ITEM 1A. RISK FACTORS
Risk Factors Summary
Our business is subject to numerous risks and uncertainties, including those highlighted in the section titled “Risk Factors” immediately following this Risk Factors Summary. These summary risks provide an overview of many of the risks we are exposed to in the normal course of our business. As a result, the following summary risks do not contain all of the information that may be important to you, and you should read them together with the more detailed discussion of risks set forth following this section under the heading “Risk Factors,” and with the other information in this Quarterly Report on Form 10-Q. Additional risks beyond those summary risks discussed below, in “Risk Factors” or elsewhere in this Quarterly Report on Form 10-Q, could have an adverse effect on our business, results of operations, financial condition or prospects, and could cause the trading price of our common stock to decline. Our business, results of operations, financial condition or prospects could also be harmed by risks and uncertainties not currently known to us or that we currently do not believe are material. Consistent with the foregoing, we are exposed to a variety of risks, including the following significant risks:
▪We have sustained net losses since inception and we may not achieve or sustain profitability in the future.
▪We derive a majority of our revenue from our e-signature solutions and any decline in sales (or decline or slower adoption) of e-signature without increase in our other solutions could adversely affect our results of operations.
▪The market for software used to prepare, sign, act on and manage agreements is relatively new and evolving and if the market does not develop further, develops more slowly, or in a way that we do not expect, our business will be adversely affected.
▪We must continue to grow our customer base to increase our revenue. If we are unable to attract new customers and retain and expand sales to existing customers, our revenue growth will be adversely affected.
▪We depend on co-located data centers, third-party cloud providers and our own technical operations infrastructure to securely deliver our products and solutions to our customers.
▪Our business could be damaged, our reputation could be harmed, and we could be subject to liability if there is any unauthorized access to our data or our users’ content, including through data breaches, cyberattacks or other malicious activity.
▪Our recent rapid growth may not be indicative of our future growth, and, if we continue to grow rapidly, we may not be able to manage our growth effectively. We may not be able to scale our business quickly enough to meet the growing needs of our customers and if we are not able to grow efficiently, our operating results could be harmed.
▪We recognize revenue from subscriptions over the term of the relevant contract; therefore, downturns or upturns in sales contracts are not immediately reflected in full in our operating results.
▪We operate in competitive markets and the market for our products is continuing to evolve. We must evolve to meet the needs of our customers and accurately forecast, develop, and price for the market potential of our products in order to continue to compete effectively.
▪If our products, solutions and support fail to perform properly and if we fail to develop enhancements to resolve any defect or other problems, our reputation could suffer, we could lose customers, we may become subject to service performance or warranty claims and our market share could decline.
▪We have incurred substantial indebtedness that may decrease our business flexibility and ability to pursue inorganic growth opportunities, access to capital and/or increase our borrowing costs, and we may still incur substantially more debt, which may adversely affect our operations and financial results.
▪We are subject to laws and regulations affecting our business, including those related to e-signature, marketing, advertising, privacy, data protection and information security. Our actual or perceived failure to comply with laws or regulations could harm our business. Complying with laws and regulations, in particular those related to privacy and data protection, could also result in additional costs and liabilities to us or inhibit sales of our software.
Risk Factors
Our business involves significant risks, some of which are described below. You should carefully consider the following risks, together with all of the other information in this Quarterly Report on Form 10-Q, including in the preceding Risk Factors Summary, our consolidated financial statements and the related notes included elsewhere in this Quarterly Report on Form 10-Q.
Risks Related to Our Business and Industry
We cannot predict the impact of the COVID-19 pandemic on our business, results of operations and financial condition.
The impact of the continuing COVID-19 pandemic and related public health measures on our business will depend largely on future developments, including the duration and severity of the COVID-19 pandemic, which are highly uncertain and cannot be accurately predicted.
The COVID-19 pandemic has created and is likely to continue to create significant uncertainty in global financial markets, which may decrease overall technology spending and depress demand for our solutions. In addition, the COVID-19 pandemic may disrupt the operations of our customers or partners, limiting their ability to pay for our solutions and adversely affecting our results of operations.
We have undertaken measures to mitigate the effect of the COVID-19 pandemic on our business and to protect our employees, partners and customers, including by imposing travel restrictions for our employees, providing almost all employees the opportunity to work remotely until at least May 31, 2021, limiting capacity at any of our offices which have reopened or may reopen during the pandemic’s duration, and shifting customer, partner and investor events to virtual-only formats. However, there can be no assurance that these measures will be effective, or that we can adopt them without adversely affecting our business operations. For example, our management team has been focusing additional time on planning for and mitigating the risks of the COVID-19 pandemic, which may reduce the amount of time available for other initiatives. As our offices reopen, planning and risk management for these reopenings will require further additional time from management and other employees, which may further reduce the amount of time available for other initiatives. The COVID-19 pandemic may also lead to inefficiencies of our employees, operational and cybersecurity risks and other circumstances which could have an adverse impact to our results of operations.
In addition, the COVID-19 pandemic has caused significant volatility in financial markets and has created a global recession which may be long-term. Further, the full effects of the COVID-19 pandemic cannot be predicted as a result of uncertainties including the extent and rate of the spread, the possibility, timing and deployment of any vaccine, treatment, or cure or stop to the spread, and the potential for additional peaks in infection rates through early 2021. Public health problems resulting from COVID-19 and precautionary measures instituted by governments and businesses to mitigate its spread, including travel restrictions, school and business closures, and quarantines, have contributed to a general slowdown in the global economy, which could adversely impact our customers and partners and disrupt our operations. Changes in our operations in respect to COVID-19 or employee illnesses resulting from the COVID-19 pandemic may result in inefficiencies or delays that cannot be fully mitigated through succession planning, employees working remotely, or teleconferencing technologies.
Finally, to the extent that the COVID-19 pandemic harms our business and results of operations, many of the other risks described in this “Risk Factors” section will be exacerbated.
We have a history of operating losses and may not achieve or sustain profitability in the future.
We began operations in 2003 and have experienced net losses since inception. We generated a net loss of $170.9 million and $161.0 million in the nine months ended October 31, 2020 and 2019, and as of October 31, 2020, we had an accumulated deficit of $1.3 billion. We will need to generate and sustain increased revenue levels in future periods to become profitable and, even if we do, we may not be able to maintain or increase our level of profitability. We intend to continue to incur significant expenses to support growth, further develop and enhance our products and solutions, expand our infrastructure and technology, increase our sales headcount and marketing activities, and grow our international operations and customer base. As a result of these investments and due to our status as a public company, we also expect to incur increased compliance costs. Our efforts to grow our business may be costlier than we expect, and we may not be able to increase our revenue enough to offset our increased operating expenses. We may incur significant losses in the future for a number of reasons, including the other risks described herein, and unforeseen expenses, difficulties, complications and delays and other unknown events. If we are unable to achieve and sustain profitability, the value of our business and common stock may significantly decrease.
We expect fluctuations in our financial results, making it difficult to project future results, and if we fail to meet the expectations of securities analysts or investors, the price of our common stock could decline.
Our operating results have fluctuated in the past and are expected to fluctuate in the future due to a variety of factors, many of which are outside of our control. As a result, our past results may not be indicative of our future performance and comparing our operating results on a period-to-period basis may not be meaningful. In addition to the other risks described herein, factors that may affect our operating results include the following:
▪fluctuations in demand for or pricing of our products and solutions, including due to the current COVID-19 pandemic;
▪our ability to attract new customers;
▪our ability to renew our subscriptions with, and expand sales of our products and solutions to, our existing customers;
▪timing of revenue recognition;
▪customer delays in purchasing decisions in anticipation of new products or product enhancements by us or our competitors;
▪changes in customers’ budgets and in the timing of their budget cycles and purchasing decisions, including cost-cutting measures or other effects of the COVID-19 pandemic;
▪the timing and success of new product and service introductions by us or our competitors or any other change in the competitive dynamics of our industry, including consolidation or new entrants among competitors, customers, or strategic partners;
▪our ability to control costs, including our operating expenses;
▪our ability to continue operating remotely due to the COVID-19 pandemic;
▪potential accelerations of prepaid expenses and deferred costs;
▪the amount and timing of non-cash expenses, including stock-based compensation, goodwill impairments and other non-cash charges;
▪the amount and timing of costs associated with recruiting, training and integrating new employees;
▪issues relating to acquisitions and partnerships with third parties;
▪general economic, market and industry conditions, including resulting from the COVID-19 pandemic;
▪the impact of new accounting pronouncements;
▪changes in laws and regulations that affect our business;
▪significant security breaches of, technical difficulties with, or interruptions to, the delivery and use of our products and solutions; and
▪awareness of our brand on a global basis.
If our operating results fall below the expectations of investors and securities analysts who follow our stock, the price of our common stock could decline substantially, and we could face costly lawsuits, including securities class action lawsuits.
We derive a significant majority of our revenue from our e-signature solutions, and slower or declining adoption of our e-signature solutions, without a corresponding increase in the use of our other products and solutions, could cause our operating results to suffer.
Sales of subscriptions to our e-signature solutions account for substantially all of our subscription revenue and are the source of substantially all of our professional services revenue. Although we continue to add to our suite of products and solutions for automating the agreement process, we expect that we will be substantially dependent on our e-signature solutions to generate revenue for the foreseeable future. As a result, our operating results could suffer due to:
▪any decline in demand for our e-signature solutions;
▪macro- and micro-economic effects of the COVID-19 pandemic;
▪the failure of our e-signature solutions to maintain market acceptance;
▪the market for electronic signatures failing to grow, or growing more slowly than we expect;
▪the introduction of products and technologies that replace or substitute for, or represent an improvement over, our e-signature solutions;
▪technological innovations or new standards that our e-signature solutions do not address;
▪changes in regulations;
▪sensitivity to our current or future pricing; and
▪our inability to release enhanced versions of our e-signature solutions on a timely basis.
If we experience a material decline in sales of subscriptions to our e-signature solutions, without a corresponding increase in subscriptions to our other products and solutions, our revenue and operating results would be harmed.
The market for our products and solutions is relatively new and evolving. If the market does not develop further, develops more slowly, or in a way that we do not expect, our business will be adversely affected.
The market for our products and solutions—including our e-signature solution, which is the core part of our broader DocuSign Agreement Cloud platform for automating the agreement process—is relatively new and evolving, which makes our business and future prospects difficult to evaluate. We have customers in a wide variety of industries, including real estate, financial services, insurance, manufacturing, and healthcare and life sciences. It is difficult to predict customer demand for our products and solutions, customer retention and expansion rates, the size and growth rate of the market for agreement automation, the entry of competitive products or the success of existing competitive products. We expect that we will continue to need intensive sales efforts to educate prospective customers, particularly enterprise and commercial customers, about the uses and benefits of our products and solutions, and such sales efforts could be hindered by the current COVID-19 pandemic. The size and growth of our addressable market depends on a number of factors, including our customers’ desire to differentiate themselves through e-signature solutions and other products and solutions that automate the agreement process, as well as changes in the competitive landscape, technological changes, budgetary constraints of our customers, changes in business practices, changes in regulations and changes in economic conditions. If customers do not accept the value proposition of our offerings, then a viable market for products and solutions may not develop further, or it may develop more slowly than we expect, either of which would adversely affect our business and operating results.
If we are unable to attract new customers and retain and expand sales to existing customers, our revenue growth will be adversely affected.
To increase our revenue, we must continue to grow our customer base. As our market matures, product and service offerings evolve, and competitors introduce lower cost and/or differentiated products or solutions that are perceived to compete with our products and solutions, our ability to attract new customers could be impaired. This may be especially challenging where organizations have already invested significantly in an existing solution. If we fail to offer competitive products and solutions at competitive prices or to attract new customers and subsequently maintain and expand those customer relationships, our business and operating results may be harmed.
Our ability to increase our revenue also depends on our ability to expand the sales of our products and solutions to, and renew subscriptions with, existing customers and their organizations. For our business to succeed, it is important that our existing customers, especially our enterprise customers, increase their use of our products and solutions through the purchase of new products, additional subscriptions and our enhanced products and solutions. If our efforts to sell additional functionality and products and solutions to our customers are not successful, our business, operating results and financial condition may suffer.
Moreover, a majority of our subscription contracts are for one year. Our customers have no obligation to renew their subscriptions and we cannot guarantee that our customers will renew their subscriptions with us for a similar or greater contract period or on the same or more favorable terms. Our renewal and expansion rates may decline or fluctuate as a result of a number of factors, including customer spending levels, customer dissatisfaction with our products and solutions, decreases in the number of users at our customers, changes in the type and size of our customers, pricing changes, competitive conditions, customer attrition and general economic conditions, including as a result of the current COVID-19 pandemic. If our customers do not renew their subscriptions for our products and solutions or if they reduce their subscription amounts at the time of renewal, our revenue will decline, and our business will suffer.
The market in which we participate is highly competitive, which may negatively affect our ability to add new customers, retain existing customers and grow our business.
Our products and solutions address a market that is evolving and highly competitive. The products and solutions in our products and solutions face competition from different companies depending on the product or solution. For example, our primary global e-signature competitor is currently Adobe Systems Incorporated. We also face competition from a select number of specialized vendors that focus on specific industries, geographies or use cases. In addition to competition in the e-signature market, our other products and solutions, such as DocuSign CLM, DocuSign Payments and DocuSign ID Verification separately face competition from companies in the contract lifecycle management, payment processing and identity verification software markets. As we attempt to sell access to our products and solutions to potential customers with existing products and solutions, we must convince them that our products and solutions are superior to the solutions that their organization has used in the past.
Many of our competitors have longer operating histories than us, significantly greater financial, technical, marketing and other resources, stronger brand and customer recognition, larger intellectual property portfolios and broader global distribution. As a result, our competitors may be able to respond more quickly and effectively than we can to new or changing opportunities, technologies, standards or customer requirements. Further, we could lose customers if our competitors develop new competitive products and solutions, acquire competitive products, reduce prices, form strategic alliances with other companies, are acquired by third parties with greater resources or develop and market new technologies that render our existing or future products less competitive, unmarketable or obsolete. If we are unable to effectively compete, our business, operating results and financial condition would be harmed.
We depend on co-location data centers, third-party cloud providers, as well as our own technical operations infrastructure to provide our products and solutions to our customers in a timely manner. Interruptions or delays in performance of our products and solutions could result in customer dissatisfaction, damage to our reputation, loss of customers, limited growth and reduction in revenue.
We currently serve our customers from third-party data center hosting facilities. Our customers need to be able to access our products at any time, without interruption or degradation of performance. In some cases, third-party cloud providers run their own platforms that we access, and we are, therefore, vulnerable to their service interruptions. As a result, we depend, in part, on our data center providers’ ability to protect these facilities against damage or interruption, including from natural disasters, power or telecommunications failures, criminal acts and similar events. In the event that our data center arrangements are terminated, or if there are any lapses of service at or damage to a data center, we could experience lengthy interruptions in our service as well as delays and additional expenses in arranging new facilities and services. Even with current and planned disaster recovery arrangements, including the existence of secondary data centers that become active during certain lapses of service or damage at a primary data center, our business could be harmed.
In addition to third-party data centers and cloud providers, we also rely on our own technical operations infrastructure to support and serve our rapidly growing customer base. To meet our business needs, we must maintain sufficient excess capacity in our operations infrastructure to ensure that our products and solutions are accessible within an acceptable load time. Design and mechanical errors, spikes in usage volume and failure to follow system protocols and procedures could cause our systems to fail, resulting in interruptions in our products and solutions. Any interruptions or delays in our service, whether or not caused by our products, whether as a result of third-party error, our own error, natural disasters or security breaches, whether accidental or willful, could harm our relationships with customers and cause our revenue to decrease and/or our expenses to increase. Also, in the event of damage or interruption, our insurance policies may not adequately compensate us for any losses that we may incur. These factors in turn could further reduce our revenue, subject us to liability and cause us to issue credits or cause customers to fail to renew their subscriptions, any of which could adversely affect our business.
Our systems and security measures have been, and may in the future be, compromised or subject to data breaches, cyberattacks or other malicious activity. Consequently, our products and solutions may be perceived as not being secure. This may result in customers reducing or stopping their use of our products or solutions, our reputation being harmed, our incurring significant liabilities and adverse effects on our operating results and growth prospects.
Our operations involve the storage and transmission of customer data, personal data and other sensitive information, and our corporate environment contains important company data and/or business records, employee data and data from partner, vendor or other relationships, as well as a wide variety of our own internal company, partner and employee information. Like other organizations providing valuable technology and services, we are subject to cyberattacks from malicious third parties using a wide variety of tactics, including credential stuffing and account takeover attacks, denial or degradation of service attacks, malicious code (e.g., viruses and worms), denial-of-service attacks and many other techniques. While we have security measures in place designed to protect our production, development and other systems, maintain the integrity of customer, company, partner and employee information, and prevent data loss, misappropriation and other security breaches and incidents, we have faced security incidents in the past. For example, in March 2017, a malicious third party used a phishing attack to gain access to a remote employee’s laptop and then accessed a list of email addresses which were uploaded to a third-party website. In addition, in April 2020, a malicious third party used a brute force password attack to gain access to an isolated testing environment, and exfiltrated a portion of our source code. In both cases we took immediate action to prevent any additional unauthorized access, put further security controls in place and worked with law enforcement agencies. These efforts may not completely eliminate potential risks from such incidents, however. While these attempts had no impact on our operations, products or services, there can be no assurance that there will be no impact from these or similar incidents in the future.
Despite our prevention and response efforts, any security incident or breach, even if immaterial and properly addressed, could result in negative publicity, loss of customers, damage to our reputation and could impair our sales and harm our business. Moreover, due to the current COVID-19 pandemic, there is an increased risk that we may experience cybersecurity related incidents as a result of our employees, service providers, and third parties working remotely on less secure systems during government mandated shelter-in-place orders. Further, we may face additional security incidents in the future, resulting in unauthorized access to, loss of or unauthorized disclosure of sensitive and proprietary information of DocuSign or our customers, partners or employees, and such incidents may in the future result in regulatory enforcement actions, litigation (including a new private right of action under the California Consumer Privacy Act (“CCPA”), as described in the risk factor below titled “We are subject to laws and regulations affecting our business, including those related to e-signature, marketing, advertising, privacy, data protection and information security. Our actual or perceived failure to comply with laws or regulations could harm our business. Complying with laws and regulations could also result in additional costs and liabilities to us or inhibit sales of our software.”), indemnity obligations and other possible liabilities, in addition to the potential harms described above.
Additionally, as we rely on third-party and public-cloud infrastructure, we depend in part on third-party security measures to protect against unauthorized access, cyberattacks and the mishandling of customer data. Our ability to monitor our third-party service providers’ data security is limited and any breach of our providers’ security measures may result in unauthorized access to, or misuse, loss or destruction of, our and our customers’ data.
Cyberattacks and other malicious internet-based activity continue to increase, and cloud-based service providers have been and are expected to continue to be targeted. Further, advances in technology and the increasing sophistication of attackers have led to more frequent and effective cyberattacks, including advanced persistent threats by state-sponsored actors, cyberattacks relying on complex social engineering or “phishing” tactics, ransomware attacks and other methods that may lead to the loss, theft or misuse of personal, corporate or financial information, fraudulent payments and identity theft. Despite significant efforts to create security barriers to such threats, it is virtually impossible for us, our service providers, our partners and our customers to entirely mitigate these risks. If our security measures, or the security measures of our service providers, partners or customers, are compromised, our reputation could be damaged, our ability to attract and retain customers could be adversely affected and our business may be harmed. In addition, a cybersecurity event could result in significant increases in costs, including costs for remediating the effects of such an event, lost revenues due to decrease in customer trust and network downtime, increases in insurance costs due to cybersecurity incidents and damages to our reputation because of any such incident.
Many U.S. and foreign laws and regulations require companies to provide notice of data security breaches and/or incidents involving certain types of personal data to individuals, the media, government authorities or other third parties. In addition, some of our customers contractually require notification of data security breaches. Security compromises experienced by our competitors, by our customers or by us may lead to public disclosures, which may lead to widespread negative publicity. Any
security compromise in our industry, whether actual or perceived, could harm our reputation, erode customer confidence in the effectiveness of our security measures, negatively affect our ability to attract new customers, cause existing customers to elect not to renew their subscriptions or subject us to third-party lawsuits, regulatory fines or other action or liability, which could adversely affect our business and operating results.
There can be no assurance that any limitations of liability provisions in our contracts would be enforceable or adequate or would otherwise protect us from any such liabilities or damages with respect to any particular claim. We also cannot be sure that our existing general liability insurance coverage and coverage for errors or omissions will continue to be available on acceptable terms or will be available in sufficient amounts to cover one or more large claims, or that insurers will not deny coverage as to any future claim. One or more large, successful claims against us in excess of our available insurance coverage, or changes in our insurance policies, including premium increases or large deductible or co-insurance requirements, could have an adverse effect on our business, operating results and financial condition.
If our products and solutions do not evolve to meet the needs of our customers or fail to achieve sufficient market acceptance, our financial results and competitive position will suffer.
We spend substantial amounts of time and money to research, develop and enhance our existing products, add new offerings to our products and solutions for automating the agreement process, incorporate additional functionality, and solve new use cases to meet our customers’ rapidly evolving demands. Maintaining adequate research and development resources, such as the appropriate personnel and development technology, to meet the demands of our customers and potential customers is essential to our business. If we are unable to develop products and solutions internally due to a lack of research and development resources, we may be forced to rely on acquisitions to expand into a certain markets or technologies, which can be costly. When we develop or acquire new or enhanced products and solutions, we typically incur expenses and expend resources upfront to develop, market, promote and sell them. As a result, when we introduce new or enhanced products and solutions, they must achieve high levels of market acceptance to justify the amount of our investment in developing or acquiring them and bringing them to market. If the release of our new and enhanced products and solutions fails to meet the needs of our customers or if our customers do not accept new and enhanced solutions offered by us, our business, operating results and financial conditions would be harmed. The adverse effect on our financial results may be particularly acute because of the significant research, development, marketing, sales and other expenses we will have incurred.
New products and solutions or enhancements to our existing products and solutions could fail to attain sufficient market acceptance for many reasons, including:
▪failure to predict market demand for particular features or functions, or to supply solutions that meet this demand quickly enough;
▪defects, errors or failures in our products and solutions;
▪negative publicity about their performance or effectiveness;
▪changes in applicable legal or regulatory requirements, or increased legal or regulatory scrutiny, adversely affecting our products and solutions;
▪delays in releasing our products and solutions to the market; and
▪introduction or anticipated introduction of competing products by our competitors.
Our sales cycle with enterprise and commercial customers can be long and unpredictable, and our sales efforts require considerable time and expense.
Our ability to increase our revenue and grow our business is partially dependent on the widespread acceptance of our products and solutions by large businesses and other commercial organizations. We often need to spend significant time and resources to better educate and familiarize these potential customers with the value proposition of our products and solutions. The length of our sales cycle for these customers from initial evaluation to payment for our offerings is generally three to nine months, but can vary substantially from customer to customer and from offering to offering. Customers often view a subscription to our products and solutions as a strategic decision and significant investment and, as a result, frequently require considerable time to evaluate, test and qualify our offerings prior to entering into or expanding a subscription. This is particularly true of our contract lifecycle management solutions and other advanced offerings, where longer evaluation, testing and qualification processes often result in longer sales cycles than for our e-signature solutions. The timing of our sales with our enterprise customers and related revenue recognition is difficult to predict because of the length and unpredictability of the sales cycle for these customers. During the sales cycle, we expend significant time and money on sales and marketing and contract negotiation activities, which may not result in a sale.
Additional factors that may influence the length and variability of our sales cycle include:
▪the effectiveness of our sales force, in particular new sales people as we increase the size of our sales force, train our new sales people to sell to enterprise customers and launch advanced offerings for automating other aspects of the agreement process;
▪the discretionary nature of purchasing and budget cycles and decisions;
▪the obstacles placed by customers’ procurement process;
▪economic conditions and other factors impacting customer budgets;
▪the customer’s integration complexity;
▪the customer’s familiarity with e-signature and agreement automation processes;
▪customer evaluation of competing products during the purchasing process; and
▪evolving customer demands.
Our recent rapid growth may not be indicative of our future growth, and, if we continue to grow rapidly, we may not be able to manage our growth effectively.
Our revenue grew from $701.0 million in the year ended January 31, 2019 to $974.0 million in the year ended January 31, 2020. We expect that, in the future, as our revenue increases, our revenue growth rate will decline. We also believe that growth of our revenue depends on a number of factors, including our ability to:
▪price our products and solutions effectively so that we are able to attract and retain customers;
▪attract new customers, increase our existing customers’ use of our products and solutions and provide our customers with excellent customer support;
▪expand our DocuSign Agreement Cloud offerings for our customers;
▪continue to introduce our products and solutions to new markets outside of the United States;
▪hire, maintain and train our sales force;
▪successfully identify and acquire or invest in businesses, products or technologies that we believe could complement or expand our products and solutions; and
▪increase global awareness of our brand.
We may not successfully accomplish any of these objectives. We expect to continue to expend substantial financial and other resources on:
▪sales and marketing, including a significant expansion of our sales organization, particularly in the United States;
▪our technology infrastructure, including systems architecture, management tools, scalability, availability, performance and security, as well as disaster recovery measures;
▪product development, including investments in our product development team and the development of new products and new functionality for our existing products and solutions;
▪acquisitions or strategic investments;
▪international expansion; and
▪general administration, including legal and accounting expenses.
In addition to growth in revenue, we have also experienced significant growth in the number of our customers and users, the number and complexity of the transactions we handle, and the amount of data that our infrastructure supports. Our growth has placed and may continue to place significant demands on our management and our operational and financial resources.
Finally, our business is becoming more complex as we increase our product and solution offerings, add additional staff and acquire complementary companies, products and technologies. In connection with this increased complexity, we are working to improve our operational, financial and management controls as well as our reporting systems and procedures, which requires capital expenditures and management attention. Failure to effectively manage our growth could have an adverse effect on our business, operating results and financial condition.
Because we recognize revenue from subscriptions over the term of the relevant contract, downturns or upturns in sales contracts are not immediately reflected in full in our operating results.
We recognize revenue over the term of each of our contracts, which are typically one year in length but may be up to three years or longer. As a result, much of our revenue is generated from the recognition of contract liabilities from contracts entered into during previous periods. Consequently, a shortfall in demand for our products and solutions and professional
services or a decline in new or renewed contracts in any one quarter may not significantly reduce our revenue for that quarter but could negatively affect our revenue in future quarters. Our revenue recognition model also makes it difficult for us to rapidly increase our revenue through additional sales contracts in any period, as revenue from new customers is recognized over the applicable term of their contracts.
If we fail to forecast our revenue accurately, or if we fail to match our expenditures with corresponding revenue, our operating results could be adversely affected.
Because our recent growth has resulted in the rapid expansion of our business and product offerings, we do not have a long history upon which to base forecasts of future revenues and operating results. Accordingly, we may be unable to prepare accurate internal financial forecasts or replace anticipated revenue that we do not receive as a result of delays arising from these factors. If we do not address these risks successfully, our operating results could differ materially from our estimates and forecasts or the expectations of investors, causing our business to suffer and our stock price to decline.
If we have overestimated the size of our total addressable market, our future growth rate may be limited.
We have estimated the size of our total addressable market based on internally generated data and assumptions, as well as data published by third parties, which we have not independently verified. While we believe our market size estimates are reasonable, such information is inherently imprecise and subject to a high degree of uncertainty. If our third-party or internally generated data prove to be inaccurate or we make errors in our assumptions based on that data, our actual market may be more limited than our estimates. In addition, these inaccuracies or errors may cause us to misallocate capital and other critical business resources, which could harm our business. Even if our total addressable market meets our size estimates and experiences growth, we may not continue to grow our share of the market.
We have in the past, and may in the future, engage in merger and acquisition activities, which could divert the attention of management, disrupt our business, dilute stockholder value and adversely affect our operating results and financial condition.
As part of our business strategy, we continually evaluate opportunities to acquire or invest in businesses, products or technologies that we believe could complement or expand our products and solutions, enhance our technical capabilities or otherwise offer growth opportunities. For example, on September 4, 2018 we acquired SpringCM, a provider of cloud-based document generation and contract lifecycle management software, on May 1, 2020 we acquired Seal Software Group Limited, a provider of contract analytics software, and on July 6, 2020 we acquired Liveoak Technologies, Inc., a provider of a secure agreement-collaboration and identity verification platform. In the future, we may be unable to identify suitable acquisition candidates and, even if we do, we may not be able to complete desired acquisitions on favorable terms, if at all. If we are unable to complete acquisitions, we may not be able to strengthen our competitive position or achieve our goals. If we are able to complete future acquisitions and investments, such transactions may result in unforeseen operating difficulties and expenditures, including disrupting our ongoing operations, diverting management attention, increasing our expenses, and subjecting us to additional liabilities. An acquisition may also negatively affect our financial results because it may:
▪require us to incur charges or assume substantial debt;
▪cause adverse tax consequences or unfavorable accounting treatment;
▪expose us to claims and disputes by third parties, including intellectual property claims and disputes;
▪not generate sufficient financial return to offset additional costs and expenses related to the acquisition;
▪cause us to incur liabilities for activities of the acquired company before the acquisition;
▪cause us to record impairment charges associated with goodwill and other acquired intangible assets; and
▪other unforeseen operating difficulties and expenditures.
Moreover, to pay for an acquisition or investment, we would have to use cash, incur debt and/or issue equity securities, each of which may affect our financial condition or the value of our common stock and (in the case of equity financing) could result in dilution to our stockholders.
In addition, a failure to successfully integrate the operations, personnel or technologies of an acquired business could impact our ability to realize the full benefits of such an acquisition. Our limited experience acquiring companies increases these risks. If we are unable to achieve the anticipated strategic benefits of an acquisition or if the integration or the anticipated financial and strategic benefits, including any anticipated cost savings, revenue opportunities or operational synergies, of such an acquisition are not realized as rapidly as or to the extent anticipated by us, our business, operating results and financial condition could suffer.
Our sales to government entities and highly regulated organizations are subject to a number of challenges and risks.
We sell to U.S. federal, state and local, as well as foreign, government agencies, as well as to customers in highly regulated industries such as financial services, pharmaceuticals, insurance, healthcare and life sciences. Sales to such entities are subject to a number of challenges and risks. Selling to such entities can be highly competitive, expensive and time-consuming, often requiring significant upfront time and expense without any assurance that these efforts will generate a sale. These longer sale cycles make the timing of future revenue from these entities difficult to predict. Further, government certification requirements may change, restricting our ability to sell into the government sector until we have met those revised requirements. Government demand and payment for our offerings are affected by public sector budgetary cycles and funding authorizations, with funding reductions or delays, including as a result of the COVID-19 pandemic, adversely affecting public sector demand for our products and solutions.
In addition, both government agencies and entities in highly regulated industries may demand shorter subscription periods or other contract terms that differ from our standard arrangements, including terms that can lead those customers to obtain broader rights in our offerings than would be standard. Such agencies and entities may have statutory, contractual or other legal rights to terminate contracts with us or our partners due to a default or for other reasons, and any such termination may adversely affect our business, operating results and financial condition.
We may need to reduce or change our pricing model to remain competitive.
We price our subscriptions for e-signature solutions based on the number of users within an organization who use our products and solutions to send agreements digitally for signature or the number of Envelopes that such users are provisioned to send. We expect that we may need to change our pricing from time to time, including in connection with the launch of new or enhanced offerings for automating the agreement process. As new or existing competitors introduce new products that compete with ours or reduce their prices, we may be unable to attract new customers or retain existing customers based on our historical pricing. We also must determine the appropriate price to enable us to compete effectively internationally. Moreover, mid- to large-size enterprises may demand substantial price discounts as part of the negotiation of sales contracts. As a result, we may be required or choose to reduce our prices or otherwise change our pricing model, which could adversely affect our business, operating results and financial condition.
Failure to effectively develop and expand our marketing and sales capabilities could harm our ability to increase our customer base and achieve broader market acceptance of our products and solutions.
Our ability to increase our customer base and achieve broader market acceptance of our products and solutions depends to a significant extent on our ability to expand our marketing and sales operations. We are continuously expanding our sales force and strategic partnerships, both domestically and internationally. We also dedicate significant resources to our sales and marketing efforts by investing in advertising campaigns on a variety of media platforms, including online and social media. The effectiveness of our online advertising has varied over time and may vary in the future due to competition for key search terms, changes in search engine use and changes in the search algorithms used by major search engines. If we cannot cost-effectively deploy our expanding sales force and use our marketing tools, or if we fail to promote our products and solutions efficiently and effectively, our ability to acquire new customers and our financial condition may suffer.
We may not be able to scale our business quickly enough to meet the growing needs of our customers and if we are not able to grow efficiently, our operating results could be harmed.
As use of our products and solutions grows and as customers use them for more types of transactions, we will need to devote additional resources to improving our application architecture, integrating with third-party systems and maintaining infrastructure performance. In addition, we will need to appropriately scale our internal business systems and our services organization, including customer support and professional services, to serve our growing customer base.
Any failure of or delay in these efforts could cause impaired system performance and reduced customer satisfaction. These issues could reduce the attractiveness of our products and solutions to customers, resulting in decreased sales to new customers, lower renewal rates by existing customers, or the issuance of service credits or refunds, which could hurt our revenue growth and our reputation. Even if we are able to upgrade our systems and expand our staff, any such expansion will be expensive and complex, requiring management time and attention. We could also face inefficiencies or operational failures as a result of our efforts to scale our infrastructure. Moreover, there are inherent risks associated with upgrading, improving and expanding our systems infrastructure. We cannot be sure that the expansion and improvements to our systems
infrastructure will be effectively implemented on a timely basis, if at all. These efforts may be costly and could adversely affect our financial results.
If our products and solutions fail to perform properly and if we fail to develop enhancements to resolve any defect or other problems, we could lose customers, become subject to service performance or warranty claims and our market share could decline.
Our operations are dependent upon our ability to prevent system interruptions and, as we continue to grow, we will need to devote additional resources to improving our infrastructure in order to maintain the performance of our products and solutions. The applications underlying our products and solutions are inherently complex and may contain material defects or errors, which may cause disruptions in availability or other performance problems. We have from time to time found defects in our products and solutions and may discover additional defects in the future that could result in data unavailability, unauthorized access to, loss, corruption or other harm to our customers’ data. While we implement bug fixes and upgrades as part of our regularly scheduled system maintenance, we may not be able to detect and correct defects or errors before implementing our products and solutions. Consequently, we or our customers may discover defects or errors after our products and solutions have been employed. If we fail to perform timely maintenance or if customers are otherwise dissatisfied with the frequency and/or duration of our maintenance services and related system outages, our existing customers could elect not to renew their subscriptions, delay or withhold payment to us, or cause us to issue credits, make refunds or pay penalties, potential customers may not adopt our products and solutions and our brand and reputation could be harmed. In addition, the occurrence of any material defects, errors, disruptions in service or other performance problems with our software could result in warranty or other legal claims against us and diversion of our resources. The costs incurred in addressing and correcting any material defects or errors in our software and expanding our infrastructure and architecture in order to accommodate increased demand for our products and solutions may be substantial and could adversely affect our operating results.
If we fail to offer high-quality support, our business and reputation could suffer.
Many of our customers rely on our customer support and professional services personnel to deploy and use our products and solutions successfully. High-quality support is important for the renewal and expansion of our agreements with existing customers. The importance of high-quality support will increase as we expand our business and pursue new customers. If we do not help our customers quickly resolve issues and provide effective ongoing support, our ability to sell our products and solutions to existing and new customers could suffer and our reputation with existing or potential customers could be harmed.
If we are unable to maintain successful relationships with our partners, our business, operating results and financial condition could be harmed.
In addition to our direct sales force and our website, we use strategic partners, such as global system integrators, value-added resellers and independent software vendors to sell our subscription offerings and solutions. Our agreements with our partners are generally nonexclusive, meaning our partners may offer their customers products and services of several different companies, including products and services that compete with ours, or may themselves be or become competitors. If our partners do not effectively market and sell our subscription offerings and solutions, choose to use greater efforts to market and sell their own products and services or those of our competitors, or fail to meet the needs of our customers, our ability to grow our business and sell our subscription offerings and solutions may be harmed. Our partners may cease marketing our subscription offerings or solutions with limited or no notice and with little or no penalty. In addition, acquisitions of our partners by our competitors could result in a decrease in the number of our current and potential customers, as our partners may no longer facilitate the adoption of our products and solutions by potential customers. The loss of a substantial number of our partners, our possible inability to replace them, or the failure to recruit additional partners could harm our growth objectives and operating results. Even if we are successful in maintaining and recruiting new partners, we cannot assure you that these relationships will result in increased customer usage of our products and solutions or increased revenue. Additionally, as the scale of our partnership efforts increases with our growth, the successful implementation of these relationships may become more time consuming, difficult and costly to realize which could negatively impact our business performance or our brand reputation.
Failure to establish and maintain relationships with partners that can provide complementary technology offerings and software integrations could limit our ability to grow our business.
Our products and solutions seamlessly integrate with hundreds of other software applications, including Salesforce, Google and Microsoft. Our growth strategy includes expanding the use of our products and solutions through complementary
technology offerings and software integrations, such as third-party APIs. While we have established partnerships with providers of complementary offerings and software integrations, we cannot guarantee that we will be successful in continuing to maintain and scale these partnerships or establishing partnerships with additional providers as we grow. In the future, third-party providers of complementary technology offerings and software integrations may decline to enter into, or may later terminate, relationships with us; change their features or platforms; restrict our access to their applications and platforms; alter the terms governing use of and access to their applications and APIs; or implement other changes that could functionally limit or terminate our ability to use these third-party technology offerings and software integrations with our platform, any of which could negatively impact our offerings and harm our business.
Further, these third-party providers may experience operational difficulties due to the current COVID-19 pandemic, which could limit or alter our ability to use these third-party technology offerings, which in turn could have an adverse impact on our result of operations.
Unfavorable conditions in our industry or the global economy or reductions in information technology spending could limit our ability to grow our business and negatively affect our operating results.
Our operating results may vary based on the impact of changes in our industry or the global economy on us and our existing and prospective customers. The revenue growth and potential profitability of our business depend on demand for our products and solutions. Current or future economic uncertainties or downturns could adversely affect our business and operating results. Negative conditions in the general economy both in the United States and abroad, including conditions resulting from changes in gross domestic product growth, financial and credit market fluctuations, political turmoil, natural catastrophes, warfare and terrorist attacks on the United States, Europe, the Asia Pacific region or elsewhere, could cause a decrease in business investments, including spending on information technology, and negatively affect the growth of our business. In addition, the COVID-19 pandemic has created significant additional uncertainty in the global economy. If the COVID-19 pandemic worsens, or continues for longer than expected, especially in regions in which we have material operations or sales, such as the United States, Canada, the United Kingdom, France, Germany, Ireland, Israel, Australia, Singapore, Japan, Brazil, Egypt or Sweden, our business activities originating from affected areas, including sales-related activities, could be adversely affected. Disruptive activities could include business closures in impacted areas and restrictions in our employees’ and other service providers’ ability to travel. To the extent our products and solutions are perceived by customers and potential customers as costly, or too difficult to deploy or migrate to, our revenue may be disproportionately affected by delays or reductions in general information technology spending. Also, competitors, many of whom are larger and more established than we are, may respond to market conditions by lowering prices and attempting to lure away our customers. In addition, the increased pace of consolidation in certain industries may result in reduced overall spending on our products and solutions. We cannot predict the timing, strength or duration of any economic slowdown, instability or recovery, generally or within any particular industry. If the economic conditions of the general economy or markets in which we operate worsen from present levels, our business, operating results and financial condition could be adversely affected.
We may require additional capital to support business growth and objectives, and this capital might not be available to us on reasonable terms, if at all, and may result in stockholder dilution.
We have funded our operations since inception primarily through equity financings, including our IPO and payments by our customers for use of our product offerings and related services. In addition, in September 2018, we offered and issued $575.0 million aggregate principal amount of 0.5% Convertible Senior Notes due 2023 (the “Notes”), including the initial purchasers’ exercise in full of their option to purchase up to an additional $75.0 million principal amount of Notes. We cannot be certain when or if our operations will generate sufficient cash to fund our ongoing operations or the growth of our business.
We intend to continue to make investments to support our business and, in the future, we may require additional funds. Additional financing may not be available on favorable terms, if at all. In addition, depending on the treatment of the currently outstanding Notes, or in the event that we incur additional debt, the debt holders would have rights senior to holders of common stock to make claims on our assets, and the terms of any future debt could restrict our operations, including our ability to pay dividends on our common stock. Further, if we issue additional equity securities, stockholders will experience dilution, and the new equity securities could have rights senior to those of our common stock. If adequate funds are not available on acceptable terms when we require it, we may be unable to invest in future growth opportunities, which could harm our business, operating results and financial condition.
We have incurred substantial indebtedness that may decrease our business flexibility, access to capital and/or increase our borrowing costs, and we may still incur substantially more debt, which may adversely affect our operations and financial results.
As of January 31, 2020, we had $575.0 million (undiscounted) principal amount of indebtedness under our Notes. Our indebtedness may:
•limit our ability to borrow additional funds for working capital, capital expenditures, acquisitions or other general business purposes;
•limit our ability to use our cash flow or obtain additional financing for future working capital, capital expenditures, acquisitions or other general business purposes;
•require us to use a substantial portion of our cash flow from operations to make debt service payments;
•limit our flexibility to plan for, or react to, changes in our business and industry;
•place us at a competitive disadvantage compared to our less leveraged competitors; and
•increase our vulnerability to the impact of adverse economic and industry conditions, including as a result of the COVID-19 pandemic.
Further, the indenture governing the Notes does not restrict our ability to incur additional indebtedness and we and our subsidiaries may incur substantial additional indebtedness in the future, subject to the restrictions contained in any future debt instruments existing at the time, some of which may be secured indebtedness.
If we fail to maintain our brand, our ability to expand our customer base will be impaired and our financial condition may suffer.
We believe that maintaining the DocuSign brand is important to supporting continued acceptance of our existing and future solutions, attracting new customers to our products and solutions and retaining existing customers. We also believe that the importance of our brand will increase as competition in our market increases. Successfully maintaining our brand will depend largely on the effectiveness of our marketing efforts, our ability to provide reliable and useful solutions to meet the needs of our customers at competitive prices, our ability to maintain our customers’ trust, our ability to continue to develop new functionality and solutions and our ability to successfully differentiate our products and solutions from our competitors’. Additionally, the performance of our partners may affect our brand and reputation if customers do not have a positive experience with our partners’ services. Brand promotion activities may not generate customer awareness or yield increased revenue, and even if they do, any increased revenue may not offset the expenses we incurred in building our brand. If we fail to successfully promote and maintain our brand, we may fail to attract enough new customers or retain our existing customers to the extent necessary to realize a sufficient return on our brand-building efforts, and our business could suffer.
The success of our business depends on customers’ continued and unimpeded access to our products and solutions on the internet.
Our customers must have internet access in order to use our products and solutions. Some providers may take measures that affect their customers’ ability to use our products and solutions, such as degrading the quality of the data packets we transmit over their lines, giving those packets lower priority, giving other packets higher priority than ours, blocking our packets entirely or attempting to charge their customers more for using our products and solutions.
In 2018, the U.S. Federal Communications Commission repealed net neutrality rules which would have barred internet providers from blocking or slowing down access to online content and protected services like ours from such interference. To the extent network operators attempt to interfere with our products and solutions, extract fees from us to deliver our solution or otherwise engage in discriminatory or anti-competitive practices, our business could be adversely impacted.
We could incur substantial costs in protecting or defending our proprietary rights, and any failure to adequately protect our rights could impair our competitive position and we may lose valuable assets, experience reduced revenue and incur costly litigation to protect our rights.
Our success is dependent, in part, upon protecting our proprietary technology. We rely on a combination of patents, copyrights, trademarks, service marks, trade secret laws and contractual provisions in an effort to establish and protect our proprietary rights. However, the steps we take to protect our intellectual property may be inadequate. While we have been issued patents in the United States and other countries and have additional patent applications pending, we may be unable to obtain patent protection for the technology covered in our patent applications. In addition, any patents issued in the future
may not provide us with competitive advantages or may be successfully challenged by third parties. Any of our patents, trademarks or other intellectual property rights may be challenged or circumvented by others or invalidated through administrative process or litigation. There can be no guarantee that others will not independently develop similar products, duplicate any of our products or design around our patents. Furthermore, legal standards relating to the validity, enforceability and scope of protection of intellectual property rights are uncertain. Despite our precautions, it may be possible for unauthorized third parties to copy our products and use information that we regard as proprietary to create products and solutions that compete with ours. Some license provisions protecting against unauthorized use, copying, transfer and disclosure of our products may be unenforceable under the laws of jurisdictions outside the United States. To the extent we expand our international activities, our exposure to unauthorized copying and use of our products and proprietary information may increase.
We enter into confidentiality and invention assignment agreements with our employees and consultants and enter into confidentiality agreements with the parties with whom we have strategic relationships and business alliances. No assurance can be given that these agreements will be effective in controlling access to and distribution of our products and proprietary information. Further, these agreements do not prevent our competitors or partners from independently developing technologies that are substantially equivalent or superior to our products and solutions.
In order to protect our intellectual property rights, we may be required to spend significant resources to monitor and protect these rights. Litigation may be necessary in the future to enforce our intellectual property rights and to protect our trade secrets. Litigation brought to protect and enforce our intellectual property rights could be costly, time consuming and distracting to management and could result in the impairment or loss of portions of our intellectual property. Furthermore, our efforts to enforce our intellectual property rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of our intellectual property rights. Our inability to protect our proprietary technology against unauthorized copying or use, as well as any costly litigation or diversion of our management’s attention and resources, could delay further sales or the implementation of our products and solutions, impair the functionality of our products and solutions, delay introductions of new solutions, result in our substituting inferior or more costly technologies into our products and solutions or injure our reputation. We will not be able to protect our intellectual property if we are unable to enforce our rights or if we do not detect unauthorized use of our intellectual property. Moreover, policing unauthorized use of our technologies, trade secrets and intellectual property may be difficult, expensive and time-consuming, particularly in foreign countries where the laws may not be as protective of intellectual property rights as those in the United States and where mechanisms for enforcement of intellectual property rights may be weak. If we fail to adequately protect our intellectual property and proprietary rights, our business, operating results and financial condition could be adversely affected.
We may be subject to legal proceedings and litigation for a variety of claims, including labor and employment issues, intellectual property disputes, securities law violations and other matters, which may be costly and may subject us to significant liability and increased costs of doing business. Our business may suffer if it is alleged or determined that our technology infringes the intellectual property rights of others or if the cost and time-commitment of litigation diverts resources from our other business activities.
From time to time, we may be involved as a party or an indemnitor in disputes or regulatory inquiries that arise in the ordinary course of business. These may include alleged claims, lawsuits and proceedings regarding labor and employment issues, commercial disagreements, securities law violations and other matters. In particular, the software industry is characterized by the existence of a large number of patents, copyrights, trademarks, trade secrets and other intellectual and proprietary rights. Companies in the software industry are often required to defend against litigation claims based on allegations of infringement or other violations of intellectual property rights. Our technologies may not be able to withstand any third-party claims or rights against their use. In addition, many of these companies have the capability to dedicate substantially greater resources to enforce their intellectual property rights and to defend claims that may be brought against them. Any litigation may also involve patent holding companies or other adverse patent owners that have no relevant product revenue and against which our patents may therefore provide little or no deterrence. If a third party is able to obtain an injunction preventing us from accessing such third-party intellectual property rights, or if we cannot license or develop technology for any infringing aspect of our business, we would be forced to limit or stop sales of our software or cease business activities covered by such intellectual property and may be unable to compete effectively. Any inability to license third-party technology in the future would have an adverse effect on our business or operating results and would adversely affect our ability to compete. We may also be contractually obligated to indemnify our customers in the event of infringement of a third party’s intellectual property rights. Responding to such claims, including those currently pending, regardless of their merit, can be time consuming, costly to defend in litigation and damage our reputation and brand.
We may be the subject of lawsuits that allege our products and solutions infringe the intellectual property rights of other companies. For example, in June 2011, RMail Limited, RPost Communications Limited and RPost Holdings filed a complaint against us for patent infringement in the United States District Court for the Eastern District of Texas. In October 2012, RPost Holdings Inc. and RPost Communications Limited filed another patent infringement complaint against us in the same court. In August 2019, we and such collective RPost entities entered into a settlement agreement and both cases were dismissed.
A decision in favor of the plaintiffs in any future lawsuits could subject us to significant liability for damages and our ability to develop and sell our products may be harmed. We also may be required to redesign our products, delay releases, enter into costly settlement or license agreements, pay costly damage awards, or face a temporary or permanent injunction prohibiting us from marketing or selling our products and solutions. Requiring us to change one or more aspects of the way we deliver our products and solutions may harm our business.
Regardless of the merits or ultimate outcome of any claims that have been or may be brought against us or that we may bring against others, lawsuits are time-consuming and expensive to resolve, divert management’s time and attention, and could harm our reputation. Although we carry general liability insurance, our insurance may not cover potential claims that arise or may not be adequate to indemnify us for all liability that may be imposed. We may also determine that the most cost-effective way to resolve a dispute is to enter into a settlement agreement. Litigation is inherently unpredictable and we cannot predict the timing, nature, controversy or outcome of lawsuits or cannot assure you that the results of any of these actions will not have an adverse effect on our business, operating results or financial condition.
We use open source software in our products, which could subject us to litigation or other actions.
We use open source software in our products and solutions. From time to time, there have been claims challenging the ownership of open source software against companies that incorporate open source software into their products. As a result, we could be subject to lawsuits by parties claiming ownership of what we believe to be open source software. Litigation could be costly for us to defend, have a negative effect on our operating results and financial condition or require us to devote additional research and development resources to change our products. In addition, if we were to combine our proprietary software products with open source software in a certain manner, we could, under certain of the open source licenses, be required to release the source code of our proprietary software products. If we inappropriately use or incorporate open source software subject to certain types of open source licenses that challenge the proprietary nature of our software products, we may be required to re-engineer our products, discontinue the sale of our products and solutions or take other remedial actions.
Indemnity provisions in various agreements potentially expose us to substantial liability for intellectual property infringement, data protection and other losses.
Our agreements with some customers and other third parties include indemnification provisions under which we agree to indemnify them for losses suffered or incurred as a result of claims of intellectual property infringement, data protection, damages caused by us to property or persons, or other liabilities relating to or arising from our offerings, solutions or other contractual obligations. Some of these indemnity agreements provide for uncapped liability for which we would be responsible, and some indemnity provisions survive termination or expiration of the applicable agreement. Large indemnity payments could harm our business, operating and financial condition. Although we normally contractually limit our liability with respect to such obligations, we may still incur substantial liability related to them and we may be required to cease use of certain functions of our products and solutions as a result of any such claims. In addition, our customer agreements generally include a warranty that the proper use of DocuSign by a customer in accordance with the agreement and applicable law will be sufficient to meet the definition of an “electronic signature” as defined in the ESIGN Act and eIDAS. Any warranty or indemnification claim brought by our customers could result in damage to our reputation and harm our business and operating results.
We rely on the performance of highly skilled personnel, including our management and other key employees, and the loss of one or more of such personnel, or of a significant number of our team members, could harm our business.
Our success and future growth depend upon the continued services of our management team and other key employees. From time to time, there may be changes in our management team resulting from the hiring or departure of executives and key employees, which could disrupt our business. For example, on September 8, 2020, Cynthia Gaylor became our Chief Financial Officer and Michael Sheridan, our outgoing Chief Financial Officer, became President of International. Our senior management and key employees are employed on an at-will basis. We may terminate any employee’s employment at any time, with or without cause, and any employee may resign at any time, with or without cause. If we lose one or more of our
senior management or other key employees and are unable to find adequate replacements, or if we fail to attract, retain and motivate members of our senior management team and key employees, our business could be harmed.
We also are dependent on the continued service of our existing software engineers because of the complexity of our products and solutions. In particular, we compete with many other companies for software developers with high levels of experience in designing, developing and managing cloud-based software, as well as for skilled sales and operations professionals. We also require skilled product development, marketing, sales, and operations professionals, and we may not be successful in attracting and retaining the professionals we need, particularly in our principal U.S. locations in the San Francisco Bay Area and Seattle. Competition for these employees in our industry (and especially in our principal U.S. locations) is intense, and many of the companies we compete with for experienced personnel have greater resources than we do.
In addition, certain immigration laws restrict or limit our ability to recruit internationally. Any changes to immigration policies that restrain the flow of technical and professional talent may inhibit our ability to recruit and retain highly qualified employees.
Our current operations are international in scope and we plan further geographic expansion, creating a variety of operational challenges.
A component of our growth strategy involves the further expansion of our operations and customer base internationally. In each of the years ended January 31, 2020, 2019 and 2018 total revenue generated from customers outside the U.S. was 18%, 17% and 17% of our total revenue. As of October 31, 2020, we have offices in the United States, the United Kingdom, France, Germany, Ireland, Israel, Australia, Singapore, Japan, Brazil, Sweden and Egypt. We are continuing to adapt to and develop strategies to address international markets but there is no guarantee that such efforts will have the desired effect. As of October 31, 2020, approximately 28% of our full-time employees were located outside of the United States. We expect that our international activities will continue to grow over the foreseeable future as we continue to pursue opportunities in existing and new international markets, which will require significant management attention and financial resources.
Our current international operations and future initiatives involve a variety of risks, including:
▪changes in a specific country’s or region’s political or economic conditions, including as a result of the COVID-19 pandemic;
▪exposure to regional public health issues, such as the COVID-19 pandemic, and to travel restrictions and other measures undertaken by governments in response to such issues;
▪the need to adapt and localize our products for specific countries, including providing customer support in different languages;
▪greater difficulty collecting accounts receivable and longer payment cycles;
▪potential changes in trade relations arising from U.S. policy initiatives;
▪unexpected changes in laws and regulatory requirements, including but not limited to, taxes or trade laws;
▪more stringent regulations relating to privacy and data security and the unauthorized use of, or access to, commercial and personal information, particularly in Europe;
▪differing labor regulations, especially in Europe, where labor laws are generally more advantageous to employees as compared to the United States, including deemed hourly wage and overtime regulations in these locations;
▪challenges inherent in efficiently managing an increased number of employees over large geographic distances, including the need to implement appropriate systems, policies, benefits and compliance programs;
▪difficulties in managing a business in new markets with diverse cultures, languages, customs, legal systems, alternative dispute systems and regulatory systems;
▪increased travel, real estate, infrastructure and legal compliance costs associated with international operations;
▪currency exchange rate fluctuations and the resulting effect on our revenue and expenses, and the cost and risk of entering into hedging transactions if we chose to do so in the future;
▪limitations on our ability to reinvest earnings from operations in one country to fund the capital needs of our operations in other countries;
▪laws and business practices favoring local competitors or general preferences for local vendors;
▪limited or insufficient intellectual property protection or difficulties enforcing our intellectual property;
▪political instability or terrorist activities;
▪exposure to liabilities under anti-corruption and anti-money laundering laws, including the U.S. Foreign Corrupt Practices Act of 1977, as amended (“FCPA”), the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the U.K. Bribery Act, and similar laws and regulations in other jurisdictions; and
▪adverse tax burdens and foreign exchange controls that could make it difficult to repatriate earnings and cash.
Our limited experience in operating our business internationally increases the risk that any potential future expansion efforts that we undertake may not be successful. If we invest substantial time and resources to further expand our international operations and are unable to do so successfully and in a timely manner, our business and operating results will suffer.
Risks Related to Governmental Regulation including Taxation
The requirements of being a public company, including developing and maintaining proper and effective disclosure controls and procedures and internal control over financial reporting, may strain our resources and divert management’s attention away from other business concerns.
As a public company, we are subject to the reporting requirements of the Securities Exchange Act of 1934, the Sarbanes-Oxley Act, the Dodd-Frank Wall Street Reform and Consumer Protection Act, the listing requirements of Nasdaq and other applicable securities rules and regulations that impose various requirements on public companies. Our management and other personnel devote a substantial amount of time to compliance with these requirements and such compliance has increased, and will continue to increase, our legal, accounting and financial costs.
The Sarbanes-Oxley Act requires, among other things, that we maintain effective disclosure controls and procedures and internal control over financial reporting. In order to maintain and improve the effectiveness of such controls, we have expended, and anticipate that we will continue to expend, significant resources. For example, since our IPO, we have hired additional accounting and financial staff with appropriate public company experience and technical accounting knowledge to assist in our compliance efforts.
In addition, we are required to comply with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act. We have incurred and expect to continue to incur significant expenses and devote substantial management effort toward compliance with the auditor attestation requirements of Section 404 of the Sarbanes-Oxley Act. To assist us in complying with these requirements we may need to hire more employees in the future, or engage outside consultants, which will increase our operating expenses.
Despite significant investment, our current controls and any new controls that we develop may become inadequate because of changes in business conditions. For example, because we have acquired companies in the past and may continue to do so in the future, we need to effectively expend resources to integrate the controls of these acquired entities with ours. Further, weaknesses in our disclosure controls and internal control over financial reporting may be discovered in the future. Any failure to implement and maintain effective internal control over financial reporting could adversely affect the results of periodic management evaluations and annual independent registered public accounting firm attestation reports regarding the effectiveness of our internal control over financial reporting that are required to be included in the periodic reports that we file with the SEC. If our management team or independent registered public accounting firm were to furnish an adverse report, or if it is determined that we have a material weakness or significant deficiency in our internal control over financial reporting, investors could lose confidence in the accuracy and completeness of our financial reports, the market price of our common stock could decline, and we could be subject to sanctions or investigations by Nasdaq, the SEC or other regulatory authorities or shareholder litigation.
In addition, as a result of the COVID-19 pandemic, most of our employees - including those critical to maintaining an effective system of disclosure controls and internal control over financial reporting - are working, and may continue to work for the near term, in a remote environment and not in the office environment from which they have historically performed their duties. We have limited experience maintaining effective control systems with our employees working in remote environments, and risks that we have not contemplated may arise and result in our failure to maintain effective disclosure controls or internal control over financial reporting.
We are subject to laws and regulations affecting our business, including those related to e-signature, marketing, advertising, privacy, data protection and information security. Our actual or perceived failure to comply with laws or regulations could harm our business. Complying with laws and regulations, in particular those related to privacy and data protection, could also result in additional costs and liabilities to us or inhibit sales of our software.
We receive, store and process personal information and other data from and about customers, our employees, partners and service providers. In addition, customers use our products and solutions to obtain and store personal information, health information (including protected health information) and personal financial information. Our handling of data is thus subject to a variety of laws and regulations, including regulation by various government agencies, such as the U.S. Federal Trade
Commission (the “FTC”), the U.S. Department of Health and Human Services Office for Civil Rights (the “OCR”), and various state, local and foreign agencies and other authorities. Our data handling also is subject to contractual obligations and industry standards.
The U.S. federal government and various state and foreign governments have adopted or proposed limitations on the collection, distribution, use and storage of data relating to individuals and businesses, including the use of contact information and other data for marketing, advertising and other communications with individuals and businesses. In the United States, various laws, and regulations and agency rules and opinions apply to the collection, processing, disclosure and security of certain types of data, including:
▪The Electronic Signatures in Global and National Commerce Act (“ESIGN Act”) in the United States, eIDAS in the EU and similar U.S. state laws, particularly the Uniform Electronic Transactions Act (the “UETA”), which authorize the creation of legally binding and enforceable agreements utilizing electronic records and signatures. We are particularly reliant on the UETA and the ESIGN Act, which together have solidified the legal landscape for use of electronic records and electronic signatures in commerce by confirming that electronic records and signatures carry the same weight and have the same legal effect as traditional paper documents and wet ink signatures.
▪The EU General Data Protection Regulation (the “GDPR”), which became effective in May 2018, imposes strict requirements related to processing the personal data of EU individuals. EU data protection authorities have the power to impose administrative fines for violations of the GDPR of up to a maximum of €20 million or 4% of a noncompliant company’s annual global turnover for the preceding financial year, whichever is higher, and violations of the GDPR may also lead to damages claims by data controllers and data subjects. Such penalties are in addition to any civil litigation claims. The GDPR imposes compliance burdens on us, including by mandating burdensome documentation requirements and granting certain privacy rights to individuals to control how we collect, use, disclose, retain and process information about them. Additionally, the United Kingdom (“UK”) implemented the Data Protection Act effective in May 2018 and statutorily amended in 2019, that substantially implements the GDPR and contains provisions, including UK-specific derogations, for how GDPR is applied in the UK. The Data Protection Act also imposes fines of up to the greater of £17 million of 4% of global turnover, in addition to the fines under the GDPR. The United Kingdom's planned departure in January 2020 from the EU (commonly referred to as Brexit) has created uncertainty with regard to the requirements for data transfers between the UK and the EU and other jurisdictions, and it is still unclear whether the transfer of data from the European Economic Area to the UK will remain lawful under GDPR following “Brexit.” The GDPR also imposes strict rules on the transfer of personal data out of the EU to the United States. These obligations may be interpreted and applied in a manner that is inconsistent from one jurisdiction to another and may conflict with other requirements or our practices. In addition, these rules are consistently under scrutiny.
▪On July 16, 2020, the Court of Justice of the EU (the “Court of Justice”) invalidated the European Union-United States (“EU-U.S.”) Privacy Shield on the grounds that the EU-US Privacy Shield failed to offer adequate protections to EU personal data transferred to the United States. On August 10, 2020, the U.S. Department of Commerce and the European Commission announced new discussions to evaluate the potential for an enhanced EU-U.S. Privacy Shield framework to comply with the July 16 judgment of the Court of Justice. We rely on approved Binding Corporate Rules as both a data processor and data controller, which provide an alternative to Privacy Shield certification for legalizing EU-U.S. cross-border flows of personal data within and among DocuSign entities and systems, in compliance with GDPR and other applicable data protection laws. Our SpringCM business, acquired in 2018, relied on the Privacy Shield at acquisition, but is expected to be included under our Binding Corporate Rules in the near-term. While the Court of Justice upheld the use of other data transfer mechanisms, such as the Binding Corporate Rules, the decision has led to some uncertainty regarding the use of such mechanisms for data transfers to the United States, and the court made clear that reliance on Binding Corporate Rules alone may not necessarily be sufficient in all circumstances. Use of the data transfer mechanisms must now be assessed on a case-by-case basis taking into account the legal regime applicable in the destination country, in particular applicable surveillance laws and rights of individuals. The European Data Protection Board issued additional guidance regarding the Court of Justice’s decision on November 11, 2020 which imposes higher burdens on the use of data transfer mechanisms, such as the Binding Corporate Rules, for cross-border data transfers. To comply with this guidance, we may need to implement additional safeguards to further enhance the security of data transferred out of the European Economic Area, which could increase our compliance costs, expose us to further regulatory scrutiny and liability, and adversely affect our business. Additional changes to data protection laws or regulations in the EU that limit or prevent transfers of personal data from the EU to the U.S. could cause us to incur penalties under GDPR and could increase the cost and complexity of operating our business.
▪The CCPA took effect on January 1, 2020 and became enforceable by the California Attorney General on July 1, 2020, along with related regulations which came into force on August 14, 2020. Additionally, although not effective until January 1, 2023, the California Privacy Rights Act (the “CPRA”), which expands upon the CCPA, was passed in the
recent election on November 3, 2020. The CCPA gives (and the CPRA will give) California residents expanded privacy rights, including the right to request correction, access, and deletion of their personal information, the right to opt out of certain personal information sharing, and the right to receive detailed information about how their personal information is processed. The CCPA and the CPRA provide for unlimited civil penalties for violations, as well as a private right of action for data breaches that is expected to increase data breach litigation. The CCPA may increase our compliance costs and potential liability, particularly in the event of a data breach. Additionally, the CCPA has prompted a number of proposals in the U.S. for new federal and state-level privacy legislation that, if passed, could increase our potential liability, increase our compliance costs, and adversely affect our business.
▪The Health Insurance Portability and Accountability Act (“HIPAA”) in the United States (as amended and supplemented by the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”) imposes mandatory contractual terms and other obligations with respect to safeguarding the privacy, security and transmission of protected health information. We may function as a HIPAA business associate for certain of our customers and, as such, are subject to applicable privacy and data security requirements. Failure to comply with HIPAA can result in significant civil monetary penalties and, in certain circumstances, criminal penalties and fines.
▪We may be subject to numerous other laws including the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, the Gramm Leach Bliley Act (“GLBA”), and other state laws relating to privacy. As such, we may be subject to increased liability and compliance costs, and noncompliance with the these regulations could adversely affect our business.
In addition, many foreign governments have established or are in the process of establishing privacy and data security legal frameworks with which we, our customers, partners or our vendors must comply. In certain cases these laws and regulations are more restrictive than those in the United States and apply broadly to the collection, use, storage, disclosure and security of various types of data. Such laws and regulations may be modified or subject to new or different interpretations, and new laws and regulations may be enacted in the future.
We expect that new laws, regulations and industry standards will continue to be proposed and enacted relating to privacy, data protection, marketing, advertising, electronic signatures, consumer communications and information security in the United States, the EU and other jurisdictions, and we cannot determine the impact such future laws, regulations and standards may have on our business. Future laws, regulations, standards and other obligations or any changed interpretation of existing laws or regulations could impair our ability to develop and market new functionality and maintain and grow our customer base and increase revenue. Future restrictions on the collection, use, sharing or disclosure of data or additional requirements for the express or implied consent of our customers, partners or end consumers for the use and disclosure of such information could require us to incur additional costs or modify our products and solutions, possibly in a material manner, and could limit our ability to develop new functionality.
If we are not able to comply with these laws or regulations or if we become liable under these evolving laws or regulations, we could be directly harmed, and we may be forced to implement new measures to reduce our exposure to this liability. This may require us to expend substantial resources or to discontinue certain solutions, which would negatively affect our business, operating results and financial condition. In addition, the increased attention focused upon liability issues as a result of lawsuits and legislative proposals could harm our reputation or otherwise impact the growth of our business. Any costs incurred as a result of this potential liability could harm our business and operating results.
Additionally, any failure or perceived failure by us to comply with laws, regulations, policies, legal or contractual obligations, industry standards, or regulatory guidance relating to privacy or data security, may result in governmental investigations and enforcement actions (including, for example, a ban by EU data protection authorities on the processing of EU personal data under the GDPR), litigation, fines and penalties or adverse publicity, and could cause our customers and partners to lose trust in us, which could have an adverse effect on our reputation and business.
Many of our customers deploy our products and solutions globally, and our products and solutions must comply with certain legal and regulatory requirements in varying countries. If our products and solutions fail to meet these requirements, we could incur significant liabilities and our financial condition may suffer.
Many customers use our products and solutions globally to comply with safe harbors and other legislation in the countries in which they transact business. For example, some of our customers rely on our certifications under the Federal Risk and Authorization Management Program in the U.S. and eIDAS in the EU to help satisfy their own legal and regulatory compliance requirements. If a court or regulatory body determines that our products and solutions are inadequate to meet these requirements, documents executed through our products and solutions could, in some instances, be rendered unenforceable, resulting in potential loss of customers, liability under customer contracts, and brand and reputational damage.
Our international operations and updates to U.S. federal tax legislation may subject us to potential adverse tax consequences.
We are expanding our international operations and staff to better support our growth into international markets. Our corporate structure and associated transfer pricing policies contemplate future growth into international markets, and consider the functions, risks and assets of the various entities involved in the intercompany transactions. We may be subject to taxation in international jurisdictions with increasingly complex tax laws and precedents which could have an adverse effect on our liquidity and operating results. The amount of taxes we pay in different jurisdictions may depend on the application of the tax laws of those jurisdictions, including the United States, to our international business activities, changes in tax rates, new or revised tax laws or interpretations of existing tax laws and policies and our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. Tax authorities in the jurisdictions in which we operate may challenge our transfer pricing policies and intercompany arrangements or disagree with our determinations as to the income and expenses attributable to specific jurisdictions. If such a challenge or disagreement were to occur, and our position was not sustained, we could be required to pay additional taxes, interest and penalties, which could result in one-time tax charges, higher effective tax rates, reduced cash flows and lower overall profitability of our operations. Our financial statements could fail to reflect adequate reserves to cover such a contingency. In addition, the authorities in these jurisdictions could review our tax returns and impose additional tax, interest and penalties, and the authorities could claim that various withholding requirements apply to us or to our subsidiaries or assert that benefits of tax treaties are not available to us or our subsidiaries which could have a material impact on us and the results of our operations.
We are subject to governmental export and import controls that could impair our ability to compete in international markets or subject us to liability if we violate the controls.
Our products and solutions are subject to U.S. export controls, including the Export Administration Regulations and economic sanctions administered by the Office of Foreign Assets Control, and we incorporate encryption technology into certain of our products and solutions. These encryption products and the underlying technology may be exported outside of the United States only with export authorizations, including by license, a license exception or other appropriate government authorizations, including the filing of an encryption registration.
Furthermore, our activities are subject to U.S. economic sanctions laws and regulations that prohibit the shipment of certain products and services without the required export authorizations, including to countries, governments and persons targeted by U.S. embargoes or sanctions. Obtaining the necessary export license or other authorization for a particular sale may be time-consuming and may result in the delay or loss of sales opportunities even if the export license ultimately may be granted. While we take precautions to prevent our products and solutions from being exported in violation of these laws, including obtaining authorizations for our encryption products, implementing IP address blocking and screenings against U.S. government and international lists of restricted and prohibited persons, we cannot guarantee that the precautions we take will prevent violations of export control and sanctions laws. Violations of U.S. sanctions or export control laws can result in significant fines or penalties and possible incarceration for responsible employees and managers could be imposed for criminal violations of these laws.
In addition, if our strategic partners fail to obtain appropriate import, export or re-export licenses or permits, we may also be adversely affected, through reputational harm as well as other negative consequences including government investigations and penalties. We presently incorporate export control compliance requirements to our strategic partner agreements; however, no assurance can be given that our strategic partners will comply with such requirements.
Foreign governments also regulate the import and export of certain encryption and other technology, including import and export licensing requirements, and have enacted laws that could limit our ability to distribute our products and solutions or
could limit our end-customers’ ability to implement our products and solutions in those countries. Changes in our products and solutions or future changes in export and import regulations may create delays in the introduction of our products and solutions in international markets, prevent our end-customers with international operations from deploying our products and solutions globally or, in some cases, prevent the export or import of our products and solutions to certain countries, governments or persons altogether. From time to time, various governmental agencies have proposed additional regulation of encryption technology, including the escrow and government recovery of private encryption keys. Any change in export or import regulations, economic sanctions or related legislation, increased export and import controls or change in the countries, governments, persons or technologies targeted by such regulations, could result in decreased use of our products and solutions by, or in our decreased ability to export or sell our products and solutions to, existing or potential end-customers with international operations. Any decreased use of our products and solutions or limitation on our ability to export or sell our products and solutions would adversely affect our business, operating results and prospects.
We are subject to anti-corruption, anti-bribery, anti-money laundering, and similar laws, and non-compliance with such laws can subject us to criminal and/or civil liability and harm our business.
We are subject to the FCPA, the U.S. domestic bribery statute contained in 18 U.S.C. § 201, the U.S. Travel Act, the U.K. Bribery Act, and other anti-bribery and anti-money laundering laws in the countries in which we conduct activities. Anti-corruption and anti-bribery laws have been enforced aggressively in recent years and are interpreted broadly to generally prohibit companies and their employees and third-party intermediaries from authorizing, offering, or providing, directly or indirectly, improper payments or benefits to recipients in the public or private sector. As we increase our international sales and business and sales to the public sector, we may engage with business partners and third-party intermediaries to market our products and solutions and to obtain necessary permits, licenses, and other regulatory approvals. In addition, we or our third-party intermediaries may have direct or indirect interactions with officials and employees of government agencies or state-owned or affiliated entities. We can be held liable for the corrupt or other illegal activities of these third-party intermediaries, our employees, representatives, contractors, partners, and agents, even if we do not explicitly authorize such activities.
While we have policies and procedures to address compliance with such laws, we cannot assure you that our employees and agents will not take actions in violation of our policies and applicable law, for which we may be ultimately held responsible. As we increase our international sales and business, our risks under these laws may increase.
Detecting, investigating and resolving actual or alleged violations can require a significant diversion of time, resources and attention from senior management. In addition, noncompliance with anti-corruption, anti-bribery, or anti-money laundering laws could subject us to whistleblower complaints, investigations, sanctions, settlements, prosecution, other enforcement actions, disgorgement of profits, significant fines, damages, other civil and criminal penalties or injunctions, suspension and/or debarment from contracting with certain persons, the loss of export privileges, reputational harm, adverse media coverage and other collateral consequences. If any subpoenas or investigations are launched, or governmental or other sanctions are imposed, or if we do not prevail in any possible civil or criminal litigation, our business, operating results and financial condition could be materially harmed. In addition, responding to any action will likely result in a materially significant diversion of management’s attention and resources and significant defense costs and other professional fees. Enforcement actions and sanctions could further harm our business, operating results and financial condition.
We could be required to collect additional sales taxes or be subject to other tax liabilities that may increase the costs our clients would have to pay for our offering and adversely affect our operating results.
A successful assertion by one or more states requiring us to collect taxes where we presently do not do so, or to collect more taxes in a jurisdiction in which we currently do collect some taxes, could result in substantial tax liabilities, including taxes on past sales, as well as penalties and interest. Any imposition by state governments or local governments of sales tax collection obligations on out-of-state sellers could also create additional administrative burdens for us, put us at a competitive disadvantage if they do not impose similar obligations on our competitors and decrease our future sales, which could have a material adverse impact on our business and operating results.
Our ability to use our net operating loss carryforwards to offset future taxable income may be subject to certain limitations.
As of January 31, 2020, we had accumulated net operating loss carryforwards of $1.7 billion for federal and $856.8 million for state, respectively. Of the total federal net operating losses, $105.8 million is carried forward indefinitely and is not limited to 80% of taxable income, and $1.2 billion is carried forward indefinitely but is limited to 80% taxable income. The
remaining federal and state net operating loss carryforwards will begin to expire in 2025 and 2021, respectively. As of January 31, 2020, we also had total foreign net operating loss carryforwards of $16.6 million, which do not expire under local law. We also have total U.S. federal and state research tax credits of $51.6 million. The U.S. federal research tax credits will begin to expire in 2033. The U.S. state research tax credits do not expire.
Under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended, our ability to utilize net operating loss carryforwards or other tax attributes, such as research tax credits, in any taxable year may be limited if we experience an “ownership change.” An “ownership change” generally occurs if one or more stockholders or groups of stockholders who own at least 5% of our stock increase their ownership by more than 50 percentage points over their lowest ownership percentage within a rolling three-year period. Similar rules may apply under state tax laws. Future issuances of our stock could cause an “ownership change.” It is possible that any future ownership change could have a material effect on the use of our net operating loss carryforwards or other tax attributes, which could adversely affect our profitability.
General Risk Factors
Our reported financial results may be adversely affected by changes in accounting principles generally accepted in the United States.
U.S. GAAP are subject to interpretation by the Financial Accounting Standards Board (the “FASB”), the SEC and various bodies formed to promulgate and interpret accounting principles. A change in these principles or interpretations could have a significant effect on our reported financial results and could affect the reporting of transactions completed before the announcement of a change.
If our estimates or judgments relating to our critical accounting policies prove to be incorrect, our operating results could be adversely affected.
The preparation of financial statements in conformity with GAAP requires management to make estimates and assumptions that affect the amounts reported in our consolidated financial statements and accompanying notes. We base our estimates on historical experience and on various other assumptions that we believe to be reasonable under the circumstances, as provided in the section titled “Management’s Discussion and Analysis of Financial Condition and Results of Operations.” The results of these estimates form the basis for making judgments about the carrying values of assets, liabilities and equity, and the amount of revenue and expenses that are not readily apparent from other sources. Significant assumptions and estimates used in preparing our consolidated financial statements include those related to allocation of revenue between recognized and deferred amounts, goodwill and intangible assets, fair value of financial instruments, valuation of stock-based compensation, and the valuation allowance for deferred income taxes. Our operating results may be adversely affected if our assumptions change or if actual circumstances differ from those in our assumptions, which could cause our operating results to fall below the expectations of securities analysts and investors, resulting in a decline in the trading price of our common stock.
We are exposed to fluctuations in currency exchange rates, which could negatively affect our operating results.
Our sales contracts are primarily denominated in U.S. dollars, and therefore substantially all of our revenue is not subject to foreign currency risk. However, a strengthening of the U.S. dollar could increase the real cost of our offerings to our customers outside of the United States, which could adversely affect our operating results. In addition, an increasing portion of our operating revenues and operating expenses are earned or incurred outside of the United States, and an increasing portion of our assets is held outside of the United States. These operating revenues, expenses and assets are denominated in foreign currencies and are subject to fluctuations due to changes in foreign currency exchange rates. If we are not able to successfully hedge against the risks associated with currency fluctuations, our operating results could be adversely affected.
Natural catastrophic events and man-made problems such as power disruptions, computer viruses, data security breaches, and terrorism may disrupt our business.
We rely heavily on our network infrastructure and information technology systems for our business operations. A disruption or failure of these systems in the event of online attack, earthquake, fire, terrorist attack, public health crisis (such as the COVID-19 pandemic), power loss, telecommunications failure or other similar catastrophic event could cause system interruptions, delays in accessing our service, reputational harm and loss of critical data or could prevent us from providing our products and solutions to our customers. A catastrophic event that results in the destruction or disruption of our data centers, or our network infrastructure or information technology systems, including any errors, defects or failures in third-party hardware, could affect our ability to conduct normal business operations and adversely affect our operating results.
In addition, as computer malware, viruses and computer hacking, fraudulent use attempts and phishing attacks have become more prevalent, we face increased risk from these activities to maintain the performance, reliability, security and availability of our products and technical infrastructure to the satisfaction of our customers. Any such computer malware, viruses, computer hacking, fraudulent use attempts, phishing attacks or other data security breaches to our network infrastructure or information technology systems or to computer hardware we lease from third parties, could, among other things, harm our reputation and our ability to retain existing customers and attract new customers.
Risks Related to Ownership of Our Common Stock
Our stock price may be volatile, and the value of our common stock may decline.
The market price of our common stock may be highly volatile and may fluctuate or decline substantially as a result of a variety of factors, some of which are beyond our control or are related in complex ways, including:
▪the current COVID-19 pandemic and any associated economic downturn;
▪actual or anticipated fluctuations in our financial condition and operating results;
▪variance in our financial performance from expectations of securities analysts;
▪issuance of research reports by securities analysts, including publishing unfavorable reports;
▪changes in the prices of subscriptions to our products and solutions;
▪changes in our projected operating and financial results;
▪changes in laws or regulations applicable to our products and solutions;
▪announcements by us or our competitors of significant business developments, acquisitions or new offerings;
▪our involvement in any litigation;
▪future sales of our common stock or other securities by us or our stockholders;
▪changes in senior management or key personnel;
▪the trading volume of our common stock;
▪changes in the anticipated future size and growth rate of our market;
▪changes in the political climate in the United States;
▪terrorist attacks, natural disasters, public health crises (such as the COVID-19 pandemic) or other such events impacting countries where we have operations; and
▪general economic, regulatory and market conditions.
In addition, broad market and industry fluctuations, as well as general economic, political, regulatory and market conditions, may negatively impact the market price of our common stock. In the past, companies that have experienced volatility in the market price of their securities have been subject to securities class action litigation. We may be the target of this type of litigation in the future, which could result in substantial costs and divert our management’s attention.
Future sales of our common stock in the public market could cause the market price of our common stock to decline.
Sales of a substantial number of shares of our common stock in the public market, or the perception that these sales might occur, could depress the market price of our common stock and could impair our ability to raise capital through the sale of additional equity securities. We have a currently effective Registration Statement on Form S-3 registering for sale approximately 247,030 shares of our common stock in connection with our acquisition of Liveoak. We are unable to predict the effect that such sales may have on the prevailing market price of our common stock.
Under our investors’ rights agreement, certain stockholders can require us to register shares owned by them for public sale in the United States. In addition, we filed a registration statement to register shares reserved for future issuance under our equity compensation plans. As a result, subject to the satisfaction of applicable exercise periods and the expiration or waiver of the market standoff agreements and lock-up agreements referred to above, the shares issued upon exercise of outstanding stock options or upon settlement of outstanding RSU awards will be available for immediate resale in the United States in the open market.
Future sales of shares of our common stock may make it more difficult for us to sell equity securities in the future at a time and at a price that we deem appropriate. These sales also could cause the trading price of our common stock to decline and make it more difficult for you to sell shares of our common stock.
Future sale and issuances of our common stock, including pursuant to our Employee Stock Purchase Plan (“ESPP”) and our 2018 Equity Incentive Plan (“2018 Plan”) could result in dilution to our stockholders and could cause our stock price to fall.
Our ESPP provides eligible employees with the opportunity to purchase shares of our common stock at a discounted price per share. As of October 31, 2020, 6.3 million shares of our common stock are reserved for issuance under our ESPP. Pursuant to our 2018 Plan, our management is authorized to grant stock options, restricted stock units and other equity awards to our employees, directors and consultants. As of October 31, 2020, 32.4 million shares of our common stock are reserved and available for issuance under our 2018 Plan. Additionally, the number of shares of our common stock reserved for issuance under our ESPP and 2018 Plan will automatically increase on February 1 of each year, through and including February 1, 2028, by 1% and 5%, respectively, of the total number of shares of our capital stock outstanding on January 31 of the preceding fiscal year, or a lesser number of shares determined by our board of directors. Unless our board of directors elects not to increase the number of shares available for future purchase or grant each year, our stockholders may experience additional dilution, which could cause our stock price to fall.
If securities or industry analysts do not publish research or publish unfavorable or inaccurate research about our business, our stock price and trading volume could decline.
The trading market for our common stock depends, in part, on the research and reports that securities or industry analysts publish about us or our business. We do not have any control over these analysts. If the number of analysts that cover us declines or if analysts do not publish research or reports about our business, delay publishing reports about our business or publish negative reports about our business, regardless of accuracy, our stock price and trading volume could decline.
Regardless of accuracy, unfavorable interpretations of our financial information and other public disclosures could have a negative impact on our stock price. If our financial performance fails to meet analyst estimates or one or more of the analysts who cover us downgrade our common stock or change their opinion of our common stock, our stock price would likely decline.
We do not intend to pay dividends for the foreseeable future and, as a result, your ability to achieve a return on your investment will depend on appreciation in the price of our common stock.
We have never declared or paid any cash dividends on our capital stock, and we do not intend to pay any cash dividends in the foreseeable future. Any determination to pay dividends in the future will be at the discretion of our board of directors. Accordingly, investors must rely on sales of their common stock after price appreciation, which may never occur, as the only way to realize any future gains on their investments.
Concentration of ownership of our common stock among our existing executive officers, directors and principal stockholders may prevent new investors from influencing significant corporate decisions.
Our executive officers, directors and current beneficial owners of 5% or more of our common stock beneficially own a significant percentage of our outstanding common stock. These persons, acting together, will be able to significantly influence all matters requiring stockholder approval, including the election and removal of directors and any merger or other significant corporate transactions. The interests of this group of stockholders may not coincide with the interests of other stockholders.
Anti-takeover provisions in our charter documents and under Delaware law could make an acquisition of our company more difficult, limit attempts by our stockholders to replace or remove our current management and limit the market price of our common stock.
Provisions in our amended and restated certificate of incorporation and amended and restated bylaws may have the effect of delaying or preventing a change of control or changes in our management. Our amended and restated certificate of incorporation and amended and restated bylaws include provisions that:
▪authorize our board of directors to issue, without further action by the stockholders, shares of undesignated preferred stock with terms, rights and preferences determined by our board of directors that may be senior to our common stock;
▪require that any action to be taken by our stockholders be effected at a duly called annual or special meeting and not by written consent;
▪specify that special meetings of our stockholders can be called only by our board of directors, the chairperson of our board of directors, or our chief executive officer;
▪establish an advance notice procedure for stockholder proposals to be brought before an annual meeting, including proposed nominations of persons for election to our board of directors;
▪establish that our board of directors is divided into three classes, with each class serving three-year staggered terms;
▪prohibit cumulative voting in the election of directors;
▪provide that our directors may be removed for cause only upon the vote of sixty-six and two-thirds percent (66 2/3%) of our outstanding shares of common stock;
▪provide that vacancies on our board of directors may be filled only by a majority of directors then in office, even though less than a quorum; and
▪require the approval of our board of directors or the holders of at least sixty-six and two-thirds percent (66 2/3%) of our outstanding shares of common stock to amend our bylaws and certain provisions of our certificate of incorporation.
These provisions may frustrate or prevent any attempts by our stockholders to replace or remove our current management by making it more difficult for stockholders to replace members of our board of directors, which is responsible for appointing the members of our management. In addition, because we are incorporated in Delaware, we are governed by the provisions of Section 203 of the Delaware General Corporation Law, which generally, subject to certain exceptions, prohibits a Delaware corporation from engaging in any of a broad range of business combinations with any “interested” stockholder for a period of three years following the date on which the stockholder became an “interested” stockholder. Any delay or prevention of a change of control transaction or changes in our management could cause the market price of our common stock to decline.
Our amended and restated certificate of incorporation provides that the Court of Chancery of the State of Delaware or the U.S. federal district courts are the exclusive forums for substantially all disputes between us and our stockholders, which could limit our stockholders’ ability to obtain a favorable judicial forum for disputes with us or our directors, officers or other employees.
Our amended and restated certificate of incorporation provides that the Court of Chancery of the State of Delaware is the sole and exclusive forum for any derivative action or proceeding brought on our behalf, any action asserting a breach of fiduciary duty owed by any of our directors, officers or other employees to us or our stockholders, any action asserting a claim against us arising pursuant to any provisions of the Delaware General Corporation Law, our amended and restated certificate of incorporation or our amended and restated bylaws, or any action asserting a claim against us that is governed by the internal affairs doctrine. If a court were to find any of these exclusive-forum provisions in our amended and restated certificate of incorporation to be inapplicable or unenforceable in an action, we may incur additional costs associated with resolving the dispute in other jurisdictions, which could seriously harm our business.
Section 22 of the Securities Act creates concurrent jurisdiction for federal and state courts over all claims brought to enforce any duty or liability created by the Securities Act or the rules and regulations thereunder. Our amended and restated certificate of incorporation, however, provides that the U.S. federal district courts will be the exclusive forum for resolving any complaint asserting a cause of action arising under the Securities Act. In December 2018, the Delaware Chancery Court issued an opinion invalidating provisions similar to ours limiting to U.S. federal court the forum in which a stockholder is able to bring a claim under the Securities Act (“Federal Forum Provision”). On March 18, 2020, however, the Delaware Supreme Court reversed the decision of the Delaware Chancery Court and held that such provisions are facially valid. In light of that recent decision, we announced that we may in the future enforce our Federal Forum Provision. While there can be no assurance that federal courts or other state courts will follow the holding of the Delaware Supreme Court or determine that the Federal Forum Provision should be enforced in a particular case, application of the Federal Forum Provision generally means that suits brought by our stockholders to enforce any duty or liability created by the Securities Act must be brought in federal court and cannot be brought in state court. While the Federal Forum Provision does not apply to suits brought to enforce any duty or liability created by the Exchange Act, Section 27 of the Exchange Act creates exclusive federal jurisdiction over all claims brought to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder. Accordingly, actions by our stockholders to enforce any duty or liability created by the Exchange Act or the rules and regulations thereunder also must be brought in federal court. Our stockholders will not be deemed to have waived our compliance with the federal securities laws and the regulations promulgated thereunder.
Any person or entity purchasing or otherwise acquiring or holding any interest in any of our securities shall be deemed to have notice of and consented to our exclusive forum provisions, including the Federal Forum Provision. These provisions may limit a stockholder’s ability to bring a claim in a judicial forum of the stockholder's choosing for disputes with us or our directors, officers, or other employees, which may discourage lawsuits against us and our directors, officers, and other employees.
Risks Related to Our Notes
We may not have the ability to raise the funds necessary to settle conversions of the Notes in cash or to repurchase the Notes upon a fundamental change, and our future debt may contain limitations on our ability to pay cash upon conversion or repurchase of the Notes.
Subject to certain conditions, holders of the Notes may require us to repurchase for cash all or a portion of their Notes upon the occurrence of a fundamental change (as defined in the indenture governing the Notes) at a repurchase price equal to 100% of the principal amount of the Notes to be repurchased, plus accrued and unpaid interest, if any, to, but excluding, the fundamental change repurchase date. In addition, if a make-whole fundamental change (as defined in the indenture for the Notes) occurs prior to the maturity date of the Notes, we will in some cases be required to increase the conversion rate for a holder that elects to convert its Notes in connection with such make-whole fundamental change. Upon a conversion of the Notes, unless we elect to deliver solely shares of our common stock to settle such conversion (other than paying cash in lieu of delivering any fractional share), we will be required to make cash payments in respect of the Notes being converted. However, we may not have enough available cash or be able to obtain financing at the time we are required to make repurchases of Notes surrendered therefor or pay cash with respect to Notes being converted.
In addition, our ability to repurchase or to pay cash upon conversion of the Notes may be limited by law, regulatory authority or agreements governing our future indebtedness. Our failure to repurchase the Notes at a time when the repurchase is required by the indenture governing the Notes or to pay cash upon conversion of the Notes as required by the indenture would constitute a default under the indenture. A default under the indenture or the fundamental change itself could also lead to a default under agreements governing our future indebtedness. If the payment of the related indebtedness were to be accelerated after any applicable notice or grace periods, we may not have sufficient funds to repay the indebtedness and repurchase the Notes or to pay cash upon conversion of the Notes.
Servicing our debt requires a significant amount of cash, and we may not have sufficient cash flow from our business to pay our substantial debt.
Our ability to make scheduled payments of the principal of, to pay interest on or to refinance our indebtedness, including the amounts payable under the Notes, and any future borrowings or other future indebtedness, depends on our future performance, which is subject to economic, financial, competitive and other factors beyond our control. Our business may not continue to generate cash flow from operations in the future sufficient to service our debt and make necessary capital expenditures. If we are unable to generate such cash flow, we may be required to adopt one or more alternatives, such as selling assets, restructuring debt or obtaining additional equity capital on terms that may be onerous or highly dilutive. Our ability to refinance our indebtedness will depend on the capital markets and our financial condition at such time. We may not be able to engage in any of these activities or engage in these activities on desirable terms, which could result in a default on our debt obligations.
We may still incur substantially more debt or take other actions that would diminish our ability to make payments on the Notes when due.
We and our subsidiaries may incur substantial additional debt in the future, some of which may be secured debt. We are not restricted under the terms of the indenture governing the Notes from incurring additional debt, securing existing or future debt, recapitalizing our debt or taking a number of other actions that could have the effect of diminishing our ability to make payments on the Notes when due. Furthermore, the indenture prohibits us from engaging in certain mergers or acquisitions unless, among other things, the surviving entity assumes our obligations under the Notes and the indenture. These and other provisions in the indenture could deter or prevent a third party from acquiring us even when the acquisition may be favorable to holders of the Notes.
The conditional conversion feature of the Notes, if triggered, may adversely affect our financial condition and operating results.
In the event the conditional conversion feature of the Notes is triggered, holders of the Notes will be entitled to convert the Notes at any time during specified periods at their option. If one or more holders elect to convert their Notes, unless we elect to satisfy our conversion obligation by delivering solely shares of our common stock (other than by paying cash in lieu of delivering any fractional share), we may settle all or a portion of our conversion obligation in cash, which could adversely affect our liquidity. In addition, even if holders do not elect to convert their Notes, we could be required under applicable
accounting rules to reclassify all or a portion of the outstanding principal of the Notes as a current rather than long-term liability, which would result in a material reduction of our net working capital. The last reported sales price of our common stock was greater than or equal to 130% of the conversion price for at least 20 trading days during a period of 30 consecutive trading days ending on, and including, the last trading day of the three months ended July 31, 2020 and October 31, 2020. As a result, the Notes became convertible on August 1, 2020 and continue to be convertible through January 31, 2021.
The capped call transactions may affect the value of the Notes and our common stock.
In connection with the Notes, we entered into capped call transactions with certain financial institutions, or the option counterparties. The capped call transactions are expected generally to reduce the potential dilution upon any conversion of the Notes and/or offset any cash payments we are required to make in excess of the principal amount upon conversion of the Notes, with such reduction and/or offset subject to a cap.
In connection with establishing their initial hedges of the capped call transactions, the option counterparties and/or their respective affiliates purchased shares of our common stock and/or entered into various derivative transactions with respect to our common stock. This activity could have increased (or reduced the size of any decrease in) the market price of our common stock or the Notes at that time.
In addition, the option counterparties and/or their respective affiliates may modify their hedge positions by entering into or unwinding various derivatives with respect to our common stock and/or purchasing or selling our common stock in secondary market transactions (and are likely to do so during any observation period related to a conversion of notes or following any repurchase of notes by us on any fundamental change repurchase date or otherwise). This activity could also cause or avoid an increase or a decrease in the price of our common stock or the Notes.
The potential effect, if any, of these transactions and activities on the price of our common stock or the Notes will depend in part on market conditions and cannot be ascertained at this time. Any of these activities could adversely affect the value of our common stock.
Conversion of the Notes will dilute the ownership interest of existing stockholders, including holders who had previously converted their Notes, or may otherwise depress the price of our common stock.
The conversion of some or all of the Notes will dilute the ownership interests of existing stockholders to the extent we deliver shares of our common stock upon conversion of any of the Notes. Pursuant to the terms of the indenture governing the Notes, the Notes became convertible on August 1, 2020 and continue to be convertible through January 31, 2021. Any sales in the public market of the common stock issuable upon such conversion could adversely affect prevailing market prices of our common stock. In addition, the existence of the Notes may encourage short selling by market participants because the conversion of the Notes could be used to satisfy short positions, or anticipated conversion of the Notes into shares of our common stock could depress the price of our common stock.
The accounting method for convertible debt securities that may be settled in cash, such as the Notes, could have a material effect on our reported financial results.
In May 2008, the FASB issued FASB Staff Position No. APB 14-1, Accounting for Convertible Debt Instruments That May Be Settled in Cash Upon Conversion (Including Partial Cash Settlement), which has subsequently been codified as Accounting Standards Codification 470-20, Debt with Conversion and Other Options (“ASC 470-20”). Under ASC 470-20, an entity must separately account for the liability and equity components of the convertible debt instruments (such as the Notes) that may be settled entirely or partially in cash upon conversion in a manner that reflects the issuer’s economic interest cost. The effect of ASC 470-20 on the accounting for the Notes is that the equity component is required to be included in the additional paid-in capital section of stockholders’ equity on our consolidated balance sheet, and the value of the equity component would be treated as original issue discount for purposes of accounting for the debt component of the Notes. As a result, we will be required to record a greater amount of non-cash interest expense in current periods presented as a result of the amortization of the discounted carrying value of the Notes to their face amount over the term of the Notes. We will report larger net losses or lower net income in our financial results because ASC 470-20 will require interest to include both the current period’s amortization of the debt discount and the instrument’s non-convertible coupon interest, which could adversely affect our reported or future financial results, the trading price of our common stock and the trading price of the Notes.
In addition, under certain circumstances, convertible debt instruments (such as the Notes) that may be settled entirely or partly in cash are currently accounted for utilizing the treasury stock method, the effect of which is that the shares issuable
upon conversion of the Notes are not included in the calculation of diluted loss per share except to the extent that the conversion value of the Notes exceeds their principal amount. Under the treasury stock method, for diluted loss per share purposes, the transaction is accounted for as if the number of shares of common stock that would be necessary to settle such excess, if we elected to settle such excess in shares, are issued. We cannot be sure that the accounting standards in the future will continue to permit the use of the treasury stock method. If we are unable to use the treasury stock method in accounting for the shares issuable upon conversion of the Notes, then our diluted loss per share would be adversely affected.
ITEMS 2, 3, 4 and 5 are not applicable and have been omitted.