Our operations and financial results are subject to various risks and uncertainties including those described below. The risks and uncertainties described below are not the only ones we face. Additional risks and uncertainties that we are unaware of, or that we currently believe are not material, also may become important factors that affect us. If any of the following risks or others not specified below materialize, our business, financial condition and results of operations could be materially adversely affected. In that case, the trading price of our common stock could decline.
If we fail to successfully manage our business model transition, our operating results could be negatively impacted.
Historically we generated a majority of our revenues from perpetual license agreements, whereby we generally recognize the license fee portion of the arrangement upfront, assuming all revenue recognition criteria are satisfied. However, our revenue mix has shifted from sales of perpetual licenses to sales of term licenses and cloud subscriptions and we expect it will continue to shift in favor of cloud subscriptions as we transition to a predominantly subscription model. Generally, as we shifted our licensing model and invoicing practices and continue the shift to cloud subscriptions, we have seen and will continue to see longer periods over which we collect cash from customers, with a negative impact on our operating cash flows, moreover, as cloud services become a larger percentage of our sales, operating margins and the timing of our recognition of revenue will be impacted. To the extent the shift to cloud subscription agreements happens faster than we expect, our ability to predict our revenue and margins may be limited. For example, the recent increase in remote work as a result of the COVID-19 pandemic appears to have accelerated our customers’ shift to cloud subscriptions. Whether our business model transition will prove successful and will accomplish our business and financial objectives is subject to numerous uncertainties, including but not limited to: customer demand, renewal and expansion rates, our ability to further develop and scale infrastructure, tax and accounting implications, pricing, and our costs. In addition, we expect the metrics we use to gauge the status of our business model transition may continue to evolve over the course of the transition as significant trends emerge. If we do not successfully execute this transition, our business and future operating results could be adversely affected.
Our future operating results may fluctuate significantly and our operating results may not be a good indication of future performance.
Our revenues, operating margins, cash flows and other operating results could vary significantly from period to period as a result of various factors, many of which are outside of our control. Comparing our revenues and operating results on a period-to-period basis may not be meaningful, and our past results should not be relied upon as an indication of our future performance. For example, we generally recognize term license revenues, in addition to perpetual license revenues, upfront and recognize revenues associated with our cloud services ratably over the term of the agreement. At the beginning of each period, we cannot predict the ratio of orders with revenues that will be recognized upfront and those with revenues that will be recognized ratably that we will enter into during the quarter, due to the fact that our customers have the ability to choose between a term license and cloud subscription agreement. In addition, the size of our licenses and orders varies greatly and can result in fluctuations in our revenues and operating results. A portion of revenue recognized in any given quarter is a result of ratably recognized agreements entered into during previous quarters, including agreements for our cloud services and maintenance and support agreements. Consequently, a decline in business from such ratably recognized agreements in any quarter may not be reflected in our revenue results for that quarter. Any such decline, however, will negatively affect our revenues in future quarters. Accordingly, the effect of downturns in sales and market acceptance of our offerings may not be fully reflected in our results of operations until future periods.
We may not be able to accurately predict our future revenues or results of operations. For example, although our shift to a predominantly subscription model generates recurring revenue and cash flows that are expected to be more predictable over time, we may not be able to accurately forecast our revenue, cash flows and other financial results in the near term due to a number of variables, including the timing of our collection of cash, increased annual invoicing, revenue mix, our customers’ rate of adoption of our cloud services model as compared to term licenses, contract durations, and the timing of revenue recognition. We base our current and future expense levels on our operating plans and sales forecasts, and our operating costs are expected to be relatively fixed in the short-term. As a result, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect our financial results for that quarter.
In addition to other risk factors described elsewhere in this “Risk Factors” section, factors that may cause our financial results to fluctuate from quarter to quarter include:
•the impact of our business model transition on our revenue mix, which may impact our revenue, deferred revenue, cash collections, billings, remaining performance obligations, gross margins and operating income;
•the timing of our sales during the quarter, particularly because a large portion of our sales occur toward the end of the quarter, or the loss or delay of a few large transactions;
•changes in the mix of our revenues between term licenses and cloud subscriptions, as well as the duration;
•the mix of revenues attributable to larger transactions as opposed to smaller transactions and the impact that a few large transactions or a change in mix may have on our overall financial results as well as the overall average selling price (“ASP”) of our offerings;
•the renewal and usage rates of our customers;
•changes in the competitive dynamics of our market;
•changes in customers’ budgets and in the timing of their purchasing decisions and in the length of sales cycles;
•changes in our pricing models and practices or those of our competitors;
•changes to our invoicing practices;
•customers delaying purchasing decisions in anticipation of new offerings or software enhancements by us or our competitors or for other reasons;
•customer acceptance of and willingness to pay for new versions of our offerings or new solutions for specific product and end markets;
•our ability to successfully introduce and monetize new offerings and licensing and service models for our new offerings;
•network outages or actual or perceived security breaches or incidents;
•the availability and performance of our cloud services, including Splunk Cloud;
•our ability to control costs, including our operating expenses;
•changes in laws and regulations that impact our business;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate, including impacts from the COVID-19 pandemic;
•the amount and timing of our stock-based compensation expenses;
•changes in accounting standards, particularly those related to revenue recognition and sales commissions;
•use of estimates, judgments and assumptions under current accounting standards;
•the timing of satisfying revenue recognition criteria;
•our ability to qualify and successfully compete for government contracts;
•the collectability of receivables from customers and resellers, which may be hindered or delayed, particularly as the COVID-19 pandemic continues; and
•the removal of metered license enforcement via our software, which could lead to customers delaying renewal or purchasing decisions.
Many of these factors are outside our control, and the variability and unpredictability of such factors could result in our failing to meet or exceed our financial expectations for a given period. We believe that quarter-to-quarter comparisons of our revenues, operating results and cash flows may not necessarily be indicative of our future performance.
If we fail to effectively manage our growth, our business and operating results could be adversely affected.
Although our business has experienced significant growth, we cannot provide any assurance that our business will continue to grow at the same rate or at all. We have experienced and expect to continue to experience growth in our headcount and operations, which has placed and will continue to place significant demands on our management and our operational and financial systems and infrastructure. As of April 30, 2020, approximately 34% of our workforce had been employed by us for less than one year. As we continue to grow, we must effectively integrate, develop and motivate a large number of new employees, while maintaining the effectiveness of our business execution and the beneficial aspects of our corporate culture and values. In particular, we intend to continue to make directed and substantial investments to expand our research and development, sales and marketing, and general and administrative organizations, as well as our international operations.
To effectively manage growth, we must continue to improve our operational, financial and management controls, and our reporting systems and procedures by, among other things:
•improving our key business applications, processes and IT infrastructure to support our business needs and appropriately documenting such systems and processes;
•enhancing information and communication systems to ensure that our employees and offices around the world are well-coordinated and can effectively communicate with each other and our growing base of customers and partners; and
•enhancing our internal controls to ensure timely and accurate reporting of all of our operations and financial results.
These systems enhancements and improvements will require significant capital expenditures and allocation of valuable management and employee resources. If we fail to implement these improvements effectively, our ability to manage our expected growth, ensure uninterrupted operation of key business systems and comply with the rules and regulations that are applicable to public reporting companies will be impaired. Additionally, if we do not effectively manage the growth of our business and operations, the quality of our offerings could suffer, which could negatively affect our brand, financial results and overall business.
The near and long-term impact of the global COVID-19 pandemic on our business, results of operations and cash flows remain uncertain.
In December 2019, COVID-19 was reported in China, in January 2020 the World Health Organization (“WHO”) declared it a Public Health Emergency of International Concern, and in March 2020 the WHO declared it a pandemic. This
contagious disease has continued to spread across the globe and is impacting worldwide economic activity and financial markets.
The COVID-19 pandemic has affected how we and our customers and partners are operating our businesses, and the duration and extent to which this will impact our business, results of operations and cash flows is uncertain. Customers in certain markets and industries that have been significantly affected by the COVID-19 pandemic have, and may in the future continue to, decrease or delay their information technology spending, purchase shorter term contracts or request payment concessions, any of which could result in decreased revenue and cash flows for us. We may experience customer losses, including due to bankruptcy or our customers ceasing operations, which may result in an inability to collect receivables from these customers. A decline in revenue or the collectability of our receivables would harm our business. In addition, the COVID-19 pandemic may disrupt the operations of our customers and partners for an indefinite period of time, including as a result of local, state and federal government public health orders, travel restrictions and/or business shutdowns, all of which could negatively impact our business and results of operations, including cash flows. More generally, the COVID-19 pandemic has adversely affected economies and financial markets globally, and continued uncertainty could potentially lead to an economic downturn, which could decrease technology spending and adversely affect demand for our offerings and harm our business and results of operations.
The nature and extent of the impact of the COVID-19 pandemic on our customers and our customers’ response to the COVID-19 pandemic is difficult to assess or predict, and we may be unable to accurately forecast our revenues or financial results or other performance metrics, especially given that the near and long term impact of the pandemic remains uncertain. Our actual results could be materially above or below our forecasts, which could disappoint analysts and investors and/or cause our stock price to decline.
In light of the uncertain and rapidly evolving situation relating to the spread of COVID-19, we have taken precautionary measures intended to minimize the risk of the disease to our employees, our customers, and the communities in which we operate, which could negatively impact our business. Although we continue to monitor the situation and may adjust our current policies as more information and public health guidance become available, precautionary measures that have been adopted could negatively affect our customer success efforts, employee productivity, sales and marketing efforts, including as a result of travel restrictions, delay and lengthen our sales cycles, or create operational or other challenges, any of which could harm our business and results of operations. Additionally, with so many of our employees now working remotely, we are at risk for cyber security-related breaches. We continue to take steps to monitor and enhance the security of our systems, IT infrastructure, networks, and data; however, the unprecedented scale of remote work may require additional personnel and resources, which nevertheless cannot be guaranteed to fully safeguard all systems, IT infrastructure networks, and data upon which we rely.
It is not possible at this time to estimate the impact that the COVID-19 pandemic could have on our business, as the impact will depend on future developments, including the duration, spread, severity, and potential recurrence of a COVID-19 pandemic, which are highly uncertain and cannot be predicted. Furthermore, due to our shift to a predominantly subscription model, the effect of the COVID-19 pandemic may not be fully reflected in our results of operations until future periods.
We face intense competition in our markets, and we may be unable to compete effectively against our current and future competitors.
Although our offerings target the new and emerging market for software and cloud services that deliver real-time business insights from data, we compete against a variety of large cloud service providers and software vendors, as well as smaller specialized companies, open source projects and custom development efforts, which provide solutions in the specific markets we address. Our principal competitors include:
•large cloud service providers, as well as small, specialized vendors, that provide complementary and competitive solutions in enterprise data analytics, security offerings, log aggregation and management, data warehousing, orchestration, automation, incident response and big data technologies that may compete with our offerings;
•IT departments of potential customers which have undertaken custom software development efforts to analyze and manage their data;
•companies targeting the big data market by commercializing open source software, such as Elastic;
•security, systems management and other IT vendors, including BMC Software, IBM, Intel, Micro Focus, Microsoft and VMware;
•business intelligence vendors, analytics and visualization vendors, including IBM and Oracle;
•cloud monitoring and APM vendors, including Cisco AppDynamics, Datadog and New Relic; and
•public cloud providers, including Amazon (Amazon Web Service), Google (Google Cloud Platform) and Microsoft (Microsoft Azure).
The principal competitive factors in our markets include features, performance and support, scalability and flexibility, ease of deployment and use, total cost of ownership and time to value. Some of our current and potential competitors have advantages over us, such as longer operating histories, significantly greater financial, technical, marketing or other resources, stronger brand and business user recognition, larger intellectual property portfolios, broader global distribution and presence and more developed ecosystems of partners and skilled users. Further, competitors may be able to offer products or functionality similar to ours at a more attractive price than we can, such as by integrating or bundling their software products with their other product offerings. In addition, our industry is evolving rapidly and is becoming increasingly competitive. Larger and more established companies may focus on delivering real-time business insights from data and could directly compete with us. For example, companies may commercialize open source software, such as Elasticsearch, in a manner that competes with our offerings or causes potential customers to believe that such product and our offerings perform the same function. If companies move a greater proportion of their data and computational needs to the cloud, new competitors may emerge that offer services comparable to ours or that are better suited for cloud-based data, and the demand for our offerings may decrease. Smaller companies could also launch new products and services that we do not offer and that could gain market acceptance quickly.
In recent years, there have been significant acquisitions and consolidation by and among our competitors. We anticipate this trend of consolidation will continue, which will present heightened competitive challenges to our business. In particular, consolidation in our industry increases the likelihood of our competitors offering bundled or integrated products, and we believe that it may increase the competitive pressures we face with respect to our offerings. If we are unable to differentiate our offerings from the integrated or bundled products of our competitors, such as by offering enhanced functionality, performance or value, we may see decreased demand for those offerings, which would adversely affect our business operations, financial results and growth prospects. Further, it is possible that continued industry consolidation may impact customers’ perceptions of the viability of smaller or even medium-sized software firms and consequently their willingness to use software solutions from such firms. Similarly, if customers seek to concentrate their software license purchases in the product portfolios of a few large providers, we may be at a competitive disadvantage regardless of the performance and features of our offerings. We believe that in order to remain competitive at the large enterprise level, we will need to develop and expand relationships with resellers and large system integrators that provide a broad range of products and services. If we are unable to compete effectively, our business operations and financial results could be materially and adversely affected.
If our new and existing offerings and product enhancements do not achieve sufficient market acceptance, our financial results and competitive position will suffer.
Our business substantially depends on, and we expect our business to continue to substantially depend on, sales of licenses, maintenance and services related to Splunk Enterprise. As such, the market acceptance of Splunk Enterprise is critical to our continued success. Demand for Splunk Enterprise is affected by a number of factors beyond our control, including continued market acceptance of Splunk Enterprise by referenceable accounts for existing and new use cases, the timing of development and release of new products by our competitors, technological change, and growth or contraction in our market and the economy in general. If we are unable to continue to meet customer demands or to achieve more widespread market acceptance of Splunk Enterprise, our business operations, financial results and growth prospects will be materially and adversely affected.
We spend substantial amounts of time and money to research and develop or acquire new offerings and enhanced versions of our existing offerings to incorporate additional features, improve functionality or other enhancements in order to meet our customers’ rapidly evolving demands. In addition, we continue to invest in solutions that can be deployed on top of our platform to target specific use cases and to cultivate our community of application developers and users. When we develop a new or enhanced version of an existing offering, we typically incur expenses and expend resources upfront to market, promote and sell the new offering. Therefore, when we develop or acquire new or enhanced offerings, their introduction must achieve high levels of market acceptance in order to justify the amount of our investment in developing and bringing them to
market. For example, if our cloud services such as Splunk Cloud do not garner widespread market adoption and implementation, our financial results and competitive position could suffer.
Further, we may make changes to our offerings that our customers do not like, find useful or agree with. We may also discontinue certain features, begin to charge for certain features that are currently free or increase fees for any of our features or usage of our offerings.
Our new and existing offerings or product enhancements and changes to our existing offerings could fail to attain sufficient market acceptance for many reasons, including:
•our failure to predict market demand accurately in terms of product functionality and to supply offerings that meet this demand in a timely fashion;
•defects, errors or failures;
•negative publicity about their performance or effectiveness;
•delays in releasing to the market our new offerings or enhancements to our existing offerings to the market;
•introduction or anticipated introduction of competing products by our competitors;
•inability to scale and perform to meet customer demands;
•poor business conditions for our end-customers, causing them to delay IT purchases; and
•reluctance of customers to purchase products incorporating open source software.
If our new or existing offerings or enhancements and changes do not achieve adequate acceptance in the market, our competitive position will be impaired, and our revenue, business and financial results will be negatively impacted. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred in connection with the new offerings or enhancements.
If customers do not expand their use of our offerings beyond the current predominant use cases, our ability to grow our business and operating results may be adversely affected.
Most of our customers currently use our offerings to support application management, IT operations, security and compliance functions. Our ability to grow our business depends in part on our ability to help enable current and future customers to increase their use of our offerings for their existing use cases and expand their use of our offerings to additional use cases, such as facilities management, supply chain management, business analytics, IoT and customer analytics. If we fail to achieve market acceptance of our offerings for these applications, if we fail to predict demand for product functionality or respond to such demand in a timely fashion, if our customers are not satisfied with our offerings, or if a competitor establishes a more widely adopted solution for these applications, our ability to grow our business and financial results will be adversely affected.
Our business and growth depend substantially on customers entering into, renewing, upgrading and expanding their term licenses, agreements for cloud services and maintenance and support agreements with us. Any decline in our customer renewals, upgrades or expansions could adversely affect our future operating results.
We typically enter into term-based agreements for our licensed on-premises offerings, cloud services, and maintenance and support services, which customers have discretion to renew or terminate at the end of the initial term. In order for us to improve our operating results, it is important that new customers enter into renewable agreements, and our existing customers renew, upgrade and expand their term-based agreements when the initial contract term expires. Our customers have no obligation to renew, upgrade or expand their agreements with us after the terms have expired. Our customers’ renewal, upgrade and expansion rates may decline or fluctuate as a result of a number of factors, including their satisfaction or dissatisfaction with our offerings, our pricing, the effects of general economic conditions, competitive offerings or alterations or reductions in our customers’ spending levels. For example, the impact of the COVID-19 pandemic on the current economic environment has caused, and may in the future cause, customers to request concessions such as extended payment terms or better pricing or be
unwilling to commit to long-term contracts. If our customers do not renew, upgrade or expand their agreements with us or renew on terms less favorable to us, our revenues may decline.
If we or our third-party service providers experience a security breach or unauthorized parties otherwise obtain access to our customers’ data, our data, or our cloud services, our offerings may be perceived as not being secure, our reputation may be harmed, demand for our offerings may be reduced, and we may incur significant liabilities.
Our offerings involve the storage and transmission of data, and security breaches and incidents could result in the loss of this information, litigation, indemnity obligations, fines, penalties and other liability. We may become the target of cyber-attacks by third parties seeking unauthorized access to our data or our customer’s data or to disrupt our ability to provide services. Because there are many different techniques used to obtain unauthorized access to systems and data, and such techniques continue to evolve, we may be unable to anticipate attempted security breaches and incidents and proactively implement adequate preventative measures. Additionally, with so many of our employees now working remotely due to the COVID-19 pandemic, we may face an increased risk of attempted security breaches and incidents. While we have taken steps to protect the confidential information that we have access to, including confidential information we may obtain through our customer support services or customer usage of our cloud services, our security measures or those of our third-party service providers could be breached or otherwise fail to prevent unauthorized access to or disclosure, modification, misuse, loss or destruction of such information. Computer malware, viruses, social engineering (phishing attacks), and increasingly sophisticated network attacks have become more prevalent in our industry, particularly against cloud services. In the first quarter of fiscal 2019, we took corrective action against an attacker who utilized compromised credentials to access and delete compute capacity in the Splunk Cloud environment. In addition, we do not directly control content that customers store in our offerings. If customers use our offerings for the transmission or storage of personal information or other sensitive types of information and our security measures are, or are believed to have been breached as a result of third-party action, employee error, malfeasance or otherwise, our reputation could be damaged, our business may suffer, and we could incur significant liability.
We also process, store and transmit our own data as part of our business and operations. This data may include personal, confidential or proprietary information. We make use of third-party technology and systems for a variety of reasons, including, without limitation, encryption and authentication technology, employee email, content delivery to customers, back-office support, credit card processing, human resources services, customer relationship management, enterprise risk planning and other functions. Although we have developed systems and processes that are designed to protect customer information and prevent data loss and other security breaches and incidents, and to reduce the impact of a security breach or incident at a third-party vendor, such measures cannot provide absolute security. There can be no assurance that any security measures that we or our third-party service providers have implemented will be effective against current or future security threats. While we maintain measures designed to protect the integrity, confidentiality and security of our data, our security measures or those of our third-party service providers could fail and result in unauthorized access to or disclosure, modification, misuse, loss or destruction of such data.
Any security breach or other security incident, or the perception that one has occurred, could result in a loss of customer confidence in the security of our offerings and damage to our brand, reduce the demand for our offerings, disrupt normal business operations, require us to spend material resources to investigate or correct the breach and to prevent future security breaches and incidents, expose us to legal liabilities, including litigation, regulatory enforcement, and indemnity obligations, and adversely affect our revenues and operating results. These risks may increase as we continue to grow the number and scale of our cloud services, and process, store, and transmit increasing amounts of data.
Third parties may also conduct attacks designed to deny customers access to our cloud services. A significant disruption in access to, or ability to use, our cloud services could damage our reputation with current and potential customers, expose us to liability, cause us to lose customers or otherwise negatively affect our business.
Additionally, we cannot be certain that our insurance coverage will be adequate for data security liabilities actually incurred, will cover any indemnification claims against us relating to any incident, that insurance will continue to be available to us on economically reasonable terms, or at all, or that any insurer will not deny coverage as to any future claim. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, could have a material adverse effect on our business, including our financial condition, operating results, and reputation.
We employ multiple, unique and evolving pricing models, which subject us to various pricing and licensing challenges that could make it difficult for us to derive value from our customers and may adversely affect our operating results.
We employ multiple, unique and evolving pricing models for our offerings. For example, we generally charge our customers for their use of Splunk Enterprise based on either the estimated daily data indexing capacity or compute resources our customers require. In addition, Splunk Cloud is generally priced based on either the volume of data indexed per day including a fixed amount of data storage, or purchased infrastructure and data storage our customers require, while Splunk Phantom and VictorOps are priced by the number of seats that use the products. We offer term licensing options for on-premises offerings and have some remaining perpetual licenses with existing customers, which each have different payment schedules, and depending on the mix of such licenses and cloud subscriptions, our revenues or deferred revenues could be adversely affected. Our pricing models may ultimately result in a higher total cost to our customers generally as data volumes increase over time, or may cause our customers to limit or decrease usage in order to stay within the limits of their existing licenses or lower their costs, making it more difficult for us to compete in our markets or negatively impacting our financial results. As the amount of data within our customers’ organizations grows, we face downward pressure from our customers regarding our pricing, which could adversely affect our revenues and operating margins. In addition, our unique pricing models may allow competitors with different pricing models to attract customers unfamiliar or uncomfortable with our pricing models, which would cause us to lose business or modify our pricing models, both of which could adversely affect our revenues and operating margins. We have introduced and expect to continue to introduce variations to our pricing models, including but not limited to, predictive pricing programs, infrastructure-based pricing, data ingestion pricing, “rapid adoption” packages and other pricing programs that provide broader usage and cost predictability as well as tiered pricing based on deployment models, data source types, compute and storage units and customer environments. Although we believe that these pricing models and variations to these models will drive net new customers and increase customer adoption, it is possible that they will not and may potentially cause customers to decline to purchase or renew licenses or confuse customers and reduce their lifetime value, which could negatively impact our revenue, business and financial results.
Furthermore, while our offerings can measure and limit customer usage, we removed metered license enforcement via our software under certain circumstances, and in other circumstances, such limitations may be improperly circumvented or otherwise bypassed by users. Similarly, we provide our customers with an encrypted license key for enabling their use of our offerings. There is no guarantee that users of our offerings will abide by the terms of these license limitations or encrypted license keys, and if they do not, we may not be able to capture the full value for the use of our offerings. For example, our enterprise license is generally meant for our customers’ internal use only. If our internal use customers improperly make our offerings available to their customers or other third parties, for example, through a cloud or managed service offering not authorized by us, it may displace our end user sales. Additionally, if an internal use customer that has received a volume discount from us improperly makes available our offerings to its end customers, we may experience price erosion and be unable to capture the appropriate value from those end customers.
We increasingly rely on third-party providers of cloud infrastructure services to deliver our offerings to users on our platform, and any disruption of or interference with our use of these services could adversely affect our business.
Our cloud services, such as Splunk Cloud, are hosted exclusively by third party providers of cloud infrastructure services (“Cloud Service Providers”). We do not have control over the operations or the facilities of Cloud Service Providers that we use, and any changes in a Cloud Service Provider’s service levels, which may be less than 100%, may adversely affect our ability to meet the commitments we make to our customers and their requirements. We currently offer a 100% uptime service level agreement (“SLA”) for Splunk Cloud. It may become increasingly difficult to maintain and improve our performance, especially during peak usage times, as the usage of our offerings increases. If any of the services provided by the Cloud Service Providers fail or become unavailable due to extended outages, interruptions or because they are no longer available on commercially reasonable terms or prices, or if we are unable to deliver 100% uptime under our SLAs, our revenues could be reduced, our reputation could be damaged, we could be exposed to legal liability, expenses could increase, our ability to manage our finances could be interrupted and our processes for managing sales of our offerings and supporting our customers could be impaired until equivalent services, if available, are identified, obtained and implemented, all of which could adversely affect our business, financial results and the usage of our offerings. If we are unable to renew our agreements with our Cloud Service Providers on commercially reasonable terms, or our agreement is prematurely terminated, or we need to add new Cloud Services Providers to increase capacity and uptime, we could experience interruptions, downtime, delays, and additional expenses related to transferring to and providing support for these new platforms. Any of the above circumstances or
events may harm our reputation and brand, reduce the availability or usage of our platform and impair our ability to attract new users, any of which could adversely affect our business, financial condition and results of operations.
Failure to protect our intellectual property rights could adversely affect our business and our brand.
Our success and ability to compete depends, in part, on our ability to protect our trade secrets, trademarks, copyrights, patents, know-how, confidential information, proprietary methods and technologies and other intellectual property and proprietary rights, so that we can prevent others from using our inventions, proprietary information and property. We generally rely on patent, copyright, trade secret and trademark laws, and confidentiality or license agreements with our employees, consultants, vendors, customers, partners and others, and generally limit access to and distribution of our proprietary information, in order to protect our intellectual property rights and maintain our competitive position. However, we cannot guarantee that the steps we take to protect our intellectual property rights will be effective.
Our issued patents and any patents issued in the future may not provide us with any competitive advantages, and our patent applications may never be granted. Additionally, the process of obtaining patent protection is expensive and time-consuming, and we may not be able to file and prosecute all necessary or desirable patent applications, or we may not be able to do so at a reasonable cost or in a timely manner. Even if issued, there can be no assurance that these patents will adequately protect our intellectual property, as the legal standards relating to the infringement, validity, enforceability and scope of protection of patent and other intellectual property rights are complex and often uncertain. Any patents that are issued, and any of our other intellectual property rights may be challenged by others and invalidated or narrowed through administrative process, litigation, or similar proceedings, allowing other companies to develop offerings that compete with ours, which could adversely affect our competitive business position, business prospects and financial condition. In addition, issuance of a patent does not guarantee that we have a right to practice the patented invention. We cannot be certain that we were the first to use the inventions claimed in our issued patents or pending patent applications or otherwise used in our offerings, that we were the first to file patent applications, or that third parties do not have blocking patents that could be used to prevent us from marketing or practicing our offerings or technology. Effective patent, trademark, copyright and trade secret protection may not be available to us in every country in which our offerings are available. The laws of some foreign countries may not be as protective of intellectual property rights as those in the United States (in particular, some foreign jurisdictions do not permit patent protection for software, and even in the United States, this protection is limited), and mechanisms for enforcement of intellectual property rights may be inadequate. As we expand our international activities, our exposure to unauthorized copying and use of our products and platform capabilities and proprietary information will likely increase. Additional uncertainty may result from recent and future changes to intellectual property legislation in the United States and other countries and from interpretations of the intellectual property laws of the United States and other countries by applicable courts and agencies. Further, although we endeavor to enter into non-disclosure agreements with our employees, licensees and others who may have access to confidential and proprietary information, we cannot assure that these agreements or other steps we have taken will prevent unauthorized use, disclosure or reverse engineering of our technology.
Moreover, third parties may independently develop technologies or products that compete with ours, and we may be unable to prevent this competition.
We might be required to spend significant resources to defend, monitor, and protect our intellectual property rights, such as by initiating claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. However, we may not prevail in any lawsuits that we initiate, and the damages or other remedies awarded, if any, may not be adequate to compensate us for the harm suffered. Additionally, we may provoke third parties to assert counterclaims against us. Any litigation, whether or not it is resolved in our favor, could result in significant expense to us and divert the efforts of our technical and management personnel, which may adversely affect our business operations or financial results. For any of these reasons, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our intellectual property. If we fail to protect our intellectual property rights adequately, our competitors might gain access to our technology or use of our brand, and our business might be adversely affected.
We have been, and may in the future be, subject to intellectual property rights claims by third parties, which are extremely costly to defend, could require us to pay significant damages and could limit our ability to use certain technologies.
Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to
dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners that have no relevant product revenues and against which our patents may therefore provide little or no deterrence. From time-to-time, third parties, including certain of these leading companies and non-practicing entities, have asserted and may assert patent, copyright, trademark or other intellectual property rights against us, our partners, our technology partners or our customers. We have received, and may in the future receive, notices that claim we have misappropriated, misused, or infringed other parties’ intellectual property rights, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement claims, which is not uncommon with respect to the enterprise software market.
There may be third-party intellectual property rights, including issued or pending patents, that cover or claim to cover significant aspects of our technologies or business methods. We may be exposed to increased risk of being the subject of intellectual property infringement claims as a result of acquisitions, as, among other things, we have a lower level of visibility into the development process with respect to such technology or the care taken to safeguard against infringement risks. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages or enhanced statutory damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third-party’s rights. We might be required to seek a license for the intellectual property, which may not be available on reasonable terms or at all. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our offerings and may be unable to compete effectively. Any of these results would adversely affect our business operations and financial results.
We have a history of losses, and we may not be profitable in the future.
We have incurred net losses in each year since our inception. As a result, we had an accumulated deficit of $1.87 billion at April 30, 2020. Because our products and offerings, as well as the market for these products and offerings, continues to evolve, it is difficult for us to predict our future operating results. We expect our operating expenses to increase over the next several years as we hire additional personnel, expand and improve the effectiveness of our distribution channels, improve the performance and scalability of our technology architecture, and continue to develop features and functionality for our offerings. In addition, as a public company, we have incurred and will continue to incur significant legal, accounting and other operating expenses. If our revenues do not increase to offset these increases in our operating expenses, we may not be profitable in future periods. Our historical revenue growth has been inconsistent and should not be considered indicative of our future performance particularly as our business model transitions. Further, in future periods, our revenue growth could slow, or our revenues could decline for a number of reasons, including slowing demand for our offerings, increasing competition, a decrease in the growth of our overall market, changes in our mix of revenues, or our failure, for any reason, to continue to capitalize on growth opportunities. Any failure by us to achieve, sustain or increase profitability on a consistent basis could cause the value of our common stock to decline.
Splunk Cloud, as well as cloud services for other products, require costly and continual infrastructure investments, and market adoption of these cloud services could adversely affect our business.
A cloud-based model of software deployment is one in which a software provider typically licenses an application to customers for use as a service on demand through web browser technologies. Delivering software under a cloud-based model results in higher costs and expenses when compared to sales of on-premises licenses for similar functionality. In recent years, companies have begun to expect that key software, such as customer relationship management and enterprise resource planning systems, be provided through a cloud-based model. Many of our offerings are now made available in the cloud as well as on-premises. Customers can sign up for Splunk Cloud and other services and avoid the need to provision, deploy and manage internal infrastructure. In order to provide Splunk Cloud and other services via a cloud-based deployment, we have made and will continue to make capital investments and incur substantial costs to implement and maintain this alternative business model. In addition, as we look to deliver more cloud services, we are making significant technology investments to deliver new capabilities and advance our software to deliver cloud-native customer experiences. We expect that over time the percentage of our revenue attributable to our cloud services will increase. If our cloud services, in particular Splunk Cloud, do not garner widespread market adoption, or there is a reduction in demand for cloud services caused by a lack of customer acceptance, technological challenges, weakening economic or political conditions, security or privacy concerns, inability to properly manage such services, competing technologies and products, decreases in corporate spending or otherwise, our financial results, business model and competitive position could suffer. If these investments do not yield the expected return, or we are unable to
decrease the cost of providing our cloud services, our gross margins, overall financial results, business model and competitive position could suffer. Transitioning to a cloud-based model also impacts the way we recognize revenues, which may affect our operating results and could have an adverse effect on our business operations and financial results.
Even with these investments and costs, the cloud-based business model for Splunk Cloud and other services may not be successful, as some customers may desire only on-premises licenses to our offerings. Our cloud services may raise concerns among customers, including concerns regarding changes to pricing models, service availability, scalability, ability to use customer-developed apps, information security of a cloud service and hosted data, and access to data while offline or once a subscription has expired. Market acceptance of our cloud services can be affected by a variety of factors, including but not limited to: security, reliability, performance, terms of service, support terms, customer preference, community engagement, customer concerns with entrusting a third party to store and manage their data, public concerns regarding data privacy or data protection, and the enactment of restrictive laws or regulations in the affected jurisdictions. If we or other providers of cloud services experience security incidents or breaches, loss of customer data, disruptions in delivery of services, network outages, disruptions in availability of the internet, unauthorized access or other problems, the market for cloud services as a whole, including Splunk Cloud, may be negatively affected. Moreover, sales of Splunk Cloud and other services could displace sales of our on-premises software licenses. Alternatively, subscriptions to Splunk Cloud and other services that exceed our expectations may unexpectedly increase our costs, lower our margins, lower our profits or increase our losses and otherwise negatively affect our projected financial results.
Interruptions or performance problems associated with our technology and infrastructure, and our reliance on Software-as-a-Service (“SaaS”) technologies from third parties, may adversely affect our business operations and financial results.
Our continued growth depends in part on the ability of our existing and potential customers to use and access our cloud services or our website in order to download our on-premises software or encrypted access keys for our software within an acceptable amount of time. In addition, we rely heavily on hosted SaaS technologies from third parties in order to operate critical functions of our business, including enterprise resource planning services and customer relationship management services. We have experienced and may in the future experience, website and cloud service disruptions, storage failures, outages and other performance problems due to a variety of factors, including infrastructure changes, human or software errors, capacity constraints due to an overwhelming number of users accessing our website and services simultaneously, unauthorized access, denial of service, security or ransomware attacks. In some instances, we may not be able to identify the cause or causes of these website or service performance problems within an acceptable period of time. It may become increasingly difficult to maintain and improve our website and service performance, especially during peak usage times and as our offerings become more complex and our user traffic increases. If our website or cloud services are unavailable or if our users are unable to download our software or encrypted access keys within a reasonable amount of time or at all, we could suffer damage to our reputation with current and potential customers, be exposed to legal liability, and lose customers, all of which could negatively affect our business. We expect to continue to make significant investments to maintain and improve website and service performance and to enable rapid releases of new features and apps for our offerings. To the extent that we do not effectively address capacity constraints, upgrade our systems as needed and continually develop our technology and network architecture to accommodate actual and anticipated changes in technology, our business and operating results may be adversely affected.
Our sales cycle is long and unpredictable, particularly with respect to large customers, and our sales efforts require considerable time and expense.
Our operating results may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of the sales cycle of our offerings and the short-term difficulty in adjusting our operating expenses. Our operating results depend in part on sales to large customers. The length of our sales cycle, from initial evaluation to delivery of and payment for the software license, varies substantially from customer to customer. This variation is due to numerous factors, including in the expansion of our offerings and new pricing models, as well as the potential for different buying centers for the same offering. In addition, the introduction of Splunk Cloud has generated interest from our customers who are also considering purchasing and deploying Splunk Enterprise on-premises. In some cases, our customers may wish to consider a combination of these offerings, potentially further slowing our sales cycle. Our sales cycle can extend to more than a year for certain customers, particularly large customers. It is difficult to predict exactly when, or even if, an existing customer will convert from a perpetual license to term license or to cloud services, we will make a sale with a potential customer, or a user of a trial version of one of our offerings will upgrade to the paid version of that offering. As a result, large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. The loss or delay of one or more large transactions in a quarter could impact our operating results for that quarter and any future quarters for which revenues from that transaction are
delayed. As a result of these factors, it is difficult for us to forecast our revenues accurately in any quarter. Because a substantial portion of our expenses are relatively fixed in the short-term (subject to rising fixed costs in the longer term as discussed above), our operating results will suffer if revenues fall below our expectations in a particular quarter, which could cause the price of our common stock to decline.
Our international sales and operations subject us to additional risks and challenges that can adversely affect our business operations and financial results.
During the three months ended April 30, 2020, we derived approximately 35% of our total revenues from customers outside the United States, and we are continuing to expand our international operations as part of our growth strategy. We currently have sales personnel and sales and support operations in the United States and certain countries around the world. To the extent that we experience difficulties in recruiting, training, managing, or retaining non-U.S. staff, and specifically sales management and sales personnel staff, we may experience difficulties in sales productivity in, or market penetration of, non-U.S. markets. Additionally, our sales organization outside the United States is substantially smaller than our sales organization in the United States, and we rely heavily on our indirect sales channel for non-U.S. sales. Our ability to convince customers to expand their use of our offerings or renew their maintenance and support agreements with us is directly correlated to our direct engagement with the customer. To the extent we are unable to engage with non-U.S. customers effectively with our limited sales force, professional services and support capacity or our indirect sales model, we may be unable to grow sales to existing customers to the same degree we have experienced in the United States.
Our international operations subject us to a variety of risks and challenges, including:
•increased management, travel, infrastructure and legal compliance costs associated with having multiple international operations;
•reliance on partners, which may have different incentives or may sell competing products, as well as different approaches with respect to compliance with laws and regulations, business practices and other day-to-day activities;
•longer payment cycles and difficulties in collecting accounts receivable or satisfying revenue recognition criteria, especially in emerging markets;
•increased financial accounting and reporting burdens and complexities;
•general economic conditions in each country or region;
•political uncertainty around the world;
•compliance with multiple and changing foreign laws and regulations, including those governing employment, tax, privacy and data protection, data transfer and the risks and costs of non-compliance with such laws and regulations;
•compliance with laws and regulations for foreign operations, including the United States Foreign Corrupt Practices Act, the United Kingdom Bribery Act, import and export control laws, tariffs, trade barriers, economic sanctions and other regulatory or contractual limitations on our ability to sell our offerings in certain foreign markets, and the risks and costs of non-compliance, including as a result of any changes in trade relations, sanctioned parties or other restrictions;
•heightened risks of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of financial statements and irregularities in financial statements;
•fluctuations in currency exchange rates and the related effect on our financial results;
•difficulties in repatriating or transferring funds from, or converting currencies in, certain countries;
•the need for localized software and licensing programs;
•reduced protection for intellectual property rights in some countries and practical difficulties of enforcing intellectual property and contract rights abroad; and
•natural disasters, diseases and pandemics, such as COVID-19, that may disproportionately affect areas in which we do business.
A number of recent geopolitical events may impact our financial statements and results of operation. Following a referendum in June 2016 in which voters in the United Kingdom approved an exit from the European Union (“EU”) (often referred to as “Brexit”), and on January 31, 2020, the United Kingdom officially left the European Union pursuant to Brexit, with a transitional period during with the United Kingdom remains bound to the EU’s rules, set to end on December 31, 2020. Brexit has created an uncertain political and economic environment in the United Kingdom and other European Union countries. Following the transition period, the United Kingdom will lose access to the EU single market and to EU trade deals negotiated with other jurisdictions, so the long-term effects of Brexit will depend on the agreements or arrangements with the EU for the United Kingdom to retain access to EU markets either during the transitional period or more permanently. Brexit may cause disruption to our business, including affecting relationships with existing and future customers, suppliers, and employees. For example, all our sales to customers based in the EU are transacted through our subsidiary incorporated in the United Kingdom and at this time, we are unable to determine the effects, if any, of Brexit on our sales to these customers. The economic and legal uncertainty caused by Brexit in the region and globally could also adversely affect the tax, operational, legal and regulatory regimes to which our business is subject. Brexit may subject us to new regulatory costs and challenges, in addition to other adverse effects that we are unable effectively to anticipate.
Any of these risks could adversely affect our international operations, reduce our international revenues or increase our operating costs, adversely affecting our business operations, financial results and growth prospects.
In addition, compliance with laws and regulations applicable to our international operations increases our cost of doing business in foreign jurisdictions. We may be unable to keep current with changes in foreign government requirements and laws as they change from time to time. Failure to comply with these regulations could have adverse effects on our business. In many foreign countries, it is common for others to engage in business practices that are prohibited by our internal policies and procedures or United States regulations applicable to us. In addition, although we have implemented policies and procedures designed to ensure compliance with these laws and policies, there can be no assurance that all of our employees, contractors, partners and agents will comply with these laws and policies. Violations of laws or key control policies by our employees, contractors, partners or agents could result in delays in revenue recognition, financial reporting misstatements, fines, penalties, or the prohibition of the importation or exportation of our offerings and could have a material adverse effect on our business operations and financial results.
If we are unable to maintain successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings, our business operations, financial results and growth prospects could be adversely affected.
In addition to our direct sales force, we use partners, such as distributors and resellers, to license, provide professional services and support our offerings. Historically, we have relied on a limited number of such partners for a substantial portion of our total sales, particularly in the Europe, Middle East and Africa (“EMEA”) and Asia Pacific (“APAC”) regions, and for sales to government agencies. For example, sales through our top two partners represented 43% of our revenue in the three months ended April 30, 2020. We expect that sales through partners in all regions will continue to grow as a portion of our revenues for the foreseeable future. As changes in our partner strategy are implemented, including potentially emphasizing partner-sourced transactions, results from sales through our partners may be adversely affected.
Our agreements with our partners are generally non-exclusive, meaning our partners may offer customers the products of several different companies, including products that compete with ours. If our partners do not effectively market and sell our offerings, choose to use greater efforts to market and sell their own products or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our offerings may be adversely affected. Our partners may cease marketing our offerings with limited or no notice and with little or no penalty. The loss of a substantial number of our partners or any of our key partners, our possible inability to replace them, or the failure to recruit additional partners could materially and adversely affect our results of operations and could have an impact on the growth rate of our revenue as we work to obtain new partners or replacement relationships. In addition, sales by partners are more likely than direct sales to involve collectability and compliance concerns, in particular sales by our partners in developing markets, and accordingly, variations in
the mix between revenues attributable to sales by partners and revenues attributable to direct sales may result in fluctuations in our operating results.
As we are transitioning our business model, the manner in which we conduct business with and compensate our partners, as well as the business demands placed upon our partners will likely change, requiring some of our historically effective partners to adapt their sales and marketing techniques to sell cloud services and term licenses. Such changes may lead to shorter duration contracts, which require more frequent customer contact by, and different business terms with, our partners. In some circumstances, new partners may be more effective in adapting to our new business model, particularly when such partners have experience selling cloud services. Therefore, our expectations for our partners, and our rubric for evaluating compatible partners may change, which may adversely impact our results of operations during the transition.
Our ability to achieve revenue growth in the future will depend in part on our success in maintaining successful relationships with our partners, and to help our partners enhance their ability to independently sell and deploy our offerings. In order to achieve these objectives, we may be required to adjust our incentives, pricing or discount programs for our partners, which could adversely affect our operating results. If we are unable to maintain our relationships with these partners, or otherwise develop and expand our indirect distribution channel, our business, results of operations, financial condition or cash flows could be adversely affected.
Our sales to public sector customers are subject to a number of additional challenges and risks.
We derive a portion of our revenues from contracts with U.S. federal, state and local and foreign governments, and we believe that the success and growth of our business will continue to depend on our successful procurement of government contracts. For our sales to these public sector customers, we must comply with laws and regulations relating to the formation, administration and performance of contracts, which affect how our partners and how we do business with governmental agencies. These laws and regulations provide public sector customers rights, many of which are not typically found in commercial contracts. These may include rights with respect to price protection, the accuracy of information provided to the government, compliance with procurement integrity and government ethics, access to classified information, compliance with supply chain requirements and supplier diversity policies, and other terms that are particular to public sector customers. These laws and regulations may impose added costs on our business, and failure to comply with these or other applicable regulations and requirements, including non-compliance in the past, could lead to claims for damages or other relief, penalties, termination of contracts, loss of exclusive rights in our intellectual property, and temporary suspension or permanent debarment from government contracting. Any such damages, penalties, disruptions or limitations in our ability to do business with the public sector could have a material adverse effect on our business operations and financial results.
In October 2019, we received authorization under the U.S. Federal Risk and Authorization Management Program (“FedRAMP”) that allows U.S. federal government agencies and contractors to have greater integration with our platform if and when they transition to cloud-based computing. At the same time, FedRAMP places an increased compliance burden upon us, which may increase our internal costs to provide services to government agencies. If we cannot adequately comply with FedRAMP compliance requirements, our growth could be adversely impacted, and we could incur significant liability and our reputation and business could be harmed.
Factors that could impede our ability to maintain or increase the amount of revenues derived from government contracts, include:
•changes in fiscal or contracting policies;
•decreases in available government funding;
•restrictions in the award of personal security clearances to our employees;
•ability to adapt to public sector budgetary cycles and funding authorizations, with funding reductions or delays having an adverse impact on public sector demand for our products;
•changes in government programs or applicable requirements;
•changes in government sanctions programs and related policies;
•the adoption of new laws or regulations or changes to existing laws or regulations;
•noncompliance with laws, contract provisions or government procurement or other applicable regulations, or the perception that any such noncompliance has occurred or is likely;
•ability to maintain the facility clearance required to perform on classified contracts for U.S. federal government agencies, or to maintain security clearances for our employees;
•changes to government certification requirements;
•ability to achieve or maintain one or more government certifications, including our existing FedRAMP certification;
•an extended government shutdown or other potential delays or changes in the government appropriations or other funding authorization processes;
•changes in the duration of our contracts with government customers; and
•delays in the payment of our invoices by government payment offices.
The occurrence of any of the foregoing could cause governments and governmental agencies to delay or refrain from purchasing licenses of our offerings in the future or otherwise have an adverse effect on our business operations and financial results. To the extent that we become more reliant on contracts with government entities, including foreign government entities, in the future, our exposure to such risks and challenges could increase, which in turn could adversely impact our business.
Prolonged economic uncertainties or downturns could materially adversely affect our business.
Prolonged economic uncertainties or downturns could adversely affect our business operations or financial results. Negative conditions in the general economy in either the United States or abroad, including conditions resulting from financial and credit market fluctuations, changes in economic policy, trade uncertainty, including changes in tariffs, sanctions, international treaties, and other trade restrictions, the occurrence of a natural disaster, outbreaks of pandemic diseases such as COVID-19, political unrest and social strife, armed conflicts and an act of terrorism on the United States, Europe, Asia Pacific or elsewhere, have caused and could continue to cause a decrease in corporate spending on enterprise software in general and negatively affect the rate of growth of our business.
These conditions could make it extremely difficult for our customers and us to forecast and plan future business activities accurately, and they could cause our customers to reevaluate their decision to purchase our offerings, which could delay and lengthen our sales cycles or result in cancellations of planned purchases. Furthermore, during challenging economic times our customers may face issues in gaining timely access to sufficient credit, which could result in an impairment of their ability to make timely payments to us. If that were to occur, we may be required to increase our allowance for doubtful accounts, which would adversely affect our financial results.
We have a significant number of customers in the business services, energy, financial services, healthcare and pharmaceuticals, technology, manufacturing, media and entertainment, online services, retail, telecommunications and travel and transportation industries. A substantial downturn in any of these industries may cause firms to react to worsening conditions by reducing their capital expenditures in general or by specifically reducing their spending on information technology. Customers in these industries may delay or cancel information technology projects or seek to lower their costs by renegotiating vendor contracts. For example, the impact of the COVID-19 pandemic on the current economic environment has caused, and may in the future cause, such customers to request concessions including extended payment terms or better pricing. To the extent purchases of our offerings are perceived by customers and potential customers to be discretionary, our revenues may be disproportionately affected by delays or reductions in general information technology spending. Also, customers may choose to develop in-house software as an alternative to using our offerings. Moreover, competitors may respond to market conditions by lowering prices and attempting to lure away our customers. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our offerings.
We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry or geography. If the economic conditions of the general economy or industries in which we operate worsen from present levels, our business operations and financial results could be adversely affected.
Incorrect or improper implementation or use of our software could result in customer dissatisfaction, customer data loss or corruption and negatively affect our business, operations, financial results and growth prospects.
Our software is deployed in a wide variety of technology environments. Increasingly, our software has been deployed in large scale, complex technology environments, and we believe our future success will depend on our ability to increase sales of our software licenses for use in such deployments. We often must assist our customers in achieving successful implementations for large, complex deployments. If we or our customers are unable to implement our software successfully, are unable to do so in a timely manner or if an improper implementation or change in system configuration results in errors or loss of data, customer perceptions of our company may be impaired, our reputation and brand may suffer, and customers may choose not to increase their use of our offerings. In addition, our software imposes server load and index storage requirements for implementation. If our customers do not have the server load capacity or the storage capacity required, they may not be able to effectively implement and use our software and, therefore, may not choose to increase their use of our offerings.
Our customers and third-party partners may need training in the proper use of and the variety of benefits that can be derived from our software to maximize its potential. If our software is not implemented or used correctly or as intended, inadequate performance, errors, data loss or corruption may result. Because our customers rely on our software and maintenance and support services to manage a wide range of operations, the incorrect or improper implementation or use of our software, our failure to train customers on how to efficiently and effectively use our software, or our failure to provide maintenance services to our customers, may result in negative publicity or legal claims against us. Also, as we continue to expand our customer base, any failure by us to properly provide these services will likely result in lost opportunities for follow-on sales of our offerings.
We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.
Our offerings are subject to United States export controls, and we incorporate encryption technology into certain of our offerings. These encryption offerings and the underlying technology may be exported outside of the United States only with the required export authorizations, including by license.
Furthermore, our activities are subject to the U.S. economic sanctions laws and regulations that prohibit the shipment of certain products and services without the required export authorizations or export to countries, governments, and persons targeted by U.S. sanctions. While we take precautions to prevent our offerings from being exported in violation of these laws, including obtaining authorizations for our encryption offerings where appropriate, implementing IP address blocking and screenings against U.S. Government and international lists of restricted and prohibited persons, we cannot guarantee that the precautions we take will prevent violations of export control and sanctions laws. For example, downloads of our free software may have in the past been made in potential violation of the export control and economic sanctions laws.
We also note that if our partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements in our partner agreements. Complying with export control and sanctions regulations for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities.
Violations of U.S. sanctions or export control laws can result in fines or penalties, including civil penalties of up to $300,000 or twice the value of the transaction, whichever is greater, per violation. In the event of criminal knowing and willful violations of these laws, fines of up to $1 million per violation and possible incarceration for responsible employees and managers could be imposed.
From time to time, as part of our acquisition activity, we have discovered a limited number of instances where certain activity raised concerns about potential violations of U.S. sanctions or export control laws. For example, we have discovered that the SaaS platform or product of an acquired company was accessed (or attempted to be accessed) from IP addresses potentially located in embargoed countries. As a result, we have submitted and may, in the future, submit voluntary disclosures with the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) to alert the agency to these potential violations. If we (including the companies we acquire) are found to be in violation of U.S. economic sanctions or export control laws, it could result in fines and penalties. We may also be adversely affected through other penalties, reputational harm, loss of access to certain markets or otherwise.
Also, various countries, in addition to the United States, regulate the import and export of certain encryption and other technology, including import and export permitting and licensing requirements, and have enacted laws that could limit our ability to distribute our offerings or could limit our customers’ ability to implement our offerings in those countries. Changes in our offerings or future changes in export and import regulations may create delays in the introduction of our offerings in international markets, prevent our customers with international operations from deploying our offerings globally or, in some cases, prevent the export or import of our offerings to certain countries, governments, or persons altogether. Any change in export or import regulations, economic sanctions or related legislation, or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our offerings by, or in our decreased ability to export or sell our offerings to, existing or potential customers with international operations. Any decreased use of our offerings or limitation on our ability to export or sell our offerings would likely adversely affect our business operations and financial results.
If we are not able to maintain and enhance our brand, our business and operating results may be adversely affected.
We believe that maintaining and enhancing the “Splunk” brand identity is critical to our relationships with current customers and partners and to our ability to attract new customers and partners. The successful promotion of our brand will depend largely upon our marketing efforts, our ability to continue to offer high-quality offerings and our ability to successfully differentiate our offerings from those of our competitors. For example, in September 2019, we launched the Data-to-Everything Platform marketing campaign to enhance the “Splunk” brand. This marketing campaign, as well as our general brand promotion activities, may not be successful or yield increased revenues. In addition, independent industry analysts often provide reviews of our offerings, as well as those of our competitors, and perception of our offerings in the marketplace may be significantly influenced by these reviews. If these reviews are negative, or less positive as compared to those of our competitors’ products and services, our brand may be adversely affected.
Moreover, it may be difficult to maintain and enhance our brand in connection with sales through partners. We have and will continue to incur a substantial amount of expenditures in connection with our Data-to-Everything campaigns, and we anticipate that brand promotion expenditures will increase as our market becomes more competitive and as we attempt to grow our business. To the extent that these activities yield increased revenues, these revenues may not offset the increased expenses we incur. If we do not successfully maintain and enhance our brand, our business may not grow, we may have reduced pricing power relative to competitors with stronger brands, and we could lose customers and partners, all of which would adversely affect our business operations and financial results.
Real or perceived errors, failures or bugs in our offerings could adversely affect our financial results and growth prospects.
Because our offerings are complex, undetected errors, failures or bugs may occur, especially when new offerings, versions or updates are released. Our on-premises software is often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures of our software or other aspects of the computing environment into which it is deployed. In addition, deployment of our software into complicated, large-scale computing environments may expose undetected errors, failures or bugs in our software. Despite testing by us, errors, failures or bugs may not be found in our offerings until they are released to our customers. In the past, we have discovered errors, failures and bugs in some of our offerings after their introduction. Real or perceived errors, failures or bugs in our offerings could result in negative publicity, loss of or delay in market acceptance of our offerings, loss of competitive position or claims by customers for losses sustained by them. In such an event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem.
In addition, if an actual or perceived failure of our software occurs in a customer’s deployment or in our cloud services, regardless of whether the failure is attributable to our software, the market perception of the effectiveness of our offerings could be adversely affected. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions, delays or cessation of our licensing, which could cause us to lose existing or potential customers and could adversely affect our financial results and growth prospects.
Our future performance depends in part on proper use of our community website, Splunkbase, expansion of our developer ecosystem, and support from third-party software developers.
Our offerings enable third-party software developers to build apps on top of our platform. We operate a community website, Splunkbase, for sharing these third-party apps, including add-ons and extensions. While we expect Splunkbase to support our sales and marketing efforts, it also presents certain risks to our business, including:
•third-party developers may not continue developing or supporting the software apps that they share on Splunkbase;
•we cannot guarantee that if and as we change the architecture of our products and services, third-party developers will evolve their existing software apps to be compatible or that they will participate in the creation of new apps utilizing the new architecture;
•we cannot provide any assurance that these apps meet the same quality and security standards that we apply to our own development efforts, and, to the extent they contain bugs, defects or security vulnerabilities, they may create disruptions in our customers’ use of our offerings or negatively affect our brand;
•we do not currently provide support for software apps developed by third-party software developers, and users may be left without support and potentially disappointed by their experience of using our offerings if the third-party software developers do not provide appropriate support for these apps;
•these third-party software developers may not possess the appropriate intellectual property rights to develop and share their apps or otherwise may not have assessed legal and compliance risks related to distributing their apps;
•some of these apps are hosted in external sites for a fee and are not controlled or reviewed by us, which may lead to a negative experience by customers that may impact our reputation; and
•some of these developers may use the insight they gain using our offerings and from documentation publicly available on our website to develop competing products.
Many of these risks are not within our control to prevent, and our brand may be damaged if these apps, add-ons and extensions do not perform to our customers’ satisfaction and that dissatisfaction is attributed to us.
If poor advice or misinformation is spread through our community website, Splunk Answers, users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
We host Splunk Answers for sharing knowledge about how to perform certain functions with our offerings. Our users are increasingly turning to Splunk Answers for support in connection with their use of our offerings. We do not review or test the information that non-Splunk employees post on Splunk Answers to ensure its accuracy or efficacy in resolving technical issues. Therefore, we cannot ensure that all the information listed on Splunk Answers is accurate or that it will not adversely affect the performance of our offerings. Furthermore, users who post such information on Splunk Answers may not have adequate rights to the information to share it publicly, and we could be the subject of intellectual property claims based on our hosting of such information. If poor advice or misinformation is spread among users of Splunk Answers, our customers or other users of our offerings may experience unsatisfactory results from using our offerings, which could adversely affect our reputation and our ability to grow our business.
Our use of “open source” software could negatively affect our ability to sell our offerings and subject us to possible litigation, and our participation in open source projects may impose unanticipated burdens or restrictions.
We use open source software in our offerings and business, including as incorporated into software we receive from third party commercial software vendors, and expect to continue to use open source software in the future. Use of open source software may entail greater risks than use of third-party commercial software. The terms of many open source licenses have not been interpreted by U.S. courts, and there is a risk that such licenses could be construed in a manner that imposes unanticipated conditions or restrictions on our ability to market or commercialize our products. We may face claims from others alleging breach of license requirements or infringement of intellectual property rights in what we believe to be licensed open source software. In addition, under the terms of some open source licenses, under certain conditions, we could be required to release
our proprietary source code that was developed using, incorporating or linked with such open source software, or apply open source licenses to our proprietary software, including authorizing further modification and redistribution. These claims or requirements, including any change to the applicable license terms, could also result in litigation, require us to purchase a costly license, require us to devote additional research and development resources to change our offerings, or require us to cease offering the implicated products unless and until we can find alternative tools or re-engineer them to avoid infringement or release of our proprietary source code, any of which would have a negative effect on our business and operating results. In addition to risks related to license requirements, usage of open source software can lead to greater risks than use of third-party commercial software, as open source licensors generally do not provide updates, warranties, support, indemnities, assurances of title or controls on origin of the software, or other contractual protections regarding infringement claims or the quality of the code. Likewise, some open source projects have known security and other vulnerabilities and architectural instabilities, or are otherwise subject to security attacks due to their wide availability, and are provided on an “as-is” basis. Additionally, we, including companies that we acquired, have intentionally made certain proprietary software available on an open source basis, both by contributing modifications back to existing open source projects, and by making certain internally developed tools available pursuant to open source licenses, and we plan to continue to do so in the future. While we have established procedures, including a review process for any such contributions, which is designed to protect any code that may be competitively sensitive, we cannot guarantee that this process has always been applied consistently by us or by companies that we have acquired, prior to the acquisition. Even when applied, because any software source code we contribute to open source projects is publicly available, our ability to protect our intellectual property rights with respect to such software source code may be limited or lost entirely, and we may be unable to prevent our competitors or others from using such contributed software source code for competitive purposes, or for commercial or other purposes beyond what we intended. Many of these risks associated with usage of open source software could be difficult to eliminate or manage, and could, if not properly addressed, negatively affect the performance of our offerings and our business.
We are subject to a number of legal requirements, contractual obligations and industry standards regarding security, data protection, and privacy and any failure to comply with these requirements, obligations or standards could have an adverse effect on our reputation, business, financial condition and operating results.
Data privacy and security have become significant issues in the United States and in many other countries where we have employees and operations and where we offer licenses or cloud subscriptions to our offerings. The regulatory framework for data privacy and security issues worldwide is rapidly evolving and is likely to remain uncertain for the foreseeable future. The U.S. federal and various state and foreign government bodies and agencies have adopted or are considering adopting laws and regulations limiting, or laws and regulations regarding the collection, distribution, use, disclosure, storage, and security of certain types of information. For example, on January 1, 2020, the California Consumer Privacy Act (“CCPA”), which requires covered companies to provide new disclosures to California consumers, and afford such consumers new abilities to opt-out of certain sales of personal information, became operative. The CCPA is the subject of proposed regulations issued by the California Attorney General that have yet to be finalized. Aspects of the CCPA and its interpretation remain unclear. We cannot yet fully predict the impact of the CCPA on our business or operations, but it may require us to modify our data processing practices and policies and to incur substantial costs and expenses in an effort to comply.
Internationally, virtually every jurisdiction in which we operate has established its own data security and privacy or data protection legal framework with which we or our customers must comply. Laws and regulations in these jurisdictions apply broadly to the collection, use, storage, disclosure and security of data that identifies or may be used to identify or locate an individual. These laws and regulations often are more restrictive than those in the United States and are rapidly evolving. For example, the EU General Data Protection Regulation (“GDPR”) became effective on May 25, 2018, and, in addition to imposing stringent obligations relating to data protection and security, authorizes fines up to 4% of global annual revenue or €20 million, whichever is greater, for some violations. We have self-certified to the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks developed by the U.S. Department of Commerce and the European Commission to provide U.S. companies with a valid data transfer mechanism under EU and Swiss law to permit them to transfer personal data from the European Union or Switzerland to the United States. The EU-U.S. and Swiss-U.S. Privacy Shield Frameworks are subject to annual review. The EU-U.S. Privacy Shield Framework and model contractual clauses approved by the European Commission, which we also use in our business to address certain cross-border data transfers, each have faced challenges in European courts, and may be further challenged, suspended or invalidated. The United Kingdom enacted a Data Protection Act in May 2018 that substantially implements the GDPR, and this Data Protection Act was amended to further align with the GDPR in 2019. Brexit has, however, created uncertainty with regard to data protection regulation in the United Kingdom and how data transfers to and from the United Kingdom will be regulated post-Brexit. Our EMEA headquarters is in London, causing this uncertainty to be particularly significant to our operations. Some countries also are considering or have passed legislation requiring local storage and processing of data, or similar requirements, which could increase the cost and complexity of delivering our services. Complying with the GDPR or other laws, regulations, or other obligations relating to privacy, data protection, data localization
or security may cause us to incur substantial operational costs or require us to modify our data handling practices. Non-compliance could result in proceedings against us by governmental entities or others, could result in substantial fines or other liability, and may otherwise adversely impact our business, financial condition and operating results.
Some statutory requirements, both in the United States and abroad, such as the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and numerous state statutes, include obligations of companies to notify individuals of security breaches involving certain types of personal information, which could result from breaches experienced by us or our service providers. Any actual or perceived security breach or incident could impact our reputation, harm our customer confidence, hurt our sales and expansion into new markets or cause us to lose existing customers, and could expose us to potential liability or require us to expend significant resources on data security and in responding to any such actual or perceived breach or incident.
In addition to government regulation, self-regulatory standards and other industry standards may legally or contractually apply to us, be argued to apply to us, or we may elect to comply with such standards or to facilitate our customers’ compliance with such standards. Because privacy, data protection and data security are critical competitive factors in our industry, we may make statements on our website, in marketing materials, or in other settings about our data security measures and our compliance with, or our ability to facilitate our customers’ compliance with, these standards. We also expect that there will continue to be new proposed laws and regulations concerning privacy, data protection and security, and we cannot yet determine the impact such future laws, regulations and standards, or amendments to or re-interpretations of, existing laws and regulations, industry standards, or other obligations may have on our business. New laws, amendments to or re-interpretations of existing laws and regulations, industry standards, and contractual and other obligations may require us to incur additional costs and restrict our business operations. Because the interpretation and application of laws, standards, contractual obligations and other obligations relating to privacy and data protection are uncertain, these laws, standards, and contractual and other obligations may be interpreted and applied in a manner that is, or is alleged to be, inconsistent with our data management practices, our policies or procedures, or the features of our offerings. If so, in addition to the possibility of fines, lawsuits and other claims, we could be required to fundamentally change our business activities and practices or modify our offerings, which could have an adverse effect on our business. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new offerings and features could be limited. Furthermore, the costs of compliance with, and other burdens imposed by, the laws, regulations, and policies that are applicable to the businesses of our customers may limit the use and adoption of, and reduce the overall demand for, our offerings. Any inability to adequately address privacy, data protection or security-related concerns, even if unfounded, or to successfully negotiate privacy, data protection or security-related contractual terms with customers, or to comply with applicable laws, regulations and other obligations relating to privacy, data protection, and security, could result in additional cost and liability to us, damage our reputation, inhibit sales, slow our sales cycles, and adversely affect our business. Privacy and personal security concerns, whether valid or not valid, may inhibit market adoption of our offerings particularly in certain industries and foreign countries.
If we are unable to attract and retain leadership and key personnel, our business could be adversely affected.
We depend on the continued contributions of our leadership, senior management and other key personnel, the loss of whom could adversely affect our business. All of our executive officers and key employees are at-will employees, which means they may terminate their employment relationship with us at any time. We do not maintain a key-person life insurance policy on any of our officers or other employees.
Our future success also depends on our ability to identify, attract and retain highly skilled technical, managerial, finance and other personnel, particularly in our sales and marketing, research and development, general and administrative, and professional service departments. We face intense competition for qualified individuals from numerous software and other technology companies. We may incur significant costs to attract and retain these qualified individuals, and we may lose new employees to our competitors or other technology companies before we realize the benefit of our investment in recruiting and training them. As we move into new geographies, we will need to attract and recruit skilled personnel in those areas. If we are unable to attract and retain suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
We continue to be substantially dependent on our sales force to effectively execute our sales strategies to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. In addition, as we continue to grow rapidly, a large percentage of our sales force is new to the company and our offerings. As our sales strategies evolve and offerings expand, additional training for new hires and our
existing team may be required for our sales force to successfully execute on those strategies. We periodically adjust our sales organization and our compensation programs as part of our efforts to optimize our sales operations to grow revenue and support our business model transition. If we have not structured our sales organization or compensation for our sales personnel in a way that properly supports our company’s objectives, or if we fail to make changes in a timely fashion or do not effectively manage changes, our revenue growth could be adversely affected. Our growth creates additional challenges and risks with respect to attracting, integrating and retaining qualified employees, particularly sales personnel. If we are unable to hire and train sufficient numbers of effective sales personnel, or the sales personnel are not successful in obtaining new customers or increasing sales to our existing customer base, our business will be adversely affected.
Volatility or lack of performance in our stock price may also affect our ability to attract and retain our key employees. Many of our senior management personnel and other key employees have become, or will soon become, vested in a substantial amount of stock, restricted stock units or stock options. Employees may be more likely to leave us if the shares they own or the shares underlying their vested restricted stock units or options have significantly appreciated in value relative to the original purchase prices of the shares or the exercise prices of the options, or, conversely, if the exercise prices of the options that they hold are significantly above the market price of our common stock. If we are unable to retain our employees, or if we need to increase our compensation expenses to retain our employees, our business, results of operations, financial condition and cash flows would be adversely affected.
We have in the past made and may in the future make acquisitions that could prove difficult to integrate and/or adversely affect our business operations and financial results.
From time to time, we may choose to expand by making acquisitions that could be material to our business, results of operations, financial condition and cash flows. For example, we recently acquired SignalFx, Inc., a privately held SaaS provider of real-time monitoring and metrics for cloud infrastructure, microservices and applications, Omnition, which develops a platform for distributed tracing and application monitoring and Streamlio, Inc., which specializes in the design and operation of streaming data solutions. Our ability as an organization to successfully acquire and integrate technologies or businesses is unproven. Acquisitions involve many risks, including the following:
•an acquisition may negatively affect our financial results because it may require us to incur charges or assume substantial debt or other liabilities, may cause adverse tax consequences or unfavorable accounting treatment, may expose us to claims and disputes by third parties, including intellectual property claims and disputes, or may not generate sufficient financial return to offset additional costs and expenses related to the acquisition;
•potential goodwill impairment charges related to acquisitions;
•costs and potential difficulties associated with the requirement to test and assimilate the internal control processes of the acquired business;
•we may encounter difficulties or unforeseen expenditures in integrating the business, technologies, infrastructure, products, personnel or operations of any company that we acquire, particularly if key personnel of the acquired company decide not to work for us or if we are unable to retain key personnel;
•we may not realize the expected benefits of the acquisition;
•an acquisition may disrupt our ongoing business, divert resources, increase our expenses and distract our management;
•an acquisition may result in a delay or reduction of customer purchases for both us and the company acquired due to customer uncertainty about continuity and effectiveness of service from either company;
•the potential impact on relationships with existing customers, vendors and distributors as business partners as a result of acquiring another company or business that competes with or otherwise is incompatible with those existing relationships;
•the potential that our due diligence of the acquired company or business does not identify significant problems or liabilities, or that we underestimate the costs and effects of identified liabilities;
•exposure to litigation or other claims in connection with, or inheritance of claims or litigation risk as a result of, an acquisition, including but not limited to claims from former employees, customers or other third parties, which may differ from or be more significant than the risks our business faces;
•we may encounter difficulties in, or may be unable to, successfully sell any acquired products;
•an acquisition may involve the entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
•an acquisition may require us to comply with additional laws and regulations, or to engage in substantial remediation efforts to cause the acquired company to comply with applicable laws or regulations, or result in liabilities resulting from the acquired company’s failure to comply with applicable laws or regulations;
•our use of cash to pay for an acquisition would limit other potential uses for our cash;
•if we incur debt to fund such acquisition, such debt may subject us to material restrictions on our ability to conduct our business as well as financial maintenance covenants; and
•to the extent that we issue a significant amount of equity securities in connection with future acquisitions, existing stockholders may be diluted and earnings per share may decrease.
The occurrence of any of these risks could have a material adverse effect on our business operations and financial results.
Natural disasters and other events beyond our control could harm our business.
Natural disasters or other catastrophic events may cause damage or disruption to our operations, international commerce and the global economy, and thus could have a negative effect on us. Our business operations are subject to interruption by natural disasters, flooding, fire, power shortages, pandemics such as the COVID-19 pandemic, terrorism, political unrest, telecommunications failure, vandalism, cyber-attacks, geopolitical instability, war, the effects of climate change (such as drought, wildfires, increased storm severity and sea level rise) and other events beyond our control. Although we maintain crisis management and disaster response plans, such events could make it difficult or impossible for us to deliver our services to our customers, could decrease demand for our services, and could cause us to incur substantial expense. Our insurance may not be sufficient to cover losses or additional expense that we may sustain. The majority of our research and development activities, corporate offices, and other critical business operations are located near major seismic faults in California. Customer data could be lost, significant recovery time could be required to resume operations and our financial condition and operating results could be adversely affected in the event of a major natural disaster or catastrophic event.
We may require additional capital to support business growth, and this capital might not be available on acceptable terms, if at all.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features or enhance our offerings, improve our operating infrastructure or acquire complementary businesses and technologies. We recently lowered our cash flow guidance due to the effect of our transition to a renewable business model. If the assumptions underlying our cash flow guidance are incorrect, for example, due to the unknown impacts of the COVID-19 pandemic or a more rapid transition in our business model than we expect, our business may not continue to generate cash flow from operations in the future sufficient to make planned capital expenditures. Accordingly, we have engaged in, and may need to engage in the future, in equity, equity-linked or debt financings to secure additional funds. The significant disruption of global financial markets due to the COVID-19 pandemic could reduce our ability to access capital, which could negatively affect our ability to secure these additional funds. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. For example, if we elect to settle our conversion obligation under the Notes (as defined below) in shares of our common stock or a combination of cash and shares of our common stock, the issuance of such common stock may dilute the ownership interests of our stockholders and sales in the public market could adversely affect prevailing market prices. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions, or otherwise reduce operational flexibility. We may not be able to
obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
In general, under Section 382 of the United States Internal Revenue Code of 1986 (the “Code”), a corporation that undergoes an ownership change is subject to limitations on its ability to utilize its pre-change net operating losses (“NOLs”) to offset future taxable income. If our existing NOLs are subject to limitations arising from previous ownership changes, our ability to utilize NOLs could be limited by Section 382 of the Code. Future changes in our stock ownership, some of which are outside of our control, could result in an ownership change under Section 382 of the Code. Furthermore, our ability to utilize NOLs of companies that we may acquire in the future may be subject to limitations. Additionally, a certain amount of our prior year NOLs could expire or otherwise be unavailable to offset future income tax liabilities as a result of changes in the law or other reasons. As a result of the foregoing, we may not be able to utilize a portion of these NOLs reflected on our balance sheet, even if we attain profitability.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our financial results.
We do not collect sales and use, value added and similar taxes in all jurisdictions in which we have sales, based on our belief that such taxes are not applicable. Sales and use, value added and similar tax laws and rates vary greatly by jurisdiction. Certain jurisdictions in which we do not collect such taxes may assert that such taxes are applicable or that our presence in such jurisdictions is sufficient to require us to collect taxes, which could result in tax assessments, penalties and interest, and we may be required to collect such taxes in the future. Such tax assessments, penalties and interest or future requirements may adversely affect our financial results.
We could be subject to additional tax liabilities.
We are subject to federal, state and local taxes in the United States and numerous foreign jurisdictions. Significant judgment is required in evaluating our tax positions and our worldwide provision for taxes. During the ordinary course of business, there are many activities and transactions for which the ultimate tax determination is uncertain. We previously discovered that we have not complied with various tax rules and regulations in certain foreign jurisdictions. We are working to resolve these matters. In addition, our tax obligations and effective tax rates could be adversely affected by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations, including those relating to income tax nexus, by our earnings being lower than anticipated in jurisdictions where we have lower statutory rates and higher than anticipated in jurisdictions where we have higher statutory rates, by challenges to our intercompany relationships and transfer pricing arrangements, by changes in foreign currency exchange rates, or by changes in the valuation of our deferred tax assets and liabilities. Many countries and organizations such as the Organization for Economic Cooperation and Development are actively considering changes to existing tax laws or have proposed or enacted new tax laws that could increase our tax liabilities in countries where we do business. The relevant taxing authorities may disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a disagreement were to occur, and our position were not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. We believe that our financial statements reflect adequate reserves to cover such a contingency, but there can be no assurances in that regard.
Our financial results may be adversely affected by changes in accounting principles applicable to us.
Generally accepted accounting principles in the United States (“U.S. GAAP”) are subject to interpretation by the Financial Accounting Standards Board (“FASB”), the SEC, and other various bodies formed to promulgate and interpret appropriate accounting principles. A change in accounting principles could adversely affect our financial results and could affect the reporting of transactions already completed before the announcement of a change. Any difficulties in implementing these pronouncements could cause us to fail to meet our financial reporting obligations, which could result in regulatory discipline and harm investors’ confidence in us.
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt.
Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the $1.27 billion aggregate principal amount of 0.50% Convertible Senior Notes due 2023 and $862.5 million aggregate principal amount of 1.125% Convertible Senior Notes due 2025 (collectively, the “Notes”) that we issued in September 2018, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. We recently lowered our cash flow guidance due to the effect of our transition to a renewable business model. If the assumptions underlying our cash flow guidance are incorrect, for example, due to the unknown impacts of the COVID-19 pandemic, our business may not continue to generate cash flow from operations in the future sufficient to service our debt, including the Notes, and make necessary capital expenditures. If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or issuing additional equity, equity-linked or debt instruments on terms that may be onerous or highly dilutive. Our ability to refinance our indebtedness will depend on the capital markets and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations, including the Notes.
Conversion of the Notes may dilute the ownership interest of our stockholders or may otherwise depress the price of our common stock.
The conversion of some or all of the Notes may dilute the ownership interests of our stockholders. Upon conversion of the Notes, we have the option to pay or deliver, as the case may be, cash, shares of our common stock, or a combination of cash and shares of our common stock. If we elect to settle our conversion obligation in shares of our common stock or a combination of cash and shares of our common stock, any sales in the public market of our common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. Holders of the Notes may hedge their positions in the Notes by entering into short positions with respect to the underlying common stock. In addition, any anticipated conversion of the Notes into shares of our common stock could depress the price of our common stock.
The conditional conversion feature of the Notes, if triggered, may adversely affect our financial condition and operating results.
In the event the conditional conversion feature of a series of Notes is triggered, holders of such Notes will be entitled to convert their Notes at any time during specified periods at their option. If one or more holders elect to convert their Notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock, we would be required to settle a portion or all of our conversion obligation through the payment of cash, which could adversely affect our liquidity. In addition, even if holders do not elect to convert their Notes, when these conversion triggers have been satisfied, we could be required under applicable accounting rules to reclassify all or a portion of the outstanding principal of the relevant series of Notes as a current rather than long-term liability, which would result in a material reduction of our net working capital.
The accounting method for convertible debt securities that may be settled in cash, such as the Notes, could have a material effect on our reported financial results.
Under Accounting Standards Codification 470-20, Debt with Conversion and Other Options (“ASC 470-20”), an entity must separately account for the liability and equity components of the convertible debt instruments (such as the Notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for the Notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity in our consolidated balance sheet at issuance, and the value of the equity component is treated as a discount for purposes of accounting for the debt component of the Notes. As a result, we are required to record a greater amount of non-cash interest expense as a result of the amortization of the discounted carrying value of the Notes to their respective face amounts over their respective terms. We report larger net losses or lower net income in our financial results because ASC 470-20 requires interest to include both the amortization of the debt discount and the instrument’s coupon interest rate, which could adversely affect our reported or future financial results, the trading price of our common stock and the trading price of the Notes.
In addition, under certain circumstances, convertible debt instruments (such as the Notes) that may be settled entirely or partly in cash are currently accounted for utilizing the treasury stock method for earnings per share purposes, the effect of which is that the shares issuable upon conversion of a series of Notes are not included in the calculation of diluted earnings per share except to the extent that the conversion value of such series of Notes exceeds their principal amount. Under the treasury stock method, for diluted earnings per share purposes, the transaction is accounted for as if the number of shares of common stock that would be necessary to settle such excess, if we elected to settle such excess in shares, are issued.
We cannot be sure that the accounting standards in the future will continue to permit the use of the treasury stock method. For example, the FASB recently published an exposure draft proposing to amend these accounting standards to eliminate the treasury stock method for convertible instruments and instead require application of the “if-converted” method. Under that method, if it is adopted, diluted earnings per share would generally be calculated assuming that all the Notes were converted solely into shares of common stock at the beginning of the reporting period, unless the result would be anti-dilutive. If we are unable or otherwise elect not to use the treasury stock method in accounting for the shares issuable upon conversion of the Notes, then our diluted earnings per share would be negatively affected.
The Capped Calls may affect the value of our common stock.
In connection with the offering of the Notes, we entered into privately negotiated capped call transactions with certain counterparties (the “Capped Calls”). The Capped Calls relating to the 2023 Notes cover, subject to customary adjustments, the number of shares of our common stock that will initially underlie the 2023 Notes, and the Capped Calls relating to the 2025 Notes cover, subject to customary adjustments, the number of shares of our common stock that will initially underlie the 2025 Notes. The Capped Calls are expected generally to offset the potential dilution to our common stock as a result of any conversion of the relevant series of Notes. The counterparties to the Capped Calls may modify their hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock or other securities of ours in secondary market transactions prior to the maturity of the Notes (and are likely to do so on each exercise date for the Capped Calls, or following any termination of any portion of the Capped Calls in connection with any repurchase, redemption or early conversion of the Notes), which could increase or decrease our stock price. If any such Capped Calls fail to become effective, the counterparties may unwind their hedge positions with respect to our common stock, which could also adversely affect the price of our common stock.
We are subject to counterparty risk with respect to the Capped Calls.
The counterparties to the Capped Calls are financial institutions, and we will be subject to the risk that one or more of the option counterparties may default, fail to perform or exercise their termination rights under the Capped Calls. Our exposure to the credit risk of the option counterparties will not be secured by any collateral. If a counterparty to the Capped Calls becomes subject to insolvency proceedings, we will become an unsecured creditor in those proceedings with a claim equal to our exposure at the time under such transaction. Our exposure will depend on many factors but, generally, our exposure will increase if the market price or the volatility of our common stock increases. In addition, upon a default, failure to perform or a termination of the Capped Calls by a counterparty, we may suffer more dilution than we currently anticipate with respect to our common stock.
Our stock price has been volatile, may continue to be volatile and may decline regardless of our financial performance.
The trading prices of the securities of technology companies have been highly volatile. The market price of our common stock has fluctuated significantly and may continue to fluctuate significantly in response to numerous factors, many of which are beyond our control, including:
•actual or anticipated fluctuations in our financial results;
•the financial projections we provide to the public, any changes in these projections or our failure to meet or exceed these projections;
•the impact of our shift to a predominantly subscription model, as well as increased annual invoicing and decreased multi-year upfront invoicing, which may impact our revenue, deferred revenue, cash collections, billings, remaining performance obligations, gross margin and operating income;
•failure of securities analysts to initiate or maintain coverage of our company, changes in financial estimates by any securities analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
•ratings changes by any securities analysts who follow our company;
•announcements by us or our competitors of significant technical innovations, acquisitions, strategic partnerships, joint ventures or capital commitments;
•changes in operating performance and stock market valuations of other technology companies generally, or those in our industry in particular;
•price and volume fluctuations in certain categories of companies or the overall stock market, including as a result of trends in the global economy;
•public health crises, such as the COVID-19 pandemic, and related measures by private industry and governments to protect the public health;
•general economic and political conditions and uncertainty, both domestically and internationally, as well as economic and political conditions and uncertainty specifically affecting industries in which our customers participate, including impacts from the COVID-19 pandemic;
•any major change in our board of directors or management;
•lawsuits threatened or filed against us;
•actual or perceived security breaches or incidents; and
•other events or factors, including those resulting from war, incidents of terrorism or responses to these events.
In addition, the stock markets, and in particular the market on which our common stock is listed, have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many technology companies. Stock prices of many technology companies have fluctuated in a manner unrelated or disproportionate to the financial performance of those companies. In the past, stockholders have instituted securities class action litigation following periods of market volatility. If we were to become involved in securities litigation, it could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, results of operations, financial condition and cash flows.
The requirements of being a public company and a growing and increasingly complex organization may strain our resources, divert management’s attention and affect our ability to attract and retain executive management and qualified board members.
We are subject to the reporting requirements of the Securities Exchange Act of 1934 (the “Exchange Act”), the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of The NASDAQ Stock Market and other applicable securities rules and regulations. Compliance with these rules and regulations has increased our legal and financial compliance costs, made some activities more difficult, time-consuming or costly and increased and will continue to increase demand on our systems and resources.
In addition, changing laws, regulations, standards and practices relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time consuming. These laws, regulations, standards and practices are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as regulatory and governing bodies provide new guidance or as market practices develop. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices.
From time to time, public companies are subject to campaigns by investors seeking to increase short-term stockholder value through actions such as financial restructuring, increased debt, special dividends, stock repurchases, management changes or sales of assets or the entire company. If stockholders attempt to effect such changes or acquire control over us, responding to such actions would be costly, time-consuming and disruptive, which could adversely affect our results of operations, financial results and the value of our common stock. These factors could also make it more difficult for us to attract and retain qualified employees, executive officers and members of our board of directors.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
•authorize our board of directors to issue, without further action by the stockholders, shares of undesignated preferred stock with terms, rights and preferences determined by our board of directors;
•require that any action to be taken by our stockholders be effected at a duly called annual or special meeting and not by written consent;
•specify that special meetings of our stockholders can be called only by our board of directors, the Chairman of our board of directors, or our Chief Executive Officer;
•establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for election to our board of directors;
•establish that our board of directors is divided into three classes, Class I, Class II and Class III, with each class serving three-year staggered terms;
•prohibit cumulative voting in the election of directors;
•provide that our directors may be removed only for cause;
•provide that vacancies on our board of directors may be filled only by a majority of directors then in office, even though less than a quorum; and
•require the approval of our board of directors or the holders of a supermajority of our outstanding shares of capital stock to amend our amended and restated bylaws and certain provisions of our amended and restated certificate of incorporation.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder.