creation. We will continue to dedicate significant resources to our global sales and marketing organizations. The effectiveness of our sales and marketing teams has varied over time and may vary in the future, and depends in part on our ability to maintain and improve our platform and applications. All of these efforts will require us to invest significant financial and other resources and we are unlikely to see the benefits, if any, of these increases until future periods after incurring these expenses. Our business will be seriously harmed if our efforts do not generate a correspondingly significant increase in revenue. We may not achieve revenue growth from expanding our salesforce if we are unable to hire, develop and retain talented sales personnel, if our new sales personnel are unable to achieve desired productivity levels in a reasonable period of time or if our sales and marketing programs are not effective.
27
The nature of our business exposes us to inherent liability risks.
Our applications, including our Mass Notification, Safety Connection, Incident Management, IT Alerting, Visual Command Center, Public Warning, Community Engagement, Risk Center, Crisis Management, Secure Collaboration, and Control Center applications, are designed to communicate life-saving or damage-mitigating information to the right people, on the right device, in the right location, at the right time during public safety threats and critical business events. Due to the nature of such applications, we are potentially exposed to greater risks of liability for employee acts or omissions or system failures than may be inherent in other businesses. Although substantially all of our customer agreements contain provisions limiting our liability to our customers, we cannot assure you that these limitations will be enforced or the costs of any litigation related to actual or alleged omissions or failures would have a material adverse effect on us even if we prevail. Further, certain of our insurance policies and the laws of some states may limit or prohibit insurance coverage for punitive or certain other types of damages or liability arising from gross negligence and we cannot assure you that we are adequately insured against the risks that we face.
Because we generally recognize revenue ratably over the term of our contract with a customer, downturns or upturns in sales will not be fully reflected in our operating results until future periods.
Our revenue is primarily generated from subscriptions to our critical event management applications. Our customers generally do not have the right to take possession of our software platform and applications. Revenue from subscriptions, including additional fees for items such as incremental usage, is recognized ratably over the subscription period beginning on the date that the subscription is made available to the customer. Our agreements with our customers typically range from one to three years. As a result, much of the revenue that we report in each quarter is attributable to agreements entered into during previous quarters. Consequently, a decline in sales, customer renewals or market acceptance of our applications in any one quarter would not necessarily be fully reflected in the revenue in that quarter, and would negatively affect our revenue and profitability in future quarters. This ratable revenue recognition also makes it difficult for us to rapidly increase our revenue through additional sales in any period, as revenue from new customers generally is recognized over the applicable agreement term.
We operate in an emerging and evolving market, which may develop more slowly or differently than we expect. If our market does not grow as we expect, or if we cannot expand our platform and applications to meet the demands of this market, our revenue may decline, fail to grow or fail to grow at an accelerated rate, and we may incur operating losses.
The market for CEM solutions is in an early stage of development, and it is uncertain whether this market will develop, and even if it does develop, how rapidly or how consistently it will develop or whether our platform and applications will be accepted into the markets in which we operate and plan to operate. Our success will depend, to a substantial extent, on the widespread adoption of our platform and applications as an alternative to historical mass notification systems. Some organizations may be reluctant or unwilling to use our platform and applications for a number of reasons, including concerns about additional costs, uncertainty regarding the reliability and security of cloud-based offerings or lack of awareness of the benefits of our platform and applications. Many organizations have invested substantial personnel and financial resources to integrate traditional on-premises applications into their businesses, and therefore may be reluctant or unwilling to migrate to cloud-based applications. Our ability to expand sales of our platform and applications into new markets depends on several factors, including the awareness of our platform and applications; the timely completion, introduction and market acceptance of enhancements to our platform and applications or new applications that we may introduce; our ability to attract, retain and effectively train sales and marketing personnel; our ability to develop relationships with channel partners and communication carriers; the effectiveness of our marketing programs; the costs of our platform and applications; and the success of our competitors. If we are unsuccessful in developing and marketing our platform and applications into new markets, or if organizations do not perceive or value the benefits of our platform and applications, the market for our platform and applications might not continue to develop or might develop more slowly than we expect, either of which would harm our revenue and growth prospects.
28
The markets in which we participate are competitive, and if we do not compete effectively, our operating results could be harmed.
The market for critical event management solutions is highly fragmented, competitive and constantly evolving. With the introduction of new technologies and market entrants, we expect that the competitive environment in which we compete will remain intense going forward. Some of our competitors have made or may make acquisitions or may enter into partnerships or other strategic relationships to provide a more comprehensive offering than they individually had offered or achieve greater economies of scale. In addition, new entrants not currently considered to be competitors may enter the market through acquisitions, partnerships or strategic relationships. We compete on the basis of a number of factors, including:
|
|
• |
application functionality, including local and multi-modal delivery in international markets; |
|
|
• |
breadth of offerings; |
|
|
• |
performance, security, scalability and reliability; |
|
|
• |
compliance with local regulations and multi-language support; |
|
|
• |
brand recognition, reputation and customer satisfaction; |
|
|
• |
ease of application implementation, use and maintenance; and |
|
|
• |
total cost of ownership. |
We face competition from in-house solutions, large integrated systems vendors and established and emerging cloud and SaaS and other software providers. Our competitors vary in size and in the breadth and scope of the products and services offered. Many of our competitors and potential competitors have greater name recognition, longer operating histories, more established customer relationships, larger marketing budgets and greater resources than we do. While some of our competitors provide a platform with applications to support one or more use cases, many others provide point-solutions that address a single use case. Further, other potential competitors not currently offering competitive applications may expand their offerings to compete with our solutions. Our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards and customer requirements. An existing competitor or new entrant could introduce new technology that reduces demand for our solutions. In addition to application and technology competition, we face pricing competition. Some of our competitors offer their applications or services at a lower price, which has resulted in pricing pressures. Some of our larger competitors have the operating flexibility to bundle competing applications and services with other offerings, including offering them at a lower price as part of a larger sale. For all of these reasons, we may not be able to compete successfully and competition could result in reduced sales, reduced margins, losses or the failure of our applications to achieve or maintain market acceptance, any of which could harm our business.
We may not be able to scale our business quickly enough to meet our customers’ growing needs and if we are not able to grow efficiently, our operating results could be harmed.
As usage of our platform and applications grows, we will need to continue making significant investments to develop and implement new applications, technologies, security features and cloud-based infrastructure operations. In addition, we will need to appropriately scale our internal business systems and our services organization, including customer support and professional services, to serve our growing customer base, particularly as our customer demographics change over time. Any failure of, or delay in, these efforts could impair the performance of our platform and applications and reduce customer satisfaction. Even if we are able to upgrade our systems and expand our staff, any such expansion may be expensive and complex, requiring management’s time and attention. To the extent that we do not effectively scale our platform and operations to meet the growing needs of our customers, we may not be able to grow as quickly as we anticipate, our customers may reduce or cancel use of our applications and professional services, we may be unable to compete effectively and our business and operating results may be harmed.
29
Our quarterly operating results may vary from period to period, which could result in our failure to meet expectations with respect to operating results and cause the trading price of our stock to decline.
Our operating results, including the levels of our revenue, renewal rates, cash flows, deferred revenue and gross margins, have historically varied from period to period, and we expect that these items will continue to do so as a result of a number of factors, many of which are outside of our control, including:
|
|
• |
the level of demand for our products and services; |
|
|
• |
customer renewal rates and ability to attract new customers; |
|
|
• |
the extent to which customers purchase additional products or services; |
|
|
• |
the mix of our products and services sold during a period; |
|
|
• |
network outages, security breaches, technical difficulties or interruptions with our products; |
|
|
• |
changes in the growth rate of the markets in which we compete; |
|
|
• |
sales of our products and services due to seasonality and customer demand; |
|
|
• |
the timing and success of new product or service introductions by us or our competitors or any other changes in the competitive landscape of its industry, including consolidation among our competitors; |
|
|
• |
the introduction or adoption of new technologies that compete with our offerings; |
|
|
• |
decisions by potential customers to purchase critical event management products or services from other vendors; |
|
|
• |
the amount and timing of operating costs and capital expenditures related to the operations and expansion of our business; |
|
|
• |
price competition; |
|
|
• |
our ability to successfully manage and integrate our previous acquisitions and any future acquisitions of businesses, including the recent acquisitions of Connexient, Inc. (“Connexient”), CNL Software, One2Many Group B.V. (“one2many”), Techwan, SnapComms and Red Sky Technologies Inc. (“Red Sky”) and including without limitation the amount and timing of expenses and potential future charges for impairment of goodwill from acquired companies; |
|
|
• |
our ability to establish and grow relationships with partners to market and sell our products and services; |
|
|
• |
our continued international expansion and associated exposure to changes in foreign currency exchange rates, including any fluctuations caused by uncertainties relating to the United Kingdom’s exit from the European Union, commonly referred to as “Brexit”; |
|
|
• |
the amount and timing of operating expenses related to the maintenance and expansion of our business, operations and infrastructure; |
|
|
• |
the announcement or adoption of new regulations and policy mandates or changes to existing regulations and policy mandates; |
|
|
• |
the cost or results of existing or unforeseen litigation and intellectual property infringement; |
|
|
• |
the strength of regional, national and global economies; |
|
|
• |
quarantine, private travel limitation, or business disruption in regions affecting our operations, stemming from actual, imminent or perceived outbreak of contagious disease, including the COVID-19 pandemic; |
|
|
• |
the impact of natural disasters or manmade problems such as terrorism or war; and |
|
|
• |
future accounting pronouncements or changes in our accounting policies. |
Fluctuations in our quarterly operating results, key metrics, non-GAAP metrics and the price of our common stock may be particularly pronounced in the current economic environment due to the uncertainty caused by and the
30
unprecedented nature of the current COVID-19 pandemic. Each factor above or discussed elsewhere herein or the cumulative effect of some of these factors may result in fluctuations in our operating results. This variability and unpredictability could result in our failure to meet expectations with respect to operating results, or those of securities analysts or investors, for a particular period. If we fail to meet or exceed expectations for our operating results for these or any other reasons, the market price of our stock could fall and we could face costly lawsuits, including securities class action suits.
Due to the foregoing factors and the other risks discussed in this Annual Report on Form 10-K, you should not rely on quarter-to-quarter comparisons of our results of operations as an indication of our future performance nor should you consider our recent revenue growth or results in any single period to be indicative of our future performance.
Changes in the mix of sizes or types of businesses or government agencies that purchase our platform and applications purchased or used by our customers could affect our operating results.
We have sold and will continue to sell to enterprises of all sizes, municipal and regional governmental agencies, non-profit organizations, educational institutions and healthcare organizations. Sales to larger organizations may entail longer sales cycles and more significant selling efforts. Selling to small businesses may involve greater credit risk and uncertainty. Changes in the sizes or types of businesses that purchase our applications could cause our operating results to be adversely affected.
If we fail to offer high-quality customer support, our business and reputation may suffer.
We offer our customers implementation services and 24/7 support through our customer support centers as well as education, professional development and certification through Everbridge University as well as a range of consulting services. Consulting service offerings include onsite implementation packages, Certified Emergency Management professional operational reviews, dedicated client care representatives, custom web-based training, and development of client-specific communications materials to increase internal awareness of system value.
Providing this education, training and support requires that our personnel who manage our training resources or provide customer support have specific experience, knowledge and expertise, making it more difficult for us to hire qualified personnel and to scale up our support operations. The importance of high-quality customer support will increase as we expand our business and pursue new customers and larger organizations. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services or scale our services if our business grows. We also may be unable to modify the format of our support services or change our pricing to compete with changes in support services provided by our competitors. Increased customer demand for these services, without corresponding revenue, could increase our costs and harm our operating results. If we do not help our customers use applications within our platform and provide effective ongoing support, our ability to sell additional applications to, or to retain, existing customers may suffer and our reputation with existing or potential customers may be harmed.
Our strategy includes pursuing acquisitions, and our potential inability to successfully integrate newly-acquired technologies, assets or businesses may harm our financial results. Future acquisitions of technologies, assets or businesses, which are paid for partially or entirely through the issuance of stock or stock rights, could dilute the ownership of our existing stockholders.
We may evaluate and consider potential strategic transactions, including acquisitions of, or investments in, businesses, technologies, services, products and other assets in the future. We also may enter into relationships with other businesses to expand our platform and applications, which could involve preferred or exclusive licenses, additional channels of distribution, discount pricing or investments in other companies.
31
We have acquired businesses and technology in the past. For example, we acquired Connexient and CNL Software Limited in February 2020, one2many in March 2020, Techwan in May 2020, SnapComms in August 2020 and Red Sky in January 2021. We believe that part of our continued growth will be driven by acquisitions of other companies or their technologies, assets, businesses and teams. Any acquisitions we complete will give rise to risks, including:
|
|
• |
incurring higher than anticipated capital expenditures and operating expenses; |
|
|
• |
failing to assimilate the operations and personnel or failing to retain the key personnel of the acquired company or business; |
|
|
• |
failing to integrate the acquired technologies, or incurring significant expense to integrate acquired technologies, into our platform and applications; |
|
|
• |
disrupting our ongoing business; |
|
|
• |
diverting our management’s attention and other company resources; |
|
|
• |
failing to maintain uniform standards, controls and policies; |
|
|
• |
incurring significant accounting charges; |
|
|
• |
impairing relationships with our customers and employees; |
|
|
• |
finding that the acquired technology, asset or business does not further our business strategy, that we overpaid for the technology, asset or business or that we may be required to write off acquired assets or investments partially or entirely; |
|
|
• |
failing to realize the expected synergies of the transaction; |
|
|
• |
being exposed to unforeseen liabilities and contingencies that were not identified prior to acquiring the company; and |
|
|
• |
being unable to generate sufficient revenue and profits from acquisitions to offset the associated acquisition costs. |
Fully integrating an acquired technology, asset or business into our operations may take a significant amount of time. We may not be successful in overcoming these risks or any other problems encountered with acquisitions. To the extent that we do not successfully avoid or overcome the risks or problems related to any such acquisitions, our results of operations and financial condition could be harmed. Acquisitions also could impact our financial position and capital requirements, or could cause fluctuations in our quarterly and annual results of operations. Acquisitions could include significant goodwill and intangible assets, which may result in future impairment charges that would reduce our stated earnings. In addition, failure to maintain effective financial controls and reporting systems and procedures during and after integration of an acquired business could also impact our ability to produce timely and accurate financial statements. We may incur significant costs in our efforts to engage in strategic transactions and these expenditures may not result in successful acquisitions.
We expect that the consideration we might pay for any future acquisitions of technologies, assets, businesses or teams could include stock, rights to purchase stock, cash or some combination of the foregoing. If we issue stock or rights to purchase stock in connection with future acquisitions, net income per share and then-existing holders of our common stock may experience dilution.
We rely on the performance of our senior management and highly skilled personnel, and if we are unable to attract, retain and motivate well-qualified employees, our business and results of operations could be harmed.
We believe our success has depended, and continues to depend, on the efforts and talents of our senior management and key personnel. Our future success depends on our continuing ability to attract, develop, motivate and retain highly qualified and skilled employees. Qualified individuals are in high demand, and we may incur significant costs to attract them. In addition, the loss of any of our senior management or key personnel could interrupt our ability to execute our business plan, as such individuals may be difficult to replace. If we do not succeed in attracting well-qualified employees or retaining and motivating existing employees, our business and results of operations could be harmed.
32
If we are unable to increase sales of our solutions to large organizations while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer.
Our growth strategy is dependent, in part, upon increasing sales of our solutions to large enterprises and governments. Sales to large customers involve risks that may not be present (or that are present to a lesser extent) with sales to smaller entities. These risks include:
|
|
• |
increased purchasing power and leverage held by large customers in negotiating contractual arrangements with us; |
|
|
• |
more stringent and complicated implementation processes, including stricter implementation deadlines and penalties for any failure to meet such deadlines; |
|
|
• |
more stringent or costly requirements imposed upon us in our support service contracts with such customers, including stricter support response times and penalties for any failure to meet support requirements; |
|
|
• |
longer sales cycles and the associated risk that substantial time and resources may be spent on a potential customer that ultimately elects not to purchase our platform or purchases less than we hoped; |
|
|
• |
closer relationships with, and dependence upon, large technology companies who offer competitive products; and |
|
|
• |
more pressure for discounts and write-offs. |
In addition, because security breaches with respect to larger, high-profile enterprises are likely to be heavily publicized, there is increased reputational risk associated with serving such customers. If we are unable to increase sales of our offerings to large enterprise and government customers while mitigating the risks associated with serving such customers, our business, financial position and results of operations may suffer.
Our revenue growth will depend in part on the success of our efforts to augment our direct-sales channels by developing relationships with third parties.
We rely largely on the direct-sales model to market our platform. In order to continue to build our business, we plan to continue to develop partnerships to support our sales efforts through referrals and co-selling arrangements. Our efforts to develop relationships with partners are still at an early stage, we have generated limited revenue through these relationships to date, and we cannot assure you that we will be able to develop and maintain successful partnerships or that these partners will be successful in marketing and selling our platform or solutions based upon our platform. Identifying partners, negotiating and supporting relationships with them and maintaining relationships requires a significant commitment of time and resources that may not yield a significant return on our investment. We expect that our partners will have only limited commitments to dedicate resources to marketing and promoting our solutions. In addition, our competitors may be more effective in providing incentives to our partners or prospective partners to favor their products or services over our solutions. If we are unsuccessful in establishing or maintaining our relationships with partners, or if these partners are unsuccessful in marketing or selling our solutions or are unable or unwilling to devote sufficient resources to these activities, our ability to compete in the marketplace or to grow our revenue could be impaired and our operating results may suffer. Further, new or emerging technologies, technological trends or changes in customer requirements may result in certain third parties de-emphasizing their dealings with us or becoming potential competitors in the future.
Because our long-term growth strategy involves further expansion of our sales to customers outside the United States, our business will be susceptible to risks associated with international operations.
A component of our growth strategy involves the further expansion of our operations and customer base internationally. We opened our first international office in Beijing, China in April 2012 and subsequently opened an office in Windsor, England in September 2012 as part of our geographic expansion. In March 2014, we acquired Vocal Limited, a mass notification company based in Colchester, England. In December 2016, we acquired Svensk Krisledning AB, a SaaS mobile crisis management company based in Norsborg, Sweden. In April 2018, we acquired Unified Messaging Systems ASA, a critical communication and population alerting systems company based in Oslo, Norway. In May 2018, we acquired Respond B.V., a critical communication solutions company based in the
33
Netherlands. In February 2020, we acquired CNL Software Limited, a global provider of physical security information management platform software based in Camberley, United Kingdom. In March 2020, we acquired One2Many Group B.V. based in the Netherlands. In May 2020, we acquired Techwan SA based in Switzerland. In August 2020, we acquired SnapComms Limited based in New Zealand. For the years ended December 31, 2020 and 2019, approximately 26% and 22% of our revenue, respectively, was derived from customers located outside of the United States. We intend to further expand our local presence in regions such as Europe, the Middle East and Asia. Our current international operations and future initiatives will involve a variety of risks, including:
|
|
• |
currency exchange rate fluctuations and the resulting effect on our revenue and expenses, and the cost and risk of entering into hedging transactions if we chose to do so in the future; |
|
|
• |
economic or political instability in foreign markets; |
|
|
• |
greater difficulty in enforcing contracts, accounts receivable collection and longer collection periods; |
|
|
• |
more stringent regulations relating to technology, including with respect to privacy, data security and the unauthorized use of, access to, or deletion of commercial and personal information, particularly in the European Union; |
|
|
• |
difficulties in maintaining our company culture with a dispersed and distant workforce; |
|
|
• |
unexpected changes in regulatory requirements, taxes or trade laws; |
|
|
• |
differing labor regulations, especially in the European Union, where labor laws are generally more advantageous to employees as compared to the United States, including deemed hourly wage and overtime regulations in these locations; |
|
|
• |
challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits and compliance programs; |
|
|
• |
difficulties in managing a business in new markets with diverse cultures, languages, customs, legal systems, alternative dispute systems and regulatory systems; |
|
|
• |
limitations on our ability to reinvest earnings from operations in one country to fund the capital needs of our operations in other countries; |
|
|
• |
limited or insufficient intellectual property protection; |
|
|
• |
political instability or terrorist activities; |
|
|
• |
differing exposure to, responses to and capacities for managing the COVID-19 pandemic; |
|
|
• |
likelihood of potential or actual violations of domestic and international anticorruption laws, such as the U.S. Foreign Corrupt Practices Act and the U.K. Bribery Act, or of U.S. and international export control and sanctions regulations, which likelihood may increase with an increase of sales or operations in foreign jurisdictions and operations in certain industries; and |
|
|
• |
adverse tax burdens and foreign exchange controls that could make it difficult to repatriate earnings and cash. |
Our limited experience in operating our business internationally increases the risk that any potential future expansion efforts that we may undertake will not be successful. If we invest substantial time and resources to expand our international operations and are unable to do so successfully and in a timely manner, our business and operating results will suffer. We continue to implement policies and procedures to facilitate our compliance with U.S. laws and regulations applicable to or arising from our international business. Inadequacies in our past or current compliance practices may increase the risk of inadvertent violations of such laws and regulations, which could lead to financial and other penalties that could damage our reputation and impose costs on us.
Our business, including the sales of our products and professional services by us and our channel partners, may be subject to foreign governmental regulations, which vary substantially from country to country and change from time to time. Our failure, or the failure by our channel partners, to comply with these regulations could adversely affect
34
our business. Further, in many foreign countries it is common for others to engage in business practices that are prohibited by our internal policies and procedures or U.S. regulations applicable to us. Although we have implemented policies and procedures designed to comply with these laws and policies, there can be no assurance that our employees, contractors, channel partners and agents have complied, or will comply, with these laws and policies. Violations of laws or key control policies by our employees, contractors, channel partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties or the prohibition of the importation or exportation of our products and could have a material adverse effect on our business and results of operations. If we are unable to successfully manage the challenges of international expansion and operations, our business and operating results could be adversely affected.
We are also monitoring developments related to the United Kingdom’s departure from the European Union on January 31, 2020, commonly referred to as “Brexit.” Brexit could have significant implications for our business and could lead to economic and legal uncertainty, including significant volatility in global stock markets and currency exchange rates, and differing laws and regulations as the United Kingdom determines which European Union laws to replace or replicate. Any of these effects of Brexit, among others, could adversely affect our operations in the United Kingdom and our financial results.
If we cannot maintain our company culture as we grow, our success and our business may be harmed.
We believe our culture has been a key contributor to our success to-date and that the critical nature of the solutions that we provide promotes a sense of greater purpose and fulfillment in our employees. We have invested in building a strong corporate culture and believe it is one of our most important and sustainable sources of competitive advantage. Any failure to preserve our culture could negatively affect our ability to retain and recruit personnel and to effectively focus on and pursue our corporate objectives. As we grow and develop the infrastructure of a public company, we may find it difficult to maintain these important aspects of our company culture. If we fail to maintain our company culture, our business may be adversely impacted.
Our ability to raise capital in the future may be limited, and our failure to raise capital when needed could prevent us from growing.
Our business and operations may consume resources faster than we anticipate. In the future, we may need to raise additional funds to invest in future growth opportunities. Additional financing may not be available on favorable terms, if at all. If adequate funds are not available on acceptable terms, we may be unable to invest in future growth opportunities, which could seriously harm our business and operating results. If we incur debt, the debt holders would have rights senior to common stockholders to make claims on our assets, and the terms of any debt could restrict our operations, including our ability to pay dividends on our common stock. Furthermore, if we issue equity securities, stockholders will experience dilution, and the new equity securities could have rights senior to those of our common stock. Because our decision to issue securities in any future offering will depend on market conditions and other factors beyond our control, we cannot predict or estimate the amount, timing or nature of our future offerings. As a result, our stockholders bear the risk of our future securities offerings reducing the market price of our common stock and diluting their interest.
Our sales cycle can be unpredictable, time-consuming and costly, which could harm our business and operating results.
Our sales process involves educating prospective customers and existing customers about the use, technical capabilities and benefits of our platform and applications. Prospective customers, especially larger organizations, often undertake a prolonged evaluation process, which typically involves not only our solutions, but also those of our competitors and lasts from four to nine months or longer. We may spend substantial time, effort and money on our sales and marketing efforts without any assurance that our efforts will produce any sales.
Events affecting our customers’ businesses may occur during the sales cycle that could affect the size or timing of a purchase, contributing to more unpredictability in our business and operating results. As a result of these factors, we may face greater costs, longer sales cycles and less predictability in the future.
35
Risks Related to Cybersecurity, and Reliability
If our, our customers’ or our third-party providers’ security measures are compromised or unauthorized access to the data of our customers or their employees, customers or constituents is otherwise obtained, our platform may be perceived as not being secure, our customers may be harmed and may curtail or cease their use of our applications, our reputation may be damaged and we may incur significant liabilities.
Our operations involve the storage and transmission of data of our customers and their employees, customers and constituents, including personally identifiable information such as contact information and physical location. Security incidents, whether as a result of third-party action, employee or customer error, technology impairment or failure, malfeasance or criminal activity, could result in unauthorized access to, or loss or unauthorized disclosure of, this information, litigation, indemnity obligations and other possible liabilities, as well as negative publicity, which could damage our reputation, impair our sales and harm our customers and our business. Cyber incidents and malicious internet-based activity continue to increase generally, and providers of cloud-based services have been targeted. If third parties with whom we work, such as vendors or developers, violate applicable laws or our security policies, such violations may also put our customers’ information at risk and could in turn have an adverse effect on our business. We may be unable to anticipate or prevent techniques used to obtain unauthorized access or to sabotage systems because they change frequently and often are not detected until after an incident has occurred. As we increase our customer base and our brand becomes more widely known and recognized, third parties may increasingly seek to compromise our security controls or gain unauthorized access to our sensitive corporate information or customers’ data. Further, because of the nature of the services that we provide to our customers during public safety threats and critical business events, we may be a unique target for attacks.
Many governments have enacted laws requiring companies to notify individuals of data security incidents or unauthorized transfers involving certain types of personal data. In addition, some of our customers contractually require notification of any data security incident. Accordingly, security incidents experienced by our competitors, by our customers or by us may lead to public disclosures, which may lead to widespread negative publicity. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode customer confidence in the effectiveness of our security measures, negatively impact our ability to attract new customers, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could materially and adversely affect our business and operating results. Further, the costs of compliance with notification laws and contractual obligations may be significant and any requirement that we provide such notifications as a result of an actual or alleged compromise could have a material and adverse effect on our business.
While we maintain general liability insurance coverage and coverage for errors or omissions, we cannot assure you that such coverage would be adequate or would otherwise protect us from liabilities or damages with respect to claims alleging compromises of personal data or that such coverage will continue to be available on acceptable terms or at all.
If our computer systems are or become vulnerable to security breaches or we are unable to comply with our security obligations, we may face reputational damage and lose clients and revenue.
The services we provide are often critical to our clients’ businesses. Certain of our client contracts may require us to comply with security obligations, which could include maintaining network security and backup data, ensuring our network is virus-free, maintaining business continuity planning procedures, and verifying the integrity of employees that work with our clients by conducting background checks. Any failure in our systems or breach of security relating to the services we provide to the client could damage our reputation or result in a claim for substantial damages against us. Our liability for breaches of data security requirements, for which we may be required to indemnify our clients, may be extensive. Any significant failure of our equipment or systems, or any major disruption to basic infrastructure like power and telecommunications in the locations in which we operate, could impede our ability to provide services to our clients, have a negative impact on our reputation, cause us to lose clients, and adversely affect our results of operations.
In addition, we often have access to or are required to collect and store confidential client and customer data. If any person, including any of our employees or former employees, penetrates our network security, accidentally exposes our data or code, or misappropriates data or code that belongs to us, our clients, or our clients’ customers, we could be subject to significant liability from our clients or from our clients’ customers for breaching contractual confidentiality provisions or privacy laws. Unauthorized disclosure of sensitive or confidential client and customer
36
data, whether through breach of our computer systems, systems failure, loss or theft of confidential information or intellectual property belonging to our clients or our clients’ customers, or otherwise, could damage our reputation, cause us to lose clients and revenues, and result in financial and other potential losses by us.
Interruptions or delays in service from our third-party data center providers could impair our ability to make our platform and applications available to our customers, resulting in customer dissatisfaction, damage to our reputation, loss of customers, limited growth and reduction in revenue.
We currently serve part of our platform functions from third-party data center hosting facilities operated by Century Link and located in the Los Angeles, California and Denver, Colorado areas. We also rely on Amazon Web Services servers located in Germany, Ireland, the United Kingdom, Canada, California, and Virginia to host certain of our platform functions and applications. Our operations depend, in part, on our third-party facility providers’ abilities to protect these facilities against damage or interruption from natural disasters, power or telecommunications failures, cyber incidents, criminal acts and similar events. In the event that any of our third-party facilities arrangements are terminated, or if there is a lapse of service or damage to a facility, we could experience interruptions in our platform as well as delays and additional expenses in arranging new facilities and services. Any changes in third-party service levels at our data centers or any errors, defects, disruptions, cyber incidents or other performance problems with our solutions could harm our reputation.
Any damage to, or failure of, the systems of our third-party providers could result in interruptions to our platform. Despite precautions taken at our data centers, the occurrence of spikes in usage volume, natural disasters, cyber incidents, acts of terrorism, vandalism or sabotage, closure of a facility without adequate notice or other unanticipated problems could result in lengthy interruptions in the availability of our platform and applications. Problems faced by our third-party data center locations, with the telecommunications network providers with whom they contract, or with the systems by which our telecommunications providers allocate capacity among their customers, including us, could adversely affect the experience of our customers. Because of the nature of the services that we provide to our customers during public safety threats and critical business events, any such interruption may arise when our customers are most reliant on our applications, thereby compounding the impact of any interruption on our business. Interruptions in our services might reduce our revenue, cause us to issue refunds to customers and subject us to potential liability.
Further, our insurance policies may not adequately compensate us for any losses that we may incur in the event of damage or interruption. Although we benefit from liability protection under the Support Anti-Terrorism by Fostering Effective Technology Act of 2002, the occurrence of any of the foregoing could reduce our revenue, subject us to liability, cause us to issue credits to customers or cause customers not to renew their subscriptions for our applications, any of which could materially adversely affect our business.
Failures or reduced accessibility of third-party software on which we rely could impair the availability of our platform and applications and adversely affect our business.
We license software from third parties for integration into our platform and applications, including open source software. These licenses might not continue to be available to us on acceptable terms, or at all. While we are not substantially dependent upon any third-party software, the loss of the right to use all or a significant portion of our third-party software required for the development, maintenance and delivery of our applications could result in delays in the provision of our applications until we develop or identify, obtain and integrate equivalent technology, which could harm our business.
Any errors or defects in the hardware or software we use could result in errors, interruptions, cyber incidents or a failure of our applications. Any significant interruption in the availability of all or a significant portion of such software could have an adverse impact on our business unless and until we can replace the functionality provided by these applications at a similar cost. Furthermore, this software may not be available on commercially reasonable terms, or at all. The loss of the right to use all or a significant portion of this software could limit access to our platform and applications. Additionally, we rely upon third parties’ abilities to enhance their current applications, develop new applications on a timely and cost-effective basis and respond to emerging industry standards and other technological changes. We may be unable to effect changes to such third-party technologies, which may prevent us from rapidly responding to evolving customer requirements. We also may be unable to replace the functionality
37
provided by the third-party software currently offered in conjunction with our applications in the event that such software becomes obsolete or incompatible with future versions of our platform and applications or is otherwise not adequately maintained or updated.
If we do not or cannot maintain the compatibility of our platform with third-party applications that our customers use in their businesses, our revenue will decline.
As a significant percentage of our customers choose to integrate our solutions with certain capabilities provided by third-party providers, the functionality and popularity of our solutions depend, in part, on our ability to integrate our platform and applications with certain third-party systems. Third-party providers may change the features of their technologies, restrict our access to their applications or alter the terms governing use of their applications in an adverse manner. Such changes could functionally limit or terminate our ability to use these third-party technologies in conjunction with our platform and applications, which could negatively impact our solutions and harm our business. If we fail to integrate our solutions with new third-party applications that our customers use, we may not be able to offer the functionality that our customers need, which would negatively impact our ability to generate revenue and adversely impact our business.
Risks Related to Data Privacy Government Regulation
We are subject to governmental regulation and other legal obligations, particularly related to privacy, data protection and information security, and our actual or perceived failure to comply with such obligations could harm our business. Compliance with such laws could also impair our efforts to maintain and expand our customer base, and thereby decrease our revenue.
Our handling and storage of data is subject to a variety of laws and regulations, including regulation by various government agencies, including the U.S. Federal Trade Commission (“FTC”), and various state, local and foreign agencies. We collect personally identifiable information and other data directly from our customers and through our channel partners. We also process or otherwise handle personally identifiable information about our customers’ employees, customers and constituents in certain circumstances. We use this information to provide applications to our customers and to support, expand and improve our business. We may also share customers’ personally identifiable information with third parties as described in our privacy policy and/or as otherwise authorized by our customers.
The U.S. federal and various state and foreign governments have adopted or proposed legislation that regulates the collection, distribution, use and storage of personal information of individuals and that mandates security requirements with respect to certain personally identifiable information. In the United States, the FTC and numerous state attorneys general are imposing standards for the online collection, distribution, use and storage of data by applying federal and state consumer protection laws. The lack of a clear and universal standard for protecting such information means, however, that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other requirements or our practices. Any failure or perceived failure by us to comply with privacy or security laws, policies, legal obligations or industry standards or any security incident that results in the unauthorized release or transfer of sensitive corporate information, personally identifiable information or other customer data may result in governmental enforcement actions, litigation, fines and penalties and/or adverse publicity, and could cause our customers to lose trust in us, which could have an adverse effect on our reputation and business.
Some proposed laws or regulations concerning privacy, data protection and information security are in their early stages, and we cannot yet determine how these laws and regulations may be interpreted nor can we determine the impact these proposed laws and regulations, may have on our business. Such proposed laws and regulations may require companies to implement privacy and security policies, permit users to access, correct and delete personal information stored or maintained by such companies, inform individuals of security breaches that affect their personal information, and, in some cases, obtain individuals’ consent to use personal information for certain purposes. In addition, a foreign government could require that any personal information collected in a country not be disseminated outside of that country, and we may not be currently equipped to comply with such a requirement. Our failure to comply with federal, state and international data privacy laws and regulators could harm our ability to successfully operate our business and pursue our business goals.
38
In addition, several foreign countries and governmental bodies, including the European Union and Canada, have regulations governing the collection and use of personal information obtained from their residents, which are often more restrictive than those in the United States. Laws and regulations in these jurisdictions apply broadly to the collection, use, storage, disclosure and security of personal information that identifies or may be used to identify an individual, such as names, email addresses and in some jurisdictions, Internet Protocol, or IP, addresses. Such regulations and laws may be modified and new laws may be enacted in the future.
Within the European Union, legislators have adopted the General Data Protection Regulation (“GDPR”), which went into effect in May 2018. The GDPR includes more stringent operational requirements on entities that process personal data (as compared to existing EU law), including significant penalties for non-compliance, more robust obligations on data processors and data controllers, greater rights for data subjects (potentially requiring significant changes to both our technology and operations), and heavier documentation requirements for data protection compliance programs. Specifically, the GDPR introduces numerous privacy-related changes for companies operating in the EU, including greater control over personal data by data subjects (e.g., the “right to be forgotten”), increased data portability for EU consumers, data breach notification requirements and increased fines. Under the GDPR, fines of up to 20 million euros or up to 4% of the annual global revenue of the noncompliant company, whichever is greater, could be imposed for violations of certain GDPR requirements. The GDPR requirements apply not only to third-party transactions, but also to transfers of information between us and our subsidiaries, including employee information.
Further, Brexit could lead to additional legislative and regulatory changes. The United Kingdom Data Protection Act that substantially implements the GDPR became law in May 2018 and was subject to statutory amendments in 2019 that further align it with the GDPR. The development of United Kingdom data protection laws or regulations and regulation of data transfers to and from the United Kingdom in the medium to longer term, however, remain unclear and could impact our ability to sell our products and services to customers in the United Kingdom.
California enacted legislation in 2018, the California Consumer Privacy Act (the “CCPA”), that became operative on January 1, 2020. The CCPA requires covered companies to, among other things, provide new disclosures to California consumers, and affords such consumers new abilities to opt-out of certain sales of personal information. The CCPA is the subject of proposed regulations of the California Attorney General that were released on October 10, 2019 but have yet to be finalized. Aspects of the CCPA and its interpretation remain unclear at this time. We cannot fully predict the impact of the CCPA on our business or operations, but it may require us to modify our data processing practices and policies and to incur substantial costs and expenses in an effort to comply.
While we have taken steps to mitigate the impact of the GDPR on us, such as implementing standard contractual clauses and self-certifying under the EU-US Privacy Shield, the efficacy and longevity of these mechanisms remains uncertain. For example, on July 16, 2020, the CJEU invalidated the U.S.-EU Privacy Shield framework that had been in place since 2016, which allowed companies like us to meet certain European legal requirements for the transfer of personal data from the EEA to the United States, and imposed additional obligations on companies when relying on the model clauses approved by the EU Commission. This CJEU decision may result in different EEA data protection regulators applying differing standards for the transfer of personal data from the EEA to the United States, and even require ad hoc verification of measures taken with respect to data flows. The invalidation of the U.S.-EU Privacy Shield framework will require us to take additional steps to legitimize any personal data transfers that are impacted by this decision. This could result in increased costs of compliance and limitations on our customers and us. More generally, we find it necessary or desirable to modify our data handling practices, and this CJEU decision or other legal challenges relating to cross-border data transfer may serve as a basis for our personal data handling practices, or those of our customers and vendors, to be challenged and may otherwise adversely impact our business, financial condition and operating results. Potential or actual legal proceedings could lead to one or both of these mechanisms being declared invalid. Further, despite our ongoing efforts to maintain compliance with the GDPR, we may not be successful either due to various factors within our control (such as limited financial or human resources) or outside our control (such as a lack of vendor cooperation). It’s also possible that local data protection authorities (DPAs) may have different interpretations of the GDPR, leading to potential inconsistencies amongst various EU states.
Globally, governments and agencies have adopted and could in the future adopt, modify, apply or enforce laws, policies, regulations, and standards covering user privacy, data security, technologies such as cookies that are used
39
to collect, store and/or process data, marketing online, the use of data to inform marketing, the taxation of products and services, unfair and deceptive practices, and the collection (including the collection of information), use, processing, transfer, storage and/or disclosure of data associated with unique individual internet users.
New regulation or legislative actions (or new interpretations of existing laws, regulations or standards) regarding data privacy and security, together with applicable industry standards, may increase the costs of doing business and could have a material adverse impact on our operations. If our privacy or data security measures fail to comply with current or future laws and regulations, we may be subject to litigation, regulatory investigations, fines or other liabilities, as well as negative publicity and a potential loss of business, which could have a material adverse effect on our reputation and business. Moreover, if future laws and regulations limit our customers’ ability to use and share personal information or our ability to store, process and share personal information, demand for our applications could decrease, our costs could increase, and our business, results of operations and financial condition could be harmed.
If our applications fail to function in a manner that allows our customers to operate in compliance with regulations and/or industry standards, our revenue and operating results could be harmed.
Certain of our customers require applications that ensure secure processing, communication and storage of sensitive information given the nature of the content being distributed and associated applicable regulatory requirements. In particular, our healthcare customers rely on our applications to communicate in a manner that is designed to comply with the requirements of the Health Insurance Portability and Accountability Act of 1996, the 2009 Health Information Technology for Economic and Clinical Health Act, the Final Omnibus Rule of January 25, 2013, which are collectively referred to as HIPAA, and which impose privacy and data security standards that protect individually identifiable health information by limiting the uses and disclosures of individually identifiable health information and requiring that certain data security standards be implemented to protect this information. As a “business associate” to “covered entities” that are subject to HIPAA, we also have our own compliance obligations directly under HIPAA and pursuant to the business associate agreements that we are required to enter into with our customers that are HIPAA-covered entities.
Governments and industry organizations may also adopt new laws, regulations or requirements, or make changes to existing laws or regulations, that could impact the demand for, or value of, our applications. If we are unable to adapt our applications to changing legal and regulatory standards or other requirements in a timely manner, or if our applications fail to allow our customers to communicate in compliance with applicable laws and regulations, our customers may lose confidence in our applications and could switch to products offered by our competitors, or threaten or bring legal actions against us.
In addition, governmental and other customers may require our applications to comply with certain privacy, security or other certifications and standards. For instance, with regard to transfers of personal data, on July 16, 2020, the Court of Justice of the European Union (“CJEU”) invalidated the U.S.-EU Privacy Shield framework that had been in place since 2016, which allowed companies like us to meet certain European legal requirements for the transfer of personal data from the European Economic Area (“EEA”) to the United States, and imposed additional obligations on companies when relying on the model clauses approved by the EU Commission. The invalidation of the U.S.-EU Privacy Shield framework will require us to take additional steps to legitimize any personal data transfers that are impacted by this decision. While we have other legally recognized mechanisms in place that we believe allow for the lawful transfer of EU customer and employee information to the United States, this invalidation decision could result in increased costs of compliance and limitations on our customers and us. Further, it is possible that these other transfer mechanisms may also be challenged or evolve to include new legal requirements that could have an impact on how we move this data. If our applications fail to maintain compliance with these certifications and standards, or our competitors achieve compliance with these certifications and standards, we may be disqualified from selling our applications to such customers, or may otherwise be at a competitive disadvantage, either of which would harm our business, results of operations and financial condition. If our policies and practices are, or are perceived to be, insufficient or if our customers have concerns regarding the transfer of data from the European Union to the United States, we could be subject to enforcement actions or investigations by EU Data Protection Authorities or lawsuits by private parties, and our business could be negatively impacted.
40
Failure to comply with governmental laws and regulations could harm our business.
Our business is subject to regulation by various federal, state, local and foreign governments. For example, the Telephone Consumer Protection Act of 1991 (“TCPA”), restricts telemarketing and the use of automatic text messages without proper consent. The scope and interpretation of the laws that are or may be applicable to the delivery of text messages are continuously evolving and developing. If we do not comply with these laws or regulations or if we become liable under these laws or regulations due to the failure of our customers to comply with these laws by obtaining proper consent, we could face direct liability. In certain jurisdictions, these regulatory requirements may be more stringent than those in the United States. Noncompliance with applicable regulations or requirements could subject us to investigations, sanctions, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties, injunctions or other collateral consequences. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, results of operations, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, reputation, results of operations and financial condition.
A portion of our revenue is generated by subscriptions sold to governmental entities and heavily regulated organizations, which are subject to a number of challenges and risks.
A portion of our revenue is generated by subscriptions sold to government entities. Additionally, many of our current and prospective customers, such as those in the financial services, and healthcare and life sciences industries, are highly regulated and may be required to comply with more stringent regulations in connection with subscribing to and implementing our applications. Selling subscriptions to these entities can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that we will successfully complete a sale.
Furthermore, engaging in sales activities to foreign governments introduces additional compliance risks specific to the Foreign Corrupt Practices Act, the U.K. Bribery Act and other similar statutory requirements prohibiting bribery and corruption in the jurisdictions in which we operate. Governmental and highly regulated entities often require contract terms that differ from our standard arrangements. For example, the federal government provides grants to certain state and local governments for our applications and if such governmental entities do not continue to receive these grants, they have the ability to terminate their contracts without penalty. Governmental and highly regulated entities impose compliance requirements that are complicated, require preferential pricing or “most favored nation” terms and conditions, or are otherwise time consuming and expensive to satisfy. If we undertake to meet special standards or requirements and do not meet them, we could be subject to increased liability from our customers or regulators. Even if we do meet these special standards or requirements, the additional costs associated with providing our applications to government and highly regulated customers could harm our margins. Moreover, changes in the underlying regulatory conditions that affect these types of customers could harm our ability to efficiently provide our applications to them and to grow or maintain our customer base.
Governmental demand and payment for our applications may also be impacted by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions.
Potential regulatory requirements placed on our applications and content could impose increased costs on us, delay or prevent our introduction of new applications, and impair the function or value of our existing applications.
Certain of our existing applications, such as Secure Collaboration, a tailored version of our Secure Messaging application that is designed to comply with HIPAA, are and are likely to continue to be subject to increasing regulatory requirements in a number of ways and as we continue to introduce new applications, we may be subject to additional regulatory requirements and other risks that could be costly and difficult to comply with or that could harm our business. In addition, we market our applications and professional services in certain countries outside of the United States and plan to expand our local presence in regions such as Europe, the Middle East and Asia. If additional legal and/or regulatory requirements are implemented in the foreign countries in which we provide our services, the cost of developing or selling our applications may increase. As these requirements proliferate and as
41
existing legal requirements become subject to new interpretations, we must change or adapt our applications and professional services to comply. Changing regulatory requirements might render certain of our applications obsolete or might block us from accomplishing our work or from developing new applications. This might in turn impose additional costs upon us to comply or to further develop our applications. It might also make introduction of new applications or service types more costly or more time-consuming than we currently anticipate. It might even prevent introduction by us of new applications or cause the continuation of our existing applications or professional services to become unprofitable or impossible.
Risks Related to Our Intellectual Property
If we fail to protect our intellectual property and proprietary rights adequately, our business could be harmed.
Our future success and competitive position depend in part on our ability to protect our intellectual property and proprietary technologies. To safeguard these rights, we rely on a combination of patent, trademark, copyright and trade secret laws and contractual protections in the United States and other jurisdictions, some of which afford only limited protection.
We have numerous issued patents and patent applications pending as of December 31, 2020. We cannot assure you that any patents will issue from any patent applications, that patents that issue from such applications will give us the protection that we seek or that any such patents will not be challenged, invalidated, or circumvented. Any patents that may issue in the future from our pending or future patent applications may not provide sufficiently broad protection and may not be enforceable in actions against alleged infringers. In addition, we have registered the “Everbridge”, “Nixle” and “Visual Command Center” names in the United States, and have registered the “Everbridge” name in the European Union. We have registrations and/or pending applications for additional marks in the United States and various other countries; however, we cannot assure you that any future trademark registrations will be issued for pending or future applications or that any registered trademarks will be enforceable or provide adequate protection of our proprietary rights.
In order to protect our unpatented proprietary technologies and processes, we rely on trade secret laws and confidentiality agreements with our employees, consultants, vendors and others. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer or otherwise obtain and use them. In addition, others may independently discover our trade secrets, in which case we would not be able to assert trade secret rights, or develop similar technologies and processes. Further, the contractual provisions that we enter into may not prevent unauthorized use or disclosure of our proprietary technology or intellectual property rights and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or intellectual property rights. Effective trade secret protection may not be available in every country in which our services are available or where we have employees or independent contractors. The loss of trade secret protection could make it easier for third parties to compete with our solutions by copying functionality. In addition, any changes in, or unexpected interpretations of, the trade secret and employment laws in any country in which we operate may compromise our ability to enforce our trade secret and intellectual property rights. Costly and time-consuming litigation could be necessary to enforce and determine the scope of our proprietary rights, and failure to obtain or maintain trade secret protection could adversely affect our competitive business position.
In addition, to protect our intellectual property rights, we may be required to spend significant resources to monitor and protect these rights. Litigation brought to protect and enforce our intellectual property rights could be costly, time-consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property. Failure to adequately enforce our intellectual property rights could also result in the impairment or loss of those rights. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights. Patent, copyright, trademark and trade secret laws offer us only limited protection and the laws of many of the countries in which we sell our services do not protect proprietary rights to the same extent as the United States and Europe. Accordingly, defense of our trademarks and proprietary technology may become an increasingly important issue as we continue to expand our operations and solution development into countries that provide a lower level of intellectual property protection than the United States or Europe. Policing unauthorized use of our intellectual property and technology is difficult and the steps we take may not prevent misappropriation of the
42
intellectual property or technology on which we rely. For example, in the event of inadvertent or malicious disclosure of our proprietary technology, trade secret laws may no longer afford protection to our intellectual property rights in the areas not otherwise covered by patents or copyrights. Accordingly, we may not be able to prevent third parties from infringing upon or misappropriating our intellectual property.
We may elect to initiate litigation in the future to enforce or protect our proprietary rights or to determine the validity and scope of the rights of others. That litigation may not be ultimately successful and could result in substantial costs to us, the reduction or loss in intellectual property protection for our technology, the diversion of our management’s attention and harm to our reputation, any of which could materially and adversely affect our business and results of operations.
Our failure or inability to adequately protect our intellectual property and proprietary rights could harm our business, financial condition and results of operations.
An assertion by a third party that we are infringing its intellectual property could subject us to costly and time-consuming litigation or expensive licenses that could harm our business and results of operations.
Patent and other intellectual property disputes are common in our industry and we have been involved in such disputes from time to time in the ordinary course of our business. Some companies, including some of our competitors, own large numbers of patents, copyrights and trademarks, which they may use to assert claims against us. Third parties may in the future assert claims of infringement, misappropriation or other violations of intellectual property rights against us. They may also assert such claims against our customers whom we typically indemnify against claims that our solution infringes, misappropriates or otherwise violates the intellectual property rights of third parties. As the numbers of products and competitors in our market increase and overlaps occur, claims of infringement, misappropriation and other violations of intellectual property rights may increase. Any claim of infringement, misappropriation or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs defending against the claim and could distract our management from our business.
As we seek to extend our platform and applications, we could be constrained by the intellectual property rights of others and it may also be more likely that competitors or other third parties will claim that our solutions infringe their proprietary rights. We might not prevail in any intellectual property infringement litigation given the complex technical issues and inherent uncertainties in such litigation. Defending such claims, regardless of their merit, could be time-consuming and distracting to management, result in costly litigation or settlement, cause development delays or require us to enter into royalty or licensing agreements. In addition, we currently have a limited portfolio of issued patents compared to our larger competitors, and therefore may not be able to effectively utilize our intellectual property portfolio to assert defenses or counterclaims in response to patent infringement claims or litigation brought against us by third parties. Further, litigation may involve patent holding companies or other adverse patent owners who have no relevant applications or revenue and against which our potential patents provide no deterrence, and many other potential litigants have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. If our platform or any of our applications exceed the scope of in-bound licenses or violate any third-party proprietary rights, we could be required to withdraw those applications from the market, re-develop those applications or seek to obtain licenses from third parties, which might not be available on reasonable terms or at all. Any efforts to re-develop our platform and our applications, obtain licenses from third parties on favorable terms or license a substitute technology might not be successful and, in any case, might substantially increase our costs and harm our business, financial condition and results of operations. If we were compelled to withdraw any of our applications from the market, our business, financial condition and results of operations could be harmed.
43
We have indemnity obligations to our customers and certain of our channel partners for certain expenses and liabilities resulting from intellectual property infringement claims regarding our platform and our applications, which could force us to incur substantial costs.
We have indemnity obligations to our customers and certain of our channel partners for intellectual property infringement claims regarding our platform and our applications. As a result, in the case of infringement claims against these customers and channel partners, we could be required to indemnify them for losses resulting from such claims or to refund amounts they have paid to us. We also expect that some of our channel partners with whom we do not have express contractual obligations to indemnify for intellectual property infringement claims may seek indemnification from us in connection with infringement claims brought against them. We may elect to indemnify these channel partners where we have no contractual obligation to indemnify them and we will evaluate each such request on a case-by-case basis. If a channel partner elects to invest resources in enforcing a claim for indemnification against us, we could incur significant costs disputing it. If we do not succeed in disputing it, we could face substantial liability.
We may be subject to damages resulting from claims that our employees or contractors have wrongfully used or disclosed alleged trade secrets of their former employers or other parties.
We have in the past and may in the future be subject to claims that employees or contractors, or we, have inadvertently or otherwise used or disclosed trade secrets or other proprietary information of our competitors or other parties. Litigation may be necessary to defend against these claims. If we fail in defending against such claims, a court could order us to pay substantial damages and prohibit us from using technologies or features that are essential to our solutions, if such technologies or features are found to incorporate or be derived from the trade secrets or other proprietary information of these parties. In addition, we may lose valuable intellectual property rights or personnel. A loss of key personnel or their work product could hamper or prevent our ability to develop, market and support potential solutions or enhancements, which could severely harm our business. Even if we are successful in defending against these claims, such litigation could result in substantial costs and be a distraction to management.
The use of open source software in our platform and applications may expose us to additional risks and harm our intellectual property.
Our platform and some of our applications use or incorporate software that is subject to one or more open source licenses and we may incorporate additional open source software in the future. Open source software is typically freely accessible, usable and modifiable; however, certain open source software licenses require a user who intends to distribute the open source software as a component of the user’s software to disclose publicly part or all of the source code to the user’s software. In addition, certain open source software licenses require the user of such software to make any modifications or derivative works of the open source code available to others on potentially unfavorable terms or at no cost. Use and distribution of open source software may entail greater risks than use of third-party commercial software, as open source licensors generally do not provide warranties or other contractual protections regarding infringement claims or the quality of the code.
The terms of many open source licenses to which we are subject have not been interpreted by U.S. or foreign courts, and accordingly there is a risk that those licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to commercialize our platform and applications. In that event, we could be required to seek licenses from third parties in order to continue offering our platform and applications, to re-develop our platform and applications, to discontinue sales of our platform and applications or to release our proprietary software code in source code form under the terms of an open source license, any of which could harm our business. Further, given the nature of open source software, it may be more likely that third parties might assert copyright and other intellectual property infringement claims against us based on our use of these open source software programs. Litigation could be costly for us to defend, have a negative effect on our operating results and financial condition or require us to devote additional research and development resources to change our applications.
Although we are not aware of any use of open source software in our platform and applications that would require us to disclose all or a portion of the source code underlying our core applications, it is possible that such use may have inadvertently occurred in deploying our platform and applications, or that persons or entities may claim such
44
disclosure to be required. Disclosing our proprietary source code could allow our competitors to create similar products with lower development effort and time and ultimately could result in a loss of sales for us. Disclosing the source code of our proprietary software could also make it easier for cyber attackers and other third parties to discover vulnerabilities in or to defeat the protections of our products, which could result in our products failing to provide our customers with the security they expect. Any of these events could have a material adverse effect on our business, operating results and financial condition. Additionally, if a third-party software provider has incorporated certain types of open source software into software we license from such third party for our platform and applications without our knowledge, we could, under certain circumstances, be required to disclose the source code to our platform and applications. This could harm our intellectual property position and our business, results of operations and financial condition.
Risks Related to Ownership of Our Common Stock
Our stock price may be volatile and you may lose some or all of your investment.
The market price of our common stock may be highly volatile and may fluctuate substantially as a result of a variety of factors, some of which are related in complex ways. Our stock price ranged from an intraday low of $77.60 to an intraday high of $165.79 during the year ended December 31, 2020. Factors that may affect the market price of our common stock include:
|
|
• |
actual or anticipated fluctuations in our financial condition and operating results; |
|
|
• |
variance in our financial performance from expectations of securities analysts; |
|
|
• |
changes in the prices of our applications; |
|
|
• |
changes in our projected operating and financial results; |
|
|
• |
changes in laws or regulations applicable to our platform and applications; |
|
|
• |
announcements by us or our competitors of significant business developments, acquisitions or new applications; |
|
|
• |
our involvement in any litigation; |
|
|
• |
our sale of our common stock or other securities in the future; |
|
|
• |
changes in senior management or key personnel; |
|
|
• |
trading volume of our common stock; |
|
|
• |
changes in the anticipated future size and growth rate of our market; and |
|
|
• |
general economic, regulatory and market conditions. |
Recently, the stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many companies. These fluctuations have often been unrelated or disproportionate to the operating performance of those companies. Broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may negatively impact the market price of our common stock. In the past, companies that have experienced volatility in the market price of their securities have been subject to securities class action litigation. We may be the target of this type of litigation in the future, which could result in substantial costs and divert our management’s attention.
We may fail to meet our publicly announced guidance or other expectations about our business and future operating results, which would cause our stock price to decline.
We have provided and may continue to provide guidance about our business, future operating results and other business metrics. In developing this guidance, our management must make certain assumptions and judgments about our future performance. Some of those key assumptions relate to the impact of the COVID-19 pandemic, the anticipated contributions from the acquisitions of Connexient, CNL Software, one2many, Techwan, SnapComms and Red Sky, and the associated economic uncertainty on our business and the timing and scope of economic
45
recovery globally, which are inherently difficult to predict. This guidance, which consists of forward-looking statements, is qualified by, and subject to, such assumptions, estimates and expectations as of the date provided, and the other information contained in or referred to in the factors described above and our current and periodic reports filed with the Securities and Exchange Commission. While presented with numerical specificity, this guidance is necessarily speculative in nature, and is inherently subject to significant business, economic and competitive uncertainties and contingencies, many of which are beyond our control and are based upon specific assumptions with respect to future business decisions or economic conditions, some of which may change. It can be expected that some or all of the assumptions, estimates and expectations of the guidance furnished by us from time to time will not materialize or will vary significantly from actual results. Accordingly, our guidance is only an estimate of what management believes is realizable as of the date of release of such guidance. Furthermore, analysts and investors may develop and publish their own projections of our business, which may form a consensus about our future performance. Our business results may vary significantly from such guidance or that consensus due to a number of factors, many of which are outside of our control, including due to the global economic uncertainty and financial market conditions caused by the COVID-19 pandemic, and which could adversely affect our operations and operating results. There are no comparable recent events that provide guidance as to the probable effect of the COVID-19 pandemic, and, as a result, the ultimate impact of the COVID-19 outbreak is highly uncertain and subject to change. We are relying on the reports and models of economic and medical experts in making assumptions relating to the duration of this crisis and predictions as to timing and pace of any future economic recovery. If these models are incorrect or incomplete, or if we fail to accurately predict the full impact that the COVID-19 pandemic will have on all aspects of our business, the guidance and other forward-looking statements we provide from time to time may also be incorrect or incomplete. Furthermore, if we make downward revisions of previously announced guidance, or if our publicly announced guidance of future operating results fails to meet expectations of securities analysts, investors or other interested parties, the price of our common stock could decline.
Conversion of the 2024 Notes and 2022 Notes will dilute the ownership interest of existing stockholders, including holders who had previously converted their Notes, or may otherwise depress the price of our common stock.
In December 2019, we issued the 2024 Notes, which will mature on December 15, 2024, unless earlier redeemed or repurchased by us or converted by the holder pursuant to their terms. In November 2017, we issued the 2022 Notes, which will mature on November 1, 2022, unless earlier redeemed or repurchased by us or converted by the holder pursuant to their terms. The conversion of some or all of the convertible 2024 Notes and 2022 Notes will dilute the ownership interests of existing stockholders to the extent we deliver shares upon conversion of any of the 2024 Notes and 2022 Notes. Based on the market price of our common stock during the 30 trading days preceding June 30, 2018, the 2022 Notes were convertible at the option of the debt holder as of September 30, 2018 and continue to be convertible at the option of the debt holder as of December 31, 2020. During 2020, we issued 362,029 shares upon the conversion of approximately $12.2 million in aggregate principal amount of the 2022 Notes. The 2024 Notes were not convertible during the year ended December 31, 2020. Any sales in the public market of the common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. In addition, the existence of the 2024 Notes and 2022 Notes may encourage short selling by market participants because the conversion of the 2024 Notes and 2022 Notes could be used to satisfy short positions, or anticipated conversion of the 2024 Notes and 2022 Notes into shares of our common stock could depress the price of our common stock.
46
The capped call transactions entered into when we issued the convertible notes may affect the value of our common stock.
In connection with the issuances of the 2024 Notes and 2022 Notes, we entered into capped call transactions with the respective option counterparties. The capped call transactions are expected generally to reduce the potential dilution upon conversion of the 2024 Notes and 2022 Notes and/or offset any cash payments we are required to make in excess of the principal amount of converted 2024 Notes and 2022 Notes, as the case may be, with such reduction and/or offset subject to a cap. In connection with establishing their initial hedges of the capped call transactions, the option counterparties or their respective affiliates entered into various derivative transactions with respect to our common stock concurrently with or shortly after the pricing of the 2024 Notes and 2022 Notes. The option counterparties or their respective affiliates may modify their hedge positions by entering into or unwinding derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the 2024 Notes and 2022 Notes (and are likely to do so during any observation period related to a conversion of 2024 Notes and 2022 Notes). This activity could cause or avoid an increase or a decrease in the market price of our common stock.
We are obligated to maintain a system of effective internal control over financial reporting and any failure to maintain the adequacy of these internal controls may harm investor confidence in our company and, as a result, the value of our common stock.
The Sarbanes-Oxley Act of 2002 requires that we maintain effective internal control over financial reporting and disclosure controls and procedures. We are required, pursuant to Section 404 of the Sarbanes-Oxley Act, to furnish a report by management on, among other things, the effectiveness of our internal control over financial reporting. This assessment includes disclosure of any material weaknesses identified by our management in our internal control over financial reporting.
Our compliance with Section 404 necessitates that we incur substantial accounting expense and expend significant management efforts. We will continue to dedicate internal resources, engage outside consultants and adopt a detailed work plan to assess and document the adequacy of internal control over financial reporting, continue steps to improve control processes as appropriate, validate through testing that controls are functioning as documented and implement a continuous reporting and improvement process for internal control over financial reporting and to compile the system and process documentation necessary to perform the evaluation needed to comply with Section 404. However, we cannot assure you that our independent registered public accounting firm will be able to attest to the effectiveness of our internal control over financial reporting. We may not be able to remediate any material weaknesses that may be identified, or to complete our evaluation, testing and any required remediation in a timely fashion and our independent registered public accounting firm may issue a report that is adverse in the event it is not satisfied with the level at which our controls are documented, designed or operating.
Any failure to maintain adequate internal controls over financial reporting could severely inhibit our ability to accurately report our financial condition or results of operations. If we are unable to assert that our internal control over financial reporting is effective, or if our auditors are unable to express an opinion on the effectiveness of our internal controls when they are required to issue such opinion, investors could lose confidence in the accuracy and completeness of our financial reports, the market price of our common stock could decline, and we could be subject to sanctions or investigations by the Nasdaq Global Market, the SEC or other regulatory authorities. Failure to remedy any material weakness in our internal control over financial reporting, or to implement or maintain other effective control systems required of public companies, could also restrict our future access to the capital markets.
If securities or industry analysts do not publish research or reports about our business, or if they issue an adverse or misleading opinion regarding our stock, our stock price and trading volume could decline.
The trading market for our common stock will be influenced by the research and reports that industry or securities analysts publish about us or our business. We do not have any control over these analysts. If any of the analysts who cover us issue an adverse or misleading opinion regarding us, our business model, our intellectual property or our stock performance, or if operating results fail to meet the expectations of analysts, our stock price would likely decline. If one or more of these analysts cease coverage of us or fail to publish reports on us regularly, we could lose visibility in the financial markets, which in turn could cause our stock price or trading volume to decline.
47
We do not anticipate paying any cash dividends in the foreseeable future, and accordingly, stockholders must rely on stock appreciation for any return on their investment.
We have never declared or paid any cash dividends on our common stock and do not intend to pay any cash dividends to holders of our common stock in the foreseeable future. As a result, capital appreciation, if any, of our common stock will be your sole source of gain for the foreseeable future.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of us more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and our amended and restated bylaws may have the effect of delaying or preventing a change in control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
|
|
• |
authorize our board of directors to issue preferred stock, without further stockholder action and with voting liquidation, dividend and other rights superior to our common stock; |
|
|
• |
require that any action to be taken by our stockholders be affected at a duly called annual or special meeting and not by written consent, and limit the ability of our stockholders to call special meetings; |
|
|
• |
establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for director nominees; |
|
|
• |
establish that our board of directors is divided into three classes, with directors in each class serving three-year staggered terms; |
|
|
• |
require the approval of holders of two-thirds of the shares entitled to vote at an election of directors to adopt, amend or repeal our bylaws or amend or repeal the provisions of our certificate of incorporation regarding the election and removal of directors and the ability of stockholders to take action by written consent or call a special meeting; |
|
|
• |
prohibit cumulative voting in the election of directors; and |
|
|
• |
provide that vacancies on our board of directors may be filled only by the vote of a majority of directors then in office, even though less than a quorum. |
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the General Corporation Law of the State of Delaware, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder. Any of the foregoing provisions could limit the price that investors might be willing to pay in the future for shares of our common stock, and they could deter potential acquirers of our company, thereby reducing the likelihood that you would receive a premium for your common stock in an acquisition.
Our amended and restated certificate of incorporation designates the Court of Chancery of the State of Delaware as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
Pursuant to our amended and restated certificate of incorporation, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware is the sole and exclusive forum for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders, (3) any action asserting a claim arising pursuant to any provision of the Delaware General Corporation Law, our amended and restated certificate of incorporation or our amended and restated bylaws, or (4) any action asserting a claim governed by the internal affairs doctrine. Our amended and restated certificate of incorporation further provides that any person or entity purchasing or otherwise acquiring any interest in shares of our common stock is deemed to have notice of and
48
consented to the foregoing provision. The forum selection clause in our amended and restated certificate of incorporation may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
Future sales of our common stock in the public market could cause our share price to decline.
Sales of a substantial number of shares of our common stock in the public market, or the perception that these sales might occur, could depress the market price of our common stock and could impair our ability to raise capital through the sale of additional equity securities. We are unable to predict the effect that sales, particularly sales by our directors, executive officers and significant stockholders, may have on the prevailing market price of our common stock. Additionally, the shares of common stock subject to outstanding options under our equity incentive plans and the shares reserved for future issuance under our equity incentive plans, as well as shares issuable upon vesting of restricted stock awards, will become eligible for sale in the public market in the future, subject to certain legal and contractual limitations.
In addition, in the future, we may issue common stock or other securities if we need to raise additional capital. The number of new shares of our common stock issued in connection with raising additional capital could constitute a material portion of our then-outstanding shares of our common stock.
Risks Related to our Indebtedness
We issued convertible notes that have rights senior to our common stock.
In December 2019, we issued the 2024 Notes, which will mature on December 15, 2024, unless earlier redeemed or repurchased by us or converted by the holder pursuant to their terms. In November 2017, we issued the 2022 Notes, which will mature on November 1, 2022, unless earlier redeemed or repurchased by us or converted by the holder pursuant to their terms. In connection with the issuance of the 2024 Notes, we paid $57.8 million to repurchase $23.0 million in aggregate principal amount of the 2022 Notes. During 2020, we issued 362,029 shares upon the conversion of approximately $12.2 million in aggregate principal amount of the 2022 Notes.
The 2024 Notes and 2022 Notes rank senior in right of payment to our common stock and any of our indebtedness that is expressly subordinated in right of payment to the 2024 Notes and 2022 Notes; equal in right of payment to any of our liabilities that are not so subordinated (including to the 2022 Notes, in the case of the 2024 Notes, and to the 2024 Notes, in the case of the 2022 Notes); effectively junior in right of payment to any of our secured indebtedness, to the extent of the value of the assets securing such indebtedness; and structurally junior to all indebtedness and other liabilities (including trade payables) of our subsidiaries. In the event of our bankruptcy, liquidation, reorganization or other winding up, our assets that secure debt ranking senior or equal in right of payment to the 2024 Notes and 2022 Notes will be available to pay obligations on the 2024 Notes and 2022 Notes only after the secured debt has been repaid in full from these assets, and our assets will be available to pay common stockholders only after all debt obligations have been repaid. There may not be sufficient assets remaining to pay amounts due on any or all of the 2024 Notes and 2022 Notes then outstanding or any or all shares of our common stock then outstanding.
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt.
Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the 2024 Notes and 2022 Notes, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not continue to generate cash flow from operations in the future sufficient to service our debt and make necessary capital expenditures. If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or obtaining additional equity capital on terms that may be onerous or highly dilutive. Our ability to refinance our indebtedness will depend on the capital markets and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations.
49
As of December 31, 2020, we had $530 million (undiscounted) principal amount of indebtedness under the 2024 Notes and 2022 Notes. Our indebtedness may:
|
|
• |
limit our ability to borrow additional funds for working capital, capital expenditures, acquisitions or other general business purposes; |
|
|
• |
limit our ability to use our cash flow or obtain additional financing for future working capital, capital expenditures, acquisitions or other general business purposes; |
|
|
• |
require us to use a substantial portion of our cash flow from operations to make debt service payments; |
|
|
• |
limit our flexibility to plan for, or react to, changes in our business and industry; |
|
|
• |
place us at a competitive disadvantage compared to our less leveraged competitors; and |
|
|
• |
increase our vulnerability to the impact of adverse economic and industry conditions. |
In addition, any future indebtedness that we may incur may contain financial and other restrictive covenants that limit our ability to operate our business, raise capital or make payments under our other indebtedness. If we fail to comply with these covenants or to make payments under our indebtedness when due, then we would be in default under that indebtedness, which could, in turn, result in that and our other indebtedness becoming immediately payable in full.
The accounting method for convertible debt securities that may be settled in cash, such as the 2024 Notes and 2022 Notes, could have a material effect on our reported financial results.
In May 2008, the Financial Accounting Standards Board (“FASB”) issued FASB Staff Position No. APB 14-1, Accounting for Convertible Debt Instruments That May Be Settled in Cash Upon Conversion (Including Partial Cash Settlement), which has subsequently been codified as Accounting Standards Codification (“ASC”) 470-20, Debt with Conversion and Other Options. Under ASC 470-20, an entity must separately account for the liability and equity components of the convertible debt instruments (such as the 2024 Notes and 2022 Notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for the 2024 Notes and 2022 Notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity on our consolidated balance sheet, and the value of the equity component was treated as original issue discount for purposes of accounting for the debt component of the 2024 Notes and 2022 Notes. As a result, we recorded a greater amount of non-cash interest expense in current periods presented as a result of the amortization of the discounted carrying value of the 2024 Notes and 2022 Notes to their face amount over the term of the 2024 Notes and 2022 Notes. We reported lower net income in our financial results because ASC 470-20 requires interest to include both the current period’s amortization of the debt discount and the instrument’s coupon interest, which could adversely affect our reported or future financial results, the trading price of our common stock and the trading price of the 2024 Notes and 2022 Notes.
The conditional conversion feature of the 2024 Notes and 2022 Notes, may adversely affect our financial condition and operating results.
In the event the conditional conversion feature of the 2024 Notes or the 2022 Notes is triggered, holders of the 2024 Notes or the 2022 Notes, as the case may be, will be entitled to convert the 2024 Notes or the 2022 Notes at any time during specified periods at their option. Based on the market price of our common stock during the 30 trading days preceding June 30, 2018, the 2022 Notes were convertible at the option of the debt holder as of September 30, 2018 and continue to be convertible at the option of the debt holder as of December 31, 2020. The 2024 Notes were not convertible during the year ended December 31, 2020, but will be convertible under certain circumstances. If one or more holders elect to convert their 2022 Notes or their 2024 Notes, as the case may be, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock (other than paying cash in lieu of delivering any fractional share), we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, even if holders do not elect to convert their 2022 Notes or their 2024 Notes, as the case may be, we could be required under applicable accounting rules to
50
reclassify all or a portion of the outstanding principal of the 2022 Notes or the 2024 notes, as applicable, as a current rather than long-term liability, which would result in a material reduction of our net working capital.
General Risks
The ongoing COVID-19 pandemic could materially and adversely affect our business, results of operations and financial condition.
The impact of the ongoing COVID-19 pandemic is severe, and widespread, and while the rollout of vaccines has begun, the timing of vaccinations and lifting of shelter in place requirements and movement restrictions is unknown. We are unable to accurately predict the full impact that the COVID-19 pandemic will have on our results of operations, financial condition, liquidity and cash flows due to numerous uncertainties, including the duration and severity of the pandemic and containment measures. Our compliance with these measures has impacted our day-to-day operations and could disrupt our business and operations, as well as that of our customers, partners, suppliers and others with whom we work, for an indefinite period of time. To support the health and well-being of our employees, customers, partners and communities, the vast majority of our employees are working remotely and are expected to continue to work remotely until the pandemic subsides. If a natural disaster, power outage, connectivity issue, or other event occurred that impacted our employees’ ability to work remotely, it may be difficult or, in certain cases, impossible, for us to continue our business for a substantial period of time. The increase in remote working for employees, vendors or contractors may also result in increased consumer privacy, IT security, and fraud concerns. Further, as certain businesses return to onsite operations, we may experience disruptions if our employees or third-party service providers’ employees become ill despite the availability of vaccines, and are unable to perform their duties. This may impact our operations, internet, or mobile networks, or the operations of one or more of our third-party service providers. In addition, many of our customers and prospective customers are working remotely, which may delay the timing of their purchases of our products and services.
The disruptions to our operations caused by the COVID-19 pandemic may result in inefficiencies, delays and additional costs in our sales and marketing, professional services and research and development efforts, which cannot be predicted or quantified at this time. We may not be able to fully mitigate any such inefficiencies, delays and additional costs through remote or other alternative work arrangements. In addition, given the economic uncertainty created by the COVID-19 pandemic, we have and may continue to see delays in our sales cycle, failures of customers to renew at all or to renew at the anticipated scope their subscriptions with us, requests from customers for payment term deferrals as well as pricing or bundling concessions, which, if significant, could materially and adversely affect our business, results of operations and financial condition. In addition, our third-party service providers may experience financial difficulties or business disruptions that could negatively affect their operations and their ability to supply us with services needed for our products and operations. Although such events did not have a material adverse impact on our financial results for the year ended December 31, 2020, there can be no assurance that these events will not have a material adverse impact on our financial results for the full fiscal year or future periods.
Negative conditions in the general economy both in the United States and abroad, including conditions resulting from the COVID-19 pandemic, changes in gross domestic product growth, financial and credit market fluctuations, energy costs, international trade relations and other geopolitical issues, the availability and cost of credit and the global housing and mortgage markets could cause a decrease in consumer discretionary spending and business investment and diminish growth expectations in the U.S. economy and abroad. More generally, the COVID-19 pandemic raises the possibility of an extended global economic downturn and has caused volatility in financial markets, which could materially and adversely affect demand for our products and services and could materially and adversely impact our results and financial condition even after the pandemic has subsided and the containment measures are lifted. For example, we may be unable to collect receivables from those customers significantly impacted by the COVID-19 pandemic, which may be more pronounced in industry verticals more directly impacted by the COVID-19 pandemic. Also, a decrease in subscriptions and/or renewals in a given period could negatively affect our revenues in future periods, particularly if experienced on a sustained basis, because a substantial proportion of our software subscriptions yield revenue recognized over time. The pandemic may also have the effect of heightening many of the other risks described herein including risks associated with our guidance, our customers, our potential customers, our market opportunity, renewals and sales cycles, among others. We will continue to evaluate the nature and extent of the impact of the COVID-19 pandemic on our business.
51
The full extent of the COVID-19 pandemic’s impact on our operations and financial performance depends on future developments that are uncertain and unpredictable, including the duration and spread of the pandemic, the timing of vaccine rollouts and herd immunity, the pandemic’s impact on capital and financial markets, the timing of economic recovery, the spread of the virus to other regions, and the actions taken to contain it, among others. Any of these impacts could have a material adverse impact on our business, results of operations and financial condition and ability to execute and capitalize on our strategies. Due to the ongoing uncertainty regarding the severity and duration of the COVID-19 pandemic, we cannot predict whether our response to date or the actions we may take in the future will be effective in mitigating the effects of the COVID-19 pandemic on our business, results of operations or financial condition. Accordingly, we are unable at this time to predict the future impact of the COVID-19 pandemic on our operations, liquidity, and financial results, and, depending on the magnitude and duration of the COVID-19 pandemic, such impact may be material.
Uncertain or weakened global economic conditions may adversely affect our industry, business and results of operations.
Our overall performance depends on domestic and worldwide economic conditions, which may remain challenging for the foreseeable future. Financial developments seemingly unrelated to us or to our industry may adversely affect us and our planned international expansion. The U.S. economy and other key international economies have been impacted by the COVID-19 pandemic, threatened sovereign defaults and ratings downgrades, falling demand for a variety of goods and services, restricted credit, threats to major multinational companies, poor liquidity, reduced corporate profitability, volatility in credit, equity and foreign exchange markets, bankruptcies and overall uncertainty. These conditions affect the rate of information technology spending and could adversely affect our customers’ ability or willingness to purchase our applications and services, delay prospective customers’ purchasing decisions, reduce the value or duration of their subscriptions or affect renewal rates, any of which could adversely affect our operating results. We cannot predict the timing, strength or duration of the economic recovery or any subsequent economic slowdown worldwide, in the United States, or in our industry.
Any future litigation against us could be costly and time-consuming to defend.
We have in the past and may in the future become subject, from time to time, to legal proceedings and claims that arise in the ordinary course of business such as claims brought by our customers in connection with commercial disputes or employment claims made by our current or former employees. Litigation might result in substantial costs and may divert management’s attention and resources, which might seriously harm our business, overall financial condition and operating results. Insurance might not cover such claims, might not provide sufficient payments to cover all the costs to resolve one or more such claims and might not continue to be available on terms acceptable to us. A claim brought against us that is uninsured or underinsured could result in unanticipated costs, thereby reducing our operating results and leading analysts or potential investors to reduce their expectations of our performance, which could reduce the trading price of our stock.
Our business is subject to the risks of earthquakes, fires, floods and other natural catastrophic events and to interruption by man-made problems such as cyber incidents or terrorism.
Our business and operations are vulnerable to damage or interruption from earthquakes, fires, floods, power losses, telecommunications failures, terrorist attacks, acts of war, human errors, break-ins and similar events affecting us or third-party vendors we rely on, any of which could have a material adverse impact on our business, operating results and financial condition. Acts of terrorism, which may be targeted at metropolitan areas that have higher population density than rural areas, could cause disruptions in our or our customers’ businesses or the economy as a whole. Our servers and those of our third-party vendors may also be vulnerable to cyber incidents, break-ins and similar disruptions from unauthorized tampering with our computer systems, which could lead to interruptions, delays, loss of critical data or the unauthorized disclosure of confidential customer data. We or our customers may not have sufficient protection or recovery plans in place, and our business interruption insurance may be insufficient to compensate us for losses that may occur. As we rely heavily on our servers, computer and communications systems, that of third parties and the Internet to conduct our business and provide high quality customer service, such disruptions could have an adverse effect on our business, operating results and financial condition.
52
Legislative actions and new accounting pronouncements are likely to impact our future financial position or results of operations.
Future changes in financial accounting standards may cause adverse, unexpected revenue fluctuations and affect our financial position or results of operations. New pronouncements and varying interpretations of pronouncements have occurred with frequency in the past and are expected to occur again in the future and as a result we may be required to make changes in our accounting policies. Those changes could adversely affect our reported revenues and expenses, future profitability or financial position. Compliance with new regulations regarding corporate governance and public disclosure may result in additional expenses.
For example, in August 2020, the FASB issued Accounting Standards Update ("ASU") 2020-06, Debt—Debt with Conversion and Other Options (Subtopic 470-20) and Derivatives and Hedging—Contracts in Entity’s Own Equity (Subtopic 815-40): Accounting for Convertible Instruments and Contracts in an Entity’s Own Equity. ASU 2020-06 reduces the number of accounting models for convertible instruments by eliminating two of the three models that require separate accounting for embedded conversion features, amends the requirements for a contract that is potentially settled in an entity’s own shares to be classified in equity, and amends certain guidance on the computation of earnings per share for convertible instruments and contracts on an entity’s own equity. ASU 2020-06 is effective beginning in the first quarter of 2022. We are assessing the impact this standard will have our consolidated financial statements.
The application of existing or future financial accounting standards, particularly those relating to the way we account for revenues and costs, could have a significant impact on our reported results. In addition, compliance with new regulations regarding corporate governance and public disclosure may result in additional expenses. As a result, we intend to invest all reasonably necessary resources to comply with evolving standards, and this investment may result in increased general and administrative expenses and a diversion of management time and attention from business activities to compliance activities.
Impairment of goodwill and other intangible assets would result in a decrease in our earnings.
Current accounting rules provide that goodwill and other intangible assets with indefinite useful lives may not be amortized but instead must be tested for impairment at least annually. These rules also require that intangible assets with definite useful lives be amortized over their respective estimated useful lives to their estimated residual values, and reviewed for impairment whenever events or changes in circumstances indicate that the carrying amount of such assets may not be recoverable. We have substantial goodwill and other intangible assets, and we would be required to record a significant charge to earnings in our consolidated financial statements during the period in which any impairment of our goodwill or intangible assets is determined. Any impairment charges or changes to the estimated amortization periods would result in a decrease in our earnings.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
As of December 31, 2020, we had federal and state net operating loss carryforwards (“NOL”s) of $240.1 million and $222.4 million, respectively, due to prior period losses, of which $175.8 million and $76.2 million, respectively, can be carried forward indefinably with the remaining expiring in various years through 2040 if not utilized. In general, under Section 382 of the Internal Revenue Code of 1986, as amended, or the Code, a corporation that undergoes an “ownership change” is subject to limitations on its ability to utilize its NOLs to offset future taxable income. Our existing NOLs may be subject to limitations arising from previous ownership changes. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change. There is also a risk that due to regulatory changes, such as suspensions on the use of NOLs, or other unforeseen reasons, our existing NOLs could expire or otherwise be unavailable to offset future income tax liabilities. We completed a Section 382 study for the period through March 31, 2019 and determined that a Section 382 ownership change occurred on December 31, 2017 subjecting all pre-Tax Act losses to a utilization limitation. We also have federal and state NOLs of $9.2 million and $9.1 million, respectively, from various acquisitions which are subject to limitations under Section 382. Additionally, state NOLs generated in one state cannot be used to offset income generated in another state. For these reasons, we may not be able to realize a tax benefit from the use of our NOLs, whether or not we attain profitability.
53
Changes in our effective tax rate or tax liability may have an adverse effect on our results of operations.
Our effective tax rate could be adversely impacted by several factors, including:
|
|
• |
Changes in the relative amounts of income before taxes in the various jurisdictions in which we operate that have differing statutory tax rates; |
|
|
• |
Changes in tax laws, tax treaties and regulations or the interpretation of them; |
|
|
• |
Changes to our assessment about the realizability of our deferred tax assets that are based on estimates of our future results, the prudence and feasibility of possible tax planning strategies, and the economic and political environments in which we do business; |
|
|
• |
The outcome of current and future tax audits, examinations or administrative appeals; |
|
|
• |
Changes in generally accepted accounting principles that affect the accounting for taxes; and |
|
|
• |
Limitations or adverse findings regarding our ability to do business in some jurisdictions. |
We may have additional tax liabilities.
We are subject to income taxes in the U.S. and many foreign jurisdictions and are commonly audited by various tax authorities. In the ordinary course of our business, there are many transactions and calculations where the ultimate tax determination is uncertain. Significant judgment is required in determining our worldwide provision for income taxes. Although we believe our tax estimates are reasonable, the final determination of tax audits and any related litigation could be materially different from our historical income tax provisions and accruals. The results of an audit or litigation could have a material effect on our financial statements in the period or periods for which that determination is made.
Tax laws or regulations could be enacted or changed and existing tax laws or regulations could be applied to us or to our customers in a manner that could increase the costs of our software solutions and adversely impact our operating results.
The application of federal, state, local and foreign tax laws to services provided electronically is continuously evolving. New income, sales, use or other tax laws, statutes, rules, regulations or ordinances could be enacted or amended at any time, possibly with retroactive effect, and could be applied solely or disproportionately to services provided over the Internet. These enactments or amendments could adversely affect our sales activity due to the inherent cost increase the taxes would represent and could ultimately result in a negative impact on our operating results.
In addition, existing tax laws, statutes, rules, regulations or ordinances could be interpreted, modified or applied adversely to us, possibly with retroactive effect, which could require us or our customers to pay additional tax amounts, as well as require us or our customers to pay fines or penalties, as well as interest on past amounts. If we are unsuccessful in collecting such taxes due from our customers, we could be held liable for such costs, thereby adversely impacting our operating results.
In response to the COVID-19 pandemic, the United States passed the Coronavirus Aid, Relief, and Economic Security ("CARES") Act in March 2020. The CARES Act includes various income and payroll tax measures which did not materially impact our financial statements.
We may be subject to additional obligations to collect and remit sales tax and other taxes, and we may be subject to tax liability for past sales, which could harm our business.
State, local and foreign jurisdictions have differing rules and regulations governing sales, use, value added and other taxes, and these rules and regulations are subject to varying interpretations that may change over time. Further, these jurisdictions’ rules regarding tax nexus are complex and vary significantly. If one or more jurisdictions were to assert that we have failed to collect taxes for sales of applications that leverage our platform, we could face the possibility of tax assessments and audits. A successful assertion that we should be collecting additional sales, use,
54
value added or other taxes in those jurisdictions where we have not historically done so and do not accrue for such taxes could result in substantial tax liabilities and related penalties for past sales or otherwise harm our business and operating results.
We face exposure to foreign currency exchange rate fluctuations.
As our international operations expand, our exposure to the effects of fluctuations in currency exchange rates grows. While we have primarily transacted with customers and vendors in U.S. dollars historically, we expect to continue to expand the number of transactions with our customers that are denominated in foreign currencies in the future. Fluctuations in the value of the U.S. dollar and foreign currencies may make our subscriptions more expensive for international customers, which could harm our business. Additionally, we incur expenses for employee compensation and other operating expenses at our non-U.S. locations in the local currency for such locations. Fluctuations in the exchange rates between the U.S. dollar and other currencies could result in an increase to the U.S. dollar equivalent of such expenses. These fluctuations could cause our results of operations to differ from our expectations or the expectations of our investors. Additionally, such foreign currency exchange rate fluctuations could make it more difficult to detect underlying trends in our business and results of operations.
We do not currently maintain a program to hedge transactional exposures in foreign currencies. However, in the future, we may use derivative instruments, such as foreign currency forward and option contracts, to hedge certain exposures to fluctuations in foreign currency exchange rates. The use of such hedging activities may not offset any or more than a portion of the adverse financial effects of unfavorable movements in foreign exchange rates over the limited time the hedges are in place. Moreover, the use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments.
Item 1B. Unresolved Staff Comments.
None
Item 2. Properties.
Our principal executive offices are located in Burlington, Massachusetts, where we occupy an approximately 73,500 square-foot facility under a lease expiring on May 31, 2024, and in Pasadena, California, where we occupy an approximately 19,000 square-foot facility under a lease expiring on December 31, 2023. We also have additional offices in the United States as well as internationally including China, Germany, India, Netherlands, New Zealand, Norway, Singapore, Sweden, Switzerland and United Kingdom.
We believe that our current facilities are suitable and adequate to meet our current needs. We intend to add new facilities or expand existing facilities as we add employees, and we believe that suitable additional or substitute space will be available as needed to accommodate any such expansion of our operations.
Item 3. Legal Proceedings.
From time to time we may become involved in legal proceedings or be subject to claims arising in the ordinary course of our business. We are not presently a party to any legal proceedings that, if determined adversely to us, would individually or taken together have a material adverse effect on our business, operating results, financial condition or cash flows. Regardless of the outcome, litigation can have an adverse impact on us because of defense and settlement costs, diversion of management resources and other factors.
Item 4. Mine Safety Disclosures.
Not applicable
55
PART II
Item 5. Market for Registrant’s Common Equity, Related Stockholder Matters and Issuer Purchases of Equity Securities.
Market Information
Our common stock, is listed on The Nasdaq Global Market under the symbol “EVBG.”
As of December 31, 2020, there were 133 holders of record of our common stock. Because many of our shares are held by brokers and other institutions on behalf of stockholders, we are unable to estimate the total number of stockholders represented by these record holders.
Stock Performance Graph
This section is not “soliciting material,” is not deemed “filed” with the SEC and shall not be deemed incorporated by reference into any of our other filings under the Securities Exchange Act of 1934, as amended, or the Securities Act of 1933, as amended, (the “Securities Act”) whether made before or after the date hereof and irrespective of any general incorporation language in any such filing.
The following graph compares the cumulative total return for an investment of $100 in our common stock, the S&P 500 Stock Index and the S&P 500 Information Technology Index. Data for the S&P 500 Stock Index and the S&P 500 Information Technology Index assume reinvestment of dividends.
The comparisons in the graph below are based upon historical data and are not indicative of, nor intended to forecast, future performance of our common stock.
|
|
|
December 31, 2016 |
|
|
December 31, 2017 |
|
|
December 31, 2018 |
|
|
December 31, 2019 |
|
|
December 31, 2020 |
|
|||||
|
Everbridge, Inc. |
|
$ |
100.00 |
|
|
$ |
161.00 |
|
|
$ |
307.00 |
|
|
$ |
422.00 |
|
|
$ |
806.00 |
|
|
S&P 500 Stock Index |
|
$ |
100.00 |
|
|
$ |
119.00 |
|
|
$ |
111.00 |
|
|
$ |
143.00 |
|
|
$ |
166.00 |
|
|
S&P 500 Information Technology Index |
|
$ |
100.00 |
|
|
$ |
137.00 |
|
|
$ |
135.00 |
|
|
$ |
200.00 |
|
|
$ |
285.00 |
|
56
Recent Sale of Unregistered Securities
On February 7, 2020, we issued 96,611 shares of our common stock to various persons and entities as partial consideration for our purchase of Connexient, Inc. The offer, sale and issuance of these shares was deemed to be exempt from registration under the Securities Act in reliance on Rule 506 of Regulation D. The recipients of the shares acquired them for investment only and not with a view to or for sale in connection with any distribution thereof and appropriate legends were affixed to these shares. The recipients were all accredited investors within the meaning of Rule 501 of Regulation D under the Securities Act and had adequate access to information about us. No underwriters or placement agents were involved in this transaction.
On February 25, 2020, we issued 153,217 shares of our common stock to various persons as partial consideration for our purchase of CNL Software Limited. The offer, sale and issuance of these shares was deemed to be exempt from registration under the Securities Act in reliance on Section 4(a)(2) of the Securities Act as a transaction by an issuer not involving a public offering. The recipients of the shares acquired them for investment only and not with a view to or for sale in connection with any distribution thereof and appropriate legends were affixed to these shares. The recipients were all accredited investors within the meaning of Rule 501 of Regulation D under the Securities Act and had adequate access to information about us. No underwrite