ITEM 1. BUSINESS
Overview
We offer the market-leading software intelligence platform, purpose-built for dynamic multicloud environments. As enterprises embrace the cloud to effect their digital transformation, our all-in-one intelligence platform is designed to address the growing complexity faced by technology and digital business teams. With automatic and intelligent observability, our all-in-one platform delivers precise answers about the performance and security of applications, the underlying infrastructure and the experience of all users to enable organizations to innovate faster, simplify cloud complexity, collaborate more efficiently, and secure cloud-native applications. We designed our software intelligence platform to allow our customers to modernize and automate IT operations, develop and release high-quality software faster, and improve user experiences for consistently better business outcomes. As a result, as of March 31, 2021, our products are trusted by approximately 2,900 Dynatrace customers in 90 countries in diverse industries such as banking, insurance, retail, manufacturing, government, travel and software.
Today’s leading organizations are striving to deliver innovative, high-performance digital services to expand market opportunities, compete more effectively, and operate with increased agility. This transformation is happening in multicloud environments, which bring a scale and frequency of change that is exponentially greater than that of the old data-center world. Developing and operating these environments is harder than ever, driven by:
1)Hybrid, multicloud architectures: Organizations are building and deploying software across hybrid environments with multiple clouds and on-premises platforms.
2)Application complexity: Applications are increasingly complex and deployed as microservices-based architectures that are written in multiple different programming languages with hundreds of loosely coupled service connections.
3)Application security: The move to agile methodologies, such as DevSecOps, combined with the complexity of new, cloud-native applications and infrastructure, as well as the higher frequency with which code is pushed into production has heightened the need for application security practices which can detect vulnerabilities and automatically enable remediation across the software development cycle.
4)DevOps: Ensuring software updates work without issues has grown more challenging due to the increased frequency of software releases, reduced testing time, and the use of independent development teams.
5)User experience: User expectations for software performance have rapidly increased, and enterprises are focused on advancing branded experiences to maximize revenue, differentiate offerings, and retain competitive positions.
Traditional approaches for developing, operating, monitoring, and securing software were not designed to keep pace with dynamic multicloud environments. Traditional monitoring solutions were developed for applications that are monolithic, updated infrequently, and run in static data-center environments. These solutions are difficult to deploy, narrow in scope, and designed to operate in a simpler, siloed environment. Each tool in this approach only collects data about individual components of the computing stack, such as applications, infrastructures, logs, networks, or user experiences. To get an end-to-end view using these traditional approaches, IT teams are required to aggregate and correlate data from these disparate monitoring solutions to identify actionable answers, including where bottlenecks occur, how best to optimize for performance and scalability, if an issue is impacting service, and if so, where to find the problem and what to do about it.
With the advent of dynamic multicloud environments, the challenges and limitations of traditional solutions have been exacerbated. What was once a well understood layering of applications running on operating systems on physical servers connected to physical networks has rapidly become virtualized into software at all levels. Environments have become dynamic. Applications are no longer monolithic and have become fragmented into thousands, potentially millions, of microservices, written in multiple software languages. These multicloud environments sprawl from traditional backend applications run on relational databases and mainframes to modern IaaS platforms run on Amazon Web Services, or AWS, Microsoft Azure, or Azure, and Google Cloud Platform. All these factors result in an environment that is web-scale, extremely complex, and dynamic at all layers of the new computing stack.
We believe the scale, complexity, and dynamic nature of dynamic multicloud environments, including the applications that run on them, require a comprehensive observability, AIOps, automation, and security strategy we refer to as “software intelligence.” Starting in 2014, we leveraged the knowledge and experience of the same engineering team that founded Dynatrace to develop a solution to address the disruptive shift to dynamic multicloud environments. These efforts resulted in the creation of a new platform, the Dynatrace Software Intelligence Platform, or Dynatrace®.
The Dynatrace® platform leverages an automatic instrumentation technology called OneAgent®, a real-time dependency mapping system called SmartScape®, our transaction-centric code analysis technology called PurePath®, and an open artificial intelligence, or AI, engine called Davis® for instant answers to degradations in service, anomalies in behavior, and user impact. Dynatrace® simplifies
the complexity of dynamic multicloud environments for cloud architects, DevOps and SRE teams, as well as application and operations teams, while providing actionable insights that accelerate cloud migrations, cloud adoption, and DevOps success.
Unlike traditional multiple-tool-approaches, we integrated Dynatrace® with key components of multicloud ecosystems to support dynamic cloud orchestration, including for AWS, Azure, Google Cloud Platform, VMware Tanzu, Red Hat OpenShift, and Kubernetes. In these environments, Dynatrace® automatically launches, monitors and observes the full cloud stack and all the applications and containers running anywhere in the stack, including applications and workloads that may traverse multiple public cloud and hybrid-cloud environments. We believe our ability to integrate Dynatrace® with cloud platforms simplifies development and operational efforts, increases visibility, and improves situational awareness for our customers.
We designed Dynatrace® to maximize flexibility and control of the rich observability data captured and analyzed by our platform. We believe the platform provides the simplicity of software-as-a-service (SaaS), with the customer option of either maintaining data in the cloud, or at the edge in customer-provisioned infrastructure, which we refer to as Dynatrace® Managed. In this managed offering, we provide updates and enhancements automatically each month while allowing customers the flexibility and control to adhere to their own data security and sovereignty requirements.
We market Dynatrace® through a combination of our global direct sales team and a network of partners, including resellers, system integrators, and managed service providers. We target the largest 15,000 global organizations, which generally have annual revenues in excess of $1 billion.
The Dynatrace® Software Intelligence Platform has been commercially available since 2016. The number of Dynatrace® customers increased to 2,936 as of March 31, 2021 from 2,373 as of March 31, 2020, representing year-over-year growth of 24%. Our Dynatrace® net expansion rate was above 120% as of March 31, 2021 for the 12th consecutive quarter. See the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Key Metrics” included under Part II, Item 7 of this Annual Report.
For financial information regarding our business, see the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” included under Part II, Item 7 of this Annual Report and our consolidated audited financial statements and related notes included elsewhere in this Annual Report.
The economic consequences of the COVID-19 pandemic have been challenging for certain customers and may continue to be challenging for some of our customers in the future. While revenue, customer retention, and earnings are relatively predictable under a subscription-based business model, the effect of the COVID-19 pandemic will not be fully reflected in the results of operations and overall financial performance until future periods given the current macroeconomic uncertainty.
Industry Background
Key trends impacting the way organizations develop, manage, and optimize their software environment include:
Software Applications Are Central to Digital Transformation for Organizations Across All Sectors
Whether it is retailers driving higher customer engagement through mobile apps, industrial companies reducing production downtime with predictive maintenance applications, or automobile manufacturers designing self-driving cars, software is central to how organizations deliver a differentiated user experience. At the same time, organizations increasingly embed software throughout their operations, managing business critical systems, such as payments processing, inventory and supply chain management, logistics, and many other front- and back-office services.
A study by International Data Corporation (IDC) states the majority, 65%, of global GDP will be digitalized by 2022, driving $6.8 trillion of IT spending from 2020 to 2023. Digital transformation requires significant modernization of legacy environments, shifting from high cost, labor intensive, and inflexible technology systems to a modern, cloud-native architecture. IDC also forecasts that by 2024, there will be 520 million new, modern applications and services launched – more than the total number of applications developed in the previous 40 years. Maintaining visibility across a broad multicloud environment represents a significant challenge. As a result, digital transformations are slow, often disrupted by performance issues, and can fail to achieve intended objectives.
To remain competitive, organizations now focus more of their budget on software innovation and less on operating and maintaining systems. IDC reports that by 2023, 75% of Global 2000 IT organizations will adopt automated operations practices to transform their IT workforce to support unprecedented scale. As a result, organizations are investing in new platforms that are built to automate the development, deployment, and operation of modern, cloud-native software applications and infrastructure, and accelerate the transition to dynamic multicloud environments.
Changing Customer Expectations are Requiring Organizations to Prioritize the User Experience
Organizations are increasingly seeking to differentiate their products and services based on user experiences, with digital interaction becoming the primary channel of communication between enterprises and their customers, partners, and employees. A report by Forrester suggests, customers who have a better experience are more likely to stay with a brand, buy additional products and services from the brand, and recommend it to friends. The result is more retained revenue from reduced customer churn, more revenue per customer, and more new customers. Conversely, according to a 2018 report by NewVoiceMedia (now known as the Vonage Salesforce Contact Center solution), U.S. companies lose $75 billion per year due to poor customer experiences, a $13 billion increase from 2016. Faced with poor customer service, 39% of respondents indicated they would never use the offending company again.
User experience is closely tied to the performance of software applications. As a result, optimal application and infrastructure performance as well as exceptional user experiences are important to the entire organization, not just to the IT staff that maintain these environments. We believe the need for an exceptional user experience to engage and retain customers will continue to drive demand for instrumentation that helps enterprises to provide high quality, user-focused outcomes.
Benefits of Dynamic Multicloud Environments Make Them Essential for Digital Transformation
Large-size organizations are increasingly adopting cloud technologies to increase agility and accelerate innovation. According to IDC in 2020, 97% of worldwide enterprises that used cloud infrastructure relied on more than one cloud platform. In addition, Gartner predicts that by 2025, 85% of enterprises will have a cloud-first principle. The key advantages of dynamic multicloud environments include:
•Ability to build better applications at a faster rate. Cloud-based application development technologies, such as container and microservices architectures, enable organizations to focus developer resources more on creating and improving value-add application features and less on managing underlying operating systems and infrastructure. Gartner estimates that by 2025, 85% of organizations will run containers in production, up from less than 30% in 2020. In addition to new cloud-based development technologies, enterprises are adopting new processes, such as DevOps and Artificial Intelligence for IT Operations (AIOps), that help accelerate the software delivery cycle.
•Operational efficiency. Organizations are moving to the cloud to reduce spending on expensive and static systems, the data centers to house them, the energy to run them, and the IT staff needed to maintain them.
•Agility. Organizations can purchase cloud services dynamically as demand ebbs and flows over time, affording greater flexibility, financial efficiencies, and scale than traditional systems. Organizations can scale capacity up and down to address seasonality or quickly address unexpected spikes in demand without needing to purchase and maintain infrastructure for peak demand and leaving it underutilized during other times.
Shift to Dynamic Multicloud Environments Introduces Fundamentally New Software Delivery Challenges
While the cloud offers enterprises some clear advantages over traditional systems, moving to the cloud also creates fundamental new challenges, such as:
•Greater complexity. Multicloud strategies require that IT teams manage applications and infrastructure and ensure interoperability of operations between private and multiple public clouds, such as AWS, Microsoft Azure, Google Cloud Platform, and SAP. In addition, these applications are containerized and increasingly fragmented into microservices that are hosted across multiple cloud platforms, creating interdependencies across heterogeneous environments that increase the risk of incompatibility issues and the number of potential failure points if the applications are not deployed and maintained correctly.
•Highly dynamic environments. Cloud infrastructure and applications are built to scale up or down in real-time depending upon usage and traffic. The automation required to monitor these highly dynamic environments is beyond what is required for monolithic, on-premises applications.
•Massive scale. As software becomes more critical to business success, the number and size of applications will continue to grow and encompass more features and greater functionality. At the same time, web-scale architectures are enabling enterprises to build applications that are deployed across thousands of hosts and serve millions of users simultaneously. The breadth of functionality and scale of deployments of dynamic multicloud applications regularly exceed even the largest applications built in the pre-cloud era.
•More frequent changes to software. The adoption of DevOps practices and cloud architectures have increased the speed at which software updates can be developed and deployed. With the application development lifecycle accelerating, enterprises must adapt their software operations environment and culture to ensure that performance and business outcomes are not adversely affected by frequent changes.
Traditional Monitoring Approaches Were Not Built for Dynamic Multicloud Environments
Traditional application monitoring approaches were built before dynamic multicloud environments became the driving force in digital transformation and suffer from significant shortcomings when applied in cloud-based environments. Challenges of traditional monitoring solutions for multicloud environments include:
•Manual configuration processes that do not scale. Traditional monitoring tools require unique agents for each component of an application and rely on IT personnel to manually pre-configure each agent. The complexity and dynamic nature of multicloud environments, which can include thousands of containers and microservices, makes this multi-agent approach costly, slow, and impractical to install and maintain, especially as these environments are rapidly modified and updated.
•Not designed to capture data across the full multicloud stack. Traditional monitoring solutions were created to view a limited portion of the full technology stack, and provide visibility only into individual applications or workloads, and are unable to provide full-stack observability into how the applications, microservices, and infrastructure are interconnected. To get a complete view of the full technology stack, from the applications to the underlying infrastructure to the user experience, IT personnel must manually implement and manage many disparate tools. We believe this approach has resulted in organizations overinvesting in operations and underinvesting in development, which slows innovation.
•Only able to provide data, not answers. Traditional monitoring tools provide data only about narrow components of the technology stack. As a result, IT teams must manually integrate and correlate the data from disparate systems and apply their own assumptions to identify the underlying cause of performance issues. This process is slow, prone to errors, and is made especially challenging by the complexity of multicloud environments.
•Collect limited snapshots of data that do not provide real-time observability. Traditional APM tools were not designed for the far larger and more complex data sets produced by multicloud environments and can only capture snapshots of application and infrastructure performance data and user data. Traditional monitoring approaches rely on partial data sets, which reduce their effectiveness in performing precise root-cause determination, add risk, and delay innovation. In addition, traditional monitoring tools and approaches do not provide visibility into containers and microservices, which leads to blind spots in software performance monitoring when used in container-based environments.
•Lack of flexible deployment options. Traditional monitoring solutions are either deployed as SaaS-only or on-premises-only. SaaS-only solutions often fail to meet the strict governance, security, and scale requirements of large enterprises, and do not monitor on-premises applications, making them incompatible with the needs of organization who manage hybrid-hosted applications. Conversely, traditional on-premises solutions were not built to manage cloud applications and are typically upgraded less frequently, and thus innovate more slowly than cloud-based applications.
Our Solution
Dynatrace offers the market-leading software intelligence platform, purpose-built for dynamic multicloud environments. We built the Dynatrace® Software Intelligence Platform from the ground up to meet the challenges of running and optimizing these environments and the applications and services that run across them. Our AI-powered, full-stack, and completely automated platform provides deep observability into dynamic, multicloud ecosystems. In addition, Dynatrace® provides real-time, actionable insights about the performance and security of our customers’ entire software ecosystem by integrating high-fidelity, web-scale data, mapping its dependencies in real-time, and analyzing them with an open, explainable AI engine. Dynatrace® is brought to market through our global direct sales force and a network of partners. The combination of our market-leading platform and go-to-market strategy has allowed us to achieve the scale, growth, and margins we believe will provide us the capital to continue investing in driving further product differentiation.
Our platform provides the following key benefits:
•Single agent, fully automated configuration. Dynatrace® is installed as a single agent, OneAgent®, which automatically configures itself, and continuously discovers all components of the full-stack to enable high fidelity and web-scale data capture. OneAgent® dynamically profiles the performance of all components of the full-stack with code-level precision, even as applications and environments update and change.
•Full-stack, all-in-one approach with deep cloud integrations. Dynatrace® combines Application and Microservices Monitoring, with Application Security, Infrastructure Monitoring, Digital Experience Management, Business Analytics, and Cloud Automation and in a single platform. We believe this all-in-one approach reduces the need for a variety of disparate tools and enables our customers to improve productivity and decision making while reducing operating costs. Dynatrace® provides out-of-the-box configuration for the leading cloud platforms, such as AWS, Azure, Google Cloud Platform, Red Hat OpenShift, VMware Tanzu, and SAP, as well as coverage for traditional on-premises systems, including mainframe and monolithic applications in a single, easy-to-use, intelligent platform.
•AI-powered, answer-centric insights. Davis®, our explainable AI engine, dynamically baselines the performance of all components in the full stack, continually learning normal performance thresholds to provide precise answers when performance deviates from expected or desired conditions. Unlike ML-based correlation engines that overwhelm IT professionals with hundreds of alerts from many different tools, Dynatrace® provides a single problem resolution and precise root-cause determination. We believe the accuracy and precision of the answers delivered by our AI engine enable our customers to shift from reactive to proactive remediation, providing a substantial advantage in time savings, resource efficiency, customer satisfaction, and business outcomes.
•Web-scale and enterprise grade. Dynatrace® utilizes big data architecture and enterprise-proven cloud technologies that are engineered for web-scale environments. With role-based access and advanced security functionality, we built Dynatrace® purposefully for enterprise-wide adoption by the largest organizations in the world.
•Flexible deployment options. We deploy our platform as a SaaS solution, with the option of retaining the data in the cloud, or at the edge in customer-provisioned infrastructure, which we refer to as Dynatrace® Managed. The Dynatrace® Managed offering allows customers to maintain control of the environment where their data resides, whether in the cloud or on-premises, combining the simplicity of SaaS with the ability to adhere to their own data security and sovereignty requirements. Our Mission Control center automatically upgrades all Dynatrace® instances and offers on-premises cluster customers auto-deployment options that suit their specific enterprise management processes.
Our Opportunity
As dynamic, multicloud computing replaces traditional data centers, we believe our full-stack, all-in-one, software intelligence platform, Dynatrace®, can expand our potential market opportunity by allowing us to offer our solutions into adjacent markets beyond APM. These include replacing traditional monitoring tools, and potentially disrupting various well-established IT spending categories, such as infrastructure monitoring, application security, alert and incident management, and network monitoring. They also include new categories including multicloud observability, AIOps, and automation for IT and DevOps processes. According to Gartner, the global IT operations software market was estimated to be $35 billion in 2021 and is expected to grow at a compound annual growth rate of 9.3% to $50 billion in 2025.
We believe a significant portion of our market opportunity remains unpenetrated today. Gartner estimates enterprises will quadruple their APM use due to increasingly digitized business processes from 2018 through 2021, to reach 20% of all business applications. As this trend continues, we believe there is an opportunity to increase our annual recurring revenue as enterprise customers expand the number of applications instrumented.
Currently, we estimate the annual potential market opportunity for our Dynatrace® solution to be approximately $50 billion, $32 billion of which is based on a bottom-up calculation that relates to our existing revenue generating modules. We calculated this figure using the largest 15,000 global enterprises with greater than $1 billion in annual revenue, as identified by S&P Capital IQ in September 2020. We then banded these companies by revenue scale and multiplied the total number of companies in each band by our calculated annualized booking per customer for companies in each respective band. We calculated the annualized bookings per customer, applied for each band, using internal company data of actual customer spend. For each respective band, we calculated the average annualized bookings per customer of the top 10% of customers in the band, which we believe to be representative of having achieved broader implementation of our solutions within their enterprises. The additional $18 billion represents the market opportunity related to our newest cloud application security module and is based on a combination of software markets forecast information from Gartner.1 We believe our potential market opportunity could expand further as enterprises increasingly instrument, monitor, and optimize more of their applications and underlying infrastructure.
Our Growth Strategy
•Extend our technology and market leadership position. We intend to maintain our position as the market-leading software intelligence platform through increased investment in research and development and continued innovation. We expect to focus on expanding the functionality of Dynatrace® and investing in capabilities that address new market opportunities. We believe this strategy will enable new growth opportunities and allow us to continue to deliver differentiated high-value outcomes to our customers.
•Grow our customer base. We intend to drive new customer growth by expanding our direct sales force focused on the largest 15,000 global enterprise accounts, which generally have annual revenues in excess of $1 billion. The initial average Dynatrace® ARR for these new customers was approximately $105,000, in fiscal 2021. In addition, we expect to leverage our global partner ecosystem to add new customers in geographies where we have direct coverage and work
1 Gartner, Emerging Technologies: Adoption Growth Insights for Cloud Workload Protection Platforms, Mark Wah, 27 April 2021, and Gartner, Forecast Analysis: Information Security and Risk Management, Worldwide, John A. Wheeler, Rustam Malik, et al., 9 July 2020, calculations performed by Dynatrace, using Application Security and Cloud Workload Protection Platform markets and Security Information and Event Management market segment.
jointly with our partners. In other geographies, we utilize a multi-tier “master reseller” model, such as in Africa, Japan, the Middle East, Russia, and South Korea.
•Increase penetration within existing customers. We plan to continue to increase the penetration within our existing customers by expanding the breadth of our platform capabilities to provide for continued cross-selling opportunities. In addition, we believe the ease of implementation for Dynatrace® provides us the opportunity to expand adoption within our existing enterprise customers, across new customer applications, and into additional business units or divisions. Once customers are on the Dynatrace® platform, we have seen significant dollar-based net expansion due to the ease of use and power of our new platform. This expansion rate has been above 120% for 12 consecutive quarters.
•Enhance our strategic partner ecosystem. Our strategic partners include industry-leading system integrators, software vendors, and cloud and technology providers. We intend to continue to invest in our partner ecosystem, with a particular emphasis on expanding our strategic alliances and cloud-focused partnerships, such as AWS, Microsoft Azure, Google Cloud Platform, Red Hat OpenShift, ServiceNow, and VMware Tanzu.
The Dynatrace Software Intelligence Platform
Dynatrace® is a software intelligence platform, purpose-built for dynamic multicloud environments. Dynatrace® provides application and microservices monitoring (“APM”), application security, infrastructure monitoring, digital experience monitoring (“DEM”), business analytics, and cloud automation in an easy-to-use, highly automated, all-in-one solution. We engineered Dynatrace® to simplify the operation of complex multicloud environments and capture a wide variety of high-fidelity application, infrastructure, user experience, and open source telemetry data at scale. With this broad set of observability data, the Dynatrace platform dynamically maps all components in a full-stack environment and their dependencies for real-time, continuous context to provide answers to issues, bottlenecks, degradations, and more using our proprietary AI engine, Davis®. In addition, our platform provides automation, including continuous discovery, proactive anomaly detection, and optimization across the software lifecycle. We believe this combination of unparalleled observability, AI, and automation across the full multicloud ecosystem enables our customers to modernize and automate IT operations more easily, develop and release higher quality software faster, and deliver superior user experiences consistently.
Our proprietary, single-agent technology, OneAgent®, automatically and continuously discovers metrics, logs, traces, code, user experience data and more to simplify implementation and the ongoing operation of dynamic multicloud environments. We believe OneAgent® offers significant time savings to our customers by providing them the ability to automate ongoing deployment, continuous configuration, and periodic upgrades, which allows customers to quickly, efficiently, and effectively monitor more applications. In addition, when agents are not possible or necessary, customers can send OpenTelemetry data directly to the Dynatrace® platform. As a result, customers can use the OpenTelemetry open-source standard from any data source, and leverage Dynatrace’s AI and automation capabilities to deliver predictability and precise actionability across their cloud-native technologies.
Our SmartScape® technology continually maps a complete topology of the full stack of modern software components and continuously updates in real-time to provide a comprehensive view of how virtual networks and infrastructure are running, what and where containers and applications are running, how processes are behaving, and how all these entities are connected and performing.
With automatic baselining, the Davis® AI engine continually learns what normal performance is, processing billions of dependencies in milliseconds, to serve up answers that are beyond human capabilities. This allows our Davis® AI engine to provide precise root-cause problem identification, enabling faster decision making, greater optimization of IT resources, and consistently better business outcomes.
We engineered Dynatrace® for web-scale, multicloud environments with enterprise-grade governance and security and the ability to provide custom and secure role-based application and topology viewing access. We designed Dynatrace® to be highly scalable to capture and analyze massive data sets produced by multicloud environments in real-time. We believe collecting high-fidelity data in one common architecture improves the intelligence of our AI engine and provides more precise answers about software performance and user activity across the full stack. Using an application program interface (“API”), customers can extend Dynatrace® into common IT operations toolsets like ServiceNow and Atlassian’s software portfolio, enriching information users receive, increasing automation of business processes, and providing incremental context to improve decision making and drive greater IT operational efficiency.
Dynatrace® is a full-stack, all-in-one platform that performs Infrastructure Monitoring, APM, Application Security, DEM, Business Analytics, and Cloud Automation. Customers typically start with APM and expand to include DEM for experience management and Infrastructure Monitoring. Davis®, our AI engine, is part of every Dynatrace® license since it is a core component of our software intelligence approach.
We deploy our platform as a SaaS solution, with data hosted in the cloud or at the edge on customer-provisioned infrastructure. This latter option we refer to as “Managed,” as we provide monthly, automatic updates and enhancements while allowing customers the flexibility and control to adhere to their own data security and sovereignty requirements.
Applications and Microservices Monitoring
Our approach to APM changes the way our customers monitor applications and manage transactions across highly complex multicloud environments. Because cloud applications are dynamic, we engineered our instrumentation to be automatic. Because cloud applications run on shared infrastructure and leverage shared services, we monitor the full stack to provide visibility into distributed transactions and underlying code (via PurePath®) as well as entity relationships and dependencies (via SmartScape®). Because dynamic multicloud environments are virtualized layers of software, we gather metrics and telemetry beyond transaction data, including user experience, log and event data, and data from the latest open-source standards, such as OpenTelemetry. And because multicloud environments are highly complex, we analyze all data in the context of their dependencies via our AI engine (Davis®). This combination of capabilities allows our customers to manage web-scale cloud environments easily, with continuous observability and insights into cloud operations, DevOps software delivery pipelines, and business outcomes. Application coverage includes, though is not limited to, traditional web and mobile environments, such as Java, .NET, and PHP; modern environments, such as Node.js and GoLang, database environments both SQL and NoSQL; mainframe environments such as CICS and IMS; and the latest serverless technologies, such as AWS Lambda, Google Cloud Functions, and Microsoft Azure Functions.
Application Security
Traditional approaches to application security cannot keep up with constantly changing multicloud environments and fast-moving DevSecOps processes, causing blind spots and uncertainty about exposures and their impact on cloud-native applications. When vulnerabilities are detected, current approaches require manual processes that deliver imprecise risk and impact analysis and force teams to waste time chasing false positives. In addition, DevSecOps processes place more responsibility on developers to ensure code does not have vulnerabilities. With current sampled or scheduled scan results, even the most common and well-documented vulnerabilities can remain undetected and open for hackers to exploit.
In December 2020, we introduced Dynatrace® Application Security on the Dynatrace® platform. Application Security enables development teams to accelerate DevSecOps processes through automation and the elimination of mundane work. Runtime Application Self-Protection automatically and continuously analyzes applications, libraries, and code at runtime in production and pre-production. In addition, Application Security provides the C-suite confidence in the security of their cloud-native production deployments.
Infrastructure Monitoring
Dynatrace® includes Infrastructure Monitoring to provide full visibility into the infrastructure layer across public, private, and multicloud environments. We offer extensive coverage, including integrations with cloud platforms, such as AWS, Azure, Google
Cloud Platform, VMware Tanzu, Red Hat OpenShift and Kubernetes, by utilizing our OneAgent® instrumentation and powerful API ingestion capabilities to provide a single source of analysis across environments.
We natively and automatically monitor containers and the microservices running inside of them, without the need to manually instrument each container. Our analysis includes full observability into server metrics, including CPU, memory, network performance, and processes running on these hosts, including virtualized components. We also capture all relevant log files and put them in context of a transaction or a problem analysis to allow for richer detail and faster decision making.
Infrastructure Monitoring from Dynatrace® is part of our full-stack agent deployment or can be licensed in an infrastructure-only mode for host environments that do not require application analysis, such as third-party SaaS apps, directory services, middleware services, certificate services, and other hybrid-cloud infrastructure.
Digital Experience Management
Dynatrace® provides intelligence into the digital experience of end users and how the software can be optimized to enhance user experience and maximize conversions. Our coverage spans across multiple applications to provide a single view of a customer journey across mobile, web, kiosk, SaaS applications, and IoT devices. Dynatrace® integrates three user experience capabilities into one Digital Experience Management solution—Real User Monitoring (“RUM”), Synthetic Monitoring, and Session Replay. We believe this integration simplifies use, accelerates adoption, and increases value for our customers.
Dynatrace® RUM automatically captures every user click, tap, and swipe, regardless of device, across targeted applications. This capability is designed to enables our customers to quickly determine the impact that performance has on their conversion rates and revenue. Dynatrace monitors at a user journey level to preserve a user’s context for analysis, reporting, customer care and cross-channel tracking (e.g., a journey that traverses a mobile device and PC, or IoT devices and mobile device).
Dynatrace® Synthetic Monitoring provides a proactive view into application and API performance and availability without the need for a live user of the application and can do so from multiple locations around the world. In addition, Dynatrace customers can extend test locations and test additional applications via using private on-premises nodes. Simulated user visits are scripted by clicking through an application as a user would, and then provisioned and monitored by our SaaS DEM portal. Our customers use synthetic monitoring for proactive alerting and service level agreement management for both internally built cloud applications as well as for monitoring and third-party applications, such as Salesforce, Zoom, NetSuite, ServiceNow, and more.
Dynatrace® Session Replay provides digital business teams, customer care teams, and DevOps teams a visual recording of a real user’s journey, including what they saw, what they clicked-on, how they traversed the application, and how they converted or where they abandoned. This expands Dynatrace’s® capabilities beyond user experience monitoring and into user behavior monitoring and analysis.
All Dynatrace® DEM capabilities use a common user interface, a common dashboard and reporting system, and a common licensing scheme called “DEM units.” Customers license DEM separately and the license supports all three capabilities.
Digital Business Analytics
Dynatrace® Digital Business Analytics provides real-time, AI-powered answers to business questions using data already flowing through Dynatrace’s APM and DEM modules. By tying user experience, customer behavior, and application performance data together with business metrics, Digital Business Analytics provides automatic answers about conversions, orders, churn, release validation, and customer segmentation. Traditionally, application owners and business users have used disparate, siloed tools and have manually analyzed data, which hampered their ability to run and optimize their digital business offerings in real-time. Dynatrace’s AI engine Davis® is at the core of Digital Business Analytics. Davis® continually learns what expected “normal” business performance looks like and provides proactive answers to issues, enabling faster decision making, greater optimization of resources, and consistently better business outcomes. Over time, we believe Digital Business Analytics could expand our total addressable market by several billion dollars, as we enter and expand our offerings into a segment of the larger Analytics and Business Intelligence market. According to Gartner, the Analytics and Business Intelligence market within the Enterprise Application Software macro-market is estimated to be $27.4 billion globally in 2020.
Cloud Automation
In February 2021, we introduced the Dynatrace® Cloud Automation Module on the Dynatrace® platform. Cloud Automation provides developers, DevOps and SRE teams with an integrated, end-to-end observability platform across production and pre-production cloud environments, bringing together full lifecycle observability with automated delivery pipelines that span multiple clouds. This results in shorter innovation cycles, higher quality software, and faster time to market.
Cloud Automation comes with a fully supported version of Keptn, an open-source initiative, providing customers with an enterprise-grade control plane for cloud-native application lifecycle orchestration. This allows for seamless integration of DevOps toolchains with Dynatrace’s automatic and intelligent platform, extending our openness and support for the broader DevOps ecosystem.
Our Classic Products
Prior to launching Dynatrace® in 2016, our solutions consisted of the following suite of APM products: AppMon, Classic Real User Monitoring, Synthetic Classic and Network Application monitoring, collectively, the Classic products. As of April 2018, the Classic products were only available to customers who had previously purchased these products and as of April 1, 2021, the Classic products reached end of support. The Classic products made up 1% of Total ARR at the end of March 2021.
Research and Development
Our research and development (“R&D”) organization is responsible for designing, developing, testing, and operating all aspects of our software intelligence offerings, including addressing new use cases, adding new innovative capabilities, extending the scale and scope of our technology, and embracing modern cloud and AI technologies while maintaining high quality.
We utilize an agile development process with 100% test automation to deliver approximately 25 major software releases per year and hundreds of minor releases, fixes and currency updates. We believe the full-stack monitoring required by dynamic multicloud environments requires a highly efficient and agile process to enable high-performing software across the diverse, dynamic cloud ecosystems of our customers.
Our primary R&D labs are in Austria, Poland, and Spain. We believe that our extensive European lab network is an advantage in driving lower costs, higher quality software, and a more stable workforce.
Customers
As of March 31, 2021, we had more than 2,900 customers in 90 countries. Our customers reflect diverse industries and include Air Canada, American Fidelity Assurance, Asics, BT Consumer, Dish Network Corporation, KeyBank, The Kroger Co., Porsche Informatik GmbH, SAP SE, Temenos AG, and U-Haul. No organization or customer accounted for more than 10% of our revenue for the years ended March 31, 2021, 2020, and 2019.
Sales and Marketing
We take Dynatrace® to market through a combination of our global direct sales team and a network of partners, including resellers, system integrators and managed service providers. We target the largest 15,000 global enterprise accounts, which generally have annual revenues in excess of $1 billion, which we believe see more value from our integrated full-stack platform.
Our sales and marketing organizations seek to promote the Dynatrace brand, our platform capabilities, and develop partnerships to drive revenue growth. We utilize a variety of go-to-market strategies, including search-engine optimization, online advertising, free software trials, events, online webinars, and broad content marketing strategies. We nurture our existing customer base through ongoing education, and training, including upsell and cross-sell opportunities. We do this primarily through our digital online channels, such as the Dynatrace News blog, Dynatrace Community, and Dynatrace University, as well as our customer event series ‘Perform and DynatraceGo!’ – which caters to more than 10,000 customers and prospects across 11 events globally.
Partners
We develop and maintain partnerships that help us market and deliver our products to our customers around the world. Our mission is to bring together industry experts and hands-on practitioners to create a world-class partner network. In addition, our partner network extends the sales reach of the Dynatrace® platform providing new sales opportunities, renewals of existing subscriptions, as well as upsell and cross-sell opportunities. Our partner network includes:
•Cloud providers. We work with many of the major cloud providers to increase awareness of our products and make it easy for customers to access our software. Our software is developed to run in and integrate with leading cloud providers, such as, AWS, Azure, and Google Cloud Platform. Our customers are also able to procure our software through leading marketplaces such as AWS, Azure, SAP, Google and IBM.
•Resellers. Our resellers market and sell our products throughout the world and provide a go-to-market channel in regions where we do not have a direct presence, such as Africa, the Middle East, and Russia.
•Technology alliance partners. We partner with leading innovative technology organizations such as Atlassian, Red Hat, ServiceNow, and VMWare to develop integrations, best practices, and extended capabilities that help our customers and solution partners achieve faster time to market and enhanced value in dynamic multicloud environments.
•System integrators. We have a network of systems integrators, both global and regional, that help joint customers integrate our products into their multicloud ecosystems. These partners extend our scale and reach and collaborate with our direct sales teams, bringing domain expertise in technologies and industries along with additional offerings powered by Dynatrace®.
Professional Services
Our Dynatrace Services Organization empowers our customers to innovate, automate, and transform the way they work with the Dynatrace Platform. Our Services organization is comprised of a global team of highly skilled consultants, performance analysts, architects, and certified partners with thousands of hours of transformation project engagements and modernized cloud certifications across all major technologies. Our expertise and cloud modernization practices cover cloud ecosystem integration, automated incident management and problem resolution, DevOps CI/CD integration, user experience, business intelligence insights, digital business analytics, and more.
Dynatrace University is our global on-line, self-service education program that provides several learning options for customers and partners to develop their skills around monitoring, managing, integrating, and analyzing multicloud environments and application workloads with Dynatrace.
Support and SaaS Operations
Dynatrace ONE is our innovative onboarding and support service focused on simplifying and streamlining the experience our customers have with the company and our products. This service is delivered by a global team of product specialists, customer success managers, and support engineers. Dynatrace ONE uses in-product chat as the primary vehicle for customer interaction to drive adoption and growth, as well as to handle issues and user questions. We maintain a SaaS-like connection to tenants and clusters, both in the cloud and managed on customer provisioned infrastructure, using our “Mission Control” system, which allows us to streamline communication and accelerate resolution of issues. Dynatrace ONE is offered to all Dynatrace customers free of charge and includes automatic product updates and upgrades, online access to documentation, knowledge base, and discussion forums as well as access to Dynatrace University. Dynatrace ONE is comprised of technical personnel distributed across three territories and provides global coverage during normal business hours, and across multiple languages.
Dynatrace ONE Premium is an extra level of success and support services for customers who want to accelerate their adoption of our platform, increase their access to support globally 24/7, and extend their hours of expert coverage. Dynatrace ONE Premium offers dedicated expertise for customers with designated Product Specialists and Customer Success Managers familiar with the customer’s environment, goals, and challenges to provide a customized success plan.
We proactively monitor our customers’ Dynatrace® installations around the world, whether tenants are shared in the cloud or managed on customer-provisioned infrastructure. We operate our SaaS offerings in geographic locations across North America, Europe and Asia within AWS, combined with worldwide coverage of synthetic nodes in approximately 88 different datacenters including AWS, Microsoft Azure, Google Cloud Platform and Alibaba Cloud Services. Our Dynatrace Security Team develops new process and technology controls, while we also employ third party firms for penetration tests, security audits, and security testing.
Intellectual Property
Dynatrace relies on a combination of patent, copyright, trademark, trade dress, and trade secret laws, as well as confidentiality procedures and contractual restrictions, to establish and protect our proprietary rights. These laws, procedures, and restrictions provide only limited protection. As of March 31, 2021, we had 84 issued patents, 67 of which are in the United States, and 29 pending applications, of which 21 are in the United States. Our issued patents expire at various dates through April 2039. We cannot be assured that any of our patent applications will result in the issuance of a patent or whether the examination process will require us to narrow the scope of the claims sought. Any future patents issued to us may be challenged, invalidated or circumvented. Any patents that may issue in the future with respect to pending or future patent applications may not provide sufficiently broad protection or may not prove to be enforceable in actions against alleged infringers.
We have registered “Dynatrace” and the “Dynatrace” logo as trademarks in the United States and other jurisdictions for our name and our product as well as certain other words and phrases that we use in our business, including “One Agent”, “PurePath”, “SmartScape” and “Davis”. We have registered numerous Internet domain names related to our business. We also license software from third parties for integration into our applications and utilize open-source software.
We enter into agreements with our employees, contractors, customers, partners, and other parties with which we do business to limit access to and disclosure of our proprietary information. We cannot be certain that the steps we have taken will prevent unauthorized use or reverse engineering of our technology. Moreover, others may independently develop technologies that are competitive with ours or that infringe our intellectual property. The enforcement of our intellectual property rights also depends on any legal actions against these infringers being successful, but these actions may not be successful, even when our rights have been infringed.
Furthermore, effective patent, trademark, trade dress, copyright, and trade secret protection may not be available in every country in which our products are available over the Internet. In addition, the legal standards relating to the validity, enforceability and scope of protection of intellectual property rights are uncertain and still evolving.
Competition
The market for software application monitoring and analytics solutions is evolving, complex, and defined by changing technology and customer needs. We expect competition to intensify in the future as competitors bundle new and more competitive offerings with their existing products and services, and as products and product enhancements are introduced into our markets. As we have expanded our capabilities beyond traditional APM, we increasingly compete with a wider range of vendors. We expect competition to continually evolve as enterprises shift to dynamic multicloud environments and as more mature vendors look to provide a holistic approach to monitoring.
We compete either directly or indirectly with:
•APM vendors, such as Cisco and New Relic;
•Infrastructure monitoring vendors, such as BMC, Datadog, and Nagios;
•DEM vendors, such as Akamai and Catchpoint;
•Application Security vendors, such as Palo Alto Networks, Synopsys, and Veracode;
•Open source and commercial open source vendors such as Elastic and Grafana;
•Point solutions from public cloud providers; and
•IT operations management, AIOps, and business intelligence providers with offerings that cover some portion of the capabilities we provide.
In addition to the above companies, we also face potential competition from vendors in adjacent markets that may offer capabilities that overlap with ours. We may also face competition from companies entering our market, including large technology companies which that could expand their platforms or acquire one of our competitors.
The principal competitive factors in our markets are:
•artificial intelligence capabilities;
•automation;
•product features, functionality, and reliability;
•ease and cost of deployment, use and maintenance;
•deployment options and flexibility;
•customer, technology, and platform support;
•ability to easily integrate with customers software application and IT infrastructure environments;
•the quality of data collection and correlation;
•interoperability and ease of integration; and
•brand recognition.
While we believe we compete favorably on the basis of the foregoing factors, we may be at a competitive disadvantage to certain of our current and future competitors as they may be able to devote greater resources to the development and improvement of their products and services than we can and, as a result, may be able to respond more quickly to technological changes and customers’ changing needs. Moreover, because our market is changing rapidly, it is possible that new entrants, especially those with substantial resources, more efficient operating models, more rapid product development cycles or lower marketing costs, could introduce new products and services that disrupt the manner in which our all-in-one, highly automated approach addresses the needs of our customers and potential customers.
Human Capital Management
Headcount
We believe that our success is in large part due to the drive, creativity and the overall strength of our workforce. As of March 31, 2021, we had 2,779 employees operating within 30 countries, with 64% outside of the United States including 676 within Austria. In
countries in which we operate we are subject to local labor law requirements. None of our employees are represented by a labor union and we have not experienced any work stoppages. We believe that our employee relations are strong.
The health and safety of our colleagues and anyone who enters our workplace around the world is of paramount importance to us. During this past fiscal year, as a result of the COVID-19 pandemic, we instituted a work from home policy to keep our employees safe in accordance with local and national health agency guidelines. Our senior leadership communicated frequently regarding the impacts of COVID-19 on the workforce and the Company and our work from home arrangement, while initiating new protocols across all offices under the direction of our COVID-19 task force. We established workplace health and safety standards based on guidance from local public health authorities, and that reflect local business necessities, and differences in laws, culture and employee needs. We also surveyed our employee base and we believe that our employees adopted well to working from home. We are planning to return to the office as the pandemic recedes and safety concerns are abated.
Compensation and Benefits
Our compensation program is designed to attract, reward and retain talented individuals who possess the skills necessary to support our business, contribute to our strategic goals and create long-term value for our stockholders. We believe that our employees should have a strong work/life balance, develop and grow personally and professionally, and be able to save for their future. We provide employees with industry-competitive compensation and benefits, including retirement savings programs, the opportunity to invest in Dynatrace at a discount through the ESPP, and medical, dental, vision, and life and disability plans. Our benefits vary around the world due to local country regulations and cultural preferences.
Diversity and Inclusion
We believe that an equitable and inclusive environment comprised of diverse teams produces more creative solutions, results in better and more innovative products, and is important to our efforts to attract and retain key talent. We are focused on building an inclusive culture and sustaining a diverse workforce through a variety of company initiatives, such as training for employees around unconscious bias and other diversity and inclusion-related topics designed to create a culture of belonging. We also provide resources and training to employees to ensure that as we continue to grow, we are hiring people of all types. Additionally, Dynatrace continues to be recognized as an employer of choice clinching awards around the globe in 2020 and 2021. Some notable awards include being named one of the Top 10 Highest-Rated Cloud Companies to Work For by Battery Ventures & Glassdoor, #1 IT company in Austria, #1 Company in Upper Austria and #6 Company overall in Austria ranked by Trend in cooperation with Statista, Kununu, and XING, Top Workplaces USA, BuiltIn Boston’s Best Large Companies to Work For, Detroit Free Press’ Top Workplace list. Dynatrace was also honored in a number of categories by Comparably’s workplace awards including Best CEOs, Best Company Outlook, Best Company Global Culture and Best Places to Work in Boston, to name a few.
Corporate Information
Our principal executive offices are located at 1601 Trapelo Road, Suite 116, Waltham, MA 02451 and our telephone number at that address is (781) 530-1000. Our website address is www.dynatrace.com. Information contained on, or that can be accessed through, our website does not constitute part of this Annual Report, and inclusions of our website address in this Annual Report are inactive textual references only.
The Dynatrace design logo and our other registered or common law trademarks, service marks or trade names appearing in this Annual Report are the property of Dynatrace LLC. This Annual Report includes our trademarks and trade names, including, without limitation, Dynatrace®, OneAgent®, SmartScape®, PurePath® and Davis®, which are our property and are protected under applicable intellectual property laws. Other trademarks and trade names referred to in this Annual Report are the property of their respective owners.
Available Information
Our Annual Reports on Form 10-K, Quarterly Reports on Form 10-Q, Current Reports on Form 8-K, and amendments to these reports filed pursuant to Sections 13(a) and 15(d) of the Exchange Act are available free of charge on the Investor Relations section of our website at www.dynatrace.com as soon as reasonably practicable after we file such material with the Securities and Exchange Commission (“SEC”). The SEC maintains an Internet website at http://www.sec.gov that contains reports, and other information regarding us and other companies that file materials with the SEC electronically.
ITEM 1A. RISK FACTORS
Investing in our common stock involves a high degree of risk. You should carefully consider the risks and uncertainties described below, together with all of the other information in this Annual Report on Form 10-K, including the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations” and our consolidated financial statements and related notes, before making a decision to invest in our common stock. The risks and uncertainties described below may not be the only ones
we face. If any of the risks actually occur, our business, operating results, financial condition and prospects could be materially and adversely affected. In that event, the market price of our common stock could decline, and you could lose all or part of your investment.
Risks Related to Our Business and Industry
We have experienced rapid subscription revenue growth in recent periods, and our recent growth rates may not be indicative of our future growth.
We have experienced rapid subscription revenue growth in recent periods. From the year ended March 31, 2019 to the year ended March 31, 2020, our subscription revenue grew 39% from $349.8 million to $487.8 million, respectively. From the year ended March 31, 2020 to the year ended March 31, 2021, our subscription revenue grew 34% from $487.8 million to $655.2 million, respectively. From the year ended March 31, 2019 to the year ended March 31, 2020, subscription revenue as a percentage of total revenue grew from 81% to 89%, respectively. From the year ended March 31, 2020 to the year ended March 31, 2021, subscription revenue as a percentage of total revenue grew from 89% to 93% respectively. This subscription revenue growth may not be indicative of our future subscription revenue growth and we may not be able to sustain revenue growth consistent with recent history, or at all. We believe our ability to continue to increase our revenue depends on a number of factors, including, but not limited to:
•our ability to attract new customers and retain and increase sales to existing customers;
•our ability to continue to expand customer adoption of our Dynatrace® platform;
•our ability to develop our existing platform and introduce new solutions on our platform;
•continued growth of cloud-based services and solutions;
•our ability to continue to develop and offer products and solutions that are superior to those of our competitors;
•our ability to retain customers;
•our ability to expand into new geographies and markets, including the business intelligence, data analytics, and application security markets; and
•our ability to hire and retain sufficient numbers of sales and marketing, research and development and general and administrative personnel, and expand our global operations.
If we are unable to achieve any of these requirements, our subscription revenue growth will be adversely affected.
Our quarterly and annual operating results may be adversely affected due to a variety of factors, which could make our future results difficult to predict.
Our annual and quarterly revenue and operating results have fluctuated significantly in the past and may vary significantly in the future due to a variety of factors, many of which are outside of our control. Our financial results in any one quarter may not be meaningful and should not be relied upon as indicative of future performance. If our revenues, earnings or operating results fall below the expectations of investors or securities analysts in a particular quarter, or below any guidance that we may provide, the price of our common stock could decline. We may not be able to accurately predict our future billings, revenues, earnings or operating results. Some of the important factors that may cause our operating results to fluctuate from quarter to quarter or year to year include:
•fluctuations in the demand for our solutions, and the timing of purchases by our customers, particularly larger purchases;
•fluctuations in the rate of utilization by enterprise customers of the cloud to manage their business needs, or a slow-down in the migration of enterprise systems to the cloud;
•our ability to attract new customers and retain existing customers;
•our ability to expand into new geographies and markets, including the business intelligence, data analytics, and application security markets;
•the budgeting cycles and internal purchasing priorities of our customers;
•changes in customer renewal rates, churn and our ability to cross-sell additional solutions to our existing customers and our ability to up-sell additional quantities of previously purchased products to existing customers;
•the seasonal buying patterns of our customers;
•the payment terms and contract term length associated with our product sales and their effect on our billings and free cash flow;
•changes in customer requirements or market needs;
•the emergence of significant privacy, data protection, systems and application security or other threats, regulations or requirements applicable to the use of enterprise systems or cloud-based systems that we are not prepared to meet or that require additional investment by us;
•changes in the demand and growth rate of the market for software and systems monitoring and analytics solutions;
•our ability to anticipate or respond to changes in the competitive landscape, or improvements in the functionality of competing solutions that reduce or eliminate one or more of our competitive advantages;
•our ability to timely develop, introduce and gain market acceptance for new solutions and product enhancements;
•our ability to adapt and update our products and solutions on an ongoing and timely basis in order to maintain compatibility and efficacy with the frequently changing and expanding variety of software and systems that our products are designed to monitor;
•our ability to maintain and expand our relationships with strategic technology partners, who own, operate and offer the major platforms on which applications operate, with which we must interoperate and remain compatible, and from which we must obtain certifications and endorsements in order to maintain credibility and momentum in the market;
•our ability to control costs, including our operating expenses;
•our ability to efficiently complete and integrate any acquisitions or business combinations that we may undertake in the future;
•general economic, industry and market conditions, both domestically and in our foreign markets;
•the emergence of new technologies or trends in the marketplace, or a change in the trends that are important to our strategy and the value of our platform in the marketplace;
•foreign currency exchange rate fluctuations;
•the timing of revenue recognition for our customer transactions, and the effect of the mix of time-based licenses, SaaS subscriptions and perpetual licenses on the timing of revenue recognition;
•extraordinary expenses, such as litigation or other dispute-related settlement payments; and
•future accounting pronouncements or changes in our accounting policies.
Any one of the factors referred to above or the cumulative effect of some of the factors referred to above may result in our operating results being below our expectations and the expectations of securities analysts and investors and any guidance that we may provide, or may result in significant fluctuations in our quarterly and annual operating results, including fluctuations in our key performance indicators. This variability and unpredictability could result in our failure to meet our business plan or the expectations of securities analysts or investors for any period. In addition, a significant percentage of our operating expenses are fixed in nature in the short term and based on forecasted revenue trends. Accordingly, in the event of revenue shortfalls, we are generally unable to mitigate the negative impact on margins in the short term.
Market adoption of software intelligence solutions for application performance monitoring, digital experience monitoring, infrastructure monitoring, AIOps, business intelligence and analytics, and application security is relatively new and may not grow as we expect, which may harm our business and prospects.
The utilization of software intelligence solutions, such as Dynatrace®, for application performance monitoring, digital experience monitoring, infrastructure monitoring, AIOps, business intelligence and analytics, and application security is relatively new. We believe our future success will depend in large part on the growth, if any, in the demand for software intelligence solutions, particularly the demand for enterprise-wide solutions and our ability to provide solutions that meet such ever-evolving needs. We currently target the markets for application performance monitoring, or APM, infrastructure monitoring, AIOps, digital experience monitoring, business intelligence and analytics and application security. It is difficult to predict customer demand, adoption, churn and renewal rates for our new and existing solutions, the rate at which existing customers expand their usage of our solutions, the size and growth rate of the market for our solutions. Expansion in our addressable market depends on a number of factors, including the continued and growing reliance of enterprises on software applications to manage and drive critical business functions and customer interactions, increased use of microservices and containers, as well as the continued proliferation of mobile applications, large data sets, cloud computing and the Internet of Things. If our solutions do not achieve widespread adoption, we are not able to develop new solutions that meet customer needs or there is a reduction in demand for software intelligence solutions generally, it could result in reduced customer purchases, reduced renewal rates and decreased revenue, any of which will adversely affect our business, operating results and financial condition.
Our business is dependent on overall demand for software intelligence solutions and therefore reduced spending on software intelligence solutions or overall adverse economic conditions may negatively affect our business, operating results and financial condition.
Our business depends on the overall demand for software intelligence solutions, particularly demand from mid- to large-sized enterprises worldwide, and the purchase of our solutions by such organizations is often discretionary. In an economic downturn or during periods of economic or political instability, our customers may reduce their operating or IT budgets, which could cause them to defer or forego purchases of software intelligence solutions, including ours. Customers may delay or cancel IT projects or seek to lower their costs by renegotiating vendor contracts or renewals. To the extent purchases of software intelligence solutions are perceived by existing customers and potential customers to be discretionary, our revenue may be disproportionately affected by delays or reductions in general IT spending. Weak or turbulent global economic conditions or a reduction in software intelligence spending, even if general economic conditions remain unaffected, could adversely impact our business, operating results and financial condition in a number of ways, including longer sales cycles, lower prices for our solutions, reduced subscription renewals and lower revenue. In addition, any negative economic effects or instability resulting from changes in the political environment and international relations in the United States or other key markets as well as resulting regulatory or tax policy changes may adversely affect our business and financial results.
As the market for software intelligence solutions is new and continues to develop, trends in spending remain unpredictable and subject to reductions due to the changing technology environment and customer needs as well as uncertainties about the future.
The effects of the COVID-19 pandemic have materially affected how we and our customers are operating our businesses, and the duration and extent to which the pandemic and any related economic downturn will impact our future results of operations and overall financial performance remains uncertain.
In December 2019, a novel coronavirus disease, or COVID-19, was reported and in January 2020, the World Health Organization, or WHO, declared it a Public Health Emergency of International Concern. On February 28, 2020, the WHO raised its assessment of the COVID-19 threat from high to very high at a global level due to the continued increase in the number of cases and affected countries, and on March 11, 2020, the WHO characterized COVID-19 as a pandemic. The COVID-19 pandemic, which has spread throughout the world, and the related adverse public health developments, including orders to shelter-in-place, travel restrictions, and mandated business closures, have adversely affected workforces, organizations, customers, economies, and financial markets globally, leading to an economic downturn and increased market volatility. It has also disrupted the normal operations of many businesses, including ours.
As a result of the COVID-19 pandemic, we have temporarily closed or limited occupancy of our global offices, including our corporate headquarters and research and development labs, and suspended company-related travel to align with local guidance. Substantially all Dynatrace employees globally are working from home. We shifted our annual Sales Kickoff and other events including Perform 2021 to virtual-only experiences, and have either canceled or changed other customer and industry events to remote and online participation experiences. We may deem it advisable to similarly alter, postpone or cancel entirely additional customer, employee or industry events in the future. These changes may disrupt the way we operate our business. Given that the economic consequences of the COVID-19 pandemic have been exceptionally challenging for certain of our customers and prospects, we changed how we spend on marketing and lead generation activities, putting an increased focus on digital, on-line marketing and lead generation.
Moreover, the conditions caused by the COVID-19 pandemic can affect the rate of spending on software platforms, especially in certain industries that are particularly vulnerable to these conditions, and could adversely affect our customers’ ability or willingness to purchase our offerings; the timing of our current or prospective customers’ purchasing decisions; pricing discounts or extended payment terms; reductions in the amount or duration of customers’ subscription contracts or term licenses; or increase customer attrition rates, all of which could adversely affect our future sales, operating results and overall financial performance.
Our operations have also begun to be affected by a range of external factors related to the COVID-19 pandemic that are not within our control. For example, many cities, counties, states, and even countries have imposed or may impose a wide range of restrictions on the physical movement and congregation of our employees, partners and customers to limit the spread of COVID-19. If the COVID-19 pandemic starts to have a substantial impact on the productivity of our employees and partners or a continued substantial impact on the attendance of our employees at a wide range of events or a continued and substantial impact on the ability of our customers to purchase our offerings, our results of operations and overall financial performance may be harmed.
The duration and extent of the impact from the COVID-19 pandemic depends on future developments that cannot be accurately predicted at this time, such as the severity and transmission rate of the virus, the extent and effectiveness of containment actions, the disruption caused by such actions, the efficacy of vaccines and rates of vaccination in various states and countries, and the impact of these and other factors on our employees, customers, partners, vendors and the global economy. If we are not able to respond to and manage the impact of such events effectively, our business will be harmed.
To the extent the COVID-19 pandemic adversely affects our business and financial results, it may also have the effect of heightening many of the other risks described in this “Risk Factors” section, including, in particular, risks related to our ability to secure customer
renewals, the addition of new customers and increased revenue from existing customers, risks that our operating results could be negatively affected by changes in the sizes or types of businesses that purchase our platform and the risk that weakened global economic conditions may harm our industry, business and results of operations.
If we cannot successfully execute on our strategy and continue to develop and effectively market solutions that anticipate and respond to the needs of our customers, our business, operating results and financial condition may suffer.
The market for software intelligence solutions is at an early stage of development and is characterized by constant change and innovation, and we expect it to continue to rapidly evolve. Moreover, many of our customers operate in industries characterized by changing technologies and business models, which require them to develop and manage increasingly complex software application and IT infrastructure environments. Our future success, if any, will be based on our ability to consistently provide our customers with a unified, real-time view into the performance of their software applications and IT infrastructure, provide notification and prioritization of degradations and failures, perform root cause analysis of performance issues, and analyze the quality of their end users’ experiences and the resulting impact on their businesses and brands. If we do not respond to the rapidly changing needs of our customers by developing and making available new solutions and solution enhancements that can address evolving customer needs on a timely basis, our competitive position and business prospects will be harmed.
In addition, the process of developing new technology is complex and uncertain, and if we fail to accurately predict customers’ changing needs and emerging technological trends, our business could be harmed. We believe that we must continue to dedicate significant resources to our research and development efforts, including significant resources to developing new solutions and solution enhancements before knowing whether the market will accept them. For example, we made significant investments in our new application security offering. Our new solutions and solution enhancements, including our new application security offering, could fail to attain sufficient market acceptance for many reasons, including:
•delays in releasing new solutions or enhancements to the market;
•delays or failures to provide updates to customers to maintain compatibility between Dynatrace® and the various applications and platforms being used in the customers’ applications and multicloud environments;
•failures to accurately predict market or customer demands;
•inability of our sales and marketing teams or those of our partners to sell solutions for new markets and product categories;
•defects, errors or failures in the design or performance of our new solutions or solution enhancements;
•negative publicity about the performance or effectiveness of our solutions;
•the introduction or anticipated introduction of competing products by our competitors; and
•the perceived value of our solutions or enhancements relative to their cost.
To the extent we are not able to continue to execute on our business model to timely and effectively develop and market applications to address these challenges and attain market acceptance, our business, operating results and financial condition will be adversely affected.
Further, we may make changes to our solutions that our customers do not value or find useful. We may also discontinue certain features, begin to charge for certain features that are currently free or increase fees for any of our features or usage of our solutions. If our new solutions, enhancements or pricing strategies do not achieve adequate acceptance in the market, our competitive position will be impaired, our revenue may decline or grow more slowly than expected and the negative impact on our operating results may be particularly acute, and we may not receive a return on our investment in the upfront research and development, sales and marketing and other expenses we incur in connection with new solutions or solution enhancements.
In addition, should customers incur damages as a result of our solutions’ failure to perform as expected, for example by failing to detect security risks, the affected customer(s) may seek to terminate their contracts with or recover their damages from us and we may be exposed to reputational harm.
If our platform and solutions do not effectively interoperate with our customers’ existing or future IT infrastructures, installations of our solutions could be delayed or canceled, which would harm our business.
Our success depends on the interoperability of our platform and solutions with third-party operating systems, applications, cloud platform, data and devices that we have not developed and do not control. Any changes in such operating systems, applications, cloud platforms, data or devices that degrade the functionality of our platform or solutions or give preferential treatment to competitive software could adversely affect the adoption and usage of our platform. We may not be successful in adapting our platform or solutions to operate effectively with these systems, applications, cloud platforms, data or devices. If it is difficult for our customers to
access and use our platform or solutions, or if our platform or solutions cannot connect a broadening range of applications, data and devices, then our customer growth and retention may be harmed, and our business and operating results could be adversely affected.
Multicloud deployments utilize multiple third-party platforms and technologies, and these technologies are updated to new versions at a rapid pace. As a result, we deliver frequent updates to our solutions designed to maintain compatibility and support for our customers’ changing technology environments and ensure our solutions’ ability to continue to monitor the customer’s applications. If our solutions fail to work with any one or more of these technologies or applications, or if our customers fail to install the most recent updates and versions of our solutions that we offer, our solutions will be unable to continuously monitor our customer’s critical business applications.
Ensuring that our solutions are up-to-date and compatible with the technology and multicloud platforms utilized by our customers is critical to our success. We have formed alliances with many technology and cloud platform providers to provide updates to our solutions to maintain compatibility. We work with technology and cloud platform providers to understand and align updates to their product roadmaps and engage in early access and other programs to ensure compatibility of our solutions with the technology vendor’s generally available release. If our relations with our technology partners degrades or ceases we may be unable to deliver these updates, or if our customers fail to install the most recent updates and versions of our solutions that we offer, then our customers’ ability to benefit from our solution may decrease significantly and, in some instances, may require the customer to de-install our solution due to the incompatibility of our solution with the customer’s applications.
Our future revenues and operating results will be harmed if we are unable to acquire new customers, if our customers do not renew their contracts with us, or if we are unable to expand sales to our existing customers or develop new solutions that achieve market acceptance.
To continue to grow our business, it is important that we continue to attract new customers to purchase and use our solutions. Our success in attracting new customers depends on numerous factors, including our ability to:
•offer a compelling software intelligence platform and solutions;
•execute our sales and marketing strategy;
•effectively identify, attract, on-board, train, develop, motivate and retain new sales, marketing, professional services and support personnel in the markets we pursue;
•develop or expand relationships with technology partners, systems integrators, resellers, online enterprise marketplaces and other partners including hyperscalers such as Amazon Web Services, Google Cloud Platform, Microsoft Azure, IBM Red Hat and others, some of which may also compete with us;
•expand into new geographies and markets, including the business intelligence and data analytics market;
•deploy our platform and solutions for new customers; and
•provide quality customer support and professional services.
Our customers have no obligation to renew their maintenance, SaaS and/or term-license agreements, and our customers may decide not to renew these agreements with a similar contract period, at the same prices and terms or with the same or a greater number of licenses. Although our customer retention rate has historically been strong, some of our customers have elected not to renew their agreements with us, and it is difficult to accurately predict long-term customer retention, churn and expansion rates. Our customer retention and expansion rates may decline or fluctuate as a result of a number of factors, including our customers’ satisfaction with our solutions platform, our customer support and professional services, our prices and pricing plans, the competitiveness of other software products and services, reductions in our customers’ spending levels, user adoption of our solutions, deployment success, utilization rates by our customers, new product releases and changes to our product offerings. If our customers do not renew their maintenance, SaaS and/or term-license agreements, or renew on less favorable terms, our business, financial condition and operating results may be adversely affected.
Our ability to increase revenue also depends in part on our ability to increase deployment of our solutions by existing customers. Our ability to increase sales to existing customers depends on several factors, including their experience with implementing and using our platform and the existing solutions they have implemented, their ability to integrate our solutions with existing technologies, and our pricing model. A failure to increase sales to existing customers could adversely affect our business, operating results and financial condition.
Failure to effectively expand our sales and marketing capabilities could harm our ability to execute on our business plan, increase our customer base and achieve broader market acceptance of our applications.
Our ability to increase our customer base and achieve broader market acceptance of our solutions will depend to a significant extent on the ability of our sales and marketing organizations to work together to drive our sales pipeline and cultivate customer and partner
relationships to drive revenue growth. We have invested in and plan to continue expanding our sales and marketing organizations, both domestically and internationally. We also plan to dedicate significant resources to sales and marketing programs, including lead generation activities and brand awareness campaigns, such as our industry events, webinars and user events with an increased investment in digital or online activities. If we are unable to effectively identify, hire, on-board, train, develop, motivate and retain talented sales personnel or marketing personnel or if our new sales personnel or marketing personnel or online investments are unable to achieve desired productivity levels in a reasonable period of time, our ability to increase our customer base and achieve broader market acceptance of our applications could be harmed.
We face significant competition, which may adversely affect our ability to add new customers, retain existing customers and grow our business.
The markets in which we compete are highly competitive, fragmented, evolving, complex and defined by rapidly changing technology and customer demands, and we expect competition to continue to increase in the future. A number of companies, some of which are larger and have more resources than we do, have developed or are developing products and services that currently, or in the future may, compete with some or all of our solutions. This competition could result in increased pricing pressure, reduced profit margins, increased sales and marketing expenses and our failure to increase, or loss of, market share, any of which could adversely affect our business, operating results and financial condition.
We compete either directly or indirectly with application performance monitoring vendors such as Cisco, Broadcom, and New Relic, infrastructure monitoring vendors such as Datadog and Nagios, Digital Experience Management vendors such as Akamai and Catchpoint, point solutions from cloud providers such as Amazon Web Services, or AWS, Microsoft Azure and Google Cloud Platform, and other business intelligence and monitoring and analytics providers that provide some portion of the services that we provide. Our competitors may have longer-term and more extensive relationships with our existing and potential customers that provide them with an advantage in competing for business with those customers. Further, to the extent that one of our competitors establishes or strengthens a cooperative relationship with, or acquires one or more software application performance monitoring, data analytics, compliance or network visibility vendors, it could adversely affect our ability to compete.
We may also face competition from companies entering our market, which has a relatively low barrier to entry in some segments, including large technology companies that could expand their platforms or acquire one of our competitors. Many existing and potential competitors enjoy substantial competitive advantages, such as:
•larger sales and marketing budgets and resources;
•access to larger customer bases which often provide incumbency advantages;
•broader global distribution and presence;
•the ability to bundle competitive offerings with other products and services;
•greater brand recognition and longer operating histories;
•lower labor and development costs;
•greater resources to make acquisitions;
•larger and more mature intellectual property portfolios; and
•substantially greater financial, technical, management and other resources.
Additionally, in certain circumstances, and particularly among large enterprise technology companies that have complex and large software application and IT infrastructure environments, customers may elect to build in-house solutions to address their software intelligence needs. Any such in-house solutions could leverage open source software, and therefore be made generally available at little or no cost.
These competitive pressures in our markets or our failure to compete effectively may result in fewer customers, price reductions, fewer orders, reduced revenue and gross profit, and loss of market share. Any failure to meet and address these factors could materially and adversely affect our business, operating results and financial condition.
If the prices we charge for our solutions and services are unacceptable to our customers, our operating results will be harmed.
As the market for our solutions matures, or as new or existing competitors introduce new products or services that compete with ours, we may experience pricing pressure and be unable to renew our agreements with existing customers or attract new customers at prices that are consistent with our current pricing model and operating budget. If this were to occur, it is possible that we would have to change our pricing model or reduce our prices, which could harm our revenue, gross margin and operating results. Pricing decisions may also impact the mix of adoption among our licensing and subscription models, and negatively impact our overall revenue. Moreover, large enterprises, which we expect will account for a large portion of our business in the future, may demand substantial
price concessions. If we are, for any reason, required to reduce our prices, our revenue, gross margin, profitability, financial position and cash flow may be adversely affected.
We expect our billings and revenue mix to vary over time, which could harm our gross margin, cash flows, and operating results.
Our historical expansion with customers has typically been achieved by executing additional contracts, each with unique pricing and anniversary dates. We are transitioning to a program that combines these contracts into one single, often multi-year contract per customer with one single anniversary date, which may result in variability in the timing and amounts of our billings which could impact our operating results, including our deferred revenue and our remaining performance obligations. In addition, our transition away from perpetual licenses will continue to have the effect of reducing our deferred revenue balance.
Our gross margins, cash flows and operating results could also be harmed by further changes in billings and revenue mix and costs, together with numerous other factors, including: entry into new lower margin markets or growth in lower margin markets; entry into markets with different pricing and cost structures; pricing discounts; and increased price competition. Any one of these factors or the cumulative effects of certain of these factors may result in significant fluctuations in our revenues, billings, gross margin, and operating results. This variability and unpredictability could result in our failure to meet internal expectations or those of securities analysts or investors for a particular period. If we fail to meet or exceed such expectations for these or any other reasons, the market price of our common stock could decline.
If we are unable to maintain successful relationships with our partners, or if our partners fail to perform, our ability to market, sell and distribute our applications and services will be limited, and our business, operating results and financial condition could be harmed.
In addition to our sales force, we rely on partners, including our strategic partners to increase our sales and distribution of our software and services. We also have independent software vendor partners whose integrations may increase the breadth of the ecosystem in which our solutions can operate, and the size of the market that our solutions can address. We are dependent on these partner relationships to contribute to enabling our sales growth. We expect that our future growth will be increasingly dependent on the success of our partners and our partner relationships, and if those partnerships do not provide such benefits, our ability to grow our business will be harmed. If we are unable to scale our partner relationships effectively, or if our partners are unable to serve our customers effectively, we may need to expand our services organization, which could adversely affect our results of operations.
Our agreements with our partners are generally non-exclusive, meaning our partners may offer products from several different companies to their customers or have their products or technologies also interoperate with products and technologies of other companies, including products that compete with our offerings. Moreover, some of our partners also compete with us. If our partners do not effectively market and sell our offerings, choose to use greater efforts to market and sell their own products or those of our competitors or fail to meet the needs of our customers, our ability to grow our business and sell our offerings will be harmed. Furthermore, our partners may cease marketing our offerings with limited or no notice and with little or no penalty, and new partners could require extensive training and may take several months or more to achieve productivity. The loss of a substantial number of our partners, our possible inability to replace them or our failure to recruit additional partners could harm our results of operations. Our partner structure could also subject us to lawsuits or reputational harm if, for example, a partner misrepresents the functionality of our offerings to customers or violates applicable laws or our corporate policies.
We believe that our brand is integral to our future success and if we fail to cost-effectively promote or protect our brand, our business and competitive position may be harmed.
We believe that maintaining and enhancing our brand and increasing market awareness of our company and our solutions are critical to achieving broad market acceptance of our existing and future solutions and are important elements in attracting and retaining customers, partners and employees, particularly as we continue to expand internationally and introduce new products. In addition, independent industry analysts, such as Gartner and Forrester, often provide reviews of our solutions, as well as those of our competitors, and perception of our solutions in the marketplace may be significantly influenced by these reviews. We have no control over what these or other industry analysts report, and because industry analysts may influence current and potential customers, our brand could be harmed if they do not provide a positive review of our solutions or view us as a market leader.
The successful promotion of our brand and the market’s awareness of our solutions and platform will depend largely upon our ability to continue to offer enterprise-grade software intelligence solutions, our ability to be thought leaders in application intelligence, our marketing efforts and our ability to successfully differentiate our solutions from those of our competitors. We have invested, and expect to continue to invest, substantial resources to promote and maintain our brand and generate sales leads, both domestically and internationally, but there is no guarantee that our brand development strategies will enhance the recognition of our brand or lead to increased sales. If our efforts to promote and maintain our brand are not cost-effective or successful, our operating results and our ability to attract and retain customers, partners and employees may be adversely affected. In addition, even if our brand recognition and customer loyalty increases, this may not result in increased sales of our solutions or higher revenue.
Our sales cycles can be long, unpredictable and vary seasonally, which can cause significant variation in the number and size of transactions that close in a particular quarter.
Our results of operations may fluctuate, in part, because of the resource-intensive nature of our sales efforts, the length and variability of the sales cycle for our platform and the difficulty in making short-term adjustments to our operating expenses. Many of our customers are large enterprises, whose purchasing decisions, budget cycles and constraints and evaluation processes are unpredictable and out of our control. The length of our sales cycle, from initial evaluation to payment for our subscriptions can range from several months to over a year and can vary substantially from customer to customer. Our sales efforts involve significant investment of resources in field sales, partner development, marketing and educating our customers about the use, technical capabilities and benefits of our platform and services. Customers often undertake a prolonged evaluation process, which frequently involves not only our platform but also those of other companies or the consideration of internally developed alternatives including those using open-source software. Some of our customers initially deploy our platform on a limited basis, with no guarantee that they will deploy our platform widely enough across their organization to justify our substantial pre-sales investment. As a result, it is difficult to predict exactly when, or even if, we will make a sale to a potential customer or if we can increase sales to our existing customers. Large individual sales have, in some cases, occurred in quarters subsequent to those we anticipated, or have not occurred at all. If our sales cycle lengthens or our substantial upfront investments do not result in sufficient revenue to justify our investments, our operating results could be adversely affected.
We have experienced seasonal and end-of-quarter concentration of our transactions and variations in the number and size of transactions that close in a particular quarter, which impacts our ability to grow revenue over the long term and plan and manage cash flows and other aspects of our business and cost structure. Our transactions vary by quarter, with the third fiscal quarter typically being our largest. In addition, within each quarter, a significant portion of our transactions occur in the last two weeks of that quarter. If expectations for our business turn out to be inaccurate, our revenue growth may be adversely affected over time and we may not be able to adjust our cost structure on a timely basis and our cash flows and results of operations may suffer.
Any failure to offer high-quality customer support and professional services may adversely affect our relationships with our customers and our financial results.
We typically bundle customer support with arrangements for our solutions, and offer professional services for implementation and training. In deploying and using our platform and solutions, our customers may require the assistance of our services teams to resolve complex technical and operational issues. Increased customer demand for support, without corresponding revenue, could increase costs and adversely affect our operating results. We may also be unable to respond quickly enough to accommodate short-term increases in customer demand for support. If we fail to meet our service level commitments, which relate to uptime, response times, escalation procedures, and time to problem resolution, or if we suffer extended periods of unavailability for our solutions, we may be contractually obligated to provide these customers with service credits or penalties, refunds for prepaid amounts related to unused subscription services, or we could face contract terminations. Our sales are highly dependent on our reputation and on positive recommendations from our existing customers. Any failure to maintain high-quality customer support and professional services, or a market perception that we do not maintain high-quality product support or services, could adversely affect our reputation, and our ability to sell our solutions to existing and new customers.
Our ability to succeed depends on the experience and expertise of our senior management team. If we are unable to retain and motivate our personnel, our business, operating results and prospects may be harmed.
Our ability to succeed depends in significant part on the experience and expertise of our senior management team, including our CEO and other executive officers. The members of our senior management team are employed on an at-will basis, which means that they are not contractually obligated to remain employed with us and could terminate their employment with us at any time. Accordingly, and in spite of our efforts to retain our senior management team, any member of our senior management team could terminate his or her employment with us at any time and go to work for one of our competitors, after the expiration of any applicable non-compete period, which may be difficult to enforce depending on the circumstances. The loss of one or more members of our senior management team, particularly if closely grouped, could adversely affect our ability to formulate and execute our business plan and thus, our business, operating results and prospects could be adversely affected. If we fail to develop effective succession plans for our senior management team, and to identify, recruit, onboard, train and integrate strategic hires, our business, operating results and financial condition could be adversely affected.
We rely on highly skilled personnel and, if we are unable to attract, retain or motivate substantial numbers of qualified personnel or expand and train our sales force, we may not be able to grow effectively.
Our success largely depends on the talents and efforts of key technical, sales and marketing employees and our future success depends on our continuing ability to effectively identify, hire, on-board, train, develop, motivate and retain highly skilled personnel for all areas of our organization. Competition in our industry is intense and often leads to increased compensation and other personnel costs. In addition, competition for employees with experience in our industry can be intense, particularly in Europe, where our research and
development operations are concentrated and where other technology companies compete for management and engineering talent. Our continued ability to compete and grow effectively depends on our ability to attract substantial numbers of qualified new employees and to retain and motivate our existing employees.
We believe that our corporate culture has contributed to our success, and if we cannot successfully maintain our culture as we grow, we could lose the innovation, creativity and teamwork fostered by our culture.
We believe that a critical component to our success has been our corporate culture. We believe our culture has contributed significantly to our abilities to innovate and develop new technologies, and to attract and retain employees. We have spent substantial time and resources in building our team while maintaining this corporate culture. We have experienced rapid growth in our employee headcount and international presence. The rapid influx of large numbers of people from different business backgrounds in different geographic locations may make it difficult for us to maintain our corporate culture of innovation. If our culture is negatively affected, our ability to support our growth and innovation may diminish.
Our debt obligations contain restrictions that impact our business and expose us to risks that could adversely affect our liquidity and financial condition.
At March 31, 2021, we had approximately $425.0 million of aggregate indebtedness, as defined in the Credit Agreement, consisting of $401.1 million outstanding under our first lien term loan facility, $15.6 million outstanding under a $25.0 million letter of credit sub-facility and $9.2 million in unamortized debt issuance fees. Under our first lien term loan facility, we are required to repay approximately $2.4 million of principal at the end of each quarter (commencing March 31, 2019) and are required to pay accrued interest on the last day of each interest accrual period. During the second quarter of fiscal 2020, we repaid all outstanding borrowings and accrued interest under our second lien term loan facility and recognized a loss on debt extinguishment of $2.7 million within “Interest expense, net” in the consolidated statements of operations for the year ended March 31, 2020. Interest accrual periods under each loan facility are typically one month in duration. The actual amounts of our debt servicing payments vary based on the amounts of indebtedness outstanding, the applicable interest accrual periods and the applicable interest rates, which vary based on prescribed formulas. Our cash paid for interest was approximately $12.5 million, $39.6 million, and $41.0 million during the years ended March 31, 2021, 2020, and 2019, respectively.
The credit and guaranty agreement, which we refer to as our Credit Agreement, governing our term loan facility and our revolving credit facility, which we refer to as our Credit Facility, contains various covenants that are operative so long as our Credit Facility remains outstanding. The covenants, among other things, limit our and certain of our subsidiaries’ abilities to:
•incur additional indebtedness or guarantee indebtedness of others;
•create additional liens on our assets;
•pay dividends and make other distributions on our capital stock, and redeem and repurchase our capital stock;
•make investments, including acquisitions;
•make capital expenditures;
•enter into mergers or consolidations or sell assets;
•engage in sale and leaseback transactions; or
•enter into transactions with affiliates.
Our Credit Facility also contains numerous affirmative covenants, including financial covenants. Even if our Credit Facility is terminated, any additional debt that we incur in the future could subject us to similar or additional covenants. For a more detailed description of our indebtedness, see Note 9 to our consolidated financial statements.
If we experience a decline in cash flow due to any of the factors described in this “Risk Factors” section or otherwise, we may have difficulty paying the interest and principal amount of our outstanding indebtedness and meeting the financial covenants set forth in our Credit Facility. If we are unable to generate sufficient cash flow or otherwise to obtain the funds necessary to make required payments under our Credit Facility, or if we fail to comply with the various requirements of our indebtedness, we could default under our Credit Facility. Our Credit Facility also contains provisions that trigger repayment obligations or an event of default upon a change of control, as well as various representations and warranties which, if breached, could lead to an event of default. Any such default that is not cured or waived could result in an acceleration of indebtedness then outstanding under our Credit Facility, an increase in the applicable interest rates under our Credit Facility, and a requirement that our subsidiaries that have guaranteed our Credit Facility pay the obligations in full, and would permit the lenders to exercise remedies with respect to all of the collateral that is securing our Credit Facility, including substantially all of our and our subsidiary guarantors’ assets. We cannot be certain that our future operating results will be sufficient to ensure compliance with the covenants in our Credit Agreement or to remedy any defaults under our Credit Agreement. In addition, in the event of any default and related acceleration, we may not have or be able to obtain sufficient funds to
make any accelerated payments. Any such default could have a material adverse effect on our liquidity, financial condition and results of operations.
Our substantial level of indebtedness could materially and adversely affect our financial condition.
We now have, and expect to continue to have, significant indebtedness that could result in a material and adverse effect on our business by:
•increasing our vulnerability to general adverse economic and industry conditions;
•requiring us to dedicate a substantial portion of our cash flow from operations to payments on our indebtedness, thereby reducing the availability of our cash flow to fund working capital, capital expenditures, acquisitions, research and development efforts and other general corporate purposes;
•limiting our flexibility in planning for, or reacting to, changes in our business and the industry in which we operate; and
•exposing us to the risk of increased interest rates as certain of our borrowings are, and may in the future be, at variable interest rates.
The occurrence of any one of these events could have a material adverse effect on our business, financial condition, results of operations and ability to satisfy our obligations under our Credit Facility.
We may need to refinance all or a portion of our indebtedness, including our Credit Facility, at or before maturity. We may not be able to accomplish any of these alternatives on terms acceptable to us, or at all. In addition, our existing Credit Agreement restricts us, and future credit agreements may restrict us, from adopting any of these alternatives. The failure to generate sufficient cash flow or to achieve any of these alternatives could materially adversely affect our ability to pay the amounts due under our Credit Agreement.
Failure to maintain our credit ratings could adversely affect our liquidity, capital position, ability to hedge certain financial risks, borrowing costs and access to capital markets.
Our credit risk is evaluated by the major independent rating agencies, and such agencies have in the past and could in the future downgrade our ratings. We cannot assure you that we will be able to maintain our current credit ratings, and any additional actual or anticipated changes or downgrades in our credit ratings, including any announcement that our ratings are under further review for a downgrade, may have a negative impact on our liquidity, capital position, ability to hedge certain financial risks and access to capital markets. In addition, changes by any rating agency to our outlook or credit rating could increase the interest we pay on outstanding or future debt.
Risks Related to Information Technology, Intellectual Property, and Data Security and Privacy
Security breaches, computer malware, computer hacking attacks and other security incidents could harm our business, reputation, brand and operating results.
Security incidents have become more prevalent across industries and may occur on our systems, or on the systems of third parties we use to host our solutions or SaaS solutions that we use in the operation of our business, or on those third party hosting platforms on which our customers’ host their systems. These security incidents may be caused by or result in but are not limited to security breaches, computer malware or malicious software, ransomware, computer hacking, denial of service attacks, security system control failures in our own systems or from vendors we or our customers use, email phishing, software vulnerabilities, social engineering, sabotage, drive-by downloads and the malfeasance of our own or our customers’ employees. In particular, because we utilize a multi-tenant platform, any security breach could potentially affect a significant amount of our customers. The consequences of a security incident may be more severe if customers have chosen to configure our platform to collect and store confidential, personal, sensitive or proprietary information. Such security incidents, whether intentional or otherwise, may result from actions of employees, hackers, criminals, nation states, vendors, contractors, customers or other threat actors. We have experienced a small number of email phishing attacks that resulted in the compromise of a limited number of email accounts. Although we have taken significant measures to detect, effectively remediate and prevent future phishing and other attacks and security threats, we cannot be certain that our efforts will be effective to prevent and remediate all attacks and security threats.
Cyber incidents have been increasing in sophistication and frequency and can include employees or third parties gaining access to employee or customer data using stolen or inferred credentials, computer malware, viruses, spamming, phishing attacks, ransomware, card skimming code, and other deliberate attacks and attempts to gain unauthorized access. As a result, unauthorized access to, security breaches of, or denial-of-service attacks against our platform could result in the unauthorized access to or use of, and/or loss of, such data, as well as loss of intellectual property, customer data, employee data, trade secrets, or other confidential or proprietary information.
We and certain of our service providers have experienced and may in the future experience disruptions, outages and other performance problems on our internal systems due to service attacks, unauthorized access or other security related incidents. Any security breach or loss of system control caused by hacking, which involves efforts to gain unauthorized access to information or systems, or to cause intentional malfunctions or loss, modification or corruption of data, software, hardware or other computer equipment and the inadvertent transmission of computer malware could harm our business, operating results and financial condition, and expose us to claims arising from loss or unauthorized disclosure of confidential or personal information or data and the related breach of our contracts with customers or others, or of privacy or data security laws. If an actual or perceived security incident occurs, the market perception of the effectiveness of our security controls could be harmed, our brand and reputation could be damaged, we could lose customers, and we could suffer financial exposure due to such events or in connection with remediation efforts, investigation costs, regulatory fines including fines assessed under the European General Data Protection Regulation, or GDPR, or other privacy laws, private lawsuits and changed security control, system architecture and system protection measures.
We may in the future experience disruptions, outages and other performance problems on the systems that we host for our customers due to service attacks, unauthorized access or other security related incidents. Any security breach or loss of system control caused by hacking, which involves efforts to gain unauthorized access to information or systems, or to cause intentional malfunctions or loss, modification or corruption of data, software, hardware or other computer equipment and the inadvertent transmission of computer malware could disrupt the services that we provide to our customers, harm our customers’ business, operating results and financial condition, and expose us to claims from our customers for the damages that result, which could include, without limitation, claims arising from loss or unauthorized access, acquisition or disclosure of confidential or personal information or data and the related breach of privacy or data security laws. If an actual or perceived security incident occurs, the market perception of the effectiveness of our security controls could be harmed, our brand and reputation could be damaged, we could lose customers, and we could suffer financial exposure due to such events or in connection with remediation efforts, investigation costs, regulatory fines including fines assessed under GDPR or other privacy laws, private lawsuits and changed security control, system architecture and system protection measures.
We have administrative, technical, and physical security measures in place, as well as policies and procedures in place to contractually require third parties to whom we transfer data to implement and maintain appropriate security measures. We also proactively employ multiple methods at different layers of our systems to defend against intrusion and attack and to protect our data. However, because the techniques used to obtain unauthorized access or to sabotage systems change frequently and generally are not identified until they are launched against or even penetrate a target, we may be unable to anticipate these techniques or to implement adequate preventative measures that will be sufficient to counter all current and emerging technology threats. We may therefore experience security breaches that may remain undetected for extended periods of time. For example, in December 2020 it was widely reported that SolarWinds, an information technology company, was the subject of a cyberattack earlier in September 2019 where the SUNBURST malicious code was injected into builds of their Orion software platform that created security vulnerabilities to customers who use Orion. We used SolarWinds Orion software and upon learning of the incident, we took recommended actions to detect any unauthorized access as well as mitigate the compromised system. More recently, SolarWinds provided an update from its investigations regarding the deployment of the malicious tool into its build environment. However, the full extent and consequences of the cyberattack may not be fully understood and, in the future, it is possible that our systems and/or data may be compromised as a result of this incident. While we do not believe at this time that the SolarWinds matter had a material impact on our systems or operations, should new or different information come to light establishing that the intrusion is broader than now known, it could have a broader impact on our systems and operations and we could incur significant costs in responding to such intrusion. This is likewise true in the event SolarWinds has an impact on our supply chain or vendors in ways that are not yet known. A vendor breach could spread to our own systems or affect our operations or financial systems in material ways we cannot yet anticipate.
Because data security is a critical competitive factor in our industry, we make statements in our privacy policies and in our marketing materials, describing the security of our platform, including descriptions of certain security measures we employ or security features embedded within our products. Should any of these statements be untrue, become untrue, or be perceived to be untrue, even if through circumstances beyond our reasonable control, or if any of these security measures or features prove to be ineffective or are perceived to be ineffective, we may face claims, including claims of unfair or deceptive trade practices or breach of regulations including GDPR, brought by the U.S. Federal Trade Commission, state, local or foreign regulators (e.g., a European Union-based data protection authority) or private litigants.
If any unauthorized access to our systems or data, security breach, or significant denial-of-service attack occurs or is believed to have occurred, our reputation and brand could be damaged, we could be required to expend significant capital and other resources to alleviate problems caused by such actual or perceived breaches or attacks and remediate our systems, and we could be exposed to a risk of loss, litigation or regulatory action and possible liability, some or all of which may not be covered by insurance, and our ability to operate our business may be impaired. We have in the past experienced, and may in the future experience, data security incidents affecting personal information, as well as denial-of-service attacks against our platform.
Interruptions with the delivery of our SaaS solutions, or third-party cloud-based systems that we use in our operations, may adversely affect our business, operating results and financial condition.
Our continued growth depends on the ability of our customers to access our platform and solutions, particularly our cloud-based solutions, at any time and within an acceptable amount of time. In addition, our ability to access certain third-party SaaS solutions is important to our operations and the delivery of our customer support and professional services, as well as our sales operations.
We have experienced, and may in the future experience, service disruptions, outages and other performance problems both in the delivery of our SaaS solutions, and in third-party SaaS solutions we use due to a variety of factors, including infrastructure changes, malicious actors including disgruntled employees, human or software errors or capacity constraints. We utilize a multi-tenant structure, meaning that, generally, our customers are hosted on a shared platform. As such, any interruption in service could affect a significant number of our customers. In some instances, we or our third-party service providers may not be able to identify the cause or causes of these performance problems within an acceptable period of time. It may become increasingly difficult to maintain and improve the performance of our SaaS solutions as they become more complex. If our SaaS solutions are unavailable or degraded or if our customers are unable to access features of our SaaS solutions within a reasonable amount of time or at all, our business would be adversely affected. In addition, if any of the third-party SaaS solutions that we use were to experience a significant or prolonged outage or security breach, our business could be adversely affected.
We currently host our Dynatrace® solutions primarily using AWS, as well as other providers of cloud infrastructure services including Microsoft Azure, Interoute and Alibaba. Our Dynatrace® solutions reside on hardware operated by these providers. Our operations depend on protecting the virtual cloud infrastructure hosted in AWS by maintaining its configuration, architecture, features and interconnection specifications, as well as the information stored in these virtual data centers and which third-party internet service providers transmit. Although we have disaster recovery plans, including the use of multiple AWS locations, any incident affecting AWS’ infrastructure that may be caused by fire, flood, severe storm, earthquake or other natural disasters, cyber-attacks, terrorist or other attacks, and other similar events beyond our control could negatively affect our platform and our ability to deliver our solutions to our customers. A prolonged AWS service disruption affecting our SaaS platform for any of the foregoing reasons would negatively impact our ability to serve our customers and could damage our reputation with current and potential customers, expose us to liability, cause us to lose customers or otherwise harm our business. We may also incur significant costs for using alternative equipment or taking other actions in preparation for, or in reaction to, events that damage the AWS services we use.
AWS has the right to terminate our agreement upon material uncured breach on 30 days’ prior written notice. In the event that our AWS service agreements are terminated, or there is a lapse of service, we would experience interruptions in access to our platform as well as significant delays and additional expense in arranging new facilities and services and/or re-architecting our solutions for deployment on a different cloud infrastructure, which would adversely affect our business, operating results and financial condition.
Because users are able to configure our platform to collect and store confidential, personal or proprietary information, security concerns could result in additional cost and liability to us or inhibit sales of our products.
Our risks are significantly affected by the data that customers elect to monitor and how they configure the tools available to them to mask personal data. Our customers determine the notices that they provide to data subjects as well as the consents that they obtain, if they do in fact, obtain consent. As such, our risks are also affected by how our customers obtain consent or provide transparency to the individuals whose data is collected. If our customers fail to comply with applicable law or fail to provide adequate notice or to obtain consent we could be exposed to a risk of loss, litigation or regulatory action and possible liability, some or all of which may not be covered by insurance, and our ability to operate our business may be impaired.
Real or perceived errors, failures, defects or vulnerabilities in our solutions could adversely affect our financial results and growth prospects.
Our solutions and underlying platform are complex, and in the past, we or our customers have discovered software errors, failures, defects and vulnerabilities in our solutions after they have been released, including after new versions or updates are released. Our solutions and our platform are often deployed and used in large-scale computing environments with different operating systems, system management software and equipment and networking configurations, which have in the past, and may in the future, cause errors in, or failures of, our solutions or other aspects of the computing environment into which they are deployed. In addition, deployment of our solutions into complicated, large-scale computing environments have in the past exposed, and may, in the future, expose undetected errors, failures, defects or vulnerabilities in our solutions. Despite testing by us, errors, failures, defects or vulnerabilities may not be found in our solutions until they are released to our customers or thereafter. Real or perceived errors, failures, defects or vulnerabilities in our solutions could result in, among other things, negative publicity and damage to our reputation, lower renewal rates, loss of or delay in market acceptance of our solutions, loss of competitive position or claims by customers for losses sustained by them or expose us to breach of contract claims, regulatory fines and related liabilities. If vulnerabilities in our solutions are exploited by third parties, our customers could experience damages or losses for which our customers seek to hold us accountable. In the case of real or perceived errors, failures, defects or vulnerabilities in our solutions giving rise to claims by
customers, we may be required, or may choose, for regulatory, contractual, customer relations or other reasons, to expend additional resources in order to help correct the problem.
Assertions by third parties of infringement or other violations by us of their intellectual property rights, or other lawsuits brought against us, could result in significant costs and substantially harm our business, operating results and financial condition.
Patent and other intellectual property disputes are common in the markets in which we compete. Some companies in the markets in which we compete, including some of our competitors, own large numbers of patents, copyrights, trademarks and trade secrets, which they may use to assert claims of infringement, misappropriation or other violations of intellectual property rights against us, our partners, our technology partners or our customers. As the number of patents and competitors in our market increase, allegations of infringement, misappropriation and other violations of intellectual property rights may also increase. Our broad solution portfolio and the competition in our markets further exacerbate the risk of additional third-party intellectual property claims against us in the future. Any allegation of infringement, misappropriation or other violation of intellectual property rights by a third party, even those without merit, could cause us to incur substantial costs and resources defending against the claim, could distract our management from our business, and could cause uncertainty among our customers or prospective customers, all of which could have an adverse effect on our business, operating results and financial condition. We cannot assure you that we are not infringing or otherwise violating any third-party intellectual property rights.
Furthermore, companies that bring allegations against us may have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend against similar allegations that may be brought against them than we do. We have received, and may in the future receive, notices alleging that we have misappropriated, misused or infringed other parties’ intellectual property rights, including allegations made by our competitors, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement assertions. There also is a market for acquiring third-party intellectual property rights and a competitor, or other entity, could acquire third-party intellectual property rights and pursue similar assertions based on the acquired intellectual property. They may also make such assertions against our customers or partners.
An adverse outcome of a dispute may require us to take several adverse steps such as: pay substantial damages, including potentially treble damages, if we are found to have willfully infringed a third party’s patents or copyrights; cease making, using, selling, licensing, importing or otherwise commercializing solutions that are alleged to infringe or misappropriate the intellectual property of others; expend additional development resources to attempt to redesign our solutions or otherwise to develop non-infringing technology, which may not be successful; enter into potentially unfavorable royalty or license agreements in order to obtain the right to use necessary technologies or intellectual property rights or have royalty obligations imposed by a court; or indemnify our customers, partners and other third parties. Any damages or royalty obligations we may become subject to, any prohibition against our commercializing our solutions as a result of an adverse outcome could harm our business and operating results.
Additionally, our agreements with customers and partners include indemnification provisions, under which we agree to indemnify them for losses suffered or incurred as a result of allegations of intellectual property infringement and, in some cases, for damages caused by us to property or persons or other third-party allegations. Furthermore, we have agreed in certain instances to defend our partners against third-party claims asserting infringement of certain intellectual property rights, which may include patents, copyrights, trademarks or trade secrets, and to pay judgments entered on such assertions. Large indemnity payments could harm our business, operating results and financial condition.
Failure to protect and enforce our proprietary technology and intellectual property rights could substantially harm our business, operating results and financial condition.
The success of our business depends on our ability to protect and enforce our proprietary rights, including our patents, trademarks, copyrights, trade secrets and other intellectual property rights, throughout the world. We attempt to protect our intellectual property under patent, trademark, copyright and trade secret laws, and through a combination of confidentiality procedures, contractual provisions and other methods, all of which offer only limited protection. However, the steps we take to protect our intellectual property may be inadequate. We will not be able to protect our intellectual property if we are unable to enforce our rights or if we do not detect unauthorized use of our intellectual property. Despite our precautions, it may be possible for unauthorized third parties to copy our technology and use information that we regard as proprietary to create products and services that compete with ours. In the past, we have been made aware of public postings of portions of our source code. It is possible that released source code could reveal some of our trade secrets, and impact our competitive advantage. Some license provisions protecting against unauthorized use, copying, transfer, reverse engineering, and disclosure of our technology may be unenforceable under the laws of certain jurisdictions and foreign countries. Further, the laws of some countries do not protect proprietary rights to the same extent as the laws of the United States. In expanding our international activities, our exposure to unauthorized copying and use of our technology and proprietary information may increase.
As of March 31, 2021, we had 84 issued patents, 67 of which are in the United States, and 29 pending applications, of which 21 are in the United States. Our issued patents expire at various dates through April 2039. The process of obtaining patent protection is
expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. We may choose not to seek patent protection for certain innovations and may choose not to pursue patent protection in certain jurisdictions. Furthermore, it is possible that our patent applications may not result in issued patents, that the scope of the claims in our issued patents will be insufficient or not have the coverage originally sought, that our issued patents will not provide us with any competitive advantages, and that our issued patents and other intellectual property rights may be challenged by others or invalidated through administrative process or litigation. In addition, issuance of a patent does not guarantee that we have an absolute right to practice our patented technology, or that we have the right to exclude others from practicing our patented technology. As a result, we may not be able to obtain adequate patent protection or to enforce our issued patents effectively.
In addition to patented technology, we rely on our unpatented proprietary technology and trade secrets. Despite our efforts to protect our proprietary technology and trade secrets, unauthorized parties may attempt to misappropriate, reverse engineer or otherwise obtain and use them. The contractual provisions that we enter into with employees, consultants, partners, vendors and customers may not prevent unauthorized use or disclosure of our proprietary technology or trade secrets and may not provide an adequate remedy in the event of unauthorized use or disclosure of our proprietary technology or trade secrets.
Moreover, policing unauthorized use of our technologies, solutions and intellectual property is difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the United States and where mechanisms for enforcement of intellectual property rights may be weak. We may be unable to determine the extent of any unauthorized use or infringement of our solutions, technologies or intellectual property rights.
From time to time, legal action by us may be necessary to enforce our patents and other intellectual property rights, to protect our trade secrets, to determine the validity and scope of the intellectual property rights of others or to defend against allegations of infringement or invalidity. Such litigation could result in substantial costs and diversion of resources and could negatively affect our business, operating results, financial condition and cash flows. If we are unable to protect our intellectual property rights, our business, operating results and financial condition will be harmed.
Our use of open source technology could impose limitations on our ability to commercialize our solutions and platform and application intelligence software platform.
We use open source software in our solutions and platform and expect to continue to use open source software in the future. Although we monitor our use of open source software to avoid subjecting our solutions and platform to conditions we do not intend, we may face allegations from others alleging ownership of, or seeking to enforce the terms of, an open source license, including by demanding release of the open source software, derivative works, or our proprietary source code that was developed using such software. These allegations could also result in litigation. The terms of many open source licenses have not been interpreted by U.S. courts. As a result, there is a risk that these licenses could be construed in a way that could impose unanticipated conditions or restrictions on our ability to commercialize our solutions. In such an event, we could be required to seek licenses from third parties to continue offering our solutions, to make our proprietary code generally available in source code form, to re-engineer our solutions or to discontinue the sale of our solutions if re-engineering could not be accomplished on a timely basis, any of which could adversely affect our business, operating results and financial condition.
Our participation in open source initiatives may limit our ability to enforce our intellectual property rights in certain circumstances.
As part of our strategy to broaden our target markets and accelerate adoption of our products, we contribute software program code to certain open source projects, managed by organizations such as Microsoft, Google and Cloud Native Computing Foundation. We also undertake our own open source initiatives to promote “open innovation” and “enterprise openness,” meaning that we make technologies available under open source licenses with the goal of exchanging insights and experience with other experts in the community, broadening the adoption of our platform by our customers, and providing our partners with the ability to leverage their own technologies through the Dynatrace® platform. In some cases, we accept contributions of code from the community, our customers and partners.
When we contribute to a third-party managed open source project, the copyrights, patent rights and other proprietary rights in and to the technologies, including software program code, owned by us that we contribute to these projects are licensed to the project managers and to all other contributing parties without restriction on further use or distribution. If and to the extent that any of the technologies that we contribute, either alone or in combination with the technologies that may be contributed by others, practice any inventions that are claimed under our patents or patent applications, then we may be unable to enforce those claims or prevent others from practicing those inventions, regardless of whether such other persons also contributed to the open source project (even if we were to conclude that their use infringes our patents with competing offerings), unless any such third party asserts its patent rights against us. This limitation on our ability to assert our patent rights against others could harm our business and ability to compete. In addition, if we were to attempt to enforce our patent rights, we could suffer reputational injury among our customers and the open source community.
Any actual or perceived failure by us to comply with stringent and evolving privacy laws or regulatory requirements in one or multiple jurisdictions, privacy and information security policies and contractual obligations could result in proceedings, actions or penalties against us.
We are subject to federal, state, and international laws, regulations and standards relating to the collection, use, disclosure, retention, security, transfer and other processing of personal data. The legal and regulatory framework for privacy, data protection and security issues worldwide is rapidly evolving and as a result implementation standards, potential fines, enforcement practices and litigation risks are likely to remain uncertain for the foreseeable future. In addition, our contracts with customers include specific obligations regarding the protection of confidentiality and the permitted uses of personally identifiable and other proprietary information.
Internationally, virtually every jurisdiction in which we operate has established its own privacy, data protection and/or data security legal framework with which we or our customers must comply, including but not limited to the European Union. In the EU, data protection laws are stringent and continue to evolve, resulting in possible significant operational costs for internal compliance and risk to our business. The EU has adopted the GDPR, which became effective and enforceable across all then-current member states of the EU on May 25, 2018 and contains numerous requirements and changes from prior EU law, including more robust obligations on data processors and heavier documentation requirements for data protection compliance programs by companies. Specifically, the GDPR introduced numerous privacy-related changes for companies operating in the EU, including heightened notice and consent requirements, greater rights of data subjects (e.g., the “right to be forgotten”), increased data portability for EU consumers, additional data breach notification and data security requirements, requirements for engaging third-party processors, and increased fines. In particular, under the GDPR, fines of up to 20 million euros or up to 4% of the annual global revenue of the noncompliant company, whichever is greater, could be imposed for violations of certain of the GDPR’s requirements, such as failure to accurately maintain required documentation as a data processor or controller under Article 30 and other provisions of the GDPR. The GDPR also confers a private right of action on data subjects and consumer associations to lodge complaints with supervisory authorities, seek judicial remedies and obtain compensation for damages. The GDPR applies to any company established in the EU as well as any company outside the EU that processes personal data in connection with the offering of goods or services to individuals in the EU or the monitoring of their behavior. Moreover, the GDPR requirements apply not only to third-party transactions, but also to transfers of information between us and our subsidiaries, including employee information. Following the U.K.’s withdrawal from the EU on January 31, 2020 and the end of the transitional arrangements agreed between the U.K. and EU as of January 1, 2021, the GDPR has been incorporated into U.K. domestic law by virtue of section 3 of the European Union (Withdrawal) Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (‘U.K. GDPR’). U.K.-based organizations doing business in the EU will need to continue to comply with the EU GDPR. Further, there is uncertainty with regard to how data transfers to and from the U.K. will be regulated.
In addition to the GDPR, the EU also is considering another draft data protection regulation. The proposed regulation, known as the Regulation on Privacy and Electronic Communications, or ePrivacy Regulation, would replace the current ePrivacy Directive. Originally planned to be adopted and implemented at the same time as the GDPR, the ePrivacy Regulation has been delayed but could be enacted sometime in the relatively near future. While the new regulation contains protections for those using communications services (for example, protections against online tracking technologies), the potential timing of its enactment significantly later than the GDPR means that additional time and effort may need to be spent addressing differences between the ePrivacy Regulation and the GDPR. New rules related to the ePrivacy Regulation are likely to include enhanced consent requirements in order to use communications content and communications metadata, as well as obligations and restrictions on the processing of data from an end-user’s terminal equipment, which may negatively impact our product offerings and our relationships with our customers.
Preparing for and complying with the evolving application of the GDPR and the ePrivacy Regulation (if and when it becomes effective) has required and will continue to require us to incur substantial operational costs and may require us to change our business practices. Despite our efforts to bring practices into compliance with the GDPR and before the effective date of the ePrivacy Regulation, we may not be successful either due to internal or external factors such as resource allocation limitations. Non-compliance could result in proceedings, fines or penalties against us by governmental entities, customers, data subjects, consumer associations or others.
Additionally, the GDPR imposes strict rules on the transfer of personal data outside of the EU to countries that do not ensure an adequate level of protection, like the United States (so-called “third countries”). These transfers are prohibited unless an appropriate safeguard specified by the GDPR is implemented, such as the Standard Contractual Clauses (SCCs) approved by the European Commission or binding corporate rules, or a derogation applies. The Court of Justice of the European Union (the “CJEU”) recently deemed that transfers made pursuant to the EU SCCs and other alternative transfer mechanisms, including binding corporate rules, need to be analyzed on a case-by-case basis to ensure EU standards of data protection are met in the jurisdiction where the data importer is based, and there continue to be concerns about whether these transfer mechanisms will face additional challenges. European regulators have issued recent guidance following the CJEU case that imposes significant new diligence requirements on transferring data outside the EU, including under an approved transfer mechanism. This guidance requires an “essential equivalency” assessment of the laws of the destination country transferred. If essentially equivalent protections are not available in the destination country, the exporting entity must then assess if supplemental measures can be put in place that, in combination with the chosen
transfer mechanism, would address the deficiency in the laws and ensure that essentially equivalent protection can be given to the data. While we have taken steps to mitigate the impact on us with respect to transfers of data, such as implementing standard contractual clauses with our customers, subsidiaries and subprocessors, the validity of these transfer mechanisms remains uncertain. Complying with this guidance as it exists today and evolves will be expensive and time consuming and may ultimately prevent us from transferring personal data outside the EU, which would cause significant business disruption for ourselves and our customers and potentially require the changes in the way our products are configured, hosted and supported.
In the United States, California enacted the California Consumer Privacy Act (“CCPA”), on June 28, 2018, which became effective on January 1, 2020. The CCPA gives California residents rights to access and delete their personal information, opt out of certain personal information sharing and receive detailed information about how their personal information is used. The CCPA provides for civil penalties for violations, as well as a private right of action for data breaches that is expected to increase data breach litigation. The CCPA may increase our compliance costs and potential liability. Some observers have noted that the CCPA could mark the beginning of a trend toward more stringent privacy legislation in the U.S., which could increase our potential liability and adversely affect our business.
Additionally, a new California ballot initiative, the California Privacy Rights Act, or “CPRA,” was passed in November 2020. Effective starting on January 1, 2023, the CPRA imposes additional obligations on companies covered by the legislation and will significantly modify the CCPA, including by expanding consumers’ rights with respect to certain sensitive personal information. The CPRA also creates a new state agency that will be vested with authority to implement and enforce the CCPA and the CPRA. The effects of the CCPA and the CPRA are potentially significant and may require us to modify our data collection or processing practices and policies and to incur substantial costs and expenses in an effort to comply and increase our potential exposure to regulatory enforcement and/or litigation.
Certain other state laws impose similar privacy obligations and we also expect anticipate that more states to may enact legislation similar to the CCPA, which provides consumers with new privacy rights and increases the privacy and security obligations of entities handling certain personal information of such consumers. The CCPA has prompted a number of proposals for new federal and state-level privacy legislation. Such proposed legislation, if enacted, may add additional complexity, variation in requirements, restrictions and potential legal risk, require additional investment of resources in compliance programs, impact strategies and the availability of previously useful data and could result in increased compliance costs and/or changes in business practices and policies. Virginia has recently passed its own data protection law, the Consumer Data Protection Act, which will go into effect on January 1, 2023, at the same time as the CPRA. The Virginia Consumer Data Protection Act is similar to the CCPA with respect to its requirements and provides for civil penalties; however there is no private right of action.
The regulatory framework governing the collection, processing, storage, use and sharing of certain information, particularly financial and other personal information, is rapidly evolving and is likely to continue to be subject to uncertainty and varying interpretations. It is possible that these laws may be interpreted and applied in a manner that is inconsistent with our existing data management practices or the features of our services and platform capabilities. Any failure or perceived failure by us, or any third parties with which we do business, to comply with our posted privacy policies, changing consumer expectations, evolving laws, rules and regulations, industry standards, or contractual obligations to which we or such third parties are or may become subject, may result in actions or other claims against us by governmental entities or private actors, the expenditure of substantial costs, time and other resources or the incurrence of significant fines, penalties or other liabilities. In addition, any such action, particularly to the extent we were found to be guilty of violations or otherwise liable for damages, would damage our reputation and adversely affect our business, financial condition and results of operations.
We cannot yet fully determine the impact these or future laws, rules, regulations and industry standards may have on our business or operations. Any such laws, rules, regulations and industry standards may be inconsistent among different jurisdictions, subject to differing interpretations or may conflict with our current or future practices. Additionally, our customers may be subject to differing privacy laws, rules and legislation, which may mean that they require us to be bound by varying contractual requirements applicable to certain other jurisdictions. Adherence to such contractual requirements may impact our collection, use, processing, storage, sharing and disclosure of various types of information including financial information and other personal information, and may mean we become bound by, or voluntarily comply with, self-regulatory or other industry standards relating to these matters that may further change as laws, rules and regulations evolve. Complying with these requirements and changing our policies and practices may be onerous and costly, and we may not be able to respond quickly or effectively to regulatory, legislative and other developments. These changes may in turn impair our ability to offer our existing or planned features, products and services and/or increase our cost of doing business. As we expand our customer base, these requirements may vary from customer to customer, further increasing the cost of compliance and doing business.
We publicly post documentation regarding our practices concerning the collection, processing, use and disclosure of data. Although we endeavor to comply with our published policies and documentation, we may at times fail to do so or be alleged to have failed to do so. Any failure or perceived failure by us to comply with our privacy policies or any applicable privacy, security or data protection, information security or consumer-protection related laws, regulations, orders or industry standards could expose us to costly litigation,
significant awards, fines or judgments, civil and/or criminal penalties or negative publicity, and could materially and adversely affect our business, financial condition and results of operations. The publication of our privacy policy and other documentation that provide promises and assurances about privacy and security can subject us to potential state and federal action if they are found to be deceptive, unfair, or misrepresentative of our actual practices, which could, individually or in the aggregate, materially and adversely affect our business, financial condition and results of operations.
Risks Related to Legal, Regulatory, Accounting, and Tax Matters
Changes in U.S. tax law could adversely affect our business and financial condition.
The laws, rules and regulations dealing with U.S. federal, state, and local income taxation are constantly under review by persons involved in the legislative process and by the Internal Revenue Service and the U.S. Treasury Department. Changes to tax laws (which changes may have retroactive application) could adversely affect us or holders of our common stock. In recent years, many changes have been made to applicable tax laws and changes are likely to continue to occur in the future.
For example, the Tax Cuts and Jobs Act, or the TCJA, was enacted in 2017 and made significant changes to corporate taxation, including the reduction of the corporate tax rate from a top marginal rate of 35% to a flat rate of 21%, the limitation of the tax deduction for net interest expense to 30% of adjusted taxable income (except for certain small businesses), the limitation of the deduction for net operating losses from taxable years beginning after December 31, 2017 to 80% of current year taxable income and the elimination of net operating loss carrybacks generated in taxable years ending after December 31, 2017 (though any such net operating losses may be carried forward indefinitely), and the modification or repeal of many business deductions and credits, in each case, as modified by the CARES Act (as defined below). In addition, on March 27, 2020, former President Trump signed into law the “Coronavirus Aid, Relief, and Economic Security Act” or the “CARES Act”, which included certain changes in tax law intended to stimulate the U.S. economy in light of the COVID-19 coronavirus outbreak, including temporary beneficial changes to the treatment of net operating losses, interest deductibility limitations and payroll tax matters. Under the CARES Act, the limitation of the tax deduction for net operating losses to 80% of taxable income applies only to taxable years beginning after December 31, 2020 and net operating losses generated in 2018, 2019 and 2020 may be carried back five taxable years. Further, under the CARES Act, the limitation of the tax deduction for net interest expense to 30% of adjusted taxable income is increased to 50% of adjusted taxable income for 2019 and 2020.
It cannot be predicted whether, when, in what form, or with what effective dates, new tax laws may be enacted, or regulations and rulings may be enacted, promulgated, or issued under existing or new tax laws, which could result in an increase in our or our shareholders’ tax liability or require changes in the manner in which we operate in order to minimize or mitigate any adverse effects of changes in tax law or in the interpretation thereof.
The spin-off of Compuware and the spin-off of SIGOS were taxable transactions for us, and we are subject to tax liabilities in connection with such transactions.
Neither the spin-off of Compuware, or the Compuware Spin-Off, nor the spin-off of SIGOS, or the SIGOS Spin-Off, qualified as a tax-free spin-off under Section 355 or other provisions of the Internal Revenue Code, or the Code. Corporate-level U.S. federal, state and local taxes, were paid by us in connection with the Compuware Spin-Off and in connection therewith, Compuware distributed to us $265.0 million pursuant to a Master Structuring Agreement. These taxes were generally based upon the gain computed as the difference between the fair market value of the Compuware assets distributed and the adjusted tax basis in such assets. The actual amount of our tax liability relating to the Compuware Spin-Off included on the filed tax returns was $231.8 million. We did not have sufficient losses available to fully offset the gain we realized as a result of the Compuware Spin-Off. We do not believe we incurred any material tax liabilities in connection with the SIGOS Spin-Off because the estimated fair market value of the SIGOS assets was materially similar to the adjusted tax basis in such assets.
If the Internal Revenue Service or other taxing authorities were to successfully challenge in an audit or other tax dispute the amount of taxes owed in connection with the Compuware Spin-Off or the SIGOS Spin-Off, we could be liable for additional taxes, including interest and penalties. We would be responsible for any such additional amounts, and for the costs of responding to such challenge, which would not be reimbursed to us by Compuware. While we have obtained an insurance policy that provides coverage if the Internal Revenue Service or other taxing authorities assert that additional taxes are owed in connection with the Compuware Spin-Off, such policy is subject to certain limitations and exclusions, and we cannot offer any assurances that such policy will fully cover any additional taxes owed by us. We did not obtain a tax insurance policy relating to the SIGOS Spin-Off. Any tax liabilities determined to be owed by us relating to the Compuware Spin-Off or the SIGOS Spin-Off following an audit or other tax dispute may adversely affect our results of operations.
Federal and state fraudulent transfer laws may permit a court to void Compuware’s distribution to us to partially satisfy the estimated tax liability incurred by us from the Compuware Spin-Off.
On July 31, 2019, Compuware distributed $265.0 million to us to partially or wholly satisfy the estimated tax liability incurred by us in connection with the Compuware Spin-Off. Such distribution might be subject to challenge under federal and state fraudulent conveyance laws even if the distribution was completed. Under applicable laws, the distribution could be voided as a fraudulent transfer or conveyance if, among other things, the transferor received less than reasonably equivalent value or fair consideration in return for, and was insolvent or rendered insolvent by reason of, the transfer.
We cannot be certain as to the standards a court would use to determine whether or not Compuware was insolvent at the relevant time. In general, however, a court would look at various facts and circumstances related to the entity in question, including evaluation of whether or not (i) the sum of its debts, including contingent and unliquidated liabilities, was greater than the fair market value of all of its assets; (ii) the present fair market value of its assets was less than the amount that would be required to pay its probable liability on its existing debts, including contingent liabilities, as they become absolute and mature; or (iii) it could pay its debts as they become due.
If a court were to find that the distribution was a fraudulent transfer or conveyance, the court could void the distribution. In addition, the distribution could also be voided if a court were to find that it is not a legal distribution or dividend under applicable corporate law. The resulting complications, costs and expenses of either finding could materially adversely affect our financial condition and results of operations.
We are subject to a number of risks associated with global sales and operations.
Revenue from customers located outside of the United States represented 49%, 45% and 46% for the years ended March 31, 2021, 2020 and 2019, respectively. As a result, our sales and operations are subject to a number of risks and additional costs, including the following:
•increased expenses associated with international sales and operations, including establishing and maintaining office space and equipment for our international operations;
•fluctuations in exchange rates between currencies in the markets where we do business;
•risks associated with trade restrictions and additional legal requirements, including the exportation of our technology or source code that is required in many of the countries in which we operate;
•greater risk of unexpected changes in regulatory rules, regulations and practices, tariffs and tax laws and treaties;
•compliance with United States and foreign import and export control and economic sanctions laws and regulations, including the Export Administration Regulations administered by the United States Department of Commerce’s Bureau of Industry and Security and the executive orders and laws implemented by the United States Department of the Treasury’s Office of Foreign Asset Controls;
•compliance with anti-bribery laws, including the United States Foreign Corrupt Practices Act, and the U.K. Anti-Bribery Act;
•compliance with privacy, data protection and data security laws of many countries, including the EU’s GDPR, which became effective in May 2018, and the California Consumer Privacy Act, or CCPA, which became effective on January 1, 2020;
•heightened risk of unfair or corrupt business practices in certain geographies, and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;
•limited or uncertain protection of intellectual property rights in some countries and the risks and costs associated with monitoring and enforcing intellectual property rights abroad;
•greater difficulty in enforcing contracts and managing collections in certain jurisdictions, as well as longer collection periods;
•management communication and integration problems resulting from cultural and geographic dispersion;
•social, economic and political instability, epidemics and pandemics, terrorist attacks and security concerns in general; and
•potentially adverse tax consequences.
These and other factors could harm our ability to generate future global revenue and, consequently, materially impact our business, results of operations and financial condition.
Because we recognize revenue from our SaaS subscriptions and term licenses over the subscription or license term, downturns or upturns in new sales and renewals may not be immediately reflected in our operating results and may be difficult to discern.
For customers who purchase our Dynatrace platform, whether they purchase SaaS or a term license, we generally recognize revenue ratably over the term of their subscription. For customers who purchase a perpetual license, we generally recognize the license revenue ratably over three years. Thus, substantially all of the revenue we report in each quarter from the Dynatrace platform, which constituted over 90% of our total revenue reported for the year ended March 31, 2021, is derived from the recognition of revenue relating to contracts entered into during previous quarters. Consequently, a decline in new or renewed customer contracts in any single quarter may have a small impact on our revenue for that quarter. However, such a decline will negatively affect our revenue in future quarters. Accordingly, the effect of significant downturns in sales and market acceptance of our solutions, and potential changes in our rate of renewals, may not be fully reflected in our results of operations until future periods. In addition, a significant majority of our costs are expensed as incurred, while revenue is recognized over the life of the agreement with our customer. As a result, increased growth in the number of our customers could continue to result in our recognition of more costs than revenue in the earlier periods of the terms of our agreements.
Our revenue recognition policy and other factors may distort our financial results in any given period and make them difficult to predict.
Under accounting standards update No. 2014-09 (Topic 606), Revenue from Contracts with Customers, or ASC 606, we recognize revenue when our customer obtains control of goods or services in an amount that reflects the consideration that we expect to receive in exchange for those goods or services. Our subscription revenue consists of (i) SaaS agreements, (ii) term-based licenses for the Dynatrace® platform which are recognized ratably over the contract term, (iii) Dynatrace® perpetual license revenue that is recognized ratably or over the term of the expected optional maintenance renewals, which is generally three years, and (iv) maintenance and support agreements. A significant increase or decline in our subscription contracts in any one quarter may not be fully reflected in the results for that quarter, but will affect our revenue in future quarters.
Furthermore, the presentation of our financial results requires us to make estimates and assumptions that may affect revenue recognition. In some instances, we could reasonably use different estimates and assumptions, and changes in estimates are likely to occur from period to period. See the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations—Critical Accounting Policies—Revenue Recognition” included in Part II, Item 7 of this Annual Report.
Given the foregoing factors, our actual results could differ significantly from our estimates, comparing our revenue and operating results on a period-to-period basis may not be meaningful, and our past results may not be indicative of our future performance.
Changes in existing financial accounting standards or practices, or taxation rules or practices, may harm our operating results.
Changes in existing accounting or taxation rules or practices, new accounting pronouncements or taxation rules, or varying interpretations of current accounting pronouncements or taxation practice could harm our operating results or result in changes to the manner in which we conduct our business. Further, such changes could potentially affect our reporting of transactions completed and reported before such changes are effective.
United States Generally Accepted Accounting Principles, or GAAP, are subject to interpretation by the Financial Accounting Standards Board, or FASB, the Securities and Exchange Commission and various bodies formed to promulgate and interpret appropriate accounting principles. A change in these principles or a change in these interpretations could have a significant effect on our reported financial results and could affect the reporting of transactions completed before the announcement of a change. For example, ASC 606 is a newly adopted standard for revenue recognition in which the FASB’s Emerging Issues Task Force has taken up certain topics which may result in further guidance which we would need to consider in our related accounting policies.
Economic conditions and regulatory changes following the United Kingdom’s exit from the EU could have a material adverse effect on our business and results of operations.
The United Kingdom, or U.K., formally left the European Union, or the EU, on January 31, 2020, typically referred to as “Brexit.” Pursuant to the formal withdrawal arrangements agreed between the U.K. and EU, the U.K. was subject to a transition period until December 31, 2020 during which EU rules continued to apply. On December 24, 2020 the EU and the U.K. reached a Trade and Cooperation Agreement, provisionally applicable since January 1, 2021, which sets out preferential arrangements in areas such as trade in goods and in services, digital trade, intellectual property, public procurement, aviation and road transport, energy, fisheries, social security coordination, law enforcement and judicial cooperation in criminal matters, thematic cooperation and participation in EU programs. The uncertainty concerning the U.K.’s legal, political and economic relationship with the EU after the transition period may be a source of instability in international markets, create significant currency fluctuations and otherwise adversely affect trading agreements or similar cross-border cooperation arrangements, whether economic, tax, fiscal, legal, regulatory or otherwise. While the full effects of Brexit will not be known for some time, Brexit could cause disruptions to, and create uncertainty surrounding, our
business and results of operations. For example, following the transition period, the U.K. could lose the benefits of global trade agreements negotiated by the EU on behalf of its members, which may result in increased trade barriers that could make our doing business in the EU and the European Economic Area more difficult. Ongoing global market volatility and a deterioration in economic conditions due to uncertainty surrounding the future relationship between the U.K. and EU could significantly disrupt the markets in which we operate and lead our customers to closely monitor their costs and delay capital spending decisions.
Additionally, Brexit has resulted in the strengthening of the U.S. dollar against foreign currencies in which we conduct business. Although this strengthening has been somewhat ameliorated by the implementation of the transition period, because we translate revenue denominated in foreign currency into U.S. dollars for our financial statements, during periods of a strengthening U.S. dollar, our reported revenue from foreign operations is reduced. As a result of Brexit and the continued negotiations between the U.K. and EU, there may be further periods of volatility in the currencies in which we conduct business.
The effects of Brexit will depend on any agreements the U.K. makes to retain access to EU markets following the transition period. The measures could potentially disrupt the markets we serve and may cause us to lose customers and employees. In addition, Brexit could lead to legal uncertainty and potentially divergent national laws and regulations as the U.K. determines which EU laws to replace or replicate, which could present new regulatory costs and challenges.
Any of these effects of Brexit could materially adversely affect our business, results of operations and financial condition.
We may face exposure to foreign currency exchange rate fluctuations.
We have transacted in foreign currencies and expect to transact in foreign currencies in the future. In addition, our international subsidiaries maintain assets and liabilities that are denominated in currencies other than the functional operating currencies of these entities. Accordingly, changes in the value of foreign currencies relative to the U.S. dollar will affect our revenue and operating results due to transactional and translational remeasurement that is reflected in our earnings. As a result of such foreign currency exchange rate fluctuations, it could be more difficult to detect underlying trends in our business and results of operations. In addition, to the extent that fluctuations in currency exchange rates cause our results of operations to differ from our expectations or the expectations of our investors, the trading price of our common stock could be adversely affected. We do not currently maintain a program to hedge transactional exposures in foreign currencies. However, in the future, we may use derivative instruments, such as foreign currency forward and option contracts, to hedge certain exposures to fluctuations in foreign currency exchange rates. The use of such hedging activities may not offset any or more than a portion of the adverse financial effects of unfavorable movements in foreign exchange rates over the limited time the hedges are in place. Moreover, the use of hedging instruments may introduce additional risks if we are unable to structure effective hedges with such instruments.
Our sales to government entities are subject to a number of challenges and risks.
We sell our solutions to U.S. federal and state and foreign governmental agency customers, often through our resellers, and we may increase sales to government entities in the future. Sales to government entities are subject to a number of challenges and risks. Selling to government entities can be highly competitive, expensive and time consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. Contracts and subcontracts with government agency customers are subject to procurement laws and regulations relating to the award, administration, and performance of those contracts. Government demand and payment for our solutions are affected by public sector budgetary cycles and funding authorizations, with funding reductions or delays adversely affecting public sector demand for our solutions. We may be subject to audit or investigations relating to our sales to government entities, and any violations could result in various civil and criminal penalties and administrative sanctions, including termination of contracts, refunds of fees received, forfeiture of profits, suspension of payments, fines, and suspension or debarment from future government business including business with governmental agencies across the country involved. Government entities may have statutory, contractual or other legal rights to terminate contracts with our distributors and resellers for convenience or due to a default. Any of these risks relating to our sales to governmental entities could adversely impact our future sales and operating results.
We may acquire other businesses, products or technologies in the future which could require significant management attention, disrupt our business, dilute stockholder value and adversely affect our results of operations.
As part of our business growth strategy and in order to remain competitive, we may acquire, or make investments in, complementary companies, products or technologies. For example, in 2017 we acquired Qumram AG, a provider of session replay technology that captures end users’ digital experiences across browsers, interfaces and devices. We may not be able to find suitable acquisition targets in the future, and we may not be able to complete such acquisitions on favorable terms, if at all. If we do complete acquisitions, we may not ultimately strengthen our competitive position or achieve our goals, and any acquisitions we complete could be viewed negatively by our customers, securities analysts and investors. In addition, if we are unsuccessful at integrating such acquisitions or the technologies associated with such acquisitions, our revenue and results of operations could be adversely affected. In addition, while we will make significant efforts to address any information technology security and privacy compliance issues with respect to any acquisitions, we may still inherit such risks when we integrate the acquired products and systems as well as any personal information
that we acquire. Any integration process may require significant time and resources, and we may not be able to manage the process successfully. We may not successfully evaluate or utilize the acquired technology or personnel, or accurately forecast the financial impact of an acquired business, including accounting charges. We may have to pay cash, incur debt or issue equity securities to pay for any such acquisitions, each of which could adversely affect our financial condition or the value of our common stock. The sale of equity or issuance of debt to finance any such acquisitions could result in dilution to our stockholders. The incurrence of indebtedness would result in increased fixed obligations and could also include covenants or other restrictions that would impede our ability to manage our operations.
Our business is subject to a wide range of laws and regulations and our failure to comply with those laws and regulations could harm our business, operating results and financial condition.
Our business is subject to regulation by various federal, state, local and foreign governmental agencies, including agencies responsible for monitoring and enforcing employment and labor laws, workplace safety, product safety, environmental laws, consumer protection laws, privacy, cybersecurity and data protection laws, anti-bribery laws, import and export controls, federal securities laws and tax laws and regulations. In certain foreign jurisdictions, these regulatory requirements may be more stringent than those in the United States. These laws and regulations are subject to change over time and we must continue to monitor and dedicate resources to ensure continued compliance. Non-compliance with applicable regulations or requirements could subject us to litigation, investigations, sanctions, mandatory product recalls, enforcement actions, disgorgement of profits, fines, damages, civil and criminal penalties or injunctions. If any governmental sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results, and financial condition could be materially adversely affected. In addition, responding to any action will likely result in a significant diversion of management’s attention and resources and an increase in professional fees. Enforcement actions and sanctions could harm our business, operating results and financial condition.
We are subject to governmental export, import and sanctions controls that could impair our ability to compete in international markets due to licensing requirements and subject us to liability if we are not in compliance with applicable laws.
Our solutions are subject to export control and economic sanctions laws and regulations, including the U.S. Export Administration Regulations administered by the U.S. Commerce Department’s Bureau of Industry and Security and the economic and trade sanctions regulations administered by the U.S. Treasury Department’s Office of Foreign Assets Controls. Exports, re-exports and transfers of our software and services must be made in compliance with these laws and regulations. Obtaining the necessary authorizations, including any required license, for a particular sale may be time-consuming, is not guaranteed and may result in the delay or loss of sales opportunities. Changes in the encryption or other technology incorporated into our solutions or in applicable export or import laws and regulations may delay the introduction and sale of our solutions in international markets, prevent customers from deploying our solutions or, in some cases, prevent the export or import of our solutions to certain countries, regions, governments or persons altogether. Changes in sanctions, export or import laws and regulations, in the enforcement or scope of existing laws and regulations, or in the countries, regions, governments, persons or technologies targeted by such laws and regulations, could also result in decreased use of our solutions or in our ability to sell our solutions in certain countries. Even though we take precautions to prevent our solutions from being provided to restricted countries or persons, our solutions could be provided to those targets by our resellers or customers despite such precautions, and our customers may choose to host their systems including the Dynatrace platform using a hosting vendor that is a restricted person. The decreased use of our solutions or limitation on our ability to export or sell our solutions could adversely affect our business, while violations of these export and import control and economic sanctions laws and regulations could have negative consequences for us and our personnel, including government investigations, administrative fines, civil and criminal penalties, denial of export privileges, incarceration, and reputational harm.
Due to the global nature of our business, we could be adversely affected by violations of the U.S. Foreign Corrupt Practices Act, the U.K. Bribery Act or similar anti-bribery laws in other jurisdictions in which we operate.
The global nature of our business creates various domestic and local regulatory challenges. The Foreign Corrupt Practices Act, or FCPA, the U.K. Bribery Act and similar anti-bribery laws in other jurisdictions generally prohibit U.S.-based companies and their intermediaries from making improper payments for the purpose of obtaining or retaining business to non-U.S. officials, or in the case of the U.K. Bribery Act, to any person. In addition, U.S.-based companies are required to maintain records that accurately and fairly represent their transactions and have an adequate system of internal accounting controls. We operate in areas that experience corruption by government officials and, in certain circumstances, compliance with anti-bribery laws may conflict with local customs and practices. Changes in applicable laws could result in increased regulatory requirements and compliance costs that could adversely affect our business, financial condition and operating results. Although we take steps to ensure compliance, we cannot guarantee that our employees, resellers, agents, or other intermediaries will not engage in prohibited conduct that could render us responsible under the FCPA, the U.K. Bribery Act, or other similar laws or regulations in the jurisdictions in which we operate. If we are found to be in violation of these anti-bribery laws (either due to acts or inadvertence of our employees, or due to the acts or inadvertence of others), we could suffer criminal or civil penalties or other sanctions, which could have a material adverse effect on our business.
Our international operations subject us to potentially adverse tax consequences.
As a multinational corporation, we are subject to income taxes as well as non-income-based taxes, such as payroll, sales, use, value-added, net worth, property and goods and services taxes, in both the United States and various foreign jurisdictions. Our domestic and international tax liabilities are subject to the allocation of revenues and expenses in different jurisdictions and the timing of recognizing revenues and expenses. Additionally, the amount of income taxes paid is subject to our interpretation of applicable tax laws in the jurisdictions in which we file and changes to tax laws. Significant judgment is required in determining our worldwide provision for income taxes and other tax liabilities, and in determining the realizability of tax attributes such as foreign tax credits and other domestic deferred tax assets. From time to time, we are subject to income and non-income tax audits. While we believe we have complied with all applicable income tax laws, there can be no assurance that a governing tax authority will not have a different interpretation of the law and assess us with additional taxes. Should we be assessed with additional taxes, there could be a material adverse effect on our business, operating results, and financial condition.
Our future effective tax rate may be affected by such factors as changes in tax laws, regulations, or rates, changing interpretation of existing laws or regulations, the impact of accounting for share-based compensation, the impact of accounting for business combinations, changes in our international organization, and changes in overall levels of income before tax. In addition, in the ordinary course of our global business, there are many intercompany transactions and calculations where the ultimate tax determination is uncertain. Although we believe that our tax estimates are reasonable, we cannot ensure that the final determination of tax audits or tax disputes will not be different from what is reflected in our historical income tax provisions and accruals.
Taxing authorities may successfully assert that we should have collected or in the future should collect sales and use, value added or similar taxes, and we could be subject to liability with respect to past or future sales, which could adversely affect our results of operations.
We do not collect sales and use, value added and similar taxes in all jurisdictions in which we have sales, based on our belief that such taxes are not applicable. Sales and use, value added, and similar tax laws and rates vary greatly by jurisdiction. Certain jurisdictions in which we do not collect such taxes may assert that such taxes are applicable, which could result in tax assessments, penalties and interest, and we may be required to collect such taxes in the future. Such tax assessments, penalties, and interest or future requirements may adversely affect our results of operations.
Risks Related to Our Common Stock
The trading price of our common stock has been, and may continue to be, volatile and you could lose all or part of your investment.
Our initial public offering occurred in August 2019, and we effected follow-on public offerings by selling stockholders in December 2019, February 2020, June 2020 and August 2020. There has only been a public market for our common stock for a short period of time. Our share price has been and in the future may be subject to substantial volatility.
Technology stocks have historically experienced high levels of volatility. The trading price of our common stock has fluctuated substantially. Since shares of our common stock were sold in our initial public offering in August 2019 at a price of $16.00 per share, our stock price has fluctuated significantly, ranging from an intraday low of $17.05 to an intraday high of $56.94 through March 31, 2021. Factors that could cause fluctuations in the trading price of our common stock include the following:
•announcements of new products or technologies, commercial relationships, acquisitions or other events by us or our competitors;
•changes in how customers perceive the benefits of our platform;
•shifts in the mix of billings and revenue attributable to perpetual licenses, term licenses and SaaS subscriptions from quarter to quarter;
•departures of our CEO, one or more executive officers, senior management or other key personnel;
•price and volume fluctuations in the overall stock market from time to time;
•fluctuations in the trading volume of our shares or the size of our public float;
•sales of large blocks of our common stock, including by the Thoma Bravo Funds;
•actual or anticipated changes or fluctuations in our operating results;
•whether our operating results meet the expectations of securities analysts or investors;
•changes in actual or future expectations of investors or securities analysts;
•litigation, data breaches or security incidents involving us, our industry or both;
•regulatory developments in the United States, foreign countries or both;
•general economic conditions and trends; and
•major catastrophic events in our domestic and foreign markets.
In addition, if the market for technology stocks or the stock market in general experiences a loss of investor confidence, the trading price of our common stock could decline for reasons unrelated to our business, operating results or financial condition. The trading price of our common stock might also decline in reaction to events that affect other companies in our industry even if these events do not directly affect us. In the past, following periods of volatility in the trading price of a company’s securities, securities class action litigation has often been brought against that company.
If securities analysts were to downgrade our stock, publish negative research or reports or fail to publish reports about our business, our competitive position could suffer, and our stock price and trading volume could decline.
The trading market for our common stock, to some extent, depends on the research and reports that securities analysts may publish about us, our business, our market or our competitors. We do not have any control over these analysts. If one or more of the analysts who cover us should downgrade our stock or publish negative research or reports, cease coverage of our company or fail to regularly publish reports about our business, our competitive position could suffer, and our stock price and trading volume could decline.
The requirements of being a public company, including compliance with the reporting requirements of the Exchange Act, and the requirements of the Sarbanes-Oxley Act and the NYSE, may strain our resources, increase our costs and distract management, and we may be unable to comply with these requirements in a timely or cost-effective manner.
As a public company, we are subject to laws, regulations and requirements with which we were not required to comply as a private company, including compliance with reporting requirements of the Exchange Act and the requirements of the Sarbanes-Oxley Act and the NYSE. As a newly public company, complying with these statutes, regulations and requirements occupies a significant amount of time of our board of directors and management and has significantly increased our costs and expenses as compared to when we were a private company. For example, as a newly public company, we have had to institute a more comprehensive compliance function, establish new internal policies, such as those relating to insider trading, and involve and retain to a greater degree outside counsel and accountants.
Furthermore, as of March 31, 2021 we were no longer considered to be an emerging growth company, and we are now required to comply with Section 404 of the Sarbanes-Oxley Act. Compliance with these requirements may strain our resources, increase our costs and distract management, and we may be unable to comply with these requirements in a timely or cost-effective manner.
We previously identified a material weakness in our internal control over financial reporting and may identify additional material weaknesses in the future or otherwise fail to maintain an effective system of internal controls, which may result in material misstatements of our financial statements or cause us to fail to meet our periodic reporting obligations.
As a public company, we are required to maintain internal control over financial reporting and to report any material weaknesses in such internal control. Section 404 of the Sarbanes-Oxley Act of 2002, or the Sarbanes-Oxley Act, requires that we evaluate and determine the effectiveness of our internal control over financial reporting, and our independent registered public accounting firm is required to audit such internal control.
In connection with the audit of our financial statements as of and for the fiscal year ended March 31, 2020, we and our independent registered public accounting firm identified a material weakness in our internal control over financial reporting. This material weakness is related to accounting for income taxes in connection with the preparation and review of our global tax provision, and particularly in the area of realizability of tax attributes such as foreign tax credits and other domestic deferred tax assets. During the fiscal year ended March 31, 2021, we completed the remediation measures related to the material weakness and concluded that our internal control over financial reporting was effective as of March 31, 2021. Completion of remediation does not provide assurance that our remediation or other controls will continue to operate properly. If we are unable to maintain effective internal control over financial reporting or disclosure controls and procedures, our ability to record, process and report financial information accurately, and to prepare financial statements within required time periods could be adversely affected, which could subject us to litigation or investigations requiring management resources and payment of legal and other expenses, negatively affect investor confidence in our financial statements and adversely impact our stock price.
Sales of substantial amounts of our common stock in the public markets, or the perception that such sales could occur, could reduce the market price of our common stock.
Sales of a substantial number of shares of our common stock in the public market, or the perception that such sales could occur, could adversely affect the market price of our common stock and may make it more difficult for you to sell your common stock at a time and price that you deem appropriate. For example, the Thoma Bravo Funds beneficially own 29.8% of our common stock and under
applicable federal securities laws may sell such shares in the public market without our advance knowledge or participation. If Thoma Bravo were to dispose of a substantial portion of our shares in the public market, whether in a single transaction or a series of transactions, it could reduce the trading price of our common stock In addition, any such sales, or the possibility that these sales may occur, could make it more difficult for us to sell shares of our common stock in the public market in the future.
Our issuance of additional capital stock in connection with financings, acquisitions, investments, our stock incentive plans or otherwise will dilute all other stockholders.
We may issue additional capital stock in the future that will result in dilution to all other stockholders. We may also raise capital through equity financings in the future. As part of our business strategy, we may acquire or make investments in complementary companies, products or technologies and issue equity securities to pay for any such acquisition or investment. Any such issuances of additional capital stock may cause stockholders to experience significant dilution of their ownership interests and the per share value of our common stock to decline.
Thoma Bravo has significant influence over matters requiring stockholder approval, which may have the effect of delaying or preventing changes of control, or limiting the ability of other stockholders to approve transactions they deem to be in their best interest.
Thoma Bravo, as the ultimate general partner of the Thoma Bravo Funds, beneficially owns in the aggregate 29.8% of our issued and outstanding shares of common stock as of March 31, 2021. As a result, Thoma Bravo will continue to be able to exert significant influence over our operations and business strategy as well as matters requiring stockholder approval. These matters may include:
•the composition of our board of directors, which has the authority to direct our business and to appoint and remove our officers;
•approving or rejecting a merger, consolidation or other business combination;
•raising future capital; and
•amending our charter and bylaws, which govern the rights attached to our common stock.
Additionally, for so long as Thoma Bravo beneficially owns at least (i) 20% (but less than 30%) of our outstanding shares of common stock, Thoma Bravo will have the right to nominate a number of directors to our board of directors equal to the lowest whole number that is greater than 30% of the total number of directors (but in no event fewer than two directors); (ii) 10% (but less than 20%) of our outstanding shares of common stock, Thoma Bravo will have the right to nominate a number of directors to our board of directors equal to the lowest whole number that is greater than 50% of the total number of directors (but in no event fewer than one director); and (iii) at least 5% (but less than 10%) of our outstanding shares of common stock, Thoma Bravo will have the right to nominate one director to our board of directors.
This concentration of ownership of our common stock could delay or prevent proxy contests, mergers, tender offers, open-market purchase programs or other purchases of our common stock that might otherwise result in the opportunity for stockholders to realize a premium over the then-prevailing market price of our common stock. This concentration of ownership may also adversely affect our share price.
Thoma Bravo may pursue corporate opportunities independent of us that could present conflicts with our and our stockholders’ interests.
Thoma Bravo is in the business of making or advising on investments in companies and holds (and may from time to time in the future acquire) interests in or provides advice to businesses that may directly or indirectly compete with our business or be suppliers or customers of ours. Thoma Bravo may also pursue acquisitions that may be complementary to our business and, as a result, those acquisition opportunities may not be available to us.
Our charter provides that none of our officers or directors who are also an officer, director, employee, partner, managing director, principal, independent contractor or other affiliate of Thoma Bravo will be liable to us or our stockholders for breach of any fiduciary duty by reason of the fact that any such individual pursues or acquires a corporate opportunity for its own account or the account of an affiliate, as applicable, instead of us, directs a corporate opportunity to any other person, instead of us or does not communicate information regarding a corporate opportunity to us.
We do not intend to pay dividends on our common stock and, consequently, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.
We have never declared or paid any dividends on our common stock. We intend to retain any earnings to finance the operation and expansion of our business, and we do not anticipate paying any cash dividends in the foreseeable future. As a result, you may only receive a return on your investment in our common stock if the market price of our common stock increases.
Our charter and bylaws contain anti-takeover provisions that could delay or discourage takeover attempts that stockholders may consider favorable.
Our charter and bylaws contain provisions that could delay or prevent a change in control of our company. These provisions could also make it difficult for stockholders to elect directors who are not nominated by the current members of our board of directors or take other corporate actions, including effecting changes in our management. These provisions include:
•a classified board of directors with three-year staggered terms, which could delay the ability of stockholders to change the membership of a majority of our board of directors;
•directors may only be removed for cause, and subject to the affirmative vote of the holders of 66 2/3% or more of our outstanding shares of capital stock then entitled to vote at a meeting of our stockholders called for that purpose;
•the ability of our board of directors to issue shares of preferred stock and to determine the price and other terms of those shares, including preferences and voting rights, without stockholder approval, which could be used to significantly dilute the ownership of a hostile acquirer;
•allowing only our board of directors to fill vacancies on our board of directors, which prevents stockholders from being able to fill vacancies on our board of directors;
•a prohibition on stockholder action by written consent, which forces stockholder action to be taken at an annual or special meeting of our stockholders;
•the requirement that a special meeting of stockholders may be called only by our board of directors, the chairperson of our board of directors, our chief executive officer or our president (in the absence of a chief executive officer), which could delay the ability of our stockholders to force consideration of a proposal or to take action, including the removal of directors;
•the requirement for the affirmative vote of holders of at least 66 2/3% of the voting power of all of the then outstanding shares of the voting stock, voting together as a single class, to amend the provisions of our charter relating to the management of our business (including our classified board structure) or certain provisions of our bylaws, which may inhibit the ability of an acquirer to effect such amendments to facilitate an unsolicited takeover attempt;
•the ability of our board of directors to amend the bylaws, which may allow our board of directors to take additional actions to prevent an unsolicited takeover and inhibit the ability of an acquirer to amend the bylaws to facilitate an unsolicited takeover attempt;
•advance notice procedures with which stockholders must comply to nominate candidates to our board of directors or to propose matters to be acted upon at a stockholders’ meeting, which may discourage or deter a potential acquirer from conducting a solicitation of proxies to elect the acquirer’s own slate of directors or otherwise attempting to obtain control of us; and
•a prohibition of cumulative voting in the election of our board of directors, which would otherwise allow less than a majority of stockholders to elect director candidates.
Our charter also contains a provision that provides us with protections similar to Section 203 of the Delaware General Corporation Law, and prevents us from engaging in a business combination, such as a merger, with an interested stockholder (i.e., a person or group who acquires at least 15% of our voting stock) for a period of three years from the date such person became an interested stockholder, unless (with certain exceptions) the business combination or the transaction in which the person became an interested stockholder is approved in a prescribed manner. However, our charter also provides that transactions with Thoma Bravo, including the Thoma Bravo Funds, and any persons to whom any Thoma Bravo Fund sells its common stock will be deemed to have been approved by our board of directors.
We may issue preferred stock the terms of which could adversely affect the voting power or value of our common stock.
Our charter authorizes us to issue, without the approval of our stockholders, one or more classes or series of preferred stock having such designations, preferences, limitations and relative rights, including preferences over our common stock respecting dividends and distributions, as our board of directors may determine. The terms of one or more classes or series of preferred stock could adversely impact the voting power or value of our common stock. For example, we might grant holders of preferred stock the right to elect some number of our directors in all events or on the happening of specified events or the right to veto specified transactions. Similarly, the repurchase or redemption rights or liquidation preferences we might assign to holders of preferred stock could affect the residual value of our common stock.
Our bylaws designate the Court of Chancery of the State of Delaware as the exclusive forum for certain litigation that may be initiated by our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
Pursuant to our bylaws, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware is the sole and exclusive forum for state law claims for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of or based on a breach of a fiduciary duty owed by any of our current or former directors, officers, or other employees to us or our stockholders, (3) any action asserting a claim against us or any of our current or former directors, officers, employees, or stockholders arising pursuant to any provision of the Delaware General Corporation Law or our bylaws, or (4) any action asserting a claim governed by the internal affairs doctrine, or, collectively, the Delaware Forum Provision. In addition, our bylaws provide that any person or entity purchasing or otherwise acquiring any interest in shares of our common stock is deemed to have notice of and consented to the foregoing provisions; provided, however, that stockholders will not be deemed to have waived our compliance with the federal securities laws and the rules and regulations thereunder. Our bylaws further provide that the U.S. District Court for the District of Massachusetts will be the sole and exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act, or the Federal Forum Provision, as our principal executive offices are located in Waltham, Massachusetts. The Delaware Forum Provision and the Federal Forum Provision may impose additional litigation costs on stockholders who assert the provision is not enforceable and may impose more general additional litigation costs in pursuing any such claims, particularly if the stockholders do not reside in or near the State of Delaware or the Commonwealth of Massachusetts. Additionally, the Delaware Forum Provision and Federal Forum Provision in our bylaws may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us. In addition, while the Delaware Supreme Court ruled in March 2020 that federal forum selection provisions purporting to require claims under the Securities Act be brought in federal court are “facially valid” under Delaware law, there is uncertainty as to whether courts in other states will enforce our Federal Forum Provision, and we may incur additional costs of litigation should such enforceability be challenged. If the Federal Forum Provision is found to be unenforceable in an action, we may incur additional costs associated with resolving such an action. The Federal Forum Provision may also impose additional litigation costs on stockholders who assert that the provision is not enforceable or invalid. The Court of Chancery of the State of Delaware may also reach different judgments or results than would other courts, including courts where a stockholder considering an action may be located or would otherwise choose to bring the action, and such judgments may be more or less favorable to us than our stockholders.