GSB Globalscape Inc

Item 1A. Ri sk Factors

We have described below risks we are aware of that could have a material adverse effect on our business, financial results of operations and financial condition and the value of our stock owned by our stockholders.

Risks Related to Our Operations

A significant portion of our revenue is generated through maintenance and support services. Decreases in maintenance and support sales or renewal rates, or a decrease in the number of new licenses we sell, will negatively impact our future revenue and financial results.

Revenue from maintenance and support services, or M&S, comprised 63% and 61% of our total revenue in 2018 and 2017, respectively. We earn M&S revenue from new M&S contracts, typically sold with new software licenses, and from renewals of such contracts. Any reduction in the number of new software licenses that we sell, or a reduction in sales of associated initial M&S contracts, therefore may have a long-term negative impact on our future M&S revenue, even if our customers continue to renew M&S contracts at historical rates. This situation, in turn, would impact our business and harm our financial results.

Our customers have no obligation to purchase M&S with their initial software license or to renew their M&S contract after the expiration of their initial M&S period, which is typically one year, but may also be for two or three years. Our customers’ purchases of M&S, and our renewal rates, may decline or fluctuate as a result of a number of factors, including the overall global economy, the health of their businesses, customer dissatisfaction with our products’ functionality, features or performance, the level and quality of our M&S services, or pricing, and the perceived value of the M&S program. Renewal rates may also change due to competitors’ product offerings, customers converting to in-house developed solutions, customers’ inability to continue their operations and spending levels, migration path issues for new versions of our products, and other factors, a number of which are beyond our control. If our customers do not purchase M&S with their initial software license or do not renew their M&S contract for our products, our M&S revenue will decline and our financial results will suffer. In addition, customers are generally entitled to a reduced annual maintenance fees for entering into long-term maintenance contracts, i.e. those contracts with a term longer than one year. Declines in our license sales, increases in the proportion of long-term maintenance contracts and/or increased discounting could lead to declines in our M&S revenue growth rates. Should customers migrate away from systems and applications which our products support, utilize alternatives to our products, including solutions offering free maintenance, or become dissatisfied with our maintenance services, increased cancellations could lead to declines in our maintenance revenue.

If we are unable to develop, offer and deliver new and enhanced products and services that achieve widespread market acceptance, or if we are unable to continually improve the performance, features, and reliability of our existing products and services, our business and operating results could be adversely affected.

We believe our industry will continue to evolve in response to continued adoption of mobile devices, acceptance of cloud-based SaaS products, and the growth of big data. In response, we have devoted resources to the development of new solutions, such as our SaaS solutions. We are making such investments through our internal efforts, including further development and enhancement of our existing products. We may also make acquisitions of new product lines. Innovation, new product development or acquisition, and go-to-market activities involve a significant commitment of time and resources and are subject to a number of risks and challenges including:

Investments in new products may not result in sufficient revenue generation to justify their costs or may cause short or long-term harm to our financial results. For example, customer adoption of our SaaS products has not occurred as rapidly as anticipated, or competitors may introduce new products and services that achieve acceptance among our current customers thereby adversely affecting our competitive position, or we may not be successful in future attempts to achieve disruptive innovation.

Our executive management team must act quickly, continuously and with vision due to the rapid speed of changing customer expectations and advancement of technology inherent in the software industry, the extensive and complex efforts required to create useful and widely accepted products, the rapid evolution of cloud computing, mobile devices, new computing platforms, and the creation of other new technologies. Although we have adopted a strategy that we believe will fulfill these challenges, if we fail to internalize and execute properly on that strategy or adapt that strategy as market conditions evolve, we may fail to meet our customers’ expectations, fail to compete with our competitors’ products and technology, and lose the confidence of our channel partners and employees. Such circumstances could adversely affect our business and financial performance.

We earn most of our revenue and operating margins from our Enhanced File Transfer licensed software solution suite and related maintenance and support services and, as a result, are highly dependent upon the continued success of this product line.

Our Enhanced File Transfer product platform, or EFT platform, is our MFT solution targeted primarily to the enterprise and small and medium business user environments. Our customers may purchase EFT as an on-premise license or may subscribe to it as software-as-a-service (or SaaS). License (both on-premise and SaaS), M&S, and professional services revenue from this product line was responsible for 96% and 95% of our total revenue in 2018 and 2017, respectively. Our EFT product has provided substantially all of our recent revenue growth and most of the operating margin necessary to fund our operations including, most notably, our sales and marketing and research and development activities. Declines and variability in demand for our EFT products could occur as a result of:

Due to our product concentration, our business, results of operations, financial condition, and cash flows would be adversely affected by a decline in demand for the EFT solution suite.

We rely on third parties to provide us with a number of operational services, including hosting and delivery of our SaaS products, certain of our customer support services, and other operations. Any interruption or delay in service from these third parties, breaches of security or privacy, or failures in data collection could expose us to liability, harm our reputation and adversely impact our financial performance.

We rely on hosted computer services from third parties for certain services that we provide our customers. As we gather customer data and host certain customer data in third-party facilities, a security breach could compromise the integrity or availability or result in the theft of customer data. In addition, our operations could be negatively affected in the event of a security breach, and we could be subject to the loss or theft of confidential or proprietary information.

Unauthorized access to this data may be obtained through break-ins, breach of our secure network by an unauthorized party, employee theft or misuse, or other misconduct. We rely on a number of third-party suppliers in the operation of our business for the provisioning of various services and materials that we use in the production of our products. Although we seek to diversify our third-party suppliers, we may from time to time rely on a single or limited number of suppliers, or upon suppliers in a single country, for these services or materials. The inability of such third parties to satisfy our requirements could disrupt our business operations or make it more difficult for us to implement our business strategy. If any of these situations were to occur, our reputation could be harmed, we could be subject to third-party liability, including under data protection and privacy laws in certain jurisdictions, and our financial performance could be negatively impacted.

If we are unable to generate significant volumes of sales leads from our various marketing and demand generation efforts then our revenue may not grow as expected or may decline.

We generate leads through various marketing activities such as targeted email campaigns, attending networking-based trade shows, purchasing information and services from third-party experts in generating leads, and hosting webinars on enterprise IT management issues. Our marketing efforts may be unsuccessful, resulting in fewer sales leads. If we fail to generate a sufficient volume of leads from these activities and/or such sales leads do not result in actual sales, our revenue may not grow as expected or could decrease and our operating results could suffer.

Some of our sales leads are generated through visits to our websites by potential end-users interested in purchasing or downloading evaluations of our products. Many of these potential end-users find our websites by searching for secure file transfer products through Internet search engines, such as Google. A critical factor in attracting potential customers to our websites is how prominently our websites are displayed in response to search inquiries. If we are listed less prominently or fail to appear in search result listings for any reason, visits to our websites by customers and potential customers could decline significantly. We may not be able to replace this traffic, and, if we attempt to replace this traffic, we may be required to increase our sales and marketing expenses, which may not be offset by additional revenue and could adversely affect our operating results.

Our sales cycles can be long and unpredictable, and our sales efforts require considerable time and expense. As a result, our sales and revenue are difficult to predict and may vary substantially from period to period, which may cause our results of operations to fluctuate significantly. 

Our results of operations may fluctuate, in part, because of the resource intensive nature of our sales efforts, the length and variability of our sales cycle, and the short-term difficulty in adjusting our operating expenses. Our results of operations depend in part on sales to large organizations. The length of our sales cycle, from proof of concept to delivery of and payment for our products, is typically three to nine months but can be more than a year. If our competitors offer or develop products that our prospective customers may want to compare to our products, that situation could cause our average sales cycle to become longer. Because the length of time required to close a sale varies substantially from customer to customer, it is difficult to accurately predict when, or even if, we will make a sale to a potential customer. As a result, large individual sales have, in some cases, occurred in periods subsequent to those periods in which we anticipated they would occur or have not occurred at all. The loss or delay of one or more large transactions in a period could impact our results of operations for that period and any future periods for which revenue from that transaction is delayed. As a result of these factors, it is difficult for us to forecast accurately our revenue for any particular period in the future. Because a substantial portion of our expenses are relatively fixed in the short term, our results of operations will suffer if our revenue falls below expectations in a particular period, which could cause the price of our common stock to decline.

We may acquire new products, capabilities or entire business enterprises in the future that could give rise to risks and challenges that could adversely affect our future financial results.

Acquisitions of new products, capabilities or entire business enterprises involve a number of risks and challenges, including:

The ongoing integration of any acquired products, capabilities or entire business enterprises involves continually determining and leveraging the actual market synergies, sustaining and even extending the business performance of the acquired entity, implementing our technology systems in the acquired operations, and integrating and managing the personnel related to the acquired products and/or operations. We also must continue to effectively integrate the different cultures of acquired business organizations into our own culture in a way that aligns various interests.

Any of the foregoing, and other factors, could harm our ability to achieve anticipated levels of financial performance or to realize other anticipated benefits of an acquisition. In addition, because acquisitions of technology-based products and companies are inherently risky, no assurance can be given that our previous, current, or future acquisitions will be successful and will not adversely affect our business, operating results, or financial condition.

Our ability to sell our products is highly dependent on the quality of our support and services offerings. Our failure to offer high-quality support and services could have a material and adverse effect on our business and results of operations.

Once our products are deployed for use by our customers, our customers may depend on our support organization and our channel partners to resolve issues relating to our products. High-quality support is critical for the successful marketing and sale of our products. If we or our channel partners do not assist our customers in deploying our products effectively, succeed in helping our customers resolve post-deployment issues quickly, or provide ongoing support, it could adversely affect our ability to sell our products to existing customers and could harm our reputation. As we expand our operations internationally, our support organization will face additional challenges, including those associated with delivering support, training and documentation in languages other than English. Our failure or the failure of our channel partners to maintain high-quality support and services could have a material and adverse effect on our business and operating results.

The transition from an on-premise to a cloud-based, SaaS subscription business model is subject to numerous risks and uncertainties. 

We believe some customers and potential purchasers of our products are evaluating MFT via the cloud. Some will choose to embrace cloud delivery as a complete MFT solution or possibly employ a hybrid architecture. This potential shift in customer preferences, and our pursuit of a SaaS strategy, may give rise to a number of risks, including the following:

The potential shift of our customers’ preference to cloud-based, SaaS solutions may also require a considerable investment of technical, financial, legal and sales resources, and a scalable organization. Market acceptance of such offerings is affected by a variety of factors, including but not limited to: security, reliability, scalability, customization, performance, current license terms, customer preference, customer concerns with entrusting a third party to store and manage their data, public concerns regarding privacy and the enactment of restrictive laws or regulations.

If we are unable to successfully establish our cloud-based solutions and navigate our business model transition in light of the foregoing risks and uncertainties, our results of operations could be negatively impacted.

Cloud-based computing trends present competitive and execution risks.

Customers are transitioning to a hybrid computing environment utilizing various cloud-based software and services accessed via various smart client devices. Pricing and delivery models are evolving and our competitors are developing and deploying cloud-based services for customers. We are devoting resources to develop and deploy our own competing cloud-based software and services strategies. While we believe our expertise and investments in software for cloud-based services provide us with a strong foundation to compete, it is uncertain whether our strategies will attract the customers or generate the revenue required to be successful. Delivering our products through cloud-based, SaaS solutions requires that we pay third parties, such as Microsoft Azure, to host our products and make them available to our customers. As a result, we incur ongoing, recurring third-party hosting expenses associated with delivering SaaS solutions that we do not incur with respect to our on-premise license products. These expenses may cause the gross margin we realized from our SaaS software products to be lower than the gross margin we realized from our on-premises software products. Whether we are successful in this new business model depends on our execution in a number of areas, including:

These new business models may reduce our revenues or operating margins and could have a material adverse effect on our business, results of operations and financial condition.

We must keep up with rapid and ongoing technological change to remain competitive in the rapidly evolving cloud-based technology industry.

The cloud-based technology industry is characterized by rapid and ongoing technological change, frequent new product and service introductions, and evolving industry standards. Our future success will depend on our ability to adapt quickly to rapidly changing technologies, to adapt our solutions to evolving industry standards and to improve the performance and reliability of our applications and services. To maintain and increase market acceptance of our applications and services, we must anticipate customer needs and offer solutions that meet changing demands quickly and effectively. Customers may require features and functionality that our current applications and services do not have or that our platforms are not able to support. If we fail to develop solutions that satisfy customer preferences in a timely and cost-effective manner, our ability to renew our agreements with existing customers and our ability to increase demand for our solutions will be harmed.

If we are required to, and fail to successfully manage any changes to our business model, including the transition of our products to cloud offerings, our results of operations could be harmed.

We are beginning to transition from an on-premise to a cloud-based, SaaS subscription business model. This adjustment to our business model requires a considerable investment of technical, financial, legal and sales resources. Our transition to cloud offerings will continue to divert resources and increase costs, especially in cost of license and other revenues, in any given period. Such investments may not improve our long-term growth and results of operations. Further, the increase in some costs associated with our cloud services may be difficult to predict over time, especially in light of our lack of historical experience with the costs of delivering cloud-based versions of our applications. We may assume greater responsibilities for implementation related services during this transition. As a result, we may face risks associated with new and complex implementations, the cost of which may differ from original estimates. The consequences in such circumstances could include: monetary credits for current or future service engagements, reduced fees for additional product sales, and a customer’s refusal to pay its contractually-obligated subscription or service fees.

Offering cloud services may result in the loss of other business opportunities and negatively impact our revenue growth.

We have allocated resources related to our sales and marketing activities, software product development, management team and other personnel toward growing our cloud business. This strategic direction and redirection of resources could potentially result in the loss of sales opportunities in our traditional perpetual license and M&S sales business. If our cloud business does not grow in accordance with our expectations and we are not able to cover the shortfall with other sales opportunities, then our business could be harmed. Although the subscription model used for our cloud business is designed to create a recurring revenue stream that is more predictable, the shift to this model may reduce our license sales, spread revenue over a longer period and negatively affect future license and M&S sales revenue.

Subscription offerings create risks related to the timing of revenue recognition.

Although the subscription model is designed to increase the number of customers who purchase our products and services and create a recurring revenue stream that is more predictable, it creates certain risks related to the timing of revenue recognition and potential reductions in cash flows.

A decline in new or renewed subscriptions in any period may not be immediately reflected in our reported financial results for that period but may result in a decline in our revenue in future periods. If we were to experience significant downturns in subscription sales and renewal rates, our reported financial results might not reflect such downturns until future periods. Our subscription model could also make it difficult for us to rapidly increase our revenues from subscription or SaaS-based services through additional sales in any period as revenue from new customers will be recognized over the applicable subscription term. Increases in sales under our subscription sales model could result in decreased revenues over the short term if they are offset by a decline in sales from perpetual license customers.

Our cloud and SaaS offerings bring additional business and operational risks.

We offer delivery of several of our products using a SaaS model. Our SaaS offerings provide our customers with existing and new software management through a cloud service as opposed to traditional on-premises software deployments. There can be no assurance that SaaS revenue will be significant in the future despite our levels of investment in developing this product delivery method. Margins associated with our SaaS offerings are generally lower than margins associated with our on-premises solutions.

SaaS subscription arrangements are under month-to-month agreements. Accordingly, our customers generally have no long-term obligation to us and may cancel their SaaS subscription at any time. Even if our customers are satisfied with our SaaS products and services, they may elect not to continue their SaaS subscription. Renewal rates in the future may differ from historical trends such that we may not be able to accurately predict customer renewal rates. Our customers’ renewal rates may decline or fluctuate as a result of a number of factors, including their level of satisfaction with our services and their ability to continue their operations and spending levels. If we experience a decline in the renewal rates for our customers or they opt for lower-priced editions of our offerings or fewer subscriptions, our operating results may be adversely impacted.

There is a risk that we could find it difficult or costly to support both traditional software installed by customers and software delivered as a service. To the extent that our SaaS offerings are defective or there are disruptions to our services, demand for our SaaS offerings could diminish, and we could be subject to substantial liability.

Interruptions or delays in service from our third-party service delivery hosts could impair the delivery of our services and harm our business. If we or our third-party service delivery hosts experience security breaches and unauthorized access is obtained to a customer’s data or our data, our services may be perceived as not being secure, customers may curtail or stop using our services, and we may incur significant legal and financial exposure and liabilities.

SaaS software solutions can be complex, and the deployment of our secure file transfer solutions in the desired manner may require additional professional services and implementation services for which we may not have the ability to provide at an appropriate margin. Our SaaS products are dependent upon third-party hardware, software and hosting vendors, all of which must interoperate for end users to achieve their computing goals. We expect other companies to enter this market and to introduce their own initiatives that may compete with, or not be compatible with, our cloud solutions.

If any of these events were to occur, our business, results of operations and financial condition could be adversely affected.

If we fail to manage our sales and distribution channels effectively, our operating results could be adversely affected.

We sell our software products both directly and through a network of distributors and resellers that we collectively refer to as the channel, as well as through marketplaces such as Amazon Web Services and Microsoft Azure. Sales through these different methods involve distinct risks. Risks associated with direct sales include:

From time-to-time, we make significant changes in the organizational structure and compensation plans of our sales organization, which may increase the risk of sales personnel turnover. To the extent that we experience turnover within our direct sales force or sales management, there is a risk that the productivity of our sales force would be negatively impacted which could lead to revenue declines. Turnover within our sales force can cause disruption in sales cycles leading to delay or loss of business. It can take time to implement new sales management plans and to effectively recruit and train new sales representatives. We review and modify our compensation plans for the sales organization periodically. Changes to our sales compensation plans could make it difficult for us to attract and retain top sales talent.

Sales through third-party distributors and resellers involve a number of risks, including:

For 2018 and 2017, approximately 35% of our revenue was derived from indirect channel sales through distributors and resellers. We expect that a significant portion of our revenue will continue to be derived from indirect channel sales in the future. Our ability to effectively distribute our products through those channels depends in part upon the financial and business condition of our distributor and reseller network. Computer software distributors and resellers typically are not highly capitalized, have previously experienced difficulties during times of economic contraction, and have experienced difficulties during the past several years. If our distributors and resellers were not be able to sustain their business at a level necessary to sell our products or provide customer support services, our business and revenue could be negatively impacted.

We rely upon major distributors and resellers in both the U.S. and international regions. Our largest distributor accounted for 14% of our total revenues in 2018 and 2017. Although we believe that we are not substantially dependent on this distributor, if it were to experience a significant disruption with its business or if our relationship with it were to deteriorate, it is possible that our ability to sell to our customers would be, at least temporarily, negatively impacted. This could, in turn, negatively impact our financial results.

Over time, we have modified and will continue to modify aspects of our relationship with our distributors and resellers, such as their incentive programs, pricing to them and our distribution model, to motivate and reward them for aligning their businesses with our strategy and business objectives. Changes in these relationships and underlying programs could negatively impact their business and/or harm our business. In addition, the loss of or a significant reduction in business with those distributors or resellers or the failure to achieve anticipated levels of sell-through with any one of our major international distributors or large resellers could harm our business. In particular, if one or more of such distributors or resellers were unable to meet their obligations with respect to our accounts receivable from them, we could be forced to write off such accounts receivables and may be required to delay the recognition of revenue on future sales to these customers. These events could have a material adverse effect on our financial results.

It may be difficult for us to recruit and retain software developers and other technical and management personnel because we are a relatively small company.

We compete intensely with other software development and distribution companies domestically and internationally as well as information technology departments supporting larger businesses all of whom strive to recruit and hire employees from a limited pool of qualified personnel. Some qualified candidates prefer to work for larger, better known companies or in another geographic area. In order to attract and retain personnel in a competitive marketplace, we believe that we must provide a competitive compensation package, including cash, equity-based compensation, and other employee benefits including medical insurance and healthcare plans. The volatility in our stock price may from time to time adversely affect our ability to recruit or retain employees. In addition, we may be unable to obtain required stockholder approvals of future increases in the number of shares available for issuance under our equity compensation plans. Also, accounting rules require us to treat the issuance of employee stock options and other forms of equity-based compensation as compensation expense. As a result, we may decide to issue fewer equity-based incentives and may be impaired in our efforts to attract and retain necessary personnel. If we are unable to hire and retain qualified employees, or conversely, if we fail to manage employee performance or reduce staffing levels when required by market conditions, our business and operating results could be adversely affected.

Key personnel have left our company in the past. There likely will be additional departures of key personnel from time to time in the future. The loss of any key employee could result in significant disruptions to our operations, including adversely affecting the timeliness of product releases, the successful implementation and completion of company initiatives, the effectiveness of our disclosure controls and procedures and our internal control over financial reporting, and the results of our operations. Hiring, training, and successfully integrating replacement sales, engineering, and other personnel could be time consuming, may cause additional disruptions to our operations, and may be unsuccessful, which could negatively impact future revenues.

We may engage third parties to develop products on our behalf. These engagements may involve reliance on resources owned and managed by those third parties over which we have no direct control.

In addition to research and development of new products by our employees, we engage third parties from time-to-time to conceive, design and develop products on our behalf. Arrangements of this type involve high levels of risk as a result of inherent uncertainties about the timely delivery and ultimate viability of those products due to the reliance we must place on third parties to plan, perform and successfully complete work for us. These are processes for which we could have notably less direct control than if we performed the work ourselves. These arrangements involve our reliance on the ongoing financial viability of the enterprise performing the work. This risk is challenging to manage because we do not always have clear visibility as to the overall condition of the third-party enterprise. These risks could result in the product not being successfully completed within the expected timeframe, or at all. If actual results from these type of endeavors that we may undertake in the future differ materially from original and ongoing expectations, our business, operating results and financial position could be harmed.

Our ability to develop our software will be seriously impaired if we are not able to use our foreign subcontractors.

We rely on foreign subcontractors to help us develop some aspects of some of our software. If these programmers decided to stop working for us, or if we were unable to continue using them because of political or economic instability, we would have difficulty finding comparably skilled developers in a timely manner. In addition, we would likely have to pay considerably more for the same work, especially if we used U.S. personnel. If we could not replace the contract programmers, it could take us longer to develop certain products and product upgrades and at a higher cost.

Revenue from our Mail Express, Wide Area File Services, CuteFTP and TappIn product lines will likely continue to decline in the future and become a smaller part of our total revenue.

Revenue from our products and services other than our EFT solution was $1.2 million and $1.6 million in 2018 and 2017, respectively, and accounted for 3.4% and 4.6% of our total revenue in 2018 and 2017, respectively. As we increase our focus and emphasis on our EFT platform products, our revenue from these products will likely continue to decline. We incur costs and expenses supporting these products for our customers who are currently using them. If revenue from these products continues to decline, we may begin to incur losses from these products. The potential for such losses may cause us to decide to sell or discontinue one or more of these product lines. If we cannot effectively reduce our costs to support these products, or if see decide to sell one or more of these product lines but cannot find a buyer for them, we may begin incurring losses on these products that could materially affect our results of operations and financial condition.

Reliance on delivery of our products near or at the end of each quarter could cause our revenue for the applicable period to fall below expected levels.

As a result of customer buying patterns and the efforts of our sales force and channel partners to meet or exceed their sales objectives, we have historically received a substantial portion of orders from our customers and generated a substantial portion of revenue during the last few weeks of each period. A significant interruption in our IT systems, which manage critical functions such as order processing, trade compliance reviews, delivery of our products, billings, collections, revenue recognition, and financial reporting, among others, could result in delayed order fulfillment and decreased revenue for that period. If expected revenue at the end of any period is delayed for any reason, including the failure of anticipated purchase orders to materialize, our logistics or channel partners’ inability to deliver products prior to period-end to fulfill purchase orders received near the end of the period, our inability to release new products on schedule, any failure of our systems related to order review and processing, or any delays in product delivery based on trade compliance requirements, our revenue for that period could fall below our expectations and the estimates of market analysts, if any, which could adversely impact our business and results of operations and cause a decline in the trading price of our common stock.

Fluctuations in professional services revenue may be greater than experienced in previous reporting periods and have a disproportionate impact on our financial results. For example, increased professional services sales, especially to the government, may result in lower earnings as a percentage of revenue.

Our solution portfolio includes software licenses, subscription services, M&S, and professional services. Because they are relatively labor intensive, professional services typically have substantially lower margins than software license sales, M&S and subscription services. Professional services were 7% of our total revenue in both 2018 and 2017. However, this percentage can fluctuate significantly from period to period depending on the needs of our customers.

Depending on our mix of software licenses, subscription, M&S, and professional services revenue in a given reporting period, our earnings as a percentage of revenue may fluctuate from historical norms. For example, if we were to derive a relatively large (compared to historical norms) component of our revenue from professional services in a reporting period, earnings as a percentage of revenue may decline in that period due to lower margin contribution from those labor-intensive services as compared to software license, subscription, and M&S revenue.

We may not be able to compete effectively with larger, better-positioned companies, resulting in lower margins and loss of market share.

We operate in competitive markets that experience rapid technological developments, market consolidation, changes in industry standards, changes in customer requirements, and frequent new product introductions and product improvements by existing and new competitors. If we are unable to anticipate or react to these competitive challenges or if existing or new competitors take or gain additional market share in any of our markets, our competitive position could weaken, and we could experience a decrease in revenues that could adversely affect our business and operating results. To compete successfully, we must maintain a successful research and development effort to create new products and services and enhance existing products and services, effectively adapt to changes in the technology or product rights held by our competitors, appropriately respond to competitor strategies as such strategies become apparent, and effectively adapt to technological changes and changes in the ways that our information is accessed, used, and stored within our enterprise and consumer markets. If we are unsuccessful in responding to our competitors or to changing technological and customer demands, we could experience a negative effect on our competitive position and our financial results.

We compete with a variety of companies that have significantly greater revenues and financial resources, more partners, resellers and distribution channels than we have, and greater quantities of personnel and technical resources. For example, our EFT solution suite competes with products from IBM Sterling, Ipswitch, Axway and several other vendors. Our WAFS product competes with Riverbed Technology, Panzura, and Peer Sync. Large companies may be able to develop new technologies, across multiple solution spaces, and on more operating systems, more quickly than we can, to offer a broader array of products, and to respond more quickly to new opportunities, industry standards or customer requirements.

Additional competitors may enter the market and also may have significantly greater capabilities and resources than we do. Some existing competitors also may be able to adopt more aggressive pricing strategies. For example, Ipswitch provides an older version of its consumer file transfer protocol program for free for non-commercial use, and Microsoft includes file transfer protocol functionality in its Internet browser, which it also distributes for free. Increased competition may result in lower operating margins and loss of market share.

As we develop new products or new features, functions and capabilities for existing products, we capitalize certain of our costs related to those activities and defer the expense arising from those activities to future periods.

In accordance with GAAP, we capitalize certain of our costs related to the development of new products or new features, functions and capabilities for existing products. We present these capitalized costs as an asset on our balance sheet. We amortize these costs to expense in future periods after these work products are completed and released for sale so as to match these expenses the associated revenue we earn in the future. If we were to deem these capitalized costs not to be realizable through future revenue and accordingly had to reduce the carrying value of these assets, possibly to zero, we could incur significant expenses earlier than anticipated.

Our products are complex and operate in a wide variety of computer configurations, which could result in errors or product failures.

Addressing MFT both on-premise licenses and SaaS models typically requires complex products. Undetected errors, failures, or bugs may occur, especially when products are first introduced or when new versions are released. Our products are often installed and used in large-scale computing environments with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures in our products or may expose undetected errors, failures, or bugs in our products. Our customers’ computing environments also are often characterized by a wide variety of standard and non-standard configurations that make pre-release testing for programming or compatibility errors difficult and time-consuming. In addition, despite testing by us and others, errors, failures, or bugs may not be found in new products or releases until after commencement of commercial shipments. In the past, we have discovered software errors, failures, and bugs in certain of our product offerings after their introduction and have experienced delayed or lost revenues during the time required to correct these errors.

Errors, failures, or bugs in products released by us could result in negative publicity, product returns, loss of or delay in market acceptance of our products, loss of competitive position, or claims by customers or others. Many of our end-user customers use our products in applications that are critical to their businesses and may have a greater sensitivity to defects in our products than to defects in other, less critical, software products. In addition, if an actual or perceived breach of information integrity or availability occurs in one of our end-user customer’s systems, regardless of whether the breach is attributable to our products, the market perception of the effectiveness of our products could be harmed. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions, delays, or cessation of our product licensing, which could cause us to lose existing or potential customers and could adversely affect our operating results.

Our business is subject to the risks of warranty claims, product returns, product liability and product defects.

Real or perceived errors, failures or defects in our products could result in claims by customers for losses that they sustain. If customers make these types of claims, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to help correct the problem. Liability provisions in our standard terms and conditions of sale, and those of our resellers and distributors, may not be enforceable under some circumstances or may not fully or effectively protect us from customer claims and related liabilities and costs, including indemnification obligations under our agreements with resellers and distributors. The sale and support of our products also entail the risk of product liability claims. We maintain insurance to protect against certain types of claims associated with the use of our products, but our insurance coverage may not adequately cover any such claims. Even claims that ultimately are unsuccessful could result in expenditures of funds in connection with litigation and divert management’s time and other resources.

Turmoil and uncertainty in U.S. and international economic markets could adversely affect our business and operating results.

Demand for our products depends in large part upon the level of capital and maintenance expenditures by many of our customers. Economic downturns could have an adverse effect on spending on information technology projects since in such environments, prospects and customers may reduce, sometimes greatly, their discretionary spending to focus on preserving mandatory spending budgets.

These adverse impacts to customer spending may be directly, and adversely, reflected in our future business and operating results because we believe a substantial part of their MFT spending budget is considered discretionary by our prospects and customers. The perception of MFT solutions spending as discretionary is further reinforced by the existence of low cost, or even free, products that deliver some subset of the capabilities found in our solutions. In the event of an economic downturn, some customers may decide to defer spending for our solutions or may elect to obtain low cost or free “good enough” products as an interim measure. The potential adverse impacts of such decisions may persist for an extended period of time, even well into a period of economic recovery, given that many prospects will not change their IT infrastructure for a considerable period of time after that infrastructure has been installed and is operating adequately.

Adverse financial results from another economic downturn and uncertainty could include flat, or even decreasing, sales, lower gross and net margins, and impairment of current or future goodwill and long-lived assets. In addition, some of our customers could delay paying their obligations to us. Potentially reduced sales and margins and customer payment problems could limit our ability to fund research and development, marketing, sales, and other activities necessary to sustain and expand our market position.

In past economic downturns, we have sometimes experienced a decrease in our stock price. If investors have concerns that our business, financial condition and results of operations will be negatively impacted by another economic downturn, our stock price could decrease again.

Regardless of economic conditions, fluctuations in demand for our products and services are driven by many factors and a decrease in demand for our products could adversely affect our financial results.

We are subject to fluctuations in demand for our products and services due to a variety of factors, including competition, product obsolescence, technological change, budget constraints of our actual and potential customers, awareness of security threats to IT systems, and other factors. While such factors may, in some periods, increase product sales, fluctuations in demand can also negatively impact our product sales. If demand for our products declines, our revenues, as well as our gross and net margins, could be adversely affected.

Sales to the U.S. Government make up a portion of our business, and changes in government defense spending could have consequences on our financial position, results of operations and business.

Our revenues from the U.S. Government largely result from contracts awarded to us under various U.S. Government programs, primarily defense-related programs with the Department of Defense (“DoD”). The funding of our programs is subject to the overall U.S. Government foreign policy, budget and appropriation decisions, and processes which are driven by numerous factors, including geo-political events and macroeconomic conditions, and are beyond our control. Projected defense spending budgets are uncertain and difficult to predict.

Significant changes in defense spending could have long-term consequences for our size and structure. Changes in government priorities and requirements could impact the funding, or the timing of funding, of our programs which could negatively impact our results of operations and financial condition. Government contracts typically have long sales cycles such that closure of such contracts is difficult to predict.

U.S. Government contracts generally also permit the government to terminate the contract, in whole or in part, without prior notice, at the government’s convenience or for default based on performance. A termination arising out of our default could expose us to liability and have a negative impact on our ability to obtain future contracts and orders. Furthermore, on contracts for which we are a subcontractor and not the prime contractor, the U.S. Government could terminate the prime contract for convenience or otherwise, irrespective of our performance as a subcontractor.

Because we are a DoD contractor, certain of our items and/or transactions may be subject to the International Traffic in Arms Regulations (“ITAR”) if our software or services are specifically designed or modified for defense purposes. Companies engaged in manufacturing or exporting ITAR-controlled goods and services (even if these companies do not export such items) are required to register with the U.S. State Department. Failure to comply with these requirements could result in fines and sanctions which could negatively impact our results of operations and financial condition.

If we lose key personnel we may not be able to execute our business plan.

Our future success depends on the continued services of our employees. If employees leave, it can be difficult to replace them because of the intense competition in the marketplace for people with the skillsets we need to operate our business. New employees may not be productive for weeks or months as they learn about our solutions, our personnel and the administrative practices within our company.

Seasonality may cause fluctuations in our revenue.

We believe there could be notable seasonal factors in the future that may cause us to record higher revenue in some quarters compared with others. We believe this variability is possible largely due to our customers’ budgetary and spending patterns, as many customers spend the unused portions of their discretionary budgets prior to the end of their fiscal years. For example, we have historically recorded our highest level of revenue in our fourth quarter, which we believe corresponds to the fourth quarter of a majority of our customers. If our rate of growth slows over time, seasonal or cyclical variations in our operations may become more pronounced, and our business, results of operations and financial position may be adversely affected.

Our operations potentially are vulnerable to security breaches that could harm the quality of our products and services or disrupt our ability to deliver our products and services.

Information security is a dynamic discipline that historically has faced threats that develop and emerge in ways that are sometimes unpredictable. Third parties may breach our systems and information security and damage our products and services or misappropriate confidential customer information. This might cause us to lose customers, or even cause customers to make claims against us for damages. We may be required to expend significant resources to protect against potential or actual security breaches and/or to address problems caused by such breaches.

Improper disclosure of personal data could result in liability and harm our reputation.  

While we have derived the majority of our historical revenues from on-premises delivery of our products, we now also offer our products on third-party, hosted platforms. As we continue to execute our strategy of increasing the number and scale of our cloud-based offerings, we may store and process increasingly large amounts of personally identifiable information of our customers. At the same time, the continued occurrence of high-profile data breaches provides evidence of an external environment increasingly hostile to information security. This environment demands that we continuously improve our design and coordination of security controls. It is possible our security controls over personal data, our training of employees and vendors on data security, and other practices we follow may not prevent the improper disclosure of personally identifiable information. Improper disclosure of this information could harm our reputation, lead to legal exposure to customers, or subject us to liability under laws that protect personal data, resulting in increased costs or loss of revenue. We believe consumers using our subscription services increasingly will want efficient, centralized methods of choosing their privacy preferences and controlling their data. Perceptions that our products or services do not adequately protect the privacy of personal information could inhibit sales of our products or services and could constrain consumer and business adoption of cloud-based solutions.

Breaches of our cybersecurity systems could degrade our ability to conduct our business operations and deliver products and services to our customers, delay our ability to recognize revenue, compromise the integrity of our software products, result in significant data losses and the theft of our intellectual property, damage our reputation, expose us to liability to third parties and require us to incur significant additional costs to maintain the security of our networks and data.

We increasingly depend upon our IT systems to conduct virtually all of our business operations, ranging from our internal operations and product development activities to our marketing and sales efforts and communications with our customers and business partners. Cyber threats may attempt to penetrate our network security, or that of our website, and misappropriate our proprietary information or cause interruptions of our service. Because the techniques used by such attackers to access or sabotage networks change frequently and may not be recognized until launched against a target, we may be unable to anticipate these techniques. In addition, sophisticated hardware and operating system software and applications that we produce or procure from third parties may contain defects in design or manufacture, including “bugs” and other problems that could unexpectedly interfere with the operation of the system. We have also outsourced a number of our business functions to third-party contractors. Therefore, our business operations also depend, in part, on the success of our contractors' own cybersecurity measures. Similarly, we rely upon distributors, resellers, system vendors and systems integrators to sell our products and our sales operations depend, in part, on the reliability of their cybersecurity measures. Additionally, we depend upon our employees to appropriately handle confidential data and deploy our IT resources in a safe and secure fashion that does not expose our network systems to security breaches and the loss of data. Accordingly, if our cybersecurity systems and those of our contractors fail to protect against unauthorized access, sophisticated cyber-attacks and the mishandling of data by our employees and contractors, our ability to conduct our business effectively could be damaged in a number of ways, including:

Should any of the above events occur, we could be subject to significant claims for liability from our customers or from regulatory actions of governmental agencies, our ability to protect our intellectual property rights could be compromised and our reputation and competitive position could be significantly harmed. Also, the regulatory and contractual actions, litigations, investigations, fines, penalties and liabilities relating to data breaches that result in losses of personally identifiable or credit card information of users of our services could be significant in terms of fines and reputational impact and necessitate changes to our business operations that may be disruptive to us. Additionally, we could incur significant costs in order to upgrade our cybersecurity systems and remediate damages. Consequently, our financial performance and results of operations could be adversely affected.

Certain components of the software code comprising some of our products are licensed from third parties making us dependent upon those licenses remaining in place for those products to operate in their current form.

Certain key components of the software code comprising certain of our products are licensed from unrelated, third parties. These licenses are not perpetual and, as such, with advance notice as provided in the license agreements, these third parties could terminate these licenses. Even with advance notice, termination of these licenses could create a severe hardship for us due to the need to locate substitute software code from other third parties or create alternative software code ourselves in order for our products to continue to operate in the manner designed or for us to keep pace with customer requirements, including our obligations under maintenance and support agreements. There is no assurance we could achieve either of those alternative solutions in a timely and effective manner that would not disrupt our ability to continue selling and supporting those products, or without the consumption of significant company resources in the form of time spent by our personnel creating alternative solutions or cash paid to third parties to assist us. Such a situation could delay the completion and introduction to the marketplace of other products we are developing to remain competitive due to the diversion of the attention of certain of our key personnel away from that work. If any of these events occur, our future business and financial results could be adversely affected.

We utilize “open source” software in some of our products.

The open source software community develops software technology for free use by anyone. We incorporate a limited amount of open source code software into our products. We may use more open source code software in the future.

Our use, in some instances, of open source code software may impose limitations on our ability to commercialize our solutions and may subject us to possible intellectual property litigation. Open source code may impose limitations on our ability to commercialize our products because, among other reasons, open source license terms may be ambiguous and may result in unanticipated obligations regarding our solution, and open source software cannot be protected under trade secret law. In addition, it may be difficult for us to accurately determine the identities of the developers of the open source code and whether the acquired software infringes third-party intellectual property rights. As a result, we could be subject to suits by parties claiming ownership of what we believe to be open source software. From time to time, companies that incorporate open source software into their products have been subject to such claims.

Claims of infringement or misappropriation against us could be costly for us to defend and could require us to re-engineer our solution or to seek to obtain licenses from third parties in order to continue offering our solution. We also might need to discontinue the sale of our solution in the event re-engineering could not be accomplished on a timely or cost-effective basis. If any such claim, attempted remediation, or solution discontinuance occur, our business and operating results could be harmed.

Our products may expose customers to invasion of privacy, causing customer dissatisfaction or possible claims against us for damages.

Our products and solutions are intended to facilitate data and information transfer and sharing, sometimes by providing outsiders access to a customer’s computer. Such access potentially may make the customer vulnerable to security breaches, which could result in the loss of the customer’s privacy or property. Invasions of privacy or other customer harm occurring in an environment where our solutions are operating could result in customer dissatisfaction and possible claims against us for any resulting damages.

We are subject to governmental export and import controls, and sanctions laws that could subject us to liability or impair our ability to compete in international markets.

All products that are exported, re-exported or that are worked on by foreign nationals are subject to export controls.  Such controls include prohibitions on end uses, end users and exports to certain sanctioned countries.  In addition, incorporation of encryption technology into our products increases the level of U.S. export controls.  We are subject to these requirements as certain of our products include the ability for the end user to encrypt data.  Therefore, our products may be exported outside the United States or revealed to foreign nationals only by complying with the required level of export controls/restrictions. Restrictions applicable to our products may include a requirement to have a license to export the technology, a requirement to have software licenses approved before export is allowed, and outright bans on the licensing of certain encryption technology to particular end users or to all end users in a particular country.  In addition, various countries regulate the import and re-export of certain technology and have enacted laws that could limit our ability to distribute our products or could limit our customers’ ability to implement our products in those countries or that make it a violation for us to comply with U.S. sanctions requirements.

There can be no assurance that we will be successful in obtaining or maintaining the licenses and other authorizations required to export our products from applicable government authorities. Any change in export or import regulations or related legislation, shift in approach to the enforcement or scope of existing regulations, changes in the list of countries to which we cannot export, or changes in persons or technologies targeted by such regulations could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations.  Changes in our products or changes in export and import regulations may create delays in the introduction of our products in international markets, prevent our customers with international operations from deploying our products throughout their global systems or, in some cases, prevent the export or import of our products to certain countries, companies or individuals altogether. Any change in export, import or sanctions regulations or related legislation, a shift in approach to the enforcement or scope of existing regulations, or change in the countries, persons or technologies targeted by such regulations, could result in decreased use of our products by, or in our decreased ability to export or sell our products to, existing or potential customers with international operations.

Export and sanctions laws and regulations can be extremely complex in their application.  If we are found not to have complied with applicable export control or sanctions laws, we may be sanctioned, fined or penalized by, among other things, having our ability to obtain export licenses curtailed or eliminated, possibly for an extended period of time. Our failure to receive or maintain any required export licenses or authorizations or our being penalized for failure to comply with applicable export control or sanctions laws would hinder our ability to sell our products, could result in financial penalties, and could materially adversely affect our business, financial condition, and results of operations.  Any failure on our part or the part of our distributors to comply with encryption or other applicable export control or sanctions requirements could harm our business and operating results.

Import and export regulations of encryption/decryption technology vary from country to country. We may be subject to different statutory or regulatory controls, including licensing requirements, in different foreign jurisdictions, and as such, importation or re-exportation of our technology may not be permitted in these foreign jurisdictions. Violations of foreign regulations or regulation of international transactions could prevent us from being able to sell our products in international markets. Our success depends in large part on our having access to international markets. A violation of foreign regulations could limit our access to such markets and have a negative effect on our results of operations.

As our international sales grow, we could become increasingly subject to additional risks that could harm our business.

We conduct significant sales and customer support in countries outside of the United States. Approximately 26% and 25% of our sales were to purchasers outside the United States in 2018 and 2017, respectively. If our sales outside the United States increase, we may be required to further expand our international operations. To successfully expand international sales, we must establish additional foreign operations, hire additional personnel, including regulatory compliance professionals, and recruit additional international resellers. We may also incur additional expense translating our applications into additional languages. In addition, there is significant competition for entry into high growth markets. Our international operations are subject to a variety of risks, which could cause fluctuations in the results of our international operations. These risks include:

We are subject to risks associated with compliance with laws and regulations globally which may harm our business.

We are a global company subject to varied and complex laws, regulations and customs domestically and internationally. These laws and regulations relate to a number of aspects of our business, including trade protection, import and export control, sanctions laws, data and transaction processing security, payment card industry data security standards, records management, user-generated content hosted on websites we operate, corporate governance, employee and third-party complaints, gift policies, conflicts of interest, employment and labor relations laws, securities regulations and other regulatory requirements affecting trade and investment. The application of these laws and regulations to our business is often unclear and may at times conflict. Compliance with these laws and regulations may involve significant costs or require changes in our business practices that result in reduced revenue and profitability. Non-compliance could also result in fines, damages, or criminal sanctions against us, our officers or our employees, prohibitions on the conduct of our business, and damage to our reputation. We incur additional legal compliance costs associated with our global operations and could become subject to legal penalties if we fail to comply with local laws and regulations in U.S. jurisdictions or in foreign countries, which laws and regulations may be substantially different from those in the U.S.

In many foreign countries, particularly in those with developing economies, it is common to engage in business practices that are prohibited by U.S. regulations applicable to us, including the Foreign Corrupt Practices Act. Although we implement policies and procedures designed to ensure compliance with these laws, there can be no assurance that all of our employees, contractors and agents, as well as those companies to which we outsource certain of our business operations, including those based in or from countries where practices that violate such U.S. laws may be customary, will not take actions in violation of our internal policies. Any such violation, even if prohibited by our internal policies, could have an adverse effect on our business.

Our interaction with foreign parties can also increase our costs with respect to compliance. For example, the EU has recently adopted a comprehensive overhaul of its data protection regime from the current national legislative approach to a single European Economic Area Privacy Regulation, the GDPR, which came into effect in May 2018. The EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. Although the GDPR will apply across the EU without a need for local implementing legislation, as has been the case under the current data protection regime, local data protection authorities (“DPAs”) will still have the ability to interpret the GDPR, which has the potential to create inconsistencies on a country-by-country basis. Since we act as a data processor for our SaaS customers, we are taking steps to cause our processes to be compliant with applicable portions of the GDPR, but we cannot assure you that such steps will be effective. We have adopted policies to comply with the GDPR, but ongoing implementation and maintenance of compliance regimes could require changes to certain of our business practices, thereby increasing our costs.

Failure to comply with existing or future privacy and data use and security laws, regulations, and requirements to which we are subject or could become subject, including by reason of inadvertent disclosure of confidential information, could result in fines, sanctions, penalties or other adverse consequences and loss of consumer confidence, which could materially adversely affect our results of operations, overall business and reputation especially since we market our products as a means by which compliance can be achieved.

Failure to maintain proper and effective internal controls has affected, and could in the future affect, our ability to produce accurate financial statements which has resulted, and could in the future result, in the restatement of our consolidated financial statements, and such failure to maintain proper and effective internal controls could adversely affect our operating results, our ability to operate our business, and our stock price.

Effective internal controls are necessary for us to provide reliable financial reports and effectively prevent fraud. We maintain a system of internal control over financial reporting, which is defined as a process designed by, or under the supervision of, our principal executive officer and principal financial officer, or persons performing similar functions, and effected by our board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP. 

Failure to establish and maintain appropriate internal financial reporting controls and procedures has caused us to fail to meet our reporting obligations, resulted in the restatement of our financial statements, harmed our operating results, subjected us to regulatory scrutiny and investigation, potentially caused investors to lose confidence in our reported financial information, and had a negative effect on the market price for shares of our common stock. Failure to remediate our material weaknesses and control deficiencies with respect to our internal control over financial reporting could result in similar consequences in the future.

There are inherent limitations in all control systems, and misstatements due to error or fraud have occurred and may occur again in the future and not be detected.

The ongoing internal control provisions of Section 404 of the Sarbanes-Oxley Act of 2002 require us to identify material weaknesses in internal control over financial reporting, which is a process to provide reasonable assurance regarding the reliability of financial reporting for external purposes in accordance with GAAP. Our management, including our principal executive officer and principal financial officer, does not expect that our internal controls and disclosure controls will prevent all errors and all fraud. A control system, no matter how well conceived and operated, can provide only reasonable, not absolute, assurance that the objectives of the control system are met. In addition, the design of a control system must reflect the fact that there are resource constraints and the benefit of controls must be relative to their costs. Because of the inherent limitations in all control systems, no evaluation of controls can provide absolute assurance that all control issues and instances of fraud in our company have been detected. These inherent limitations include the realities that judgments in decision-making can be faulty and that breakdowns can occur because of simple errors or mistakes. Further, controls can be circumvented by individual acts of some persons, by collusion of two or more persons, or by management override of the controls. The design of any system of controls is also based in part upon certain assumptions about the likelihood of future events, and there can be no assurance that any design will succeed in achieving our stated goals under all potential future conditions. Over time, a control may be inadequate because of changes in conditions, such as growth of the company or increased transaction volume, or the degree of compliance with the policies or procedures may deteriorate. Because of inherent limitations in a cost-effective control system, misstatements due to error or fraud may occur in the future and not be detected.

In addition, discovery and disclosure of a material weakness, such as those material weaknesses we have previously discovered and disclosed, by definition, could have a material adverse impact on our financial statements. Such an occurrence could discourage certain customers or suppliers from doing business with us and affect how our stock trades. This could, in turn, negatively affect our ability to access public debt or equity markets for capital.

The amount of income taxes we compute as payable on our income tax returns filed with the Internal Revenue Service and certain states could be challenged by those taxing authorities resulting in us paying more taxes than anticipated.

We file income tax returns with the Internal Revenue Service and taxing authorities in certain states. We prepare and file those returns based on our interpretations of the relevant tax code as to revenue to be reported and deductions and credits allowed. We use third-party experts to assist us in preparing our tax returns and computing our tax liabilities to help us ensure we pay the proper amount of tax due. Our tax returns are subject to examination by taxing authorities that could interpret the tax code in a different manner from us and conclude we are obligated to pay more taxes than we originally computed and paid. While we would defend the position taken on our tax returns as filed, a challenge from a taxing authority can be costly to defend with no assurance of a favorable outcome for us. In the event of an unfavorable result under these circumstances, our business, operating results and financial position could be harmed.

The amount of sales tax we collect on sales could be challenged by taxing authorities both in jurisdictions in which we have a corporate presence as well as by taxing authorities in areas where we have no corporate presence.

We collect and remit sales tax on sales in jurisdictions where we have an obligation to do so. States in which we collect sales tax could audit our activities and assess us with additional tax based on their interpreting the sales tax code differently than we interpret it. States where we do not collect sales tax could make an assertion that we should have been collecting sales tax and could assess us with that tax. While we would defend our position taken as to our obligation to collect sales tax and the amount of sales tax collected, a challenge from a taxing authority can be costly to defend with no assurance of a favorable outcome for us. In the event of an unfavorable result under these circumstances, our business, operating results and financial position could be harmed.

Risks Related to Stock Ownership

Our stock price is, and may continue to be, volatile.

The trading price of our common stock has been and could continue to be subject to wide fluctuations in response to certain factors, including:

In addition, the public stock markets experience extreme price and trading volume volatility, particularly in high-technology sectors of the market. This volatility has significantly affected the market prices of securities of many technology companies for reasons often unrelated to the operating performance of the specific companies. The broad market fluctuations may adversely affect the market price of our common stock.

Accounting charges may cause fluctuations in our annual or quarterly financial results.

Our financial results may be affected by non-cash and other accounting charges, including:

Anti-takeover provisions in our charter and Delaware law could inhibit others from acquiring us.

Some of the provisions of our certificate of incorporation and bylaws and in Delaware law could, together or separately:

In particular, our certificate of incorporation and bylaws prohibit stockholders from voting by written consent or calling meetings of the stockholders. We are also subject to Section 203 of the Delaware General Corporation Law, which generally prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any interested stockholder, as defined in the statute, for a period of three years following the date on which the stockholder became an interested stockholder.

Our directors and executive officers continue to have substantial control over us.

Our directors and executive officers, together with their affiliates and related persons, beneficially owned, in the aggregate, approximately 36% of our outstanding common stock as of February 28, 2019. These stockholders would have the ability to substantially control our operations and direct our policies, including the outcome of matters submitted to our stockholders for approval, such as the election of directors and any acquisition or merger, consolidation or sale of all or substantially all of our assets. In addition, our certificate of incorporation and bylaws provide for our Board of Directors to be divided into three classes of directors serving staggered three-year terms.  As a result, approximately one-third of our Board of Directors will be elected each year.

Stockholders’ ownership of our stock may be significantly diluted as a result of the exercise of stock options, thereby affecting the value of the stock.

There were options to purchase 2,536,320 shares of our common stock outstanding under our employee and director stock option plans as of December 31, 2018, of which options to purchase 1,103,631 shares were vested. We have filed registration statements under the Securities Act, covering stock issued upon the exercise of options by non-affiliates, and we may file a registration statement covering options held by affiliates as well. If we do not file a registration statement covering affiliates, affiliates who exercise their options may choose to sell the stock under an exemption from registration, such as Rule 144 under the Securities Act. The exercise of these options and sale of the resulting stock could depress the value of our stock.

Risks Related to Intellectual Property

We are vulnerable to claims that our products infringe third-party intellectual property rights particularly because our products are partially developed by independent parties.

From time to time, we experience claims that our products infringe third-party intellectual property rights. We may be exposed to future litigation based on claims that our products infringe the intellectual property rights of others. This risk is exacerbated by the fact that some of the code in our products is developed by independent parties or licensed from third parties over whom we have less control than we exercise over internal developers. In addition, we expect that infringement claims against software developers will become more prevalent as the number of products and developers grows and the functionality of software programs in the market increasingly overlaps. Companies in the technology industry, and other patent and trademark holders seeking to profit from royalties in connection with grants of licenses, own large numbers of patents, copyrights, trademarks, service marks, and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, we may be the target of aggressive and opportunistic enforcement of patents by third parties, including non-practicing entities.

Responding to and defending against such claims may cause us to incur significant expense and divert the time and efforts of our management and employees. Successful assertion of such claims could require that we pay substantial damages or ongoing royalty payments, prevent us from selling our products and services, damage our reputation, or require that we comply with other unfavorable terms, any of which could materially harm our business. In addition, we may decide to pay substantial settlement costs in connection with any claim or litigation, whether or not successfully asserted.

While it is not possible to predict the outcome of patent litigation incidents to our business, defense costs may be significant, and we believe the costs associated with this litigation or other claims of infringement could generally have a material adverse impact on our results of operations, financial position or cash flows. Regardless of the merit of such claims, responding to infringement claims can be expensive and time-consuming.

For any intellectual property rights claim against us or our customers, we may have to pay damages and indemnify our customers against damages.

Claims of infringement could require us to re-engineer our products or seek to obtain licenses from third parties in order to continue offering our products in a manner that may include licensing technologies from others. In addition, an adverse legal decision affecting our intellectual property, or the use of significant resources to defend against this type of claim could place a significant strain on our financial resources and harm our reputation.

We may not be able to protect our intellectual property rights.

Our software code and trade and service marks are some of our most valuable assets. Given the global nature of the Internet and our business, we are vulnerable to the misappropriation of this intellectual property, particularly in foreign markets, such as China and Eastern Europe, where laws or law enforcement practices are less developed. The global nature of the Internet makes it difficult to control the ultimate destination or security of our software making it more likely that unauthorized third parties will copy certain portions of our proprietary information or reverse engineer the proprietary information used in our programs. If our proprietary rights were infringed by a third-party and we did not have adequate legal recourse, our ability to earn profits, which are highly dependent on those rights, would be severely diminished.

Other companies may own, obtain or claim trademarks that could prevent, limit or interfere with our use of our trademarks.

Our various trademarks are important to our business. If we were to lose the use of any of our trademarks, our business would be harmed and we would have to devote substantial resources towards developing an independent brand identity. Defending or enforcing our trademark rights at a local and international level could result in the expenditure of significant financial and managerial resources.

Risks Related to the Investigation and the Restatement

Matters relating to or arising from our Audit Committee investigation, including regulatory proceedings, litigation matters and potential additional expenses, may adversely affect our business and results of operations.

As previously disclosed in our public filings and in this Annual Report, the Audit Committee has recently completed the investigation relating to revenue recognition. We are also the subject of an investigation by the SEC and the United States Attorney’s Office for the Western District of Texas related to these matters.

We have incurred significant expenses related to legal, accounting, and other professional services in connection with the Audit Committee investigation and related matters and related remediation efforts. The expenses incurred, and expected to be incurred, in connection with the Audit Committee and government investigations, the impact of our delay in 2017 and through June 14, 2018 in meeting our periodic reporting requirements on the confidence of investors, employees and customers, and the diversion of the attention of the management team that has occurred, and is expected to continue, has adversely affected, and could continue to adversely affect, our business, financial condition and results of operations or cash flows.

As a result of the matters reported above, we are exposed to greater risks associated with litigation, regulatory proceedings and government enforcement actions. In addition, we have incurred significant legal expenses in connection with a securities class action that was filed against us and certain of our directors and officers, which the Court gave final approval of a settlement on December 18, 2018. The Company has also received stockholder demand letters related to the above matters, and the Board has established a Special Litigation Committee to analyze and investigate claims that could be potentially asserted against the Company. Any future investigations or additional lawsuits may adversely affect our business, financial condition, results of operations and cash flows.  

We have restated our consolidated financial statements, which may lead to additional risks and uncertainties.

As discussed in Note 15 to our consolidated financial statements included in Part II, Item 8, “Financial Statements and Supplementary Data”, of our Form 10-K/A filed on June 14, 2018, we have restated our consolidated financial statements as of and for the years ended December 31, 2016 and 2015. The determination to restate these consolidated financial statements was made by our Audit Committee upon management’s recommendation. As a result of these events, we have become subject to a number of additional risks and uncertainties, including substantial unanticipated accounting and legal fees in connection with or related to the Restatement. Likewise, such events might cause a diversion of our management’s time and attention.

We are also subject to claims, investigations and proceedings arising out of the Restatement. For additional information regarding this litigation, see Part I, Item 3, “Legal Proceedings” of this Annual Report.

The restatement of our previously issued financial results has resulted in private litigation and could result in private litigation judgments that could have a material adverse impact on our results of operations and financial condition.

We are subject to shareholder litigation relating to the restatement of our previously filed financial statements and to certain of our previous public disclosures. For additional discussion of this litigation, see Part I, Item 3, “Legal Proceedings”, of this Annual Report. Our management has been, and may in the future be, required to devote significant time and attention to this litigation, and this and any additional matters that arise could have a material adverse impact on our results of operations and financial condition as well as on our reputation. While we cannot estimate our potential exposure in these matters at this time, we have already incurred significant expense defending this litigation and expect to continue to need to incur significant expense in the defense.

The existence of the litigation may have an adverse effect on our reputation with our customers, which could have an adverse effect on our results of operations and financial condition.

We face risks related to an ongoing Securities and Exchange Commission investigation.

On January 11, 2018, we received a subpoena from the SEC which has since opened a formal investigation relating to, among other things, the Restatement (the “SEC Investigation”). See Part I, Item 3, “Legal Proceedings” of this Annual Report for a discussion of the SEC Investigation. We are cooperating fully with the SEC Investigation. At this point, we are unable to predict what the outcome of the SEC Investigation may be or what, if any, consequences the SEC Investigation may have with respect to the Company or any current or former Company personnel. However, the SEC Investigation could result in considerable legal expenses, divert management’s attention from other business concerns and harm our business. If the SEC were to determine that legal violations occurred, we could be required to pay significant civil and/or criminal penalties and/or other amounts and we could become subject to a cease and desist order and/or other remedies or conditions imposed as part of any resolution. We can provide no assurances as to the outcome of the SEC Investigation.

We face risks related to an ongoing investigation by the United States Attorney’s Office for the Western District of Texas.

On May 31, 2018, we were served with a subpoena issued by a grand jury sitting in the United States District Court for the Western District of Texas (the “Grand Jury Subpoena”). The Grand Jury Subpoena requests all documents and emails relating to the Company’s investigation of the potential improper recognition of software license revenue. We intend to fully cooperate with the Grand Jury Subpoena and related investigation being conducted by the United States Attorney’s Office for the Western District of Texas (the “U.S. Attorney’s Investigation”). At this time, we are unable to predict the duration, scope, result or related costs of the U.S. Attorney’s Investigation. We are also unable to predict what, if any, further action may be taken in connection with the Grand Jury Subpoena and the U.S. Attorney’s Investigation, or what, if any, penalties, sanctions or remedial actions may be sought. Any determination by the U.S. Attorney’s office that the Company’s activities were not in compliance with existing laws or regulations, however, could result in the imposition of fines, penalties, disgorgement, equitable relief, or other losses, which could have a material adverse effect on the Company’s consolidated financial position, liquidity, or results of operations.

Our indemnification obligations and limitations of our director and officer liability insurance may have a material adverse effect on our financial condition, results of operations and cash flows.

Under Delaware law, our certificate of incorporation and bylaws and certain indemnification agreements to which we are a party, we have an obligation to indemnify, or we have otherwise agreed to indemnify, certain of our current and former directors and officers with respect to current and future investigations and litigation, including the matters discussed in Part I, Item 3, “Legal Proceedings” of this Annual Report. In connection with some of these pending matters, we are required to, or we have otherwise agreed to, advance, and have advanced, legal fees and related expenses to certain of our current and former directors and officers and expect to continue to do so while these matters are pending. Certain of these obligations are not and may not be “covered matters” under our directors’ and officers’ liability insurance, or there may be insufficient coverage available. Further, in the event the directors and officers are ultimately determined not to be entitled to indemnification, we may not be able to recover the amounts we previously advanced to them.

In addition, we have incurred significant expenses in connection with the Audit Committee’s independent investigation, the pending SEC Investigation, the U.S. Attorney’s Investigation and shareholder litigation. We cannot provide any assurances that past or future claims related to those or other matters, including the cost of fees, penalties or other expenses, will not exceed the limits of our insurance policies, that such claims are covered by the terms of our insurance policies or that our insurance carrier will be able to cover our claims. Additionally, to the extent there is coverage of these claims, the insurers also have and may seek to deny or limit coverage in some or all of these matters. Furthermore, the insurers could become insolvent and unable to fulfill their obligation to defend, pay or reimburse us for insured claims. Accordingly, we cannot be sure that claims will not arise that are in excess of the limits of our insurance or that are not covered by the terms of our insurance policy. Due to these coverage limitations, we may incur significant unreimbursed costs to satisfy our indemnification obligations, which may have a material adverse effect on our financial condition, results of operations or cash flows.