Item 1A. RISK FACTORS
Investing in our common stock involves a high degree of risk. You should consider carefully the risks and uncertainties described below, together with all of the other information in this report, including our consolidated financial statements and related notes, before deciding whether to purchase shares of our common stock. If any of the following risks is realized, our business, operating results, financial condition and prospects could be materially and adversely affected. In that event, the price of our common stock could decline, and you could lose part or all of your investment. Moreover, the risks described below are not the only ones that we face. Additional risks not presently known to us or that we currently deem immaterial may also affect our business, operating results, prospects or financial condition. You should carefully consider these risk factors, together with all of the other information included in this Quarterly Report on Form 10-Q as well as our other publicly available filings with the SEC.
Summary of Risk Factors
Investing in our common stock involves risks, including those discussed in this section. These risks include, among others:
•The COVID-19 pandemic has resulted in a material adverse effect on our business, the future magnitude or duration of which we cannot predict with accuracy.
•If our business does not grow as we expect, or if we fail to manage our growth effectively, our operating results and business prospects would suffer.
•Interruptions or delays in service from our third-party providers, including delays in the delivery of new sensors as a result of an industry-wide chip shortage, could impair our ability to make our solutions available to our customers, resulting in customer dissatisfaction, damage to our reputation, loss of customers, limited growth and reduction in revenues.
•If we are unable to sell our solutions into new markets, our revenues may not grow.
•Ongoing social unrest may result in a material adverse effect on our business, the future magnitude or duration of which we cannot predict with accuracy.
•Our success depends on maintaining and increasing our sales, which depends on factors we cannot control, including the availability of funding to our customers.
•Our quarterly results of operations may fluctuate significantly due to a wide range of factors, which makes our future results difficult to predict.
•Because we generally recognize our subscription revenues ratably over the term of our contract with a customer, fluctuations in sales will not be fully reflected in our operating results until future periods.
•We have not been profitable recently and may not achieve or maintain profitability in the future.
•We may require additional capital to fund our business and support our growth, and our inability to generate and obtain such capital on acceptable terms, or at all, could harm our business, operating results, financial condition and prospects.
•Contracting with government entities can be complex, expensive, and time-consuming.
•If we are unable to further penetrate the public safety market, our revenues may not grow.
•Our sales cycle can be lengthy, time-consuming and costly, and our inability to successfully complete sales could harm our business.
33
•Changes in the availability of federal funding to support local law enforcement efforts could impact our business.
•The failure of our solutions to meet our customers’ expectations could harm our reputation, which may have a material adverse effect on our business, operating results and financial condition.
•Real or perceived false positive gunshot alerts or failure or perceived failure to generate alerts for actual gunfire could adversely affect our customers and their operations, damage our brand and reputation and adversely affect our growth prospects and results of operations.
•Economic uncertainties or downturns, or political changes, could limit the availability of funds available to our customers and potential customers, which could materially adversely affect our business.
•The nature of our business exposes us to inherent liability risks.
•As a result of our use of outdoor acoustic sensors, we are subject to governmental regulation and other legal obligations, particularly related to privacy, data protection and information security, and our actual or perceived failure to comply with such obligations could harm our business. Compliance with such laws could impair our efforts to maintain and expand our customer base, and thereby decrease our revenues.
•Failure to protect our intellectual property rights could adversely affect our business.
•Systems and Organizations Controls 2 ("SOC2") and Criminal Justice Information Services (“CJIS”) requirements could potentially cause obligations that we are not able to completely perform which could adversely affect our reputation and sales, as well as the availability of our solutions in certain markets.
Risks Related to the COVID-19 Pandemic
The COVID-19 pandemic has resulted in a material adverse effect on our business, the future magnitude or duration of which we cannot predict with accuracy.
The COVID-19 pandemic has resulted in a substantial curtailment of business activities worldwide and is causing weakened economic conditions, both in the United States and many countries abroad. As part of intensifying efforts to contain the spread of COVID-19, many companies and state, local and foreign governments had imposed restrictions, including work-from-home policies and travel bans. While some of these companies and jurisdictions had relaxed such restrictions, these restrictions may be put back in place. Although there has been improvement in case numbers there is still uncertainty surrounding the evolving COVID-19 pandemic, including the potential for periods of increases in case numbers in the future and the emergence and spread of virus variants in communities in which we and our customers operate, which may continue to have an adverse impact on our results of operations. While the ultimate economic impact of the COVID-19 pandemic is highly uncertain, we expect that our business and results of operations, including our revenues, earnings and cash flows from operations, will be adversely impacted for the remainder of 2022, including as a result of:
•Delays in our ability to deploy new “go-live” miles attributable to company policies or customer policies designed to protect employee health and comply with government restrictions;
•Greater funding challenges for our customer base, which may adversely affect customer contract renewals, expansion of existing customer deployments or new customer sales;
•Possible disruption to our supply chain caused by distribution and other logistical issues, including delays in manufacturing chips used in our sensors which may further delay our ability to deploy new go-live miles or update our currently deployed technology;
•Potential decrease in productivity or availability of our employees or those of our customers or suppliers due to work-from-home policies and orders, or vaccine requirements.
34
It is currently not possible to fully predict the magnitude or duration of the COVID-19 pandemic’s impact on our business. The extent to which the COVID-19 pandemic impacts our business will depend on numerous evolving factors that we may not be able to control or accurately predict, including without limitation:
•the duration and scope of the pandemic, including the impact of new variants with varying degree of resistance to vaccines;
•governmental, business and individuals’ actions that have been and continue to be taken in response to the pandemic;
•the impact of the pandemic on economic activity and actions taken in response;
•the effect on our customers and demand for our products and services;
•our ability to continue to sell our products and services, including as a result of people working from home, or restrictions on access to our potential customers;
•the ability of our customers to pay for our products and services;
•any closures of our facilities and the facilities of our customers and suppliers; and
•the degree to which our employees or those of our customers or suppliers become ill with COVID-19.
The COVID-19 pandemic has impacted our supply chain, which could adversely impact our business.
The global supply chain for semiconductor chips, including the type of chips used in the sensors integrated into our gunshot detection solutions, has been disrupted by events related to the COVID-19 pandemic, including business shutdowns and increased demand. As a result, we have experienced higher costs to procure the sensors required for our solutions. While we believe these delays are temporary and we have taken steps to mitigate the impact of these delays, if supply chain issues become worse, we may not be able to deploy, update or repair our gunshot detection solutions as expected. If we are unable to deliver our solutions or update or repair existing assets, or if we incur higher than expected costs to do so, our revenues may not grow as expected and our business may be adversely impacted.
Risks Related to Our Growth
If our business does not grow as we expect, or if we fail to manage our growth effectively, our operating results and business prospects would suffer.
Our ability to successfully grow our business depends on a number of factors including our ability to:
•accelerate our acquisition of new customers;
•further sell expansions of coverage areas to our existing customers;
•expand our international footprint;
•expand into new vertical markets, such as precision policing, and security solutions;
•increase awareness of the benefits that our solutions offer;
•maintain our competitive and technology leadership position; and
•manage our business successfully through the COVID-19 pandemic and any resulting impact on economic conditions, including conditions impacting the availability of funding for our public safety solution.
As usage of our solutions grows, we will need to continue to make investments to develop and implement new or updated solutions, technologies, security features and cloud-based infrastructure operations. In addition, we will need to
35
appropriately scale our internal business systems and our services organization, including the suppliers of our detection equipment and customer support services, to serve our growing customer base. Any failure of, or delay in, these efforts could impair the performance of our solutions and reduce customer satisfaction.
Further, our growth could increase quickly and place a strain on our managerial, operational, financial and other resources, and our future operating results depend to a large extent on our ability to successfully manage our anticipated expansion and growth. To manage our growth successfully, we will need to continue to invest in sales and marketing, research and development, and general and administrative functions and other areas. We are likely to recognize the costs associated with these investments earlier than receiving some of the anticipated benefits, and the return on these investments may be lower, or may develop more slowly, than we expect, which could adversely affect our operating results.
If we are unable to manage our growth effectively, we may not be able to take advantage of market opportunities or develop new solutions or upgrades to our existing solutions, satisfy customer requirements, maintain the quality and security of our solutions or execute on our business plan, any of which could have a material adverse effect on our business, operating results and financial condition.
Our quarterly results of operations may fluctuate significantly due to a wide range of factors, which makes our future results difficult to predict.
Our revenues and results of operations could vary significantly from quarter to quarter as a result of various factors, many of which are outside of our control, including:
•the expansion or contraction of our customer base;
•the renewal or nonrenewal of subscription agreements with, and expansion of coverage areas by, existing customers;
•the size, timing, terms and deployment schedules of our sales to both existing and new customers;
•the introduction of products or services that may compete with us for the limited funds available to our customers, and changes in the cost of such products or services;
•changes in our customers’ and potential customers’ budgets;
•our ability to control costs, including our operating expenses;
•our ability to hire, train and maintain our direct sales force;
•the timing of satisfying revenues recognition criteria in connection with initial deployment and renewals;
•fluctuations in our effective tax rate;
•the impact of the COVID-19 pandemic on business operations and economic conditions;
•the concentration of our revenue in a small number of large contracts with the potential for fluctuations and delays; and
•general economic and political conditions, both domestically and internationally.
Any one of these or other factors discussed elsewhere in this report may result in fluctuations in our revenues and operating results, meaning that quarter-to-quarter comparisons of our revenues, results of operations and cash flows may not necessarily be indicative of our future performance.
Because of the fluctuations described above, our ability to forecast revenues is limited and we may not be able to accurately predict our future revenues or results of operations. In addition, we base our current and future expense levels
36
on our operating plans and sales forecasts, and our operating expenses are expected to increase in the short term. Accordingly, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect our financial results for that quarter. The variability and unpredictability of these and other factors could result in our failing to meet or exceed financial expectations for a given period.
Because we generally recognize our subscription revenues ratably over the term of our contract with a customer, fluctuations in sales will not be fully reflected in our operating results until future periods.
Our revenues are primarily generated from subscriptions to our solutions. With the exception of a small number of legacy customers, our customers do not have the right to take possession of our equipment or software platform. Revenues from subscriptions to our software platform are recognized ratably over the subscription period beginning on the date that the subscription is made available to the customer, which we refer to as the “go-live” date. Our agreements with our customers typically range from one to three years. As a result, much of the revenues that we report in each quarter are attributable to agreements entered into during previous quarters. Consequently, a decline in sales, customer renewals or market acceptance of our solutions in any one quarter would not necessarily be fully reflected in the revenues in that quarter and would negatively affect our revenues and profitability in future quarters. This ratable revenues recognition also makes it difficult for us to rapidly increase our revenues through additional sales in any period, as revenues from new customers generally are recognized over the applicable agreement term. Our subscription-based approach may result in uneven recognition of revenues.
We recognize subscription revenues over the term of a subscription agreement. Once we enter into a contract with a customer, there is a delay until we begin recognizing revenues while we survey the coverage areas, obtain any required consents for installation, and install our sensors, which together can take up to several months or more. We begin recognizing revenues from a sale only when all of these steps are complete and the solution is live.
While most of our customers elect to renew their subscription agreements following the expiration of a term, in some cases, they may not be able to obtain the proper approvals or funding to complete the renewal prior to such expiration. For these customers, we stop recognizing subscription revenues at the end of the current term, even though we may continue to provide services for a period of time while the renewal process is completed. Once the renewal is complete, we then recognize subscription revenues for the period between the expiration of the term of the agreement and the completion of the renewal process.
The variation in the timeline for deploying our solutions and completing renewals may result in fluctuations in our revenues, which could cause our results to differ from projections. Additionally, while we generally invoice for 50% of the contract cost upon a customer’s go-live date, our cash flows may be volatile and will not match our revenues recognition.
We have not been profitable recently and may not achieve or maintain profitability in the future.
We had net income in both 2020 and 2019; prior to that, we posted a net loss in each year since inception and we had a net loss of $4.4 million for the year ended December 31, 2021. We had net income of $7.4 million for the nine months ended September 30, 2022, and as of September 30, 2022 we had an accumulated deficit of $91.4 million. We are not certain whether we will be able to maintain enough revenues from sales of our solutions to sustain or increase our growth or maintain profitability in the future. We also expect our costs to increase in future periods, which could negatively affect our future operating results if our revenues do not increase. In particular, we expect to continue to expend substantial financial and other resources on:
•sales and marketing, including a significant expansion of our sales organization, both domestically and internationally;
•research and development related to our solutions, including investments in our engineering and technical teams;
•acquisition of complementary technologies or businesses, such as our acquisition of HunchLab technology in October 2018, our acquisition of LEEDS in November 2020, and our acquisition of Forensic Logic in January 2022;
37
•continued international expansion of our business; and
•general and administrative expenses.
These investments may not result in increased revenues or growth in our business. If we are unable to increase our revenues at a rate sufficient to offset the expected increase in our costs, our business, operating results and financial position may be harmed, and we may not be able to maintain profitability over the long term. In particular, the COVID-19 pandemic and its impact on economic conditions, including supply chain disruptions, may make it more difficult for us to increase revenues sufficient to maintain profitability. Furthermore, rising inflation rates may result in decreased demand for our products and services and increase our operating costs. Additionally, we may encounter unforeseen operating expenses, difficulties, complications, delays and other unknown factors that may result in losses in future periods. If our revenue growth does not meet our expectations in future periods, our financial performance may be harmed, and we may not maintain profitability in the future.
We may require additional capital to fund our business and support our growth, and our inability to generate and obtain such capital on acceptable terms, or at all, could harm our business, operating results, financial condition and prospects.
We intend to continue to make substantial investments to fund our business and support our growth. In addition, we may require additional funds to respond to business challenges, including the need to develop new features or enhance our solutions, improve our operating infrastructure or acquire or develop complementary businesses and technologies. As a result, in addition to the revenues we generate from our business and our existing cash balances, we may need to engage in additional equity or debt financings to provide the funds required for these and other business endeavors. If we raise additional funds through future issuances of equity or convertible debt securities, our existing stockholders could suffer significant dilution, and any new equity securities we issue could have rights, preferences and privileges superior to those of holders of our common stock. Any debt financing that we may secure in the future could involve restrictive covenants relating to our capital raising activities and other financial and operational matters, which may make it more difficult for us to obtain additional capital and to pursue business opportunities, including potential acquisitions. We may not be able to obtain such additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected. In addition, our inability to generate or obtain the financial resources needed may require us to delay, scale back, or eliminate some or all of our operations, which may have a material adverse effect on our business, operating results, financial condition and prospects.
Risks Related to Our Public Safety Business
Ongoing social unrest may result in a material adverse effect on our business, the future magnitude or duration of which we cannot predict with accuracy.
We may be adversely affected by ongoing social unrest, protests against racial inequality, protests against police brutality and movements such as “Defund the Police” or increases in such unrest that may occur in the future, and such unrest may be exacerbated by inaccurate information or negative publicity regarding our solutions. Although the negativity of some of these events have been reduced, some of these events may still directly or indirectly affect police agency budgets and funding available to current and potential customers. Participants in these events may also attempt to create the perception that our solutions are contributing to the “problem”, which may adversely affect our business and results of operations, including our revenues, earnings and cash flows from operations.
Our success depends on maintaining and increasing our sales, which depends on factors we cannot control, including the availability of funding to our customers.
To date, substantially all of our revenues have been derived from contracts with local governments and their agencies, in particular the police departments of major cities in the United States. To a lesser extent, we also generate revenues from federal agencies, foreign governments and higher education institutions. We believe that the success and growth of our business will continue to depend on our ability to add new police departments and other government agencies, domestically and internationally, as customers of our public safety solution and new universities, corporate campuses and key infrastructure and transportation centers as customers of our security solutions. Many of our target customers have restricted budgets, such that we are forced to compete with programs or solutions that offer an alternative
38
use of the same funds. A number of factors could cause current and/or potential customers to: delay or refrain from purchasing our solutions, prevent expansion of, or reduce coverage areas and/ or terminate use of our solutions, including:
•decreases or changes in available funding, including tax revenues, budgetary allocations, government grants and other government funding programs;
•potential delays or changes in appropriations or other funding authorization processes;
•changes in fiscal or contracting policies;
•macro-and/or local economic changes that may affect customer funding;
•changes in elected or appointed officials;
•changes in public perception of the accuracy of our solutions and the appropriate use of our solutions by law enforcement, including as a result of negative publicity; and
•changes in laws or public sentiment regarding privacy or surveillance.
The COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears, and any associated impact on economic conditions could also cause or exacerbate any of the foregoing. The occurrence of any of the foregoing would impede or delay our ability to maintain or increase the amount of revenues derived from these customers, which could have a material adverse effect on our business, operating results and financial condition.
Contracting with government entities can be complex, expensive, and time-consuming.
The procurement process for government entities is in many ways more challenging than contracting in the private sector. We must comply with laws and regulations relating to the formation, administration, performance and pricing of contracts with government entities, including U.S. federal, state and local governmental bodies. These laws and regulations may impose added costs on our business or prolong or complicate our sales efforts, and failure to comply with these laws and regulations or other applicable requirements could lead to claims for damages from our customers, penalties, termination of contracts and other adverse consequences. Any such damages, penalties, disruptions or limitations in our ability to do business with government entities could have a material adverse effect on our business, operating results and financial condition.
Government entities often require highly specialized contract terms that may differ from our standard arrangements. For example, if the federal government provides grants to certain state and local governments for our solutions, and such governments do not continue to receive these grants, then these customers have the ability to terminate their contracts with us without penalty. Government entities often impose compliance requirements that are complicated, require preferential pricing or “most favored nation” terms and conditions, or are otherwise time-consuming and expensive to satisfy. Compliance with these special standards or satisfaction of such requirements could complicate our efforts to obtain business or increase the cost of doing so. Even if we do meet these special standards or requirements, the increased costs associated with providing our solutions to government customers could harm our margins. Additionally, even once we have secured a government contract, the renewal process can be lengthy and as time-consuming as the initial sale, and we may be providing our service for months past the contract expiration date without certainty if the renewal agreement will be signed or not. During periods of economic uncertainty resulting from the COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears, and any associated impact on economic conditions, these risks are more pronounced than usual, as government entities struggle with reduced levels of resources related to implications of such global events.
Changes in the underlying regulatory conditions, political landscape or required procurement procedures that affect these types of customers could be introduced prior to the completion of our sales cycle, making it more difficult or costly to finalize a contract with a new customer or expand or renew an existing customer relationship. For example, customers may require a competitive bidding process with extended response deadlines, review or appeal periods, or customer
39
attention may be diverted to other government matters, postponing the consideration of the purchase of our products. Such delays could harm our ability to provide our solutions efficiently and to grow or maintain our customer base.
If we are unable to further penetrate the public safety market, our revenues may not grow.
Our ability to increase revenues will depend in large part on our ability to sell our current and future public safety solutions. For example, our ability to have our ShotSpotter Respond customers renew their annual subscriptions and expand their mileage coverage or purchase and implement our new products such as ShotSpotter Connect and ultimately ShotSpotter Investigate drives our ability to increase our revenues. Most of our ShotSpotter Respond customers begin using our solution in a limited coverage area. Our experience has been, and we expect will continue to be, that after the initial implementation of our solutions, our new customers typically renew their annual subscriptions, and many also choose to expand their coverage area. However, some customers may choose to not renew or reduce their coverage. If existing customers do not choose to renew or expand their coverage areas, or choose to reduce their coverage, our revenues will not grow as we anticipate, or may even decline. During periods of economic uncertainty resulting from the COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears, and any associated impact on economic conditions, this risk is more pronounced than usual, as our customers’ priorities may change or they may have greater uncertainty regarding the availability of funding for our solutions as a result.
Our ability to further penetrate the market for our public safety solutions depends on several factors, including: maintaining a high level of customer satisfaction and a strong reputation among law enforcement; increasing the awareness of our ShotSpotter solutions and their benefits; the effectiveness of our marketing programs; the availability of funding to our customers, particularly in challenging economic conditions we experience from the COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia, and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears; our ability to expand ShotSpotter Investigate; and the costs of our solutions. Some potential public safety customers may be reluctant or unwilling to use our solution for a number of reasons, including concerns about additional costs, unwillingness to expose or lack of concern regarding the extent of gun violence in their community, uncertainty regarding the reliability and security of cloud-based offerings or lack of awareness of the benefits of our public safety solutions. If we are unsuccessful in expanding the coverage of ShotSpotter solutions by existing public safety customers or adding new customers, our revenues and growth prospects would suffer.
Our sales cycle can be lengthy, time-consuming and costly, and our inability to successfully complete sales could harm our business.
Our sales process involves educating prospective customers and existing customers about the use, technical capabilities and benefits of our solutions. Prospective customers, especially government agencies, often undertake a prolonged evaluation process that may last up to nine months or more and that typically involves comparing the benefits of our solutions to alternative uses of funds. We may spend substantial time, effort and money on our sales and marketing efforts without any assurance that our efforts will produce any sales.
In addition, in 2011 the Federal Bureau of Investigation’s (the “FBI”) Criminal Justice Information Services Division (the “CJIS”) issued the CJIS Security Policy, a set of standards for organizations that access criminal justice information (“CJI”). CJIS developed this policy to better protect the data it delivers to federal, state and local law enforcement agencies, from services like the National Crime Information Center, the Integrated Automated Fingerprint Identification System and the National Incident Based Reporting System. The policy is also designed to protect CJI that comes from sources other than the FBI. As part of the process of implementing ShotSpotter Investigate for a customer, we will have to complete a rigorous application process to become an approved CJIS compliant vendor. While this CJIS compliant vendor approval process is based upon the FBI’s CJIS Security Policy, a separate process will have to be completed in each state where ShotSpotter Investigate will be implemented.
We are continually improving our security, compliance, and processes. Our general processes are based on the NIST-800-53 standard with some aspects also being controlled by CJIS. In the third quarter of 2022, an audit of our processes under a SOC2 Type 2 audit commenced. This audit is expected to be completed in the fourth quarter of 2022. These initiatives will require fiscal and time investments. Failure to obtain a SOC2 Type 2 audit report or to be compliant with the CJIS standard could adversely affect our reputation and sales, as well as the availability of our solutions in certain markets.
40
Additionally, events affecting our customers’ budgets or missions may occur during the sales cycle that could negatively impact the size or timing of a purchase after we have invested substantial time, effort and resources into a potential sale, contributing to more unpredictability in the growth of our business. If we are unable to succeed in closing sales with new and existing customers, our business, operating results and financial condition will be harmed. During periods of economic uncertainty resulting from the COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears, and any associated impact on economic conditions, this risk is more pronounced than usual, as our customers’ priorities may change or they may have greater uncertainty regarding the availability of funding for our solutions as a result.
Changes in the availability of federal funding to support local law enforcement efforts could impact our business.
Many of our customers rely to some extent on funds from the U.S. federal government in order to purchase and pay for our solutions. Any reduction in federal funding for local law enforcement efforts could result in our customers having less access to funds required to continue, renew, expand or pay for our solutions. Increasing social unrest, protests against racial inequality, protests against police brutality and movements such as “Defund the Police” have increased in recent years. These events may directly or indirectly affect municipal and police agency budgets, including federal funding available to current and potential customers. If federal funding is reduced or eliminated and our customers cannot find alternative sources of funding to purchase our solutions, our business will be harmed.
Federal stimulus funding or earnings as a result of the COVID-19 pandemic does exist; however, we do not know whether additional stimulus funding will be made available to our existing or potential customers, and many state and local governments anticipate budget shortfalls without additional funding. Further, the allocation of and prioritization of stimulus funds or earnings is uncertain and may change. There is no guarantee that additional funding will be made available to fund our solutions.
Real or perceived false positive gunshot alerts or failure or perceived failure to generate alerts for actual gunfire could adversely affect our customers and their operations, damage our brand and reputation and adversely affect our growth prospects and results of operations.
A false positive alert, in which a non-gunfire incident is reported as gunfire, could result in an unnecessary rapid deployment of police officers and first responders, which may raise unnecessary fear among the occupants of a community or facility, and may be deemed a waste of police and first responder resources. A failure to alert law enforcement or security personnel of actual gunfire (false negative) could result in a less rapid or no response by police officers and first responders, increasing the probability of injury or loss of life. Both false positive alerts and the failure to generate alerts of actual gunfire (false negative) may result in customer dissatisfaction, potential loss of confidence in our solutions, and potential liabilities to customers or other third parties, any of which could harm our reputation and adversely impact our business and operating results. Additionally, third parties may misunderstand or misrepresent what constitutes a false positive or false negative and generate negative publicity regarding our solutions. For example, a May 2021 report by the MacArthur Center for Justice appears to argue that any incident that does not result in a police report is a false positive. The perception of a false positive alert or of a failure to generate an alert, even where our customers understand that our solutions were utilized correctly, could lead to negative publicity or harm the public perception of our solutions, which could harm our reputation and adversely impact our business and operating results.
The nature of our business may result in undesirable press coverage or other negative publicity.
Our solutions are used to assist law enforcement and first responders in the event that gunfire is detected. Even when our solutions work as intended, the incidents detected by our solutions could lead to injury, loss of life and other negative outcomes, and such events are likely to receive negative publicity. If we fail to detect an incident, or if we detect an incident, such as a terrorist attack or active-shooter event, but the response time of law enforcement or first responders is not sufficiently quick to prevent injury, loss of life, property damage or other adverse outcomes, we may receive negative media attention. At times, our data or information concerning our techniques and processes may become a matter of public record due to legal or other obligations (for example, as a result of public-records requests or subpoenas to provide information or to testify in court), and we may receive negative media attention as a result.
Our reputation and our business may be harmed by inaccurate reporting which could have an adverse impact on new sales or renewals or expansions of coverage areas by existing customers, which would adversely impact our financial results and future prospects. For example, in July 2021, VICE Media, LLC ("VICE") falsely accused us of illegal behavior,
41
which has had a material adverse effect on our business. We initiated a defamation lawsuit against VICE that has since been dismissed.
The role of our solutions and our personnel in criminal prosecutions or other court proceedings may result in unfavorable judicial rulings that generate negative publicity or otherwise adversely impact new sales or renewals or expansions of coverage areas by existing customers, which would adversely impact our financial results and future prospects. For instance, a court ruling limiting or excluding evidence related to information gathered through our systems or to the operation of our systems in a judicial proceeding could harm public perceptions of our business and solutions.
Economic uncertainties or downturns, or political changes, could limit the availability of funds available to our customers and potential customers, which could materially adversely affect our business.
Economic uncertainties or downturns could adversely affect our business and operating results. Negative conditions in the general economy both in the United States and abroad, including conditions resulting from changes in gross domestic product growth, inflation, interest rates, financial and credit market fluctuations, political deadlock, natural catastrophes, warfare, geopolitical tensions, such as the ongoing military conflict between Russia and Ukraine, terrorist attacks and infectious disease outbreaks, such as the COVID-19 pandemic, could cause a decrease in funds available to our customers and potential customers and negatively affect the rate of growth of our business.
These economic conditions may make it extremely difficult for our customers and us to forecast and plan future budgetary decisions or business activities accurately, and they could cause our customers to reevaluate their decisions to purchase our solutions, which could delay and lengthen our sales cycles or result in cancellations of planned purchases. Furthermore, during challenging economic times or as a result of political changes, our customers may tighten their budgets and face constraints in gaining timely access to sufficient funding or other credit, which could result in an impairment of their ability to make timely payments to us. In turn, we may be required to increase our allowance for doubtful accounts, which would adversely affect our financial results.
We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry, or the impact of political changes. If the economic conditions of the general economy or industries in which we operate worsen from present levels, or if recent political changes result in less funding being available to purchase our solutions, our business, operating results, financial condition and cash flows could be adversely affected.
New competitors may enter the market for our public safety solution.
If cities and other government entities increase their efforts to reduce gun violence or our solutions gain visibility in the market, companies could decide to enter into the public safety solution market and thereby increase the competition we face. In addition to other gunshot detection products, we also compete with other technologies and solutions targeting our public safety customers’ resources for law enforcement and crime prevention. Our competitors could benefit from the disclosure of our data or information concerning our techniques and processes due to legal or other obligations (for example, as a result of public-records requests or subpoenas to provide information or to testify in court). Because there are several possible uses for these limited budgetary resources, if we are not able to compete successfully for these limited resources, our business may not grow as we expect, which could adversely impact our revenues and operating results.
Concerns regarding privacy and government-sponsored surveillance may deter customers from purchasing our solutions.
Governmental agencies and private citizens have become increasingly sensitive to real or perceived government or third-party surveillance and may wrongly believe that our outdoor sensors allow customers to listen to private conversations and monitor private citizen activity. Our sensors are not designed for “live listening” and are triggered only by loud impulsive sounds that may likely be gunfire. However, perceived privacy concerns may result in negative media coverage and efforts by private citizens to persuade municipalities, educational institutions or other potential customers not to purchase our precision policing solutions for their communities, campuses or facilities. In addition, laws may exist or be enacted to address such concerns that could impact our ability to deploy our solutions. For example, the City of Toronto, Canada decided against using ShotSpotter solutions because the Ministry of the Attorney General of Ontario indicated that it may compromise Section 8 of Canada’s Charter of Rights and Freedoms, which relates to unreasonable search and seizure. If customers choose not to purchase our solutions due to privacy or surveillance concerns, then the
42
market for our solutions may develop more slowly than we expect, or it may not achieve the growth potential we expect, any of which would adversely affect our business and financial results.
Strategic and Operational Risks
If we are unable to sell our solutions into new markets, our revenues may not grow.
Part of our growth strategy depends on our ability to increase sales of our security and public safety solutions in markets outside of the United States. We are focused on expanding the sales of these solutions into new markets, but customers in these new markets may not be receptive or sales may be delayed beyond our expectations, causing our revenue growth and growth prospects to suffer. During periods of economic uncertainty resulting from the COVID-19 pandemic, geopolitical developments such as the conflict between Ukraine and Russia and other macroeconomic pressures in the United States and the global economy such as rising inflation and interest rates, energy prices and recession fears, and any associated impact on economic conditions, this risk is more pronounced than usual.
Our ability to successfully face these challenges depends on several factors, including increasing the awareness of our solutions and their benefits; the effectiveness of our marketing programs; the costs of our solutions; our ability to attract, retain and effectively train sales and marketing personnel; and our ability to develop relationships with communication carriers and other partners. If we are unsuccessful in developing and marketing our solutions into new markets, new markets for our solutions might not develop or might develop more slowly than we expect, either of which would harm our revenues and growth prospects.
The failure of our solutions to meet our customers’ expectations could harm our reputation, which may have a material adverse effect on our business, operating results and financial condition.
Promoting and demonstrating the utility of our solutions as useful, reliable and important tools for law enforcement and security personnel is critical to the success of our business. Our ability to secure customer renewals, expand existing customer coverage areas, and enter into new customer contracts is dependent on our reputation and our ability to deliver our solutions effectively. We believe that our reputation among police departments using ShotSpotter solutions is particularly important to our success. Our ability to meet customer expectations will depend on a wide range of factors, including:
•our ability to continue to offer high-quality, innovative and accurate precision policing solutions;
•our ability to maintain continuous gunshot detection monitoring during high outdoor-noise activity periods such as New Year’s Day, the Fourth of July and Cinco de Mayo, and Carnival for international deployments;
•our ability to maintain high customer satisfaction, including meeting our service level agreements standards;
•the perceived value and quality of our solutions;
•differences in opinion regarding the metrics that measure the success of our solutions;
•our ability to successfully communicate the unique value proposition of our solutions;
•our ability to provide high-quality customer support;
•any misuse or perceived misuse of our solutions;
•interruptions, delays or attacks on our platform;
•litigation- or regulation-related developments; and
•damage to or degradation of our sensors or sensor network by third parties.
Interruptions or performance problems associated with our technology and infrastructure may adversely affect our business and results of operations.
43
We have in the past experienced, and may in the future experience, performance issues due to a variety of factors, including infrastructure changes, human or software errors, intentional or accidental damage to our technology (including sensors), website or third-party hosting disruptions or capacity constraints due to a number of potential causes including technical failures, natural disasters or security attacks. If our security is compromised, our platform is unavailable or our users are unable to receive our alerts or otherwise communicate with our IRC reviewers, within a reasonable amount of time or at all, our business could be negatively affected. In some instances, we may not be able to identify the cause or causes of these performance problems within an acceptable period of time.
In addition, our IRC department personnel operate either remotely or out of our offices. Any interruption or delay in service from our IRC, such as from a communications or power outage, could limit our ability to deliver our solutions. In addition, it may become increasingly difficult to maintain and improve the performance of our solutions, especially during peak usage times as the capacity of our IRC operations reaches its limits. If there is an interruption or delay in service from our IRC operations and a gunshot is detected but not reviewed in the allotted time, our software will flag the incident for off-line review. This may result in delayed notifications to our customers and as a result, we could experience a decline in customer satisfaction with our solutions and our reputation and growth prospects could be harmed.
We expect to continue to make significant investments to maintain and improve the performance of our solutions. To the extent that we do not effectively address capacity constraints, upgrade our systems as needed and continually develop our technology to accommodate actual and anticipated changes in technology, our business, operating results and financial condition may be adversely affected.
We rely on wireless carriers to provide access to wireless networks through which our acoustic sensors communicate with our cloud-based backend and with which we provide our notification services to customers, and any interruption of such access would impair our business.
We rely on wireless carriers, mainly AT&T and Verizon, to provide access to wireless networks for machine-to-machine data transmissions, which are an integral part of our services. Our wireless carriers may suspend wireless service to expand, maintain or improve their networks. These wireless carriers perform routine maintenance and periodic software and firmware updates that may damage our sensors or make them inoperable. Any suspension or other interruption of services would adversely affect our ability to provide our services to our customers and may adversely affect our reputation. In addition, the terms of our agreements with these wireless carriers provide that either party can cancel or terminate the agreement for convenience. If one of our wireless carriers were to terminate its agreement with us, we would need to source a different wireless carrier and/or modify our equipment during the notice period in order to minimize disruption in the performance of our solutions. Price increases or termination by our wireless carriers or changes to existing contract terms could have a material adverse effect on our business, operating results and financial condition.
Furthermore, our reliance on wireless carriers may require updates to our technology, and making such updates could also result in interruptions in our service or increase our costs of operations. We may not be able to successfully implement new technologies or adapt existing technologies to changing market demands. If we are unable to adapt timely to changing technologies, market conditions or customer preferences, our business, operating results and financial condition could be materially and adversely affected.
Natural disasters, infectious disease outbreaks, power outages or other events impacting us or our customers could harm our operating results and financial condition.
We recognize revenue on a subscription basis as our solutions are provided to our customers over time. If our services are disrupted due to natural disasters, infectious disease outbreaks, power outages or other events that we cannot control, we may not be able to continue providing our solutions as expected.
When we stop providing coverage, we also stop recognizing revenues as a result of the affected subscription agreement. If we are forced to discontinue our services due to natural disasters, power outages and other events outside of our control, our revenues may decline, which would negatively impact our results of operations and financial condition. In addition, we may face liability for damages caused by our sensors in the event of heavy weather, hurricanes or other natural disasters. We may also incur additional costs to repair or replace installed sensor networks damaged by heavy weather, hurricanes or other natural disasters.
Any of our facilities or operations may be harmed or rendered inoperable by natural or man-made disasters, including earthquakes, tornadoes, hurricanes, wildfires, floods, nuclear disasters, acts of terrorism or other criminal
44
activities, infectious disease outbreaks, such as COVID-19, and power outages, which may render it difficult or impossible for us to operate our business for some period of time or decrease productivity. For example, our primary IRC and a data center that hosts some of our customer services are located in the San Francisco Bay Area, a region known for seismic activity. Our facilities would likely be costly to repair or replace, and any such efforts would likely require substantial time. In addition, like many companies, at the beginning of the COVID-19 pandemic, we implemented a work from home policy. We expect to work in a hybrid work model for the foreseeable future. This policy may negatively impact productivity of our employees.
Any disruptions in our operations could negatively impact our business and operating results and harm our reputation. In addition, we may not carry business insurance or may not carry sufficient business insurance to compensate for losses that may occur. Any such losses or damages could have a material adverse effect on our business, operating results and financial condition. In addition, the facilities of significant vendors, including the manufacturer of our proprietary acoustic sensor, may be harmed or rendered inoperable by such natural or man-made disasters, which may cause disruptions, difficulties or material adverse effects on our business.
The incurrence of debt may impact our financial position and subject us to additional financial and operating restrictions.
On September 27, 2018, we entered into a senior secured revolving credit facility with Umpqua Bank (the “Umpqua Credit Agreement”), which we increased to $20.0 million in August 2020 and which we intend to use for general working capital purposes, as needed. In September 2022, we obtained an extension of the term of the Umpqua Credit Agreement, originally set to expire in September 2022, through November 27, 2022, while we negotiate renewal terms. During the nine months ended September 30, 2022, we utilized $5.0 million of our loan facility for a letter of credit related to a customer contract requirement. Our available loan facility at September 30, 2022 was approximately $15.0 million, and as of September 30, 2022, no amounts were outstanding on our loan facility.
Under the Umpqua Credit Agreement, we are subject to various negative covenants that limit, subject to certain exclusions, our ability to incur indebtedness, make loans, invest in or secure the obligations of other parties, pay or declare dividends, make distributions with respect to our securities, redeem outstanding shares of our stock, create subsidiaries, materially change the nature of our business, enter into related party transactions, engage in mergers and business combinations, the acquisition or transfer of our assets outside of the ordinary course of business, grant liens or enter into collateral relationships involving company assets or reincorporate, reorganize or dissolve the company. These covenants could adversely affect our financial health and business and future operations by, among other things:
•making it more difficult to satisfy our obligations, including under the terms of the Umpqua Credit Agreement;
•limiting our ability to refinance our debt on terms acceptable to us or at all;
•limiting our flexibility to plan for and adjust to changing business and market conditions and increasing our vulnerability;
•limiting our ability to use our available cash flow to fund future acquisitions, working capital, business activities, and other general corporate requirements; and
•limiting our ability to obtain additional financing for working capital to fund growth or for general corporate purposes, even when necessary to maintain adequate liquidity.
We are also required to maintain certain financial covenants tied to our leverage, interest charges and profitability. Our ability to meet such covenants (those negative covenants discussed in the preceding paragraph) or other restrictions can be affected by events beyond our control, and our failure to comply with the financial and other covenants would be an event of default under the Umpqua Credit Agreement. If an event of default under the Umpqua Credit Agreement, has occurred and is continuing, the outstanding borrowings thereunder could become immediately due and payable, and we would then be required to cash collateralize any letters of credit then outstanding, and the lender could refuse to permit additional borrowings under the facility. We cannot assure you that we would have sufficient assets to repay those borrowings and, if we are unable to repay those amounts, the lender could proceed against the collateral granted to them to secure such indebtedness. We have pledged substantially all of our assets as collateral, and an event of default would likely have a material adverse effect on our business.
45
The competitive landscape for our security solutions is evolving.
The market for security solutions for university campuses, corporate campuses and transportation and key infrastructure centers includes a number of available options, such as video surveillance and increased human security presence. Because there are several possible uses of funds for security needs, we may face increased challenges in demonstrating or distinguishing the benefits of ShotSpotter SecureCampus and ShotSpotter SiteSecure. In particular, while we have seen growing interest in our security solutions, interest in the indoor gunshot detection offering was limited, and as a result, in June 2018, we made the strategic decision to cease indoor coverage as part of our service offering.
Failure to effectively develop and expand our sales and marketing capabilities could harm our ability to increase our customer base and achieve broader market acceptance of our solutions.
To increase total customers and customer coverage areas and to achieve broader market acceptance of our solutions, we will need to expand our sales and marketing organization and increase our business development resources, including the vertical and geographic distribution of our sales force and our teams of account executives focused on new accounts and responsible for renewal and growth of existing accounts.
Our business requires that our sales personnel have particular expertise and experience in working with law enforcement agencies, other government organizations and higher education institutions. We may not achieve revenue growth from expanding our sales force if we are unable to hire, develop and retain talented sales personnel with appropriate experience, if our new sales personnel are unable to achieve desired productivity levels in a reasonable period of time or if our sales and marketing programs are not effective.
During the COVID-19 pandemic, this risk was more pronounced than usual, as our sales and marketing organization were unable to travel and meetings with our current and potential customers were more difficult to conduct.
Our strategy includes pursuing acquisitions, and our inability to successfully integrate newly-acquired technologies, assets or businesses may harm our financial results. Future acquisitions of technologies, assets or businesses, which are paid for partially or entirely through the issuance of stock or stock rights, could dilute the ownership of our existing stockholders.
We acquired LEEDS in November 2020 and Forensic Logic in January 2022 in order to enhance our precision policing platform. We will continue to evaluate and consider potential strategic transactions, including acquisitions of, or investments in, businesses, technologies, services, products and other assets in the future. We also may enter into relationships with other businesses to expand our platform and applications, which could involve preferred or exclusive licenses, additional channels of distribution, discount pricing or investments in other companies.
We believe that part of our continued growth will be driven by acquisitions of other companies or their technologies, assets, businesses and teams. Acquisitions in the future that we complete will give rise to risks, including:
•incurring higher than anticipated capital expenditures and operating expenses;
•failing to assimilate the operations and personnel or failing to retain the key personnel of the acquired company or business;
•failing to integrate the acquired technologies, or incurring significant expense to integrate acquired technologies, into our platform and applications;
•disrupting our ongoing business;
•diverting our management’s attention and other company resources;
•failing to maintain uniform standards, controls and policies;
•incurring significant accounting charges;
•impairing relationships with our customers and employees;
46
•finding that the acquired technology, asset or business does not further our business strategy, that we overpaid for the technology, asset or business or that we may be required to write off acquired assets or investments partially or entirely;
•failing to realize the expected synergies of the transaction;
•being exposed to unforeseen liabilities and contingencies that were not identified prior to acquiring the company; and
•being unable to generate sufficient revenues and profits from acquisitions to offset the associated acquisition costs.
Fully integrating an acquired technology, asset or business into our operations may take a significant amount of time. We may not be successful in overcoming these risks or any other problems encountered with the acquisition of and integration of LEEDS, Forensic Logic, or any future acquisitions. To the extent that we do not successfully avoid or overcome the risks or problems related to any such acquisitions, our results of operations and financial condition could be harmed. Acquisitions also could impact our financial position and capital requirements or could cause fluctuations in our quarterly and annual results of operations. Acquisitions could include significant goodwill and intangible assets, which may result in future impairment charges that would reduce our stated earnings. We may incur significant costs in our efforts to engage in strategic transactions and these expenditures may not result in successful acquisitions.
We expect that the consideration we might pay for any future acquisitions of technologies, assets, businesses or teams could include stock, rights to purchase stock, cash or some combination of the foregoing. If we issue stock or rights to purchase stock in connection with future acquisitions, net income per share and then-existing holders of our common stock may experience dilution.
The nature of our business exposes us to inherent liability risks.
Our gunshot detection solutions are designed to communicate real-time alerts of gunfire incidents to police officers and first responders. Due to the nature of such applications, we are potentially exposed to greater risks of liability for employee acts or omissions or system failures than may be inherent in other businesses. Although substantially all of our customer agreements contain provisions limiting our liability to our customers, we cannot be certain that these limitations will be enforced or that the costs of any litigation related to actual or alleged omissions or failures would not have a material adverse effect on us even if we prevail. Further, certain of our insurance policies and the laws of some states may limit or prohibit insurance coverage for punitive or certain other types of damages or liability arising from gross negligence, or other issues, such as damages caused due to installation of our sensors on buildings owned by third parties, and we cannot assure you that we are adequately insured against the risks that we face.
Real or perceived errors, failures or bugs in our software could adversely affect our operating results and growth prospects.
Because our software is complex, undetected errors, failures or bugs may occur. Our software is often installed and used with different operating systems, system management software, and equipment and networking configurations, which may cause errors or failures of our software or other aspects of the computing environment into which it is deployed. In addition, deployment of our software into computing environments may expose undetected errors, compatibility issues, failures or bugs in our software. Despite our testing, errors, failures or bugs may not be found in our software until it is released to our customers. Moreover, our customers could incorrectly implement or inadvertently misuse our software, which could result in customer dissatisfaction and adversely impact the perceived utility of our products as well as our brand. Any of these real or perceived errors, compatibility issues, failures or bugs in our software could result in negative publicity, reputational harm, loss of or delay in market acceptance of our software, loss of competitive position or claims by customers for losses sustained by them. In any such event, we may be required, or may choose, for customer relations or other reasons, to expend additional resources in order to correct the problem. Alleviating any of these problems could require significant expenditures of our capital and other resources and could cause interruptions or delays in the use of our solutions, which could cause us to lose existing or potential customers and could adversely affect our operating results and growth prospects.
47
Interruptions or delays in service from our third-party providers could impair our ability to make our solutions available to our customers, resulting in customer dissatisfaction, damage to our reputation, loss of customers, limited growth and reduction in revenues.
We currently use third-party data center hosting facilities to host certain components of our solutions. Our operations depend, in part, on our third-party providers’ abilities to protect these facilities against damage or interruption from natural disasters, power or communications failures, cyber incidents, criminal acts and similar events. In the event that any of our third-party facility arrangements is terminated, or if there is a lapse of service or damage to a facility, we could experience service interruptions in our solutions as well as delays and additional expenses in arranging new facilities and services. The COVID-19 pandemic and its work-from-home policies may increase the likelihood of service interruptions or cyber incidents at these data center hosting facilities. Any changes in third-party service levels at our data centers or any errors, defects, disruptions, cyber incidents or other performance problems with our solutions could harm our reputation.
Any damage to, or failure of, the systems of the communications providers with whom our data center provider contracts could result in interruptions to our solutions. The occurrence of spikes in usage volume, natural disasters, cyber incidents, acts of terrorism, vandalism or sabotage, closure of a facility without adequate notice or other unanticipated problems could result in lengthy interruptions in the availability of our services. Problems faced by these network providers, or with the systems by which they allocate capacity among their customers, including us, could adversely affect the experience of our customers. The COVID-19 pandemic and its associated work-from-home policies may increase the likelihood of these problems with such network providers and their capacity allocation systems. Interruptions in our services might cause us to issue refunds to customers and subject us to potential liability.
Further, our insurance policies may not adequately compensate us for any losses that we may incur in the event of damage or interruption, and therefore the occurrence of any of the foregoing could subject us to liability, cause us to issue credits to customers or cause customers not to renew their subscriptions for our applications, any of which could materially adversely affect our business.
If our security measures or those of our customers or third-party providers are compromised, or if our data or data of our customers is otherwise compromised, our solutions may be perceived as not being secure, our customers may be harmed and may curtail or cease their use of our solutions, our reputation may be damaged and we may incur significant liabilities.
Our operations involve the storage and transmission of proprietary, confidential, and sensitive data, such as gunfire incident data, including date, time, address and GPS coordinates, occurring in our customer’s coverage area. Additionally, our systems read, write, store and transfer information from third parties including criminal justice information. Access to some of this data is contingent on complying with federal and applicable state security policies, which requires background checks, the use of encryption and compliance with other information security policies.
Security incidents, whether as a result of third-party action, employee or customer error, technology impairment or failure, malfeasance or criminal activity, could result in unauthorized access to, or loss or unauthorized disclosure of, data which could result in; inability to obtain approvals to sell our products, litigation expenses or damages, indemnity and other contractual obligations and other possible liabilities, including but not limited to government fines and penalties and mitigation expenses, as well as negative publicity, which could damage our reputation, impair our sales and harm our customers and our business.
Cyber incidents, malicious internet-based activity, and online and offline fraud are prevalent and continue to increase generally, and providers of cloud-based services have been targeted. Threats to our information systems and data, and those of third parties upon which we rely, come from a variety of sources. In addition to traditional computer “hackers,” threat actors, personnel (such as through theft or misuse), sophisticated nation-states and nation-state-supported actors also engage in attacks. We and the third parties upon which we rely may be subject to a variety of evolving threats, including but not limited to social-engineering attacks (including through phishing attacks), malicious code (such as viruses and worms), malware (including as a result of advanced persistent threat intrusions), denial-of-service attacks (such as credential stuffing), personnel misconduct or error, and supply-chain attacks. Ransomware attacks are becoming increasingly prevalent and severe and can lead to significant interruptions in our operations, loss of data and income, reputational harm, and diversions of funds. Extortion payments may alleviate the negative impact of a ransomware attack, but we may be unwilling or unable to make such payments due to, for example, applicable laws or regulations prohibiting such payments.
48
If third parties with whom we work, such as vendors or developers, violate applicable laws or our security policies, such violations may also put our systems and data at risk and could in turn have an adverse effect on our business. In addition, such a violation could expose sensitive data including; criminal justice information, and other data we are contractually obliged to keep confidential. The COVID-19 pandemic may increase the likelihood of such cyber incidents. We may be unable to anticipate or prevent techniques used to obtain unauthorized access or to sabotage systems because such techniques change frequently and often are not detected until after an incident has occurred. As we increase our customer base and our brand becomes more widely known and recognized, third parties may increasingly seek to compromise our security controls or gain unauthorized access to customer data or other sensitive information. Further, because of the nature of the services that we provide to our customers, we may be a unique target for attacks.
Many governments have enacted laws requiring companies to notify individuals of data security incidents or unauthorized transfers involving certain types of personal information. In addition, some of our customers contractually require notification of any data security incident. Accordingly, security incidents experienced by our competitors, by our customers or by us may lead to public disclosures, which may lead to widespread negative publicity and significant costs. Any security compromise in our industry, whether actual or perceived, could harm our reputation, erode customer confidence in the effectiveness of our security measures, negatively impact our ability to attract new customers, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could materially and adversely affect our business and operating results. Further, the costs of compliance with notification laws and contractual obligations may be significant and any requirement that we provide such notifications as a result of an actual or alleged compromise could have a material and adverse effect on our business. Our contracts may not contain limitations of liability, and even where they do, there can be no assurance that limitations of liability in our contracts are sufficient to protect us from liabilities, damages, or claims related to our data privacy and security incidents.
While we maintain general liability insurance coverage and coverage for errors or omissions, we cannot assure you that such coverage would be adequate or would otherwise protect us from liabilities or damages with respect to claims alleging compromise or loss of data, or that such coverage will continue to be available on acceptable terms or at all.
We rely on the cooperation of customers and third parties to permit us to install our ShotSpotter sensors on their facilities, and failure to obtain these rights could increase our costs or limit the effectiveness of our ShotSpotter Respond solution.
Our ShotSpotter Respond solution requires us to deploy ShotSpotter sensors in our customer coverage areas, which typically entails the installation of approximately 20 to 25 sensors per square mile. The ShotSpotter sensors are mounted on city facilities and third-party buildings, and occasionally on city or utility-owned light poles, and installing the sensors requires the consent of the property owners, which can be time-consuming to obtain and can delay deployment. Generally, we do not pay a site license fee in order to install our sensors, and our contractual agreements with these facility owners provide them the right to revoke permission to use their facility with notice of generally 60 days.
To the extent that required consents delay our ability to deploy our solutions or facility owners do not grant permission to use their facilities, revoke previously granted permissions, or require us to pay a site license fee in order to install our sensors, our business may be harmed. If we were required to pay a site license fee in order to install sensors, our deployment expenses would increase, which would impact our gross margins. If we cannot obtain a sufficient number of sensor mounting locations that are appropriately dispersed in a coverage area, the effectiveness of our ShotSpotter Respond solution would be limited, and we may need to reduce the coverage area of the solution. During the COVID-19 pandemic, our installation team has been unable to travel at times. Additionally, both our installation team and our third-party providers are facing greater challenges in obtaining permissions to install and in installing our sensors. To the extent our deployments are delayed for these reasons, we may not be able to meet our service level requirements, any of which could result in customer dissatisfaction or have a material adverse impact on our reputation, our business and our financial results.
If we fail to offer high-quality customer support, our business and reputation may suffer.
We offer customer support 24 hours a day, seven days a week, as well as training on best practices, forensic expertise and expert witness services. Providing these services requires that our personnel have specific experience, knowledge and expertise, making it more difficult for us to hire qualified personnel and to scale up our support operations. The importance of high-quality customer support will increase as we expand our business and pursue new customers. We may be unable to respond quickly enough to accommodate short-term increases in customer demand for support services or scale our
49
services if our business grows. Increased customer demand for these services, without corresponding revenues, could increase our costs and harm our operating results. If we do not help our customers use applications within our solutions and provide effective ongoing support, our ability to sell additional applications to, or to retain, existing customers may suffer and our reputation with existing or potential customers may be harmed.
We rely on a limited number of suppliers and contract manufacturers, and our proprietary ShotSpotter sensors are manufactured by a single contract manufacturer.
We rely on a limited number of suppliers and contract manufacturers. In particular, we use a single manufacturer, with which we have no long-term contract and from which we purchase on a purchase-order basis, to produce our proprietary ShotSpotter sensors. Our reliance on a sole contract manufacturer increases our risks since we do not currently have any alternative or replacement manufacturers, and we do not maintain a high volume of inventory. In the event of an interruption in our supply from our sole contract manufacturer, we may not be able to develop alternate or secondary sources without incurring material additional costs and substantial delays. Furthermore, these risks could materially and adversely affect our business if one of our contract manufacturers is impacted by a natural disaster or other interruption at a particular location because each of our contract manufacturers produces our products from a single location. Although each of our contract manufacturers has alternative manufacturing locations, transferring manufacturing to another location may result in significant delays in the availability of our sensors. Also, many standardized components used broadly in our sensors are manufactured in significant quantities in concentrated geographic regions, particularly in Greater China. As a result, protracted regional crises, issues with manufacturing facilities, or the COVID-19 pandemic, could lead to eventual shortages of necessary components. It could be difficult, costly and time consuming to obtain alternative sources for these components, or to change product designs to make use of alternative components. In addition, difficulties in transitioning from an existing supplier to a new supplier could create delays in component availability that would have a significant impact on our ability to fulfill orders for our products.
Many of the key components used to manufacture our proprietary ShotSpotter sensors also come from limited or sole sources of supply. Our contract manufacturer generally purchases these components on our behalf, and we do not have any long-term arrangements with our suppliers. We are therefore subject to the risk of shortages and long lead times in the supply of these components and the risk that suppliers discontinue or modify components used in our products. In addition, the lead times associated with certain components are lengthy and preclude rapid changes in quantities and delivery schedules. The supply of chips required for our sensors is being adversely impacted by disruptions to the global supply chain. If the supply chain continues to experience disruptions, we may not be able to meet our desired timelines for deployments in the future. Developing alternate sources of supply for these components, when required may be time-consuming, difficult, and costly, and we or our suppliers may not be able to source these components on terms that are acceptable to us, or at all, which may undermine our ability to fill our orders in a timely manner.
For example, for our ShotSpotter sensors, it may take a significant amount of time to identify a contract manufacturer that has the capability and resources to build the sensors to our specifications. Identifying suitable suppliers and contract manufacturers is an extensive process that requires us to become satisfied with their quality control, technical capabilities, responsiveness and service, financial stability, regulatory compliance, and labor and other ethical practices. Accordingly, the loss of any key supplier or contract manufacturer could adversely impact our business, operating results and financial condition.
Our solutions use third-party software and services that may be difficult to replace or cause errors or failures of our solutions that could lead to a loss of customers or harm to our reputation and our operating results.
We license third-party software and depend on services from various third parties for use in our solutions. In the future, such software or services may not be available to us on commercially reasonable terms, or at all. Any loss of the right to use any of the software or services could result in decreased functionality of our solutions until equivalent technology is either developed by us or, if available from another provider, is identified, obtained and integrated, which could harm our business. In addition, any errors or defects in or failures of the third-party software or services could result in errors or defects in our solutions or cause our solutions to fail, which could harm our business and be costly to correct. Many of these providers attempt to impose limitations on their liability for such errors, defects or failures, and if enforceable, we may have additional liability to our customers or third-party providers that could harm our reputation and increase our operating costs.
50
We will need to maintain our relationships with third-party software and service providers, and obtain from such providers software and services that do not contain any errors or defects. Any failure to do so could adversely impact our ability to deliver effective products to our customers and could harm our operating results.
If we do not or cannot maintain the compatibility of our platform with applications that our customers use, our business could suffer.
Some of our customers choose to integrate our solutions with certain other systems used by our customers, such as real-time LEEDS or Forensic Logic platforms or computer-aided dispatch systems. The functionality and popularity of our solutions depend, in part, on our ability to integrate our solutions into these systems. Providers of these systems may change the features of their technologies, restrict our access to their applications or alter the terms governing use of their applications in an adverse manner. Such changes could functionally limit or terminate our ability to use these technologies in conjunction with our solutions, which could negatively impact our customer service and harm our business. If we fail to integrate our solutions with applications that our customers use, we may not be able to offer the functionality that our customers need, and our customers may not renew their agreements, which would negatively impact our ability to generate revenues and adversely impact our business.
We are in the process of expanding our international operations, which exposes us to significant risks.
We currently operate in limited number of locations outside the United States. A key component to our business strategy is to expand our international operations to increase our revenues from customers outside of the United States as part of our growth strategy. Operating in international markets requires significant resources and management attention and will subject us to regulatory, economic and political risks in addition to those we already face in the United States. In addition, we will need to invest time and resources in understanding the regulatory framework and political environments of our potential customers overseas in order to focus our sales efforts. Because such regulatory and political considerations are likely to vary across jurisdictions, this effort will require additional time and attention from our sales team and could lead to a sales cycle that is longer than our typical process for sales in the United States. We also may need to hire additional employees and otherwise invest in our international operations in order to reach new customers. Because of our limited experience with international operations as well as developing and managing sales in international markets, our international expansion efforts may be delayed or may not be successful.
In addition, we face and will continue to face risks in doing business internationally that could adversely affect our business, including:
•the potential impact of currency exchange fluctuations;
•the need to comply with local data residency requirements;
•the availability and reliability of local data centers and internet bandwidth providers;
•the difficulty of staffing and managing international operations and the increased operations, travel, shipping and compliance costs associated with having customers in numerous international locations;
•potentially greater difficulty collecting accounts receivable and longer payment cycles;
•the availability and cost of coverage by wireless carriers in international markets;
•higher or more variable costs associated with wireless carriers and other service providers;
•the need to offer customer support in various languages;
•challenges in understanding and complying with local laws, regulations and customs in foreign jurisdictions, including laws regarding privacy and government surveillance;
•export controls and economic sanctions administered by the Department of Commerce Bureau of Industry and Security and the Treasury Department’s Office of Foreign Assets Control;
51
•compliance with various anti-bribery and anti-corruption laws such as the Foreign Corrupt Practices Act and United Kingdom Bribery Act of 2010;
•tariffs and other non-tariff barriers, such as quotas and local content rules;
•more limited protection for our intellectual property in some countries;
•adverse or uncertain tax consequences as a result of international operations;
•currency control regulations, which might restrict or prohibit our conversion of other currencies into U.S. dollars;
•restrictions on the transfer of funds;
•deterioration of political relations between the United States and other countries; and
•political or social unrest, global pandemics such as the COVID-19 pandemic or economic instability in a specific country or region in which we operate, which could have an adverse impact on our operations in that location.
Also, we expect that due to costs related to our international expansion efforts and the increased cost of doing business internationally, we will incur higher costs to secure sales to international customers than the comparable costs for domestic customers. As a result, our financial results may fluctuate as we expand our operations and customer base worldwide.
Our failure to manage any of these risks successfully could harm our international operations, and adversely affect our business, operating results and financial condition.
We are dependent on the continued services and performance of our senior management and other key personnel, the loss of any of whom could adversely affect our business.
Our future success depends in large part on the continued contributions of our senior management and other key personnel. In particular, the leadership of key management personnel is critical to the successful management of our company, the development of our products, and our strategic direction. We also depend on the contributions of key technical personnel.
We do not maintain “key person” insurance for any member of our senior management team or any of our other key employees. Our senior management and key personnel are all employed on an at-will basis, which means that they could terminate their employment with us at any time, for any reason and without notice. The loss of any of our key management personnel could significantly delay or prevent the achievement of our development and strategic objectives and adversely affect our business.
If we are unable to attract, integrate and retain additional qualified personnel, including top technical talent, our business could be adversely affected.
Our future success depends in part on our ability to identify, attract, integrate and retain highly skilled technical, managerial, sales and other personnel. We face intense competition for qualified individuals from numerous other companies, including other software and technology companies, many of whom have greater financial and other resources than we do. Some of these characteristics may be more appealing to high-quality candidates than those we have to offer. In addition, new hires often require significant training and, in many cases, take significant time before they achieve full productivity. We may incur significant costs to attract and retain qualified personnel, including significant expenditures related to salaries and benefits and compensation expenses related to equity awards, and we may lose new employees to our competitors or other companies before we realize the benefit of our investment in recruiting and training them. Moreover, new employees, especially those who work from home, may not be or become as productive as we expect, as we may face challenges in adequately or appropriately integrating them into our workforce and culture. If we are unable to attract, integrate and retain suitably qualified individuals who are capable of meeting our growing technical, operational and managerial requirements, on a timely basis or at all, our business will be adversely affected.
52
Volatility or lack of positive performance in our stock price may also affect our ability to attract and retain our key employees. Many of our senior management personnel and other key employees have become, or will soon become, vested in a substantial amount of stock or stock options. Employees may be more likely to leave us if the shares they own or the shares underlying their vested options have significantly appreciated in value relative to the original purchase prices of the shares or the exercise prices of the options, or, conversely, if the exercise prices of the options that they hold are significantly above the market price of our common stock. If we are unable to appropriately incentivize and retain our employees through equity compensation, or if we need to increase our compensation expenses in order to appropriately incentivize and retain our employees, our business, operating results and financial condition would be adversely affected.
Legal and Regulatory Risks
We and our use of outdoor acoustic sensors, are subject to governmental regulation and other legal obligations, particularly related to privacy, data protection and information security, and our actual or perceived failure to comply with such obligations could harm our business. Compliance with such laws could impair our efforts to maintain and expand our customer base, and thereby decrease our revenues.
Our outdoor sensors are acoustic devices that are designed to recognize impulsive sounds that are likely to be gunfire. ShotSpotter sensors do not use high gain, directional or other specialized microphones, or have the ability to live stream audio. Typically, sounds, noises or voices captured on the secure sensors are cached temporarily but are written over and permanently deleted within 30 hours. When a sensor is triggered by a loud impulsive sound, it creates what we refer to as a potential gunshot “incident” that contains a recording, which includes no more than one second before the incident and one second after the incident. This incident audio snippet is preserved indefinitely for potential evidentiary use. We also use information collected to support, expand and improve our software algorithms as well as our gunfire detection and notification methods.
Our sensors are not designed or tuned to capture human voices, but are often installed in densely populated urban areas and it is possible they could pick up a human voice that is audible at the same time as the loud impulsive sound. Human voices are not impulsive and do not typically trigger the sensors, and unless accompanied by an impulsive sound no audio snippet would be transmitted out of the sensor and preserved as an incident audio snippet. Any human voice not associated with a loud impulsive sound would be temporarily cached on the sensor for 30 hours and would then be written over and permanently deleted. Information derived from loud impulsive sounds (“incidents”) and the associated audio snippet of the loud impulsive sounds are provided to our customers. Audio shared with our customers is limited, by both our technology and our privacy policies, to the audio snippet containing the incident.
Our handling and storage of data is subject to a variety of local, state, federal and foreign laws and regulations, including restrictions on audio monitoring and the collection, use, storage and disclosure of personal information. In the United States, such laws include federal and state consumer protection laws under which the Federal Trade Commission and state attorneys general have imposed standards for the collection, use, disclosure and security of personal information.
In addition, states are beginning to adopt and consider proposals for new comprehensive privacy laws and regulations. While these laws vary, they generally require companies to implement privacy policies and security measures, permit users to access, correct and delete personal information, inform individuals of security breaches that affect their personal information, and, in some cases, obtain individuals’ consent to use personal information for certain purposes. For example, California enacted the California Consumer Privacy Act of 2018 ("CCPA"), which took effect on January 1, 2020. The CCPA provides for civil penalties for violations, as well as a private right of action for statutory damages in connection with certain data breaches. Further, in November 2020, California voters passed the California Privacy Rights Act ("CPRA"), which will expand the CCPA when it takes effect on January 1, 2023. Among other things, the CPRA will introduce data minimization and storage limitation requirements and create a new regulatory agency to implement and enforce the law. Virginia and Colorado have similarly enacted comprehensive privacy laws, the Consumer Data Protection Act and the Colorado Privacy Act, which are similar to the CCPA and CPRA in many respects. Legislative proposals to adopt comprehensive privacy laws in other states are under consideration.
In addition, foreign laws and regulations pertaining to privacy, data protection and information security – including in South Africa, Europe, Brazil and Japan – have becoming increasingly stringent in recent years and legislative proposals for similar requirements are being considered in several other major foreign economies. Many of these countries are also beginning to impose or increase restrictions on the transfer of personal information to other countries. Data protection restrictions in these countries may limit the services we can offer in them, which in turn may limit demand for our services in such countries.
53
Many of the new and proposed laws and regulations concerning privacy, data protection and information security are in their early stages, and we cannot yet determine how these laws and regulations may be interpreted or impact our business. The lack of a clear and universal standard for handling and protecting such information means that these obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other requirements or our practices. Any failure or perceived failure by us to comply with privacy or security laws, policies, legal obligations or industry standards or any security incident that results in the unauthorized access to or disclosure of personal information or customer data may result in governmental enforcement actions, litigation, fines and penalties and/or adverse publicity, and could cause our customers to lose trust in us, which could have a material adverse effect on our reputation and on our business, financial condition and results of operations.
Some proposed laws or regulations concerning privacy, data protection and information security are in their early stages, and we cannot yet determine how these laws and regulations may be interpreted nor can we determine the impact these proposed laws and regulations, may have on our business. Such proposed laws and regulations may require companies to implement privacy and security policies, permit users to access, correct and delete personal information stored or maintained by such companies, inform individuals of security breaches that affect their personal information, and, in some cases, obtain individuals’ consent to use personal information for certain purposes. In addition, a foreign government could require that any personal information collected in a country not be disseminated outside of that country, and we may not be currently equipped to comply with such a requirement. Our failure to comply with federal, state and foreign data privacy laws and regulators could harm our ability to successfully operate our business and pursue our business goals.
We may be subject to additional obligations to collect and remit certain taxes, and we may be subject to tax liability for past activities, which could harm our business.
State, local and foreign jurisdictions have differing rules and regulations governing sales, use, value added and other taxes, and these rules and regulations are subject to varying interpretations that may change over time, particularly with respect to software-as-a-service products like our solutions. Further, these jurisdictions’ rules regarding tax nexus are complex and vary significantly. If one or more jurisdictions were to assert that we have failed to collect taxes for sales of our solutions, we could face the possibility of tax assessments and audits. A successful assertion that we should be collecting additional sales, use, value added or other taxes in those jurisdictions where we have not historically done so and do not accrue for such taxes could result in substantial tax liabilities and related penalties for past sales or otherwise harm our business and operating results.
Our ability to use our net operating losses to offset future taxable income may be subject to certain limitations.
As of September 30, 2022, we had federal net operating loss carryforwards (“NOLs”) of approximately $78.6 million, of which $73.7 million will begin to expire in 2027, if not utilized. The remaining net operating losses of $4.9 million can be carried forward indefinitely under the Tax Cuts and Jobs Act. As of September 30 2022, we also had state NOLs of approximately $50.0 million, which will expire, if not utilized, between 2022 through 2039. These federal and state NOLs may be available to reduce future income subject to income taxes. In general, under Section 382 of the Internal Revenue Code of 1986, as amended, a corporation that undergoes an “ownership change” is subject to limitations on its ability to utilize its NOLs to offset future taxable income. Past or future changes in our stock ownership, some of which are outside of our control, may have resulted or could result in an ownership change. State NOLs generated in one state cannot be used to offset income generated in another state. In addition, at the state level, there may be periods during which the use of NOLs is suspended or otherwise limited, such as the 2020 temporary suspension of the ability to use California NOLs and limitation on the use of certain tax credits to offset California income and tax liabilities, which could accelerate or permanently increase state taxes owed.
We may be subject to litigation for a variety of claims or to other legal requests, which could adversely affect our results of operations, harm our reputation or otherwise negatively impact our business.
We may be subject to litigation for a variety of claims arising from our normal business activities. These may include claims, suits, and proceedings involving labor and employment, wage and hour, commercial and other matters. The outcome of any litigation, regardless of its merits, is inherently uncertain. Any claims and lawsuits, and the disposition of such claims and lawsuits, could be time-consuming and expensive to resolve, divert management attention and resources, and lead to attempts on the part of other parties to pursue similar claims. Any adverse determination related to litigation could adversely affect our results of operations, harm our reputation or otherwise negatively impact our business. In
54
addition, depending on the nature and timing of any such dispute, a resolution of a legal matter could materially affect our future operating results, our cash flows or both.
An unfavorable outcome on any litigation matters could require us to pay substantial damages, or, in connection with any intellectual property infringement claims, could require us to pay ongoing royalty payments or could prevent us from selling certain of our products. As a result, a settlement of, or an unfavorable outcome on, any of the matters referenced above or other litigation matters could have a material adverse effect on our business, operating results, financial condition and cash flows.
We, or our customers, may be subject to requests for our data or information concerning our techniques and processes, pursuant to state or federal law (for example, public-records requests or subpoenas to provide information or to testify in court). This data and information, some of which we may deem to be confidential or trade secrets, could therefore become a matter of public record and also become accessible by competitors, which could negatively impact our business.
Changes in financial accounting standards may cause adverse and unexpected revenues fluctuations and impact our reported results of operations.
The accounting rules and regulations that we must comply with are complex and subject to interpretation by the Financial Accounting Standards Board, the Securities and Exchange Commission and various bodies formed to promulgate and interpret appropriate accounting principles. In addition, many companies’ accounting disclosures are being subjected to heightened scrutiny by regulators and the public. Further, the accounting rules and regulations are continually changing in ways that could impact our financial statements.
Changes to accounting principles or our accounting policies on our financial statements going forward are difficult to predict, could have a significant effect on our reported financial results, and could affect the reporting of transactions completed before the announcement of the change. In addition, were we to change our critical accounting estimates, including the timing of recognition of subscription and professional services revenues and other revenues sources, our results of operations could be significantly impacted.
Failure to protect our intellectual property rights could adversely affect our business.
Our success depends, in part, on our ability to protect proprietary methods and technologies that we develop or license under patent and other intellectual property laws of the United States, as well as our brands, so that we can prevent others profiting from them. We rely on a combination of contractual and intellectual property rights, including non-disclosure agreements, patents, trade secrets, copyrights and trademarks, to establish and protect our intellectual property rights in our names, services, innovations, methodologies and related technologies. If we fail to protect our intellectual property rights adequately, our competitors might gain access to our technology and our business might be adversely affected.
As of September 30, 2022 we had 41 issued patents directed to our technologies, 33 in the United States, four in the European Union, two in Brazil and one each in Israel and Mexico. The issued patents expire on various dates from 2022 to 2034. We also license one patent from a third party, which expires in 2023. We have patent applications pending for examination in the United States, Europe, Mexico and Brazil, but we cannot guarantee that these patent applications will be granted. We also license one other U.S. patent from one third party. The patents that we own or those that we license from others (including those that may be issued in the future) may not provide us with any competitive advantages or may be challenged by third parties.
The process of obtaining patent protection is expensive and time-consuming, and we may not be able to prosecute all necessary or desirable patent applications at a reasonable cost or in a timely manner. Even if issued, there can be no assurance that these patents will adequately protect our intellectual property, as the legal standards relating to the validity, enforceability and scope of protection of patent and other intellectual property rights are uncertain.
Any patents that are issued may subsequently be invalidated or otherwise limited, allowing other companies to develop offerings that compete with ours, which could adversely affect our competitive business position, business prospects and financial condition. In addition, issuance of a patent does not guarantee that we have a right to practice the patented invention. Patent applications in the United States are typically not published until 18 months after their earliest priority date or, in some cases, not at all, and publications of discoveries in industry-related literature lag behind actual
55
discoveries. We cannot be certain that third parties do not have blocking patents that could be used to prevent us from marketing or practicing our software or technology.
Effective patent, trademark, copyright and trade secret protection may not be available to us in every country in which our software is available. The laws of some foreign countries may not be as protective of intellectual property rights as those in the United States (in particular, some foreign jurisdictions do not permit patent protection for software), and mechanisms for enforcement of intellectual property rights may be inadequate. Additional uncertainty may result from changes to intellectual property legislation enacted in the United States, including the recent America Invents Act, or to the laws of other countries and from interpretations of the intellectual property laws of the United States and other countries by applicable courts and agencies. Accordingly, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our intellectual property.
We rely in part on trade secrets, proprietary know-how and other confidential information to maintain our competitive position. Although we endeavor to enter into non-disclosure agreements with our employees, licensees and others who may have access to this information, we cannot assure you that these agreements or other steps we have taken will prevent unauthorized use, disclosure or reverse engineering of our technology. Moreover, third parties may independently develop technologies or products that compete with ours, and we may be unable to prevent this competition. Third parties also may seek access to our trade secrets, proprietary know-how and other confidential information through legal measures (for example, public-records requests or subpoenas to provide information or to testify in court) and it could be expensive to defend against those requests. Disclosure of our trade secrets, proprietary know-how and other confidential information could negatively impact our business.
We might be required to spend significant resources to monitor and protect our intellectual property rights. We may initiate claims or litigation against third parties for infringement of our proprietary rights or to establish the validity of our proprietary rights. We may also engage in litigation in response to public-records requests or subpoenas that seek our intellectual property. Litigation also puts our patents at risk of being invalidated or interpreted narrowly and our patent applications at risk of not issuing. Additionally, we may provoke third parties to assert counterclaims against us. We may not prevail in any lawsuits that we initiate or other legal proceedings in which we participate, and the damages or other remedies awarded, if any, may not be commercially viable. Any litigation, whether or not resolved in our favor, could result in significant expense to us and divert the efforts of our technical and management personnel, which may adversely affect our business, operating results, financial condition and cash flows.
We may be subject to intellectual property rights claims by third parties, which are extremely costly to defend, could require us to pay significant damages and could limit our ability to use certain technologies.
Companies in the software and technology industries, including some of our current and potential competitors, own large numbers of patents, copyrights, trademarks and trade secrets and frequently enter into litigation based on allegations of infringement or other violations of intellectual property rights. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. The litigation may involve patent holding companies or other adverse patent owners that have no relevant product revenues and against which our patents may therefore provide little or no deterrence. We may have previously received, and may in the future receive, notices that claim we have misappropriated, misused, or infringed other parties’ intellectual property rights, and, to the extent we gain greater market visibility, we face a higher risk of being the subject of intellectual property infringement claims.
There may be third-party intellectual property rights, including issued or pending patents that cover significant aspects of our technologies or business methods. Any intellectual property claims, with or without merit, could be very time-consuming, could be expensive to settle or litigate and could divert our management’s attention and other resources. These claims could also subject us to significant liability for damages, potentially including treble damages if we are found to have willfully infringed patents or copyrights. These claims could also result in our having to stop using technology found to be in violation of a third party’s rights. We might be required to seek a license for the intellectual property, which may not be available on a timely basis, on reasonable terms or at all. We also may be required to modify our products, services, internal systems or technologies. Even if a license were available, we could be required to pay significant royalties, which would increase our operating expenses. As a result, we may be required to develop alternative non-infringing technology, which could require significant effort and expense. If we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our software and may be unable to
56
compete effectively. Any of these results would adversely affect our business, operating results, financial condition and cash flows.
Our use of open source software could subject us to possible litigation.
A portion of our technologies incorporates open source software, and we expect to continue to incorporate open source software into our platform in the future. Few of the licenses applicable to open source software have been interpreted by courts, and their application to the open source software integrated into our proprietary technology platform may be uncertain. If we fail to comply with these licenses, then pursuant to the terms of these licenses, we may be subject to certain requirements, including requirements that we make available the source code for our software that incorporates the open source software. We cannot assure you that we have not incorporated open source software in our software in a manner that is inconsistent with the terms of the applicable licenses or our current policies and procedures. If an author or other third party that distributes such open source software were to allege that we had not complied with the conditions of one or more of these licenses, we could incur significant legal expenses defending against such allegations. Litigation could be costly for us to defend, have a negative effect on our operating results and financial condition or require us to devote additional research and development resources to change our technology platform.
Risks Related to the Ownership of Our Common Stock
Our stock price may be volatile or may decline regardless of our operating performance, resulting in substantial losses for investors.
The market price of our common stock has fluctuated and may continue to fluctuate significantly in response to numerous factors, many of which are beyond our control, including the factors listed below and other factors described in this “Risk Factors” section:
•actual or anticipated fluctuations in our operating results;
•the financial projections we may provide to the public, any changes in these projections or our failure to meet these projections;
•failure of securities analysts to initiate or maintain coverage of our company, changes in financial estimates by any securities analysts who follow our company, or our failure to meet these estimates or the expectations of investors;
•ratings changes by any securities analysts who follow our company;
•changes in the availability of federal funding to support local law enforcement efforts, or local budgets;
•announcements by us of significant technical innovations, acquisitions, strategic partnerships, joint ventures or capital commitments;
•changes in operating performance and stock market valuations of other software companies generally;
•price and volume fluctuations in the overall stock market, including as a result of trends in the economy as a whole;
•changes in our board of directors or management;
•sales of large blocks of our common stock, including sales by our executive officers, directors and significant stockholders;
•lawsuits threatened or filed against us;
•novel and unforeseen market forces and trading strategies, as well as short sales, hedging and other derivative transactions involving our capital stock;
57
•the impact of the COVID-19 pandemic;
•general economic conditions in the United States and abroad;
•other events or factors, including those resulting from pandemics, protests against racial inequality, protests against police brutality and movements such as “Defund the Police”, war, incidents of terrorism or responses to these events; and
•negative publicity, including false information, regarding our solutions.
In addition, stock markets have experienced extreme price and volume fluctuations that have affected and continue to affect the market prices of equity securities of many software companies. Stock prices of many software companies have fluctuated in a manner unrelated or disproportionate to the operating performance of those companies. Broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may negatively impact the market price of our common stock. In the past, stockholders have instituted securities action litigation following periods of market volatility. If we were to become involved in securities litigation, it could subject us to substantial costs, divert resources and the attention of management from our business and adversely affect our business, operating results, financial condition and cash flows.
Substantial future sales of shares of our common stock could cause the market price of our common stock to decline.
Certain holders of our shares of common stock have the right, subject to various conditions and limitations, to include their shares of our common stock in registration statements relating to our securities. If the offer and sale of these shares are registered, they will be freely tradable without restriction under the Securities Act of 1933, as amended (the "Securities Act"). In addition, non-affiliates have the ability to sell shares of our common stock in the open market or through block trades without being subject to volume restrictions under Rule 144 of the Securities Act. In addition, in the future we may issue common stock or other securities if we need to raise additional capital. The number of new shares of our common stock issued in connection with raising additional capital could constitute a material portion of the then outstanding shares of our common stock. In the event a large number of shares of common stock are sold in the public market, such share sales could reduce the trading price of our common stock.
Stock repurchases could increase the volatility of the trading price of our common stock and diminish our cash reserves, and we cannot guarantee that our stock repurchase program will enhance long-term stockholder value.
In May 2019, our board of directors adopted a stock repurchase program for up to $15 million of our common stock, all of which was utilized as of September 30, 2022. In November 2022, our board of directors approved a new stock repurchase program for up to $25 million. Although our board of directors has authorized the stock repurchase program, it does not obligate us to repurchase any specific dollar amount or number of shares, there is no expiration date for the stock repurchase program, and the stock repurchase program may be modified, suspended or terminated at any time and for any reason. The timing and actual number of shares repurchased under the stock repurchase program will depend on a variety of factors, including the acquisition price of the shares, our liquidity position, general market and economic conditions, legal and regulatory requirements and other considerations. Our ability to repurchase shares may also be limited by restrictive covenants in our existing credit agreement or in future borrowing arrangements we may enter into from time to time.
Repurchases of our shares could increase the volatility of the trading price of our stock, which could have a negative impact on the trading price of our stock. Similarly, the future announcement of the termination or suspension of the stock repurchase program, or our decision not to utilize the full authorized repurchase amount under the stock repurchase program, could result in a decrease in the trading price of our stock. In addition, the stock repurchase program could have the impact of diminishing our cash reserves, which may impact our ability to finance our growth, complete acquisitions and execute our strategic plan. There can be no assurance that any share repurchases we do elect to make will enhance stockholder value because the market price of our common stock may decline below the levels at which we repurchased our shares. Although our stock repurchase program is intended to enhance long-term stockholder value, we cannot guarantee that it will do so and short-term stock price fluctuations could reduce the effectiveness of the stock repurchase program.
If securities or industry analysts do not publish research or reports about our business, or publish negative reports about our business, our share price and trading volume could decline.
58
The trading market for our common stock depends in part on the research and reports that securities or industry analysts publish about us or our business, our market and our competitors. We do not have any control over these analysts. If one or more of the analysts who cover us downgrade our shares of common stock or change their opinion of our shares of common stock, our share price would likely decline. If one or more of these analysts cease coverage of our company or fail to regularly publish reports on us, we could lose visibility in the financial markets, which could cause our share price or trading volume to decline.
We are an “emerging growth company” and we cannot be certain if the reduced disclosure requirements applicable to emerging growth companies will make our common stock less attractive to investors.
We are an “emerging growth company,” as defined in the Jumpstart Our Business Startups Act (the “JOBS Act”), and we take advantage of certain exemptions from various reporting requirements that are applicable to other public companies that are not “emerging growth companies” including, but not limited to, not being required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act, reduced disclosure obligations regarding executive compensation in our periodic reports and proxy statements, and exemptions from the requirements of holding a nonbinding advisory vote on executive compensation and stockholder approval of any golden parachute payments not previously approved. We will remain an “emerging growth company” for up to five years, although we will cease to be an “emerging growth company” upon the earliest of (i) December 31, 2022, (ii) the last day of the first fiscal year in which our annual gross revenues are $1.07 billion or more, (iii) the date on which we have, during the previous rolling three-year period, issued more than $1 billion in non-convertible debt securities or (iv) the date on which we are deemed to be a “large accelerated filer” as defined in the Exchange Act. We cannot predict if investors will find our common stock less attractive or our company less comparable to certain other public companies because we will rely on these exemptions. If some investors find our common stock less attractive as a result, there may be a less active trading market for our common stock and our stock price may be more volatile.
We incur substantial costs as a result of being a public company.
As a public company, we are incurring significant levels of legal, accounting, insurance and other expenses that we did not incur as a private company. We are subject to the reporting requirements of the Exchange Act, the Sarbanes-Oxley Act, the Dodd-Frank Act, the listing requirements of the Nasdaq Capital Market, and other applicable securities rules and regulations. Compliance with these rules and regulations increases our legal and financial compliance costs, makes some activities more difficult, time-consuming or costly and increases demand on our systems and resources as compared to when we operated as a private company. The Exchange Act requires, among other things, that we file annual, quarterly and current reports with respect to our business and operating results. The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and, if required, improve our disclosure controls and procedures and internal control over financial reporting to meet this standard, significant resources and management oversight may be required. As a result, management’s attention may be diverted from other business concerns, which could adversely affect our business and operating results. Although we have already hired additional corporate employees to comply with these requirements, we may need to hire more corporate employees in the future or engage outside consultants, which would increase our costs and expenses.
In addition, changing laws, regulations and standards relating to corporate governance and public disclosure are creating uncertainty for public companies, increasing legal and financial compliance costs and making some activities more time-consuming. These laws, regulations and standards are subject to varying interpretations, in many cases due to their lack of specificity, and, as a result, their application in practice may evolve over time as new guidance is provided by regulatory and governing bodies. This could result in continuing uncertainty regarding compliance matters and higher costs necessitated by ongoing revisions to disclosure and governance practices. We intend to invest resources to comply with evolving laws, regulations and standards, and this investment may result in increased general and administrative expenses and a diversion of management’s time and attention from revenue-generating activities to compliance activities. If our efforts to comply with new laws, regulations and standards differ from the activities intended by regulatory or governing bodies due to ambiguities related to their application and practice, regulatory authorities may initiate legal proceedings against us and our business may be adversely affected.
As a result of disclosure of information in this report and in the filings that we are required to make as a public company, our business, operating results and financial condition have become more visible, which has resulted in, and may in the future result in threatened or actual litigation, including by competitors and other third parties. If any such claims are successful, our business, operating results and financial condition could be adversely affected, and even if the claims do not result in litigation or are resolved in our favor, these claims, and the time and resources necessary to resolve
59
them, could divert the resources of our management and adversely affect our business, operating results and financial condition.
We do not intend to pay dividends for the foreseeable future.
We have never declared or paid any cash dividends on our common stock and do not intend to pay any cash dividends in the foreseeable future. We anticipate that we will retain all of our future earnings for use in the development of our business and for general corporate purposes. Any determination to pay dividends in the future will be at the discretion of our board of directors. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our certificate of incorporation and bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our certificate of incorporation and bylaws include provisions that:
•establish a classified board of directors so that not all members of our board of directors are elected at one time;
•permit the board of directors to establish the number of directors and fill any vacancies and newly-created directorships;
•provide that directors may only be removed for cause;
•require super-majority voting to amend some provisions in our certificate of incorporation and bylaws;
•authorize the issuance of “blank check” preferred stock that our board of directors could use to implement a stockholder rights plan;
•eliminate the ability of our stockholders to call special meetings of stockholders;
•prohibit stockholder action by written consent, which requires all stockholder actions to be taken at a meeting of our stockholders;
•provide that the board of directors is expressly authorized to make, alter or repeal our bylaws; and
•establish advance notice requirements for nominations for election to our board of directors or for proposing matters that can be acted upon by stockholders at annual stockholder meetings.
In addition, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally prohibits stockholders owning 15% or more of our outstanding voting stock from merging or otherwise combining with us for a period of three years following the date on which the stockholder became a 15% stockholder without the consent of our board of directors. These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management, and otherwise discourage management takeover attempts.
Our certificate of incorporation contains exclusive forum provisions that could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us.
Pursuant to our certificate of incorporation, unless we consent in writing to the selection of an alternative forum, the Court of Chancery of the State of Delaware is the sole and exclusive forum for (1) any derivative action or proceeding brought on our behalf, (2) any action asserting a claim of breach of a fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders, (3) any action asserting a claim arising pursuant to any provision of the Delaware General Corporation Law, our certificate of incorporation or our bylaws or (4) any action asserting a claim governed by the internal affairs doctrine. Our certificate of incorporation further provides that any person or entity
60
purchasing or otherwise acquiring any interest in shares of our common stock is deemed to have notice of and consented to the foregoing provision.
Our certificate of incorporation further provides that the federal district courts of the United States of America will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act. These forum selection clauses in our certificate of incorporation may limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us. While the Delaware courts have determined that such choice of forum provisions are facially valid and several state trial courts have enforced such provisions and required that suits asserting Securities Act claims be filed in federal court, there is no guarantee that courts of appeal will affirm the enforceability of such provisions and a stockholder may nevertheless seek to bring a claim in a venue other than those designated in the exclusive forum provisions. In such instance, we would expect to vigorously assert the validity and enforceability of the exclusive forum provisions of our certificate of incorporation. This may require significant additional costs associated with resolving such action in other jurisdictions and there can be no assurance that the provisions will be enforced by a court in those other jurisdictions. If a court were to find either exclusive forum provision in our certificate of incorporation to be inapplicable or unenforceable in an action, we may incur further significant additional costs associated with litigating Securities Act claims in state court, or both state and federal court, which could seriously harm our business, financial condition, results of operations, and prospects.
61