o
|
REGISTRATION STATEMENT PURSUANT TO SECTION 12(b) OR (g) OF THE SECURITIES EXCHANGE ACT OF 1934
|
OR
x
|
ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934 for the fiscal year ended December 31, 2015
|
OR
o
|
TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
|
|
For the transition period from _________________ to ________________
|
OR
o
|
SHELL COMPANY REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE SECURITIES EXCHANGE ACT OF 1934
|
Date of event requiring this shell company report………….
Commission file number 000–26495
CYREN LTD.
(Exact name of Registrant as specified in its charter and
translation of Registrant’s name into English)
Israel
(Jurisdiction of incorporation or organization)
1 Sapir Road
5th Floor, Beit Ampa
P.O. Box 4014
Herzliya 46140, Israel
011–972–9–863–6888
(Address of principal executive offices)
J. Michael Myshrall, Chief Financial Officer, 7925 Jones Branch Drive, Suite 5200, McLean, VA 22102, Fax: 703-842-8227
(Name, Telephone, Email and/or Facsimile number and Address of Company Contact Person)
Securities registered or to be registered pursuant to Section 12(b) of the Act:
Title of each class
|
Name of each exchange on which registered
|
Ordinary Shares, par value ILS 0.15 per share
|
NASDAQ Capital Market
|
Securities registered or to be registered pursuant to Section 12(g) of the Act: None
Securities for which there is a reporting obligation pursuant to Section 15(d) of the Act: None
Indicate the number of outstanding shares of each of the issuer’s classes of capital or common stock as of the close of the period covered by the annual report (December 31, 2015).
Ordinary Shares, par value ILS 0.15 39,121,198
Indicate by check mark if the registrant is a well-known seasoned issuer, as defined in Rule 405 of the Securities Act.
Yes o No x
If this report is an annual or transition report, indicate by check mark if the registrant is not required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934.
Yes o No x
Note: Checking the above box will not relieve any registrant required to file reports pursuant to Section 13 or 15(d) of the Securities Exchange Act of 1934 from their obligations under those Sections.
Indicate by check mark whether the registrant (1) has filed all reports required to be filed by Section 13 or 15(d) of the Securities Exchange Act of 1934 during the preceding 12 months (or for such shorter period that the registrant was required to file such reports), and (2) has been subject to such filing requirements for the past 90 days.
Yes x No o
Indicate by check mark whether the registrant has submitted electronically and posted on its corporate web site, if any, every Interactive Data File required to be submitted and posted pursuant to Rule 405 of Regulation S-T (§232.405 of this chapter) during the preceding 12 months (or for such shorter period that the registrant was required to submit and post such files).
Yes x No o
Indicate by check mark whether the registrant is a large accelerated filer, an accelerated filer or a non-accelerated filer. See definition of “accelerated filer and large accelerated filer” in Rule 12b-2 of the Exchange Act. Check one:
Large accelerated filer o
|
Accelerated filer o
|
Non-accelerated filer x
|
Indicate by check mark which basis of accounting the registrant has used to prepare the financial statements included in this filing.
U.S. GAAP x
|
International Financial Reporting Standards as issued by the
International Accounting Standards Board o
|
Other o
|
If “Other” has been checked in response to the previous question, indicate by check mark which financial statement item the registrant has elected to follow.
Item 17 o Item 18 o
If this is an annual report, indicate by check mark whether the registrant is a shell company (as defined in Rule 12b-2 of the Exchange Act).
Yes o No x
(APPLICABLE ONLY TO ISSUERS INVOLVED IN BANKRUPTCY PROCEEDINGS DURING THE PAST FIVE YEARS)
Indicate by check mark whether the registrant has filed all documents and reports required to be filed by Sections 12, 13 or 15(d) of the Securities Exchange Act of 1934 subsequent to the distribution of securities under a plan confirmed by a court.
Yes o No o
FORWARD-LOOKING STATEMENTS
Except for the historical information contained in this Annual Report, the statements contained in this Annual Report are “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995, as amended, and other federal securities laws with respect to our business, financial condition and results of operations. Such forward-looking statements reflect our current view with respect to future events and financial results.
We urge you to consider that statements which use the terms “anticipate,” “believe,” “expect,” “plan,” “intend,” “estimate” and similar expressions are intended to identify forward-looking statements. We remind readers that forward-looking statements are merely predictions and therefore inherently subject to uncertainties and other factors and involve known and unknown risks that could cause our actual results, performance, levels of activity, or achievements, or industry results, to be materially different from those expressed or implied by such forward-looking statements. Such forward-looking statements appear in “Item 4. Information on the Company” and “Item 5. Operating and Financial Review and Prospects,” as well as elsewhere in this Annual Report. Readers are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. Except as required by applicable law, including the securities laws of the United States, we undertake no obligation to update or revise any forward-looking statements to reflect new information, future events or circumstances, or otherwise after the date hereof. We have attempted to identify significant uncertainties and other factors affecting forward-looking statements in the Risk Factors section that appears below.
PART I
Item 1. Identity of Directors, Senior Management and Advisers.
Not applicable.
Item 2. Offer Statistics and Expected Timetable.
Not applicable.
Item 3. Key Information.
Unless otherwise indicated, all references in this document to “CYREN”, “the Company,” “we,” “us” or “our” are to CYREN Ltd., formerly known as Commtouch Software Ltd. and its consolidated subsidiaries, namely CYREN Inc., formerly known as Commtouch Inc., CYREN Iceland hf, formerly known as Commtouch Iceland hf, and CYREN Gesellschaft mbH, formerly known as eleven Gesellschaft zur Entwicklung und Vermarktung von Netzwerktechnologien mbH, or eleven.
A.
|
Selected financial data
|
The selected consolidated statements of operations data for the years ended December 31, 2015, 2014 and 2013 and the selected consolidated balance sheet data as of December 31, 2015 and 2014 have been derived from the audited Consolidated Financial Statements of CYREN included elsewhere in this Annual Report on Form 20-F, or this Annual Report. The selected consolidated statements of operations data for the years ended December 31, 2012 and 2011 and the selected consolidated balance sheet data as of December 31, 2013, 2012 and 2011 have been derived from the previously published audited Consolidated Financial Statements of CYREN not included elsewhere in this Annual Report. Our historical results are not necessarily indicative of results to be expected for any future period. The data set forth below should be read in conjunction with “Item 5. Operating and Financial Review and Prospects” and the Consolidated Financial Statements and the Notes thereto included elsewhere herein:
|
|
Year Ended December 31,
|
|
|
|
2015
|
|
|
2014
|
|
|
2013
|
|
|
2012
|
|
|
2011
|
|
|
|
(USD and share amounts in thousands, except per share data)
|
|
Selected Data:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Revenues
|
|
$ |
27,762 |
|
|
$ |
31,925 |
|
|
$ |
32,248 |
|
|
$ |
23,910 |
|
|
$ |
23,016 |
|
Operating income (loss)
|
|
$ |
(4,460 |
) |
|
$ |
(6,525 |
) |
|
$ |
(2,107 |
) |
|
$ |
780 |
|
|
$ |
3,308 |
|
Net income (loss) attributable to ordinary and equivalently participating shareholders
|
|
$ |
(4,799 |
) |
|
$ |
(7,016 |
) |
|
$ |
(9,871 |
) |
|
$ |
1,485 |
|
|
$ |
4,598 |
|
Operating income (loss) per share
|
|
$ |
(0.13 |
) |
|
$ |
(0.23 |
) |
|
$ |
(0.08 |
) |
|
$ |
0.03 |
|
|
$ |
0.14 |
|
Basic net earnings (loss) per share
|
|
$ |
(0.14 |
) |
|
$ |
(0.25 |
) |
|
$ |
(0.38 |
) |
|
$ |
0.06 |
|
|
$ |
0.19 |
|
Diluted operating income (loss) per share
|
|
$ |
(0.13 |
) |
|
$ |
(0.23 |
) |
|
$ |
(0.08 |
) |
|
$ |
0.03 |
|
|
$ |
0.13 |
|
Diluted net earnings (loss) per share
|
|
$ |
(0.14 |
) |
|
$ |
(0.25 |
) |
|
$ |
(0.38 |
) |
|
$ |
0.06 |
|
|
$ |
0.19 |
|
Weighted average number of shares used in computing basic net earnings per share
|
|
|
34,316 |
|
|
|
28,598 |
|
|
|
26,231 |
|
|
|
24,610 |
|
|
|
23,620 |
|
Weighted average number of shares used in computing diluted net earnings per share
|
|
|
34,316 |
|
|
|
28,598 |
|
|
|
26,231 |
|
|
|
25,140 |
|
|
|
24,654 |
|
Total Assets
|
|
$ |
54,405 |
|
|
$ |
51,473 |
|
|
$ |
50,933 |
|
|
$ |
59,133 |
|
|
$ |
39,534 |
|
B.
|
Capitalization and indebtedness
|
Not applicable
C.
|
Reason for the offer and use of proceeds
|
Not applicable
RISK FACTORS
Our business faces significant risks. You should carefully consider all of the information set forth in this annual report and in our other filings with the U.S. Securities and Exchange Comission, or the SEC, including the following risk factors which we face and which are faced by our industry. Our business, financial condition and results of operations could be materially adversely affected by any of these risks. This report also contains forward-looking statements that involve risks and uncertainties. Our results could materially differ from those anticipated in these forward-looking statements, as a result of certain factors including the risks described below and elsewhere in this report and our other SEC filings. See also “Forward-Looking Statements”.
Business Risks
If the Internet security market does not accept our cloud-based product offerings, our sales will not grow as quickly as anticipated, or at all, and our business, results of operations and financial condition would be harmed.
We are seeking to exploit our cloud-based security platform, CYREN WebSecurity (“CWS”) to disrupt the Internet security market and our historic business model. Our success will depend to a substantial extent on the willingness of enterprises, large and small, to increase their use of cloud computing services. The market for messaging security and compliance solutions delivered as a service in particular is at an early stage relative to on-premise solutions, and these applications may not achieve and sustain high levels of demand and market acceptance.
Historically, companies have used signature-based security products, such as firewalls, intrusion prevention systems, or IPS, anti-virus, or AV, and web and messaging gateways, for their IT security. These enterprises may be hesitant to purchase our cloud-based security offering if they believe that our signature-based products or those of our competitors are more cost-effective, provide substantially the same functionality or otherwise provide a sufficient level of IT security. Many enterprises have invested substantial personnel and financial resources to integrate traditional enterprise software or hardware appliances for these applications into their businesses, and currently, most enterprises have not allocated a fixed portion of their budgets to protect against next-generation advanced cyber attacks. As a result, to expand our customer base, we need to convince potential customers to allocate a portion of their discretionary budgets to purchase our products and services. If we do not succeed in convincing customers that our offerings should be an integral part of their overall approach to IT security, our sales will not grow as quickly as anticipated, or at all, which would have an adverse impact on our business, results of operations and financial condition.
In addition, many enterprises may be reluctant or unwilling to use cloud computing services because they have concerns regarding the risks associated with its reliability and security, among other things, of this delivery model, or its ability to help them comply with applicable laws and regulations. If enterprises do not perceive the benefits of this delivery model, then the market for our services and our sales would not grow as quickly as we anticipate or at all and our business, results of operations and financial condition would be harmed.
If the market does not continue to respond favorably to our traditional Internet security solutions, including our cloud-based CYREN EmailSecurity, CYREN WebSecurity, embedded antispam solutions, embedded antivirus, embedded Uniform Resource Locator (URL) filtering solutions or our future solutions do not gain acceptance, we will fail to generate sufficient revenues.
Our success depends on the continued acceptance and use of our traditional Internet security solutions by current and new businesses, Original Equipment Manufacturers (“OEMs”), and service provider customers, plus the interest of such customers in our newest offerings. We have been selling our inbound anti-spam products for over ten years, our Zero-Hour™ virus outbreak detection product for approximately nine years, our GlobalView™ Mail Reputation perimeter defense solution for approximately eight years, our URL filtering solutions for over six years, our outbound spam solution for approximately four years and the CYREN Antivirus solution for over five years.
As the markets for messaging, antivirus and web security products continue to mature and consolidate, we are seeing increasing competitive pressures and demands for even higher quality products at lower prices. This increasing demand comes at a time when Internet security threats are more varied and intensive, challenging top end solutions to keep their performance at an industry-acceptable level of accuracy. If our solutions do not continue to evolve to meet market demand, or newer products on the market prove more effective, our business could fail. Also, if growth in the markets for these solutions begins to slow, our business, results of operations and financial condition will suffer dramatically.
If we are unable to effectively integrate past and future acquisitions and investments, our business operations and financial results will suffer.
Our success will depend, in part, on our ability to expand our service and product offerings and grow our business in response to changing technologies, customer demands and competitive pressures. In some circumstances, we may decide to do so through the acquisition of complementary businesses and technologies rather than through internal development, including, for example, our 2012 acquisition of the antivirus business of the Icelandic company, Frisk Software International (“Frisk”) and the German Internet security company eleven.
If we encounter further difficulties or unforeseen expenditures in integrating the business, technologies, products, personnel or operations of these companies or any other company that we acquire, the revenue and operating results of the combined company could be adversely affected. The risks we face in connection with acquisitions, including those we are facing in our acquisitions of Frisk and eleven, include:
|
•
|
disruption of our ongoing business, diversion of resources, increased expenses and distraction of our management from operating our business to addressing acquisition integration challenges;
|
|
•
|
additional legal and regulatory compliance;
|
|
•
|
cultural challenges associated with integrating employees from the acquired companies into our organization;
|
|
•
|
inability to retain key employees from the acquired companies;
|
|
•
|
inability to strengthen our competitive position, achieve our strategic goals, generate sufficient financial return to offset acquisition costs or realize the expected benefits of the acquisition;
|
|
•
|
failure to identify significant problems or liabilities, including liabilities resulting from the acquired companies’ pre-acquisition failure to comply with applicable laws, during our pre-acquisition due diligence;
|
|
•
|
entry into geographic or business markets in which we have little or no prior experience or where competitors have stronger market positions;
|
|
•
|
difficulties in, or inability to, successfully sell any acquired products or services;
|
|
•
|
coordination of research and development, sales and marketing, accounting, human resources and other general and administrative systems;
|
|
•
|
changes in relationships with strategic partners as a result of product acquisitions or strategic positioning resulting from the acquisitions;
|
|
•
|
liability for activities of the acquired companies before the acquisition, including intellectual property infringement claims, violations of laws, commercial disputes, tax liabilities and litigation; and
|
|
•
|
unanticipated write-offs or charges.
|
The occurrence of any of these risks could have a material adverse effect on our business operations and financial results.
We face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.
The market for security products and services is intensely competitive and characterized by rapid changes in technology, customer requirements, industry standards and frequent new product introductions and improvements. We anticipate continued challenges from current competitors, which in many cases enjoy greater resources than us, as well as by new entrants into the industry. If we are unable to anticipate or effectively react to these competitive challenges, our competitive position could weaken, and we could experience a decline in our revenue that could adversely affect our business and results of operations.
Many of our existing competitors have, and some of our potential competitors could have, substantial competitive advantages such as:
|
•
|
greater name recognition and larger customer bases;
|
|
•
|
larger sales and marketing budgets and resources;
|
|
•
|
broader distribution and established relationships with channel and distribution partners and customers;
|
|
•
|
greater customer support resources;
|
|
•
|
direct selling to end users;
|
|
•
|
lower labor and research and development costs; and
|
|
•
|
substantially greater financial, technical and other resources.
|
In addition, some of our larger competitors have substantially broader product offerings and may be able to leverage their relationships with distribution partners and customers based on other products or incorporate functionality into existing products to gain business in a manner that discourages users from purchasing our products, subscriptions and services, including by selling at zero or negative margins, product bundling or offering closed technology platforms. Some of our competitors also sell directly to end users and, therefore, have a larger addressable market.
Potential customers may also prefer to purchase from their existing suppliers rather than a new supplier regardless of product performance or features. As a result, even if the features of our offerings are superior, customers may not purchase our services or products. In addition, innovative start-up companies, and larger companies that are making significant investments in research and development, may invent similar or superior products and technologies that compete with our product and services. Our current and potential competitors may also establish cooperative relationships among themselves or with third parties that may further enhance their resources. If we are unable to compete successfully, or if competing successfully requires us to take costly actions in response to the actions of our competitors, our business, financial condition and results of operations could be adversely affected.
Some of our competitors have acquired businesses that may allow them to offer more directly competitive and comprehensive solutions than they had previously offered. As a result of such acquisitions, our current or potential competitors might be able to adapt more quickly to new technologies and end user needs, devote greater resources to the promotion or sale of their products and services, initiate or withstand substantial price competition, take advantage of acquisitions or other opportunities more readily, or develop and expand their product and service offerings more quickly than we can. Due to various reasons, organizations may be more willing to incrementally add solutions to their existing security infrastructure from competitors than to replace it with our solutions. These competitive pressures in our market or our failure to compete effectively may result in price reductions, fewer orders, reduced revenue and gross margins, and loss of market share. Any failure to meet and address these factors could seriously harm our business and operating results.
Also, many of our smaller competitors that specialize in providing protection from a single type of business security threat may deliver these specialized business security products to the market more quickly than we can or may introduce innovative new products or enhancements before we do. Conditions in our markets could change rapidly and significantly as a result of technological advancements.
If we are unable to enhance our existing solutions and develop new solutions, our growth will be harmed.
Our ability to attract new customers and increase revenue from existing customers will depend in large part on our ability to enhance and improve our existing solutions and to introduce new solutions. The success of any enhancement or new solution depends on several factors, including the timely completion, introduction and market acceptance of the enhancement or solution. Any enhancement or solution we develop or acquire may not be introduced in a timely or cost-effective manner and may not achieve the broad market acceptance necessary to generate significant revenue. If we are unable to successfully develop or acquire new solutions or enhance our existing solutions to meet customer requirements, we may not grow as expected.
We cannot be certain that our development activities will be successful or that we will not incur delays or cost overruns. Furthermore, we may not have sufficient financial resources to identify and develop new technologies and bring enhancements or new solutions to market in a timely and cost-effective manner. New technologies and enhancements could be delayed or cost more than we expect, and we cannot ensure that any of these solutions will be commercially successful if and when they are introduced.
Adverse conditions in the national and global financial markets could have a material adverse effect on our business, operating results and financial condition.
Our financial performance depends, in part, on the state of the economy, which deteriorated in the recent broad recession, and which may further deteriorate in the future. Challenging economic conditions worldwide have from time to time contributed, and may continue to contribute, to slowdowns in the information technology industry, resulting in reduced demand for our solutions as a result of continued constraints on IT-related capital spending by our customers and increased price competition for our solutions.
If the economies of countries in which our customers and potential customers are located continue to be weak or weaken further, our customers may reduce or postpone their spending significantly. This could result in reductions in sales of our services and longer sales cycles, slower adoption of new technologies and increased price competition. In addition, weakness in the end user market could negatively affect the cash flow of our OEM and service provider partners, distributors and resellers who could, in turn, delay paying their obligations to us. This would increase our credit risk exposure and cause delays in our recognition of revenues on future sales to these customers. Specific economic trends, such as declines in the demand for PCs, servers, and other computing devices, or weakness in corporate information technology spending, could have a more direct impact on our business. Any of these events would likely harm our business, operating results and financial condition.
If the perceived general level of advanced cyber attacks declines, demand for our solutions may decrease, our cost of doing business may increase and our business could be harmed.
Our business is substantially dependent on enterprises recognizing that advanced cyber attacks are pervasive and are not effectively prevented by legacy security solutions. High visibility attacks on prominent enterprises and governments have increased market awareness of the problem of advanced cyber attacks and help to provide an impetus for enterprises to devote resources to protecting against advanced cyber attacks, such as purchasing our services and products and broadly deploying our services and products within their organizations. If advanced cyber attacks were to decline, or enterprises perceived that the general level of advanced cyber attacks have declined, our ability to attract new customers and expand our offerings within existing customers could be materially and adversely affected. A reduction in the threat landscape could increase our sales cycles and harm our business, results of operations and financial condition.
In addition, various state legislatures have enacted laws aimed at regulating the distribution of unsolicited email. These and similar legal measures, both in the United States and worldwide, may have the effect of reducing the amount of unsolicited email and malicious software that is distributed and hence diminish the need for our Internet security solutions. Any such developments would have an adverse impact on our revenues.
We depend upon OEM partners, service providers and resellers to sell the majority of our products, and if our partners fail to perform, our ability to sell and distribute our products and services will be limited, and our operating results will be harmed.
We expect to continue to be dependent upon OEM partners and service providers for a significant portion of our revenues, which will be derived from sales of our messaging, antivirus and web security solutions. We also expect resellers to become important in the distribution of our newer cloud-based Internet security solutions such as CYREN WebSecurity.
We anticipate that in the future we will derive a substantial portion of the sales of CWS through channel partners. In order to scale our channel program to support growth in our business, it is important that we help our partners enhance their ability to independently sell and deploy our solutions. We may be unable to successfully expand and improve the effectiveness of our channel sales program.
Our operating results and financial condition may be materially adversely affected if:
|
•
|
anticipated orders or payments from these customers fail to materialize;
|
|
•
|
our customers cease the promotion of our business or begin to promote additional solutions;
|
|
•
|
our customers are acquired by larger companies who may have other relationships or technologies that lead to the displacement or termination of CYREN contracts;
|
|
•
|
our customers do not live up to their contractual agreements or fail to pay for services rendered; or
|
|
•
|
our customers’ businesses fail.
|
If we are unable to maintain our relationships with these channel partners, or otherwise develop and expand our indirect distribution channel, our business, results of operations, financial condition or cash flows could be adversely affected.
Our quarterly operating results may fluctuate, which could adversely affect the value of your investment.
Our revenues and operating results could vary significantly from period to period as a result of a variety of factors, many of which are outside of our control. As a result, comparing our revenues and operating results on a period-to-period basis may not be meaningful, and you should not rely on our past results as an indication of our future performance. We may not be able to accurately predict our future revenues or results of operations. We base our current and future expense levels on our operating plans and sales forecasts, and our operating costs are relatively fixed in the short-term. As a result, we may not be able to reduce our costs sufficiently to compensate for an unexpected shortfall in revenues, and even a small shortfall in revenues could disproportionately and adversely affect financial results for that quarter. In addition, we recognize revenues from sales to some customers or resellers when cash is received, which may be delayed because of issues with those customers or resellers. If our revenues or operating results fall below the expectations of investors or any securities analysts that cover our stock, the price of our common stock could decline substantially.
A number of factors, many of which are enumerated in this “Risk Factors” section, are likely to cause fluctuations in our operating results or cause our share price to decline. These factors include:
|
•
|
our ability to successfully market both our traditional messaging, antivirus and web security solutions and our newer cloud-based Internet security solutions in new markets, both domestic and international;
|
|
•
|
our ability to successfully develop and market new, modified or upgraded solutions, as may be needed;
|
|
•
|
the continued acceptance of our solutions by our current customer base;
|
|
•
|
our ability to expand our workforce with qualified personnel, as may be needed;
|
|
•
|
unanticipated bugs or other problems affecting the delivery of our solutions to customers;
|
|
•
|
the success of our customers’ sales efforts to their customer base;
|
|
•
|
the solvency of our customers and their ability to allocate sufficient resources towards the marketing of our solutions;
|
|
•
|
our customers’ ability to effectively integrate our solutions into their product offerings;
|
|
•
|
the substantial decrease in information technology spending;
|
|
•
|
the pricing of our solutions;
|
|
•
|
our ability to timely collect fees owed by our customers;
|
|
•
|
a renewed global slowdown;
|
|
•
|
sudden, dramatic fluctuations in exchange rates of currencies covering the fees we collect from our foreign customers versus the currencies utilized in our business (namely, the Israeli Shekel (“ILS”), the U.S. Dollar and Euro);
|
|
•
|
our ability to add cost-effective space and equipment to our current detection centers in a timely and effective manner to match the rate of growth in our business, plus our ability to build new, cost-effective detection centers as worldwide demand for our products may require; and
|
|
•
|
the effectiveness of our end user support, whether provided by our customers or directly by CYREN.
|
Our ability to continue to increase our revenues will depend on our ability to successfully execute our sales and business development plan.
The complexity of the underlying technological base of messaging, antivirus and web security solutions, and the current landscape of the markets, require highly trained sales and business development personnel to educate prospective resellers, OEM and service provider partners and customers regarding the use and benefits of our solutions. We continue to be substantially dependent on our sales force to obtain new customers and to drive additional use cases and adoption among our existing customers. We believe that there is significant competition for sales personnel with the skills and technical knowledge that we require. Our ability to achieve significant revenue growth will depend, in large part, on our success in recruiting, training and retaining sufficient numbers of sales personnel to support our growth. New hires require significant training and may take significant time before they achieve full productivity. Our recent hires and planned hires may not become productive as quickly as we expect, and we may be unable to hire or retain sufficient numbers of qualified individuals in the markets where we do business or plan to do business.
Our future success depends on our ability to sell additional solutions to our customers. This may require increasingly sophisticated and costly sales efforts and may not result in additional sales. In addition, the rate at which our customers purchase additional solutions depends on a number of factors, including the perceived need for additional solutions, growth in the number of end users, and general economic conditions. If our efforts to sell additional solutions to our customers are not successful, our business, financial condition and/or results of operations may suffer.
We rely on our management team and other key employees and will need additional personnel to grow our business, and the loss of one or more key employees or our inability to attract and retain qualified personnel could harm our business.
Our success is substantially dependent on our ability to attract, retain and motivate the members of our management team and other key employees throughout our organization. Competition for highly skilled personnel is intense, especially in Israel, Berlin, Reykjavík, Palo Alto, and the Washington D.C. metro area, where we have an office and a need for highly skilled personnel. We may not be successful in attracting qualified personnel to fulfill our current or future needs. Our competitors may be successful in recruiting and hiring members of our management team or other key employees, and it may be difficult for us to find suitable replacements on a timely basis, on competitive terms, or at all. Also, to the extent we hire employees from mature public companies with significant financial resources, we may be subject to allegations that such employees have been improperly solicited, that they have divulged proprietary or other confidential information or that their former employers own such employees’ inventions or other work product.
In addition, we believe that it is important to establish and maintain a corporate culture that facilitates the maintenance and transfer of institutional knowledge within our organization and also fosters innovation, teamwork, a passion for customers and a focus on execution. Our Chief Executive Officer and certain other key members of our management and finance teams have only been working together for a relatively short period of time. If we are not successful in integrating these key employees into our organization, such failure could delay or hinder our product development efforts and the achievement of our strategic objectives, which could adversely affect our business, financial condition and results of operations.
The loss of our software developers or senior operations personnel may also adversely affect the continued development and support of both our current messaging, antivirus and web security solutions and future solutions presently included in our roadmap for development, thereby causing our operating results to suffer and the value of your investment to decline.
We do not have employment agreements inclusive of set periods of employment with any of our key personnel. We cannot prevent them from leaving at any time. We do not maintain key-person life insurance policies, listing us as a beneficiary, on any of our employees. If one or more of our key employees resigns or otherwise ceases to provide us with their service, our business, financial condition and/or results of operations could be harmed.
Our business and operating results could suffer if we do not successfully address potential risks inherent in doing business overseas.
We market and sell our products throughout the world and have personnel in many parts of the world. In addition, we have sales offices and research and development facilities outside the United States and we conduct, and expect to continue to conduct, a significant amount of our business with companies that are located outside the United States, particularly in Israel, Asia and Europe. We also enter into strategic distributor and reseller relationships with companies in certain international markets where we do not have a local presence. If we are not able to maintain successful strategic distributor relationships internationally or recruit additional companies to enter into strategic distributor relationships, our future success in these international markets could be limited. Business practices in the international markets that we serve may differ from those in the United States and Israel and may require us in the future to include terms other than our standard terms in customer contracts, although to date we generally have not done so. To the extent that we enter into customer contracts in the future that include non-standard terms related to payment, warranties, or performance obligations, our operating results may be adversely impacted.
Additionally, our international sales and operations are subject to a number of risks, including the following:
|
•
|
greater difficulty in enforcing contracts and accounts receivable collection and longer collection periods;
|
|
•
|
the uncertainty of protection for intellectual property rights in some countries;
|
|
•
|
greater risk of unexpected changes in regulatory practices, tariffs, and tax laws and treaties;
|
|
•
|
risks associated with trade restrictions and foreign legal requirements, including the importation, certification, and localization of our products required in foreign countries;
|
|
•
|
the potential that our operations in Israel and the U.S. may limit the acceptability of our products to some foreign governments, and vice versa;
|
|
•
|
greater risk of a failure of foreign employees, partners, distributors, and resellers to comply with both U.S. and foreign laws, including antitrust regulations, and any trade regulations ensuring fair trade practices;
|
|
•
|
heightened risk of unfair or corrupt business practices in certain geographies and of improper or fraudulent sales arrangements that may impact financial results and result in restatements of, or irregularities in, financial statements;
|
|
•
|
the potential for acts of terrorism, hostilities or war;
|
|
•
|
increased expenses incurred in establishing and maintaining office space and equipment for our multinational operations;
|
|
•
|
greater difficulty in recruiting local experienced personnel, and the costs and expenses associated with such activities;
|
|
•
|
management communication and integration problems resulting from cultural and geographic dispersion;
|
|
•
|
fluctuations in exchange rates between the U.S. dollar, ILS and foreign currencies in markets where we do business; and
|
|
•
|
general economic and political conditions and uncertainties in these foreign markets.
|
These factors and other factors could harm our ability to gain future international revenues and, consequently, materially impact our business, operating results, and financial condition. The expansion of our existing international operations and entry into additional international markets will require significant management attention and financial resources.
Changes in the tax treatment of companies engaged in Internet commerce may adversely affect the commercial use of our services and our financial results.
Due to the global nature of the Internet and the global reach of our network, it is possible that various states or countries might attempt to regulate our transmissions or levy sales, income, consumption, use or other taxes relating to our services or activities, or impose obligations on us to collect such taxes. Tax authorities in many jurisdictions are currently reviewing the appropriate treatment of companies engaged in Internet commerce such as the provision of cloud computing services and other online services. The imposition of new or revised tax laws or regulations may subject us or our players to additional sales, income, consumption, use or other taxes. We cannot predict the effect of current attempts to impose such taxes on commerce over the Internet. New or revised taxes and, in particular, sales, use or consumption taxes, the Value Added Tax and similar taxes would likely increase the cost of doing business online and decrease the attractiveness of selling, and for our players, buying, virtual items over the Internet. New taxes could also create significant increases in internal costs necessary to capture data, and collect and remit taxes. Any of these events could have an adverse effect on our business and results of operations.
The application of tax laws is subject to interpretation and if tax authorities challenge our methodologies or our analysis of our tax rates it could result in an increase to our worldwide effective tax rate and cause us to change the way we operate our business.
The application of the tax laws of various jurisdictions to our international business activities is subject to interpretation and also depends on our ability to operate our business in a manner consistent with our corporate structure and intercompany arrangements. The taxing authorities of the jurisdictions in which we operate may challenge our methodologies for valuing developed technology or intercompany arrangements, including our transfer pricing, or determine that the manner in which we operate our business does not achieve the expected tax consequences, which could increase our worldwide effective tax rate and adversely affect our financial position and results of operations.
A certain degree of judgment is required in evaluating our tax positions and determining our provision for income taxes. In the ordinary course of business, there are many transactions and calculations for which the ultimate tax determination is uncertain. For example, our effective tax rates could be adversely affected by earnings being lower than anticipated in countries where we have lower statutory rates and higher than anticipated in countries where we have higher statutory rates, by changes in foreign currency exchange rates or by changes in the relevant tax, accounting and other laws, regulations, principles and interpretations. As we operate in numerous taxing jurisdictions, the application of tax laws can be subject to diverging and sometimes conflicting interpretations by tax authorities of these jurisdictions. It is not uncommon for taxing authorities in different countries to have conflicting views, for instance, with respect to, among other things, the manner in which the arm’s length standard is applied for transfer pricing purposes, or with respect to the valuation of intellectual property. In addition, tax laws are dynamic and subject to change as new laws are passed and new interpretations of the law are issued or applied. For example, the work being carried out by the OECD on base erosion and profit shifting as a response to increasing globalization of trade could result in changes in tax treaties or the introduction of new legislation that could impose an additional tax on businesses. As a result of changes to laws or interpretations, our tax positions could be challenged and our income tax expenses could increase in the future.
For instance, if tax authorities in any of the countries in which we operate were to successfully challenge our transfer prices, they could require us to reallocate our income to reflect transfer pricing adjustments, which could result in an increased tax liability to us. In addition, if the country from which the income was reallocated did not agree with the reallocation asserted by the first country, we could become subject to tax on the same income in both countries, resulting in double taxation. If tax authorities were to allocate income to a higher tax jurisdiction, subject our income to double taxation or assess interest and penalties, it could increase our tax liability, which could adversely affect our financial position and results of operations.
Increasing regulatory focus on privacy issues and expanding laws and regulations could impact our new business models and expose us to increased liability.
Our industry is highly regulated, including for privacy and data security. We are also expanding our business in countries that have more stringent data protection laws than those in the United States, and such laws may be inconsistent across jurisdictions and are subject to evolving and differing interpretations. Privacy laws, including laws enforcing a “right to be forgotten” by consumers are changing and evolving globally. Governments, privacy advocates and class action attorneys are increasingly scrutinizing how companies collect, process, use, store, share and transmit personal data. New laws and industry self-regulatory codes have been enacted and more are being considered that may affect our ability to reach current and prospective customers, to understand how our products and services are being used, to respond to customer requests allowed under the laws, and to implement our new business models effectively. Any perception of our practices, products or services as an invasion of privacy, whether or not consistent with current regulations and industry practices, may subject us to public criticism, class action lawsuits, reputational harm or claims by regulators, industry groups or other third parties, all of which could disrupt our business and expose us to increased liability. Additionally, both laws regulating privacy, as well as third-party products purporting to address privacy concerns, could affect the functionality of and demand for our products and services, thereby harming our revenue.
In the past we have relied on the U.S.-European Union and the U.S.-Swiss Safe Harbor Frameworks, as agreed to by the U.S. Department of Commerce and the European Union (“EU”) and Switzerland as a means to legally transfer European personal information from Europe to the United States. However, on October 6, 2015, the European Court of Justice invalidated the U.S.- EU Safe Harbor framework and the Swiss data protection authorities later invalidated the U.S.-Swiss Safe Harbor framework. The European Court of Justice’s decision may result in different European data protection regulators applying differing standards for the transfer of personal data, which could result in increased regulation, cost of compliance and limitations on data transfer for us and our customers. These developments could harm our business, financial condition and results of operations.
Our web security solutions may be adversely affected if we are not able to receive sufficient components from third party suppliers.
Our web security solution relies in part on certain components supplied by third parties pursuant to contractual relationships. If these third parties breach their agreements with us, we may have difficulty in securing alternative sources for these components in a timely manner and thus our web security solution may not perform at the level we expect. If this were to occur, the effectiveness of this solution would drop, it would become less attractive to customers/potential customers and anticipated revenues could decline.
Technology Risks
We may not have the resources or skills required to adapt to the changing technological requirements and shifting preferences of our customers and their users.
The messaging, antimalware and web security industries are characterized by difficult technological challenges, sophisticated distributors of Internet security threats, multiple-variant viruses, advance persistent threats, unique phishing scams and constantly evolving malevolent software distribution practices and targets that could render our solutions and proprietary technology ineffective. Our success depends, in part, on our ability to continually enhance our existing messaging, antimalware and web security solutions and to develop new solutions, functions and technology that address the potential needs of prospective and current customers and their users.
Many of our end users operate in markets characterized by rapidly changing technologies and business plans, which require them to adapt to increasingly complex IT networks, incorporating a variety of hardware, software applications, operating systems and networking protocols. As their technologies and business plans grow more complex, we expect these customers to face new and increasingly sophisticated methods of attack. We face significant challenges in ensuring that our solutions effectively identify and respond to these advanced and evolving attacks without disrupting our customers’ network performance. As a result of the continued rapid innovations in the technology industry, including the rapid growth of smart phones, tablets and other devices and the trend of “bring your own device” in enterprises, we expect the networks of our end users to continue to change rapidly and become more complex.
We have identified a number of new products and enhancements to our platform that we believe are important to our continued success in the IT security market. For example, in February 2016 we announced the release of CWS 3.0 which includes an innovative new Advanced Threat Protection module that identifies and blocks highly evasive cyber threats with an industry-first Cloud Sandbox Array. We may not be successful in developing and marketing, on a timely basis, such new products or enhancements or that our new products or enhancements will adequately address the changing needs of the marketplace. In addition, some of our new products and enhancements may require us to develop new architectures that involve complex, expensive and time-consuming research and development processes. Although the market expects rapid introduction of new products and enhancements to respond to new threats, the development of these products and enhancements is difficult and the timetable for commercial release and availability is uncertain, as there can be significant time lags between initial beta releases and the commercial availability of new products and enhancements. We may experience unanticipated delays in the availability of new products and enhancements to our platform and fail to meet customer expectations with respect to the timing of such availability. If we do not quickly respond to the rapidly changing and rigorous needs of our customers by developing, releasing and making available on a timely basis new products and enhancements to our services and products that can adequately respond to advanced threats and our customers’ needs, our competitive position and business prospects will be harmed. Furthermore, from time to time, we or our competitors may announce new products with capabilities or technologies that could have the potential to replace or shorten the life cycles of our existing services products. Announcements of new products could cause customers to defer purchasing our existing services or products.
Additionally, the process of developing new technology is expensive, complex and uncertain. The success of new products and enhancements depends on several factors, including appropriate component costs, timely completion and introduction, differentiation of new products and services from those of our competitors, and market acceptance. To maintain our competitive position, we must continue to commit significant resources to developing new products or services before knowing whether these investments will be cost-effective or achieve the intended results. We may not be able to successfully identify new product opportunities, develop and bring new products or services to market in a timely manner, or achieve market acceptance of our platform. Products and technologies developed by others may render our offerings obsolete or noncompetitive. If we expend significant resources on researching and developing products or services and such products and services are not successful, our business, financial position and results of operations may be adversely affected. We may not be able to use new technologies effectively or adapt to OEM, service provider, customer or end user requirements or emerging industry standards.
Our solutions may be adversely affected by defects or denial of service attacks, which could cause our OEM and service provider partners, customers or end users to stop using our solutions.
Our messaging, antimalware and web security solutions are based in part upon new and complex software and highly advanced computer systems. Complex software and computer systems can contain defects, particularly when first introduced or when new versions are released, and are possible targets for denial of service attacks instigated by “hackers”. Although we conduct extensive testing and implement Internet security processes, we may not discover defects or vulnerabilities in our software or systems that affect our new or current solutions or enhancements until after they are delivered. Although we have not experienced any material defects or vulnerabilities to date in our messaging, antimalware and web security offerings, it is possible that, despite testing by us, defects or vulnerabilities may exist in the solutions we provide. These defects or vulnerabilities could cause or lead to interruptions for customers of our solutions, resulting in damage to our reputation, legal risks, loss of revenue, delays in market acceptance and diversion of our development resources, any of which could cause our business, financial condition and/or results of operations to suffer.
Real or perceived defects, errors or vulnerabilities in our services or the failure of our services to block malware or prevent a security breach could harm our reputation and adversely impact our business, financial condition and results of operations.
Because our products and services are complex, they have contained and may contain design or manufacturing defects or errors that are not detected until after their commercial release and deployment by our end users. For example, from time to time, certain of our end users have reported defects in our products related to performance, scalability and compatibility that were not detected before offering the service. Additionally, defects may cause our products or services to be vulnerable to security attacks, cause them to fail to help secure networks or temporarily interrupt end users’ networking traffic. Because the techniques used by computer hackers to access or sabotage networks change frequently and generally are not recognized until launched against a target, we may be unable to anticipate these techniques and provide a solution in time to protect our end users’ networks. Furthermore, as a well-known provider of Internet security solutions, our networks, products, and services could be targeted by attacks specifically designed to disrupt our business and harm our reputation. Our data centers and networks may experience technical failures and downtime, may fail to distribute appropriate updates, or may fail to meet the increased requirements of a growing end user base, any of which could temporarily or permanently expose our end users’ networks, leaving their networks unprotected against the latest security threats.
Any real or perceived defects, errors or vulnerabilities in our services, or any other failure of our services to detect an advanced threat, could result in:
|
•
|
a loss of existing or potential customers or channel partners;
|
|
•
|
delayed or lost revenue;
|
|
•
|
a delay in attaining, or the failure to attain, market acceptance;
|
|
•
|
the expenditure of significant financial and product development resources in efforts to analyze, correct, eliminate, or work around errors or defects, to address and eliminate vulnerabilities, or to identify and ramp up production with alternative third-party manufacturers;
|
|
•
|
an increase in warranty claims, or an increase in the cost of servicing warranty claims, either of which would adversely affect our gross margins;
|
• harm to our reputation or brand; and
|
•
|
litigation, regulatory inquiries or investigations that may be costly to address and further harm our reputation.
|
Data thieves are sophisticated, often affiliated with organized crime and operate large scale and complex automated attacks. In addition, their techniques change frequently and generally are not recognized until launched against a target. If we fail to identify and respond to new and complex methods of attack and to update our services to detect or prevent such threats in time to protect our end users’ systems, our business and reputation will suffer.
An actual or perceived security breach or theft of the sensitive data of one of our end users, regardless of whether the breach is attributable to the failure of our products or services, could adversely affect the market’s perception of our security offerings. Despite our best efforts, there is no guarantee that our products and services will be free of flaws or vulnerabilities, and even if we discover these weaknesses we may not be able to correct them promptly, if at all. Our end user customers may also misuse our products and services, which could result in a breach or theft of business data.
Our messaging, antimalware and web security solutions may be adversely affected if we are not able to receive a sufficient sampling of Internet traffic or our Detection Centers were to become unavailable.
Our messaging, antimalware and web security solutions are dependent, in part, on the ability of our Detection Centers to analyze, in an automated fashion, live feeds of Internet and web related traffic received through our services to customers and other contractual arrangements. If we were to suffer an unanticipated, substantial decrease in such traffic or our multiple Detection Centers become unavailable for any significant period, the effectiveness of our technologies would drop, our product offerings would become less attractive to customers/potential customers and revenues could decline.
False detection of applications, viruses, malware, spyware, vulnerability exploits, data patterns or URL categories could adversely affect our business.
Our classifications of application type, virus, malware, spyware, vulnerability exploits, data, or URL categories may falsely detect applications, content or threats that do not actually exist. This risk is heightened by the inclusion of a “heuristics” feature in our products, which attempts to identify applications and other threats not based on any known signatures but based on characteristics or anomalies which indicate that a particular item may be a threat. These “false positives”, while typical in our industry, may impair the perceived reliability of our products and may therefore adversely impact market acceptance of our services and products. If our services and products restrict important files or applications based on falsely identifying them as malware or some other item that should be restricted, this could adversely affect end users’ systems and cause material system failures. Any such false identification of important files or applications could result in damage to our reputation, negative publicity, loss of end users and sales, increased costs to remedy any problem, and costly litigation.
Our cloud-based SecaaS offerings are newer service offerings, so we may not see the customer traction in these offerings that we anticipate.
Security-as-a-Service (“SecaaS”) is a model of cloud-based services offerings. In 2014, we released CWS, our cloud-based security service that provides end users secure browsing from any device, anywhere. CWS is our push into the cloud-based Internet security sector. The solutions we are promoting and will promote to this market will enable Internet security vendors and service providers to offer fully cloud-based, Internet security solutions to their customers, without the need for the integration of an embedded software development kit, or SDK, into their product offerings. Among other things, this cloud-based approach is intended to speed up the process of moving our solutions to market, and ease the integration burden for our customers.
In recent years, companies have begun to expect that key security software services, such as URL filtering, be provided through a SecaaS model. In order to provide CWS via a SecaaS deployment, we have made and will continue to make capital investments to implement this alternative business model, which could negatively affect our financial results. Even with these investments, the SecaaS business model for CWS may not be successful. Because of the newness of the technologies involved and the resulting learning curve required of all employees in the sale and support of the new offerings, we cannot be certain that we will convince potential customers of the benefits of these new offerings and sell them at the rate we anticipate. If we fall short of our expectations, and especially given the significant resources invested by us in bringing these new offerings to market, our financial results will suffer and the value of shareholder investments will decline.
If we fail to develop or protect our CYREN brand name, our business may be harmed.
In January 2014, we announced the Company would change its name from Commtouch to CYREN. We adopted our new name as we completed our transformation into a leading provider of cloud-based information security solutions that are specially designed to be deployed or private labeled by customers and partners alike. Developing and maintaining awareness and integrity of our company and our new brand are important to achieving widespread acceptance of our existing and future offerings and are important elements in attracting new customers. The importance of brand recognition will increase as competition in our market further intensifies. Successful promotion of our brand will depend on the effectiveness of our marketing efforts and on our ability to provide reliable and useful solutions at competitive prices. We plan to continue investing substantial resources to promote our brand, both domestically and internationally, but there is no guarantee that our brand development strategies will enhance the recognition of our brand. Some of our existing and potential competitors have well-established brands with greater recognition than we have. If our efforts to promote and maintain our brand are not successful, our operating results and our ability to attract and retain customers may be adversely affected. In addition, even if our brand recognition and loyalty increases, this may not result in increased use of our solutions or higher revenue.
Investment Risks
Our failure to raise additional capital or generate the significant capital necessary to expand our operations and invest in new services and products could reduce our ability to compete and could harm our business.
We intend to continue to make investments to support our business growth and may require additional funds to respond to business challenges, including the need to develop new features to enhance our services and products, improve our operating infrastructure or acquire complementary businesses and technologies. Accordingly, we may need to engage in equity or debt financings to secure additional funds. For example, in August 2015, we completed an underwritten public offering of 7,666,665 ordinary shares at a price to the public of $1.65 per share. If we raise additional equity financing, our stockholders may experience significant dilution of their ownership interests and the per share value of our common stock could decline. Furthermore, if we engage in debt financing, the holders of debt would have priority over the holders of common stock, and we may be required to accept terms that restrict our ability to incur additional indebtedness or that otherwise restrict our ability to operate our business. We may also be required to take other actions that would otherwise be in the interests of the debt holders and force us to maintain specified liquidity or other ratios, any of which could harm our business, operating results, and financial condition. We may not be able to obtain additional financing on terms favorable to us, if at all. If we are unable to obtain adequate financing or financing on terms satisfactory to us when we require it, our ability to continue to support our business growth and to respond to business challenges could be significantly impaired, and our business may be adversely affected.
Our directors, executive officers and principal shareholders will be able to exert significant influence over matters requiring shareholder approval and could delay or prevent a change of control.
Our CEO, Lior Samuelson, is also Chairman of our Board of Directors. Our directors and affiliates of our directors and our executive officers (together known as “affiliated entities”), beneficially own, in the aggregate, approximately 18.4% of our outstanding ordinary shares as of February 29, 2016. Included in the calculation of voting power are options exercisable by the affiliated entities within 60 days thereof (with some having an exercise price greater than the market price of our shares as of February 29, 2016). If they vote together (especially if they were to exercise all vested options into shares entitled to voting rights in the Company), these shareholders will be able to exercise significant influence over many matters requiring shareholder approval, including the election of directors and approval of significant corporate transactions. In this regard, we know of no shareholders or voting agreement between major shareholders or between such shareholders and directors or officers.
This concentration of ownership could also delay or prevent a change in control of CYREN. In addition, conflicts of interest may arise as a consequence of the significant shareholders control relationship with us, including:
|
•
|
conflicts between significant shareholders, and our other shareholders whose interests may differ with respect to, among other things, our strategic direction or significant corporate transactions;
|
|
•
|
conflicts related to corporate opportunities that could be pursued by us, on the one hand, or by these shareholders, on the other hand; or
|
|
•
|
conflicts related to existing or new contractual relationships between us, on the one hand, and these shareholders, on the other hand.
|
Our ordinary shares often trade at different prices on NASDAQ and TASE.
Our ordinary shares are traded primarily on the NASDAQ Capital Market and also on the Tel Aviv Stock Exchange (“TASE”). Trading in our ordinary shares on these markets is made in different currencies (U.S. dollars on the NASDAQ Capital Market, and ILS, on the Tel Aviv Stock Exchange), and at different times (resulting from different time zones, different trading days and different public holidays in the United States and Israel). Consequently, the trading prices of our ordinary shares on these two markets often differ. Any decrease in the trading price of our ordinary ohares on one of these markets could cause a decrease in the trading price of our ordinary shares on the other market.
U.S. holders of our shares could be subject to material adverse tax consequences if we are considered a “passive foreign investment company” for U.S. federal income tax purposes.
We do not believe that we are a passive foreign investment company, and we do not expect to become a passive foreign investment company. However, our status in any taxable year will depend on our assets, income and activities in each year, and because this is a factual determination made annually after the end of each taxable year, there can be no assurance that we will not be considered a passive foreign investment company for the current taxable year or any future taxable years. If we were a passive foreign investment company for any taxable year while a taxable U.S. holder held our shares, such U.S. holder would generally be taxed at ordinary income rates on any sale of our shares and on any dividends treated as “excess distributions.” An interest charge also generally would apply based on any taxation deferred during such U.S. holder’s holding period in the shares.
Intellectual Property Risks
If we fail to adequately protect our intellectual property rights or face a claim of intellectual property infringement by a third party, we could lose our intellectual property rights or be liable for significant damages.
We regard our patented and patent pending technology, copyrights, service marks, trademarks, trade secrets and similar intellectual property as critical to our success, and rely on patent, trademark and copyright law, trade secret protection and confidentiality or license agreements with our employees and customers to protect our proprietary rights. See Item 4. Information on the Company, Intellectual Property for information pertaining to our patent activities. We may seek to patent certain additional software or other technology in the future. Any such patent applications might not result in patents issued within the scope of the claims we seek, or at all.
Despite our precautions, unauthorized third parties may copy certain portions of our technology, reverse engineer or obtain and use information that we regard as proprietary or otherwise infringe or misappropriate our patent or our patent pending technology, trade secrets, copyrights, trademarks and similar proprietary rights. In addition, the laws of some foreign countries do not protect proprietary rights to the same extent as do the laws of the United States. Thus, our means of protecting our proprietary rights in the United States or abroad, as well as our financial resources, may not be adequate, and competitors may independently develop similar technology.
We cannot be certain that our Internet security solutions do not infringe issued patents in certain parts of the world. Therefore, other parties, whether in the United States or elsewhere, may assert infringement claims against us. We may also be subject to legal proceedings and claims from time to time in the ordinary course of our business, including claims of alleged infringement of copyrights, trademarks and other intellectual property rights of third parties by ourselves and our customers. Our customer agreements typically include indemnity provisions, so we may be obligated to defend against third party intellectual property rights infringement claims on behalf of our customers. Such claims, even if not meritorious, could result in the expenditure of significant financial and managerial resources. We may not have the proper resources in order to adequately defend against such claims.
Risks Relating to Operations in Israel
Conditions in Israel may limit our ability to develop and sell our products, resulting in a decline in revenues.
We are incorporated under the laws of the State of Israel. Our principal research and development facilities are located in Israel. Since the establishment of the State of Israel in 1948, a number of armed conflicts have taken place between Israel and its neighboring countries, as well as incidents of civil unrest, and a number of state and non-state actors have publicly committed to its destruction. Political, economic and military conditions in Israel could directly affect our operations. We could be adversely affected by any major hostilities involving Israel, including acts of terrorism or any other hostilities involving or threatening Israel, the interruption or curtailment of trade between Israel and its trading partners, a significant increase in inflation or a significant downturn in the economic or financial condition of Israel. Any on-going or future violence between Israel and the Palestinians, armed conflicts, terrorist activities, tension along the Israeli borders or with other countries in the region, including Iran, or political instability in the region could disrupt international trading activities in Israel and may materially and negatively affect our business and could harm our results of operations.
Certain countries, as well as certain companies and organizations, continue to participate in a boycott of Israeli firms, firms with large Israeli operations and others doing business with Israel and Israeli companies. In addition, such boycott, restrictive laws, policies or practices may change over time in unpredictable ways, and could, individually or in the aggregate, have a material adverse effect on our business in the future.
Some of our employees in Israel, including some of our executive officers, are obligated to perform annual military reserve duty in the Israel Defense Forces, depending on their age and position in the armed forces. Furthermore, they may be called to active reserve duty at any time under emergency circumstances for extended periods of time. For example, in 2015, ten of our employees in Israel were called for active reserve duty, each serving for an average of approximately two weeks. Our operations could be disrupted by the absence, for a significant period, of one or more of our executive officers or key employees due to military service, and any significant disruption in our operations could harm our business.
Because a substantial portion of our revenues historically have been generated in U.S. dollars and the Euro, and a significant portion of our expenses have been incurred in Israeli Shekel, our results of operations may be adversely affected by currency fluctuations.
We have generated a substantial portion of our revenues in U.S. dollars and Euros, and incurred a portion of our expenses, principally salaries and related personnel expenses in Israel in ILS. We anticipate that a significant portion of our expenses will continue to be denominated in ILS. As a result, we are exposed to risk to the extent that the value of the U.S. dollar decreases against the ILS and the Euro. In that event, the U.S. dollar cost of our operations will increase and our U.S. dollar-measured results of operations will be adversely affected. During 2015 and 2014, the U.S. dollar value of operating costs denominated in ILS declined due to the appreciation of the U.S. dollar vs the ILS, and the U.S. dollar value of revenues denominated in Euro declined due to the appreciation of the U.S. dollar vs the Euro. During 2013, the U.S. dollar value of operating costs denominated in ILS increased due to the depreciation of the U.S. dollar vs the ILS, and the U.S. dollar value of revenues denominated in Euro increased due to the depreciation of the U.S. dollar vs the Euro.
We cannot predict the trend for future years. Our operations also could be adversely affected if we are unable to guard against currency fluctuations in the future. To date, we have not engaged in any significant hedging transactions. In the future, we may enter into currency hedging transactions to decrease the risk of financial exposure from fluctuations in the exchange rate of the dollar against the ILS. Foreign currency fluctuations, and our attempts to mitigate the risks caused by such fluctuations, could have a material and adverse effect on our results of operations and financial condition.
The government programs and benefits which we previously received require us to meet several conditions and may be terminated or reduced in the future.
Through a program with the Office of the Chief Scientist of the Israeli Ministry of Industry, Trade & Labor, or OCS, as in effect prior to Amendment No. 7 (the “R&D Law Amendment”) to the Israeli Law for the Encouragement of Industrial Research and Development, 1984, and related regulations (the “R&D Law”). We received grants from the Government of Israel, to finance a significant portion of our research and development expenditures in Israel. In 2015 and 2014, we received $814 thousand and $447 thousand, respectively.
In order to meet specified conditions in connection with grants and programs of the OCS, we have made representations to the Israel government about our Israeli operations. One of the grants requires a minimum commitment of three years and we are required to share information with other companies and academics. From time to time, the conduct of our Israeli operations has deviated from our forecasts. If we fail to meet the conditions of the grants, including the maintenance of a material presence in Israel, or if there is any material deviation from the representations made by us to the Israeli government, we could be required to refund the grants previously received (together with an adjustment based on the Israeli consumer price index and an interest factor) and would likely be ineligible to receive OCS grants in the future.
On July 29, 2015, the Israeli Parliament, the Knesset, enacted the R&D Amendment, which, effective as of January 1, 2016, amends material provisions of the R&D Law, including royalty rates, changes to royalty rates upon transfer of manufacturing rights abroad, etc., leaves substantial discretion with the newly established National Authority for Technological Innovation, established to replace the OCS (the “Authority”), and includes only guidelines to some of the core issues of the R&D Law, thus currently causing much ambiguity as to the implementation of the R&D Amendment and its effect on companies which developed know-how using funds received from the OCS. The restrictions stated above, or similar or other restrictions and requirements for payment may impair our ability to sell our technology assets outside of Israel or to outsource or transfer development or manufacturing activities with respect to any product or technology outside of Israel.
You may have difficulties enforcing a U.S. judgment against us and our executive officers and directors or asserting U.S. securities laws claims in Israel.
CYREN Ltd. is organized under the laws of Israel, and we maintain significant operations in Israel. In addition, a significant portion of our assets are located outside the United States. Service of process upon our non-U.S. resident directors and enforcement of judgments obtained in the United States against them and CYREN Ltd. may be difficult to obtain within the United States. It may be difficult to enforce civil causes of actions under U.S. securities law in original actions instituted in Israel. Israeli courts may refuse to hear a claim based on a violation of U.S. securities laws because Israel is not the most appropriate forum in which to bring such a claim. In addition, even if an Israeli court agrees to hear a claim, it may determine that Israeli law and not U.S. law is applicable to the claim. If U.S. law is found to be applicable, the substance of the applicable U.S. law must be proved as a fact, which can be a time-consuming and costly process. Certain matters of procedure will also be governed by Israeli law. Furthermore, there is little binding case law in Israel addressing these matters.
Israeli courts might not enforce judgments rendered outside Israel which may make it difficult to collect on judgments rendered against us. Subject to certain time limitations, an Israeli court may declare a foreign civil judgment enforceable only if it finds that (a) the judgment was rendered by a court which was, according to the laws of the state of the court, competent to render the judgment; (b) the judgment may no longer be appealed; (c) the obligation imposed by the judgment is enforceable according to the rules relating to the enforceability of judgments in Israel and the substance of the judgment is not contrary to public policy; and (d) the judgment is executory in the state in which it was given.
Even if these conditions are satisfied, an Israeli court will not enforce a foreign judgment if it was given in a state whose laws do not provide for the enforcement of judgments of Israeli courts (subject to exceptional cases) or if its enforcement is likely to prejudice the sovereignty or security of the State of Israel. An Israeli court also will not declare a foreign judgment enforceable if (i) the judgment was obtained by fraud; (ii) there is a finding of lack of due process; (iii) the judgment was rendered by a court not competent to render it according to the laws of private international law in Israel; (iv) the judgment is at variance with another judgment that was given in the same matter between the same parties and that is still valid; or (v) at the time the action was brought in the foreign court, a suit in the same matter and between the same parties was pending before a court or tribunal in Israel.
Provisions of Israeli law may delay, prevent or make difficult an acquisition of CYREN Ltd., which could prevent a change of control and therefore depress the price of our shares.
Israeli corporate law regulates mergers and acquisitions of shares through tender offers, requires special approvals for transactions involving officers, directors or significant shareholders and regulates other matters that may be relevant to these types of transactions. Furthermore, Israeli tax considerations may make potential transactions unappealing to us or to our shareholders whose country of residence does not have a tax treaty with Israel exempting such shareholders from Israeli tax. For example, Israeli tax law does not recognize tax-free share exchanges to the same extent as U.S. tax law. With respect to mergers, Israeli tax law allows for tax deferral in certain circumstances but makes the deferral contingent on the fulfillment of a number of conditions, including a holding period of two years from the date of the transaction during which sales and dispositions of shares of the participating companies are subject to certain restrictions. Moreover, with respect to certain share swap transactions, the tax deferral is limited in time, and when such time expires, the tax becomes payable even if no disposition of the shares has occurred.These and other similar provisions could delay, prevent or impede an acquisition of our company or our merger with another company, even if such an acquisition or merger would be beneficial to us or to our shareholders
Your rights and responsibilities as a shareholder will be governed by Israeli law which differs in some respects from the rights and responsibilities of shareholders of U.S. companies.
We are incorporated under Israeli law. The rights and responsibilities of the holders of our ordinary shares are governed by our Articles of Association and Israeli law. These rights and responsibilities differ in some respects from the rights and responsibilities of shareholders in typical U.S.-based corporations. In particular, a shareholder of an Israeli company has a duty to act in good faith toward the company and other shareholders and to refrain from abusing its power in the company, including, among other things, in voting at the general meeting of shareholders on matters such as amendments to a company’s articles of association, increases in a company’s authorized share capital, mergers and acquisitions and interested party transactions requiring shareholder approval. In addition, a shareholder who knows that it possesses the power to determine the outcome of a shareholder vote or to appoint or prevent the appointment of a director or executive officer in the company has a duty of fairness toward the company. There is limited case law available to assist us in understanding the implications of these provisions that govern shareholders’ actions. These provisions may be interpreted to impose additional obligations and liabilities on holders of our ordinary shares that are not typically imposed on shareholders of U.S. corporations.
As a foreign private issuer whose shares are listed on the NASDAQ Capital Market, we may follow certain home country corporate governance practices instead of certain NASDAQ requirements.
As a foreign private issuer whose shares are listed on the NASDAQ Capital Market, we are permitted to follow certain home country corporate governance practices instead of certain requirements of the NASDAQ listing rules.
Among other things, we may follow home country practice with regard to composition of our Board of Directors, or Board, and quorum requirements at shareholders’ meetings. In addition, we may follow our home country law, instead of the NASDAQ listing rules, which require that we obtain shareholder approval for certain dilutive events, such as for the establishment or amendment of certain equity-based compensation plans, an issuance that will result in a change of control of the Company, certain transactions other than a public offering involving issuances of a 20% or more interest in the Company and certain acquisitions of the stock or assets of another company.
A foreign private issuer that elects to follow a home country practice instead of NASDAQ requirements must submit to NASDAQ in advance a written statement from an independent counsel in such issuer’s home country certifying that the issuer’s practices are not prohibited by the home country’s laws. In addition, a foreign private issuer must disclose in its annual reports filed with the SEC or on its website each such requirement that it does not follow and describe the home country practice followed by the issuer instead of any such requirement (see Item 16G. “Corporate Governance” for a list of those home country practices followed by us). Accordingly, our shareholders may not be afforded the same protection as provided under NASDAQ’s corporate governance rules.
Item 4. Information on the Company.
|
A.
|
History and development of the Company
|
We were incorporated as a private company under the laws of the State of Israel on February 10, 1991 and our legal form is a company limited by shares. We became a public company on July 15, 1999 under the name Commtouch Software Ltd. In January 2014, we changed our legal name to CYREN Ltd.
Our principal executive offices are located at 1 Sapir Rd., 5th Floor, Beit Ampa, P.O. Box 4014, Herzliya, 46140 Israel, where our telephone number is 972–9–863–6888. Our Amended and Restated Articles of Association, or Articles of Association, are on file in Israel with the Israeli Securities Authority (“ISA”) and available for public inspection online through the ISA website at https://www.magna.isa.gov.il.
Our authorized agent in the United States is our subsidiary, CYREN Inc. located at 7925 Jones Branch Drive, Suite 5200, McLean, Virginia 22102.
The Company finances the capital expenditures from operations. The Company continues to invest in capital expenditures that support the growth of the Company’s business and support the rollout of new products and services.
B. Business Overview
CYREN is a global leader in information security solutions for protecting web, email and mobile transactions. We are a pioneering Security-as-a-Service provider of integrated cloud-based security technology, with cost-effective, easily deployed solutions that mitigate modern cyber-threats, advanced malware attacks, information leaks, legal liability and productivity loss through the application of cyber intelligence.
Organizations rely on the Internet and email to conduct business, and frequently send critical or confidential information outside their network perimeter as part of established business processes. At the same time, a fundamental shift in the sources of cyber crime, from hackers to organized crime and nation-states, combined with the emergence of international data trafficking and sophisticated advanced persistent threats (“APTs”), is powering an unprecedented wave of targeted, malicious attacks – all designed to steal valuable information. The growth of business-to-business Internet-based collaboration, in conjunction with the consumerization of Information Technology (“IT’) and the associated adoption of mobile devices and unmanaged Internet-based applications, has proliferated sensitive data and reduced the effectiveness of many existing security products. These factors all contribute to an increasing number of severe data breaches and expanding regulatory mandates, all of which accelerate demand for an effective security solutions. The confluence of these trends drives the need for unified, organization-wide web and email security solutions that address the dynamic nature of web content and cyber-threats.
As a leading provider of cloud-based security solutions that deliver powerful protection through the application of global cyber intelligence, CYREN’s easily deployed web, email, and antimalware products deliver uncompromising protection in both embedded and security-as-a-service models. Organizations rely on CYREN cloud-based cyber threat detection and proactive security analytics to provide up-to-date spam classifications, URL categorization and malware detection services. The CYREN cyber intelligence platform applies unique analysis and detection technologies to protect more than 600 million users in 200 countries.
As a trusted technology partner, CYREN delivers security services to a wide array of customers and OEM and service provider distribution partners including; network and security vendors offering content security gateways, unified threat management (“UTM”) solutions, network appliances, antivirus solutions and to service providers such as Software-as-a-Service (“SaaS”) vendors, web hosting providers and Internet service providers. CYREN partners with customers to ensure success at both the technical and sales levels.
CYREN provides a purpose-built, global cloud-based security service that delivers real-time protection to enterprises facing the next generation of cyber attacks. Our technology approach represents a paradigm shift versus how IT security has been conducted since the earliest days of the information technology industry.
The core of our purpose-built, cloud-based cyber security platform are the CYREN GlobalViewTM Cloud and patented Recurrent Pattern Detection™ (“RPD™”) technologies, which identify and protect against known and unknown threats that traditional signature-based technologies are unable to detect.
The GlobalView Cloud infrastructure has operated for over 16 years and is built from multiple high-availability data centers deployed worldwide. Global points of presence ensure low latency for queries, as well as local data handling where required by country-specific legislation. End user traffic may be routed to the cloud for protection using a variety of options.
Our Offerings
CYREN’s products and services fall into three categories, each delivered as SaaS subscription model:
|
1.
|
Security-as-a-Service – CYREN WebSecurity and CYREN EmailSecurity
|
|
2.
|
Cyber Intelligence Suite – Phishing, Malware and Malicious IP intelligence feeds
|
|
3.
|
Embedded Solutions – Antispam, Antimalware, URL Filtering and Mobile Security SDKs
|
CYREN WebSecurity (“CWS”)
The web Security-as-a-Service market offers a tremendous growth opportunity. There are several factors driving the fast adoption of the SecaaS cloud model including: the increased cost and complexity of managing security appliances – potentially across multiple remote offices; an increasingly mobile workforce; the bring-your-own-device (“BYOD”) trend; business and user applications that have moved to the cloud. These factors have shifted the way businesses and enterprises are looking to consume web security. There is also a growing need for compliance – ensuring that inappropriate or illegal sites are not visited from company infrastructure - and employee productivity – ensuring that company time and bandwidth is not wasted on unnecessary web usage.
|
|
CYREN developed a proprietary solution, CYREN WebSecurity that delivers cloud-based protection of users and their devices against web-borne threats. CWS includes URL filtering and antimalware protection. CWS was been designed from the ground up to offer a private-label service, enabling CYREN partners to quickly enter this high-growth market. In a resale model, CWS can be deployed through multiple channels, as the ability to define flexible multi-tenant partner, reseller, distributor, and customer relationships supports any channel, licensing, or sales ecosystem. CWS has an intuitive user interface that streamlines the performance of provisioning and configuration tasks for all partner tiers and all organizational resources, including mobile. CWS builds on our GlobalView cyber intelligence network, extensive experience in operating security services, and complementary security technologies such as antivirus to provide the highest levels of protection for end users.
CYREN WebSecurity also includes advanced cyber threat protection that identifies and blocks highly evasive cyber threats with an industry-first patent-pending Cloud Sandbox Array. The CWS Advanced Threat Protection module applies cloud-scale advanced malware analysis, including innovative multi-sandbox array technology to analyze unknown malware. Analysis is coordinated by a heuristics-based engine that ensures malware objects are completely analyzed, even those attempting to evade detection. It also leverages big data analytics across the 17 billion daily Internet transactions to correlate the relationship between files, URLs, hosts, IPs, and domains in order to identify malicious objects.
CYREN EmailSecurity
Research shows that 80% of all business data is unstructured, with email being by far the largest repository. As a result, the ability to effectively secure email inboxes from unwanted spam and threats like malware and phishing is critical. Today’s preferred delivery model for this protection is “as-a-service”. CYREN EmailSecurity is a Security-as-a-Service platform that delivers inbound and outbound antispam, anti-malware, and malware attack detection components in a seamless, easy end user experience. CYREN EmailSecurity uses the GlobalView™ Cloud, which collects and analyzes billions of transactions per day, to deliver unmatched insight into, and protection against emerging security threats. Our patented Recurrent Pattern Detection (“RPD”) automatically analyzes traffic to provide accurate spam and phishing classifications based on a unique global viewpoint on threats
CYREN EmailSecurity frees inboxes of spam, malware, and phishing threats without blocking important business messages — protecting email users whenever, wherever, and on whatever device they use. CYREN EmailSecurity processes each email message before it enters the end-user’s system. When spam or malware is detected, CYREN EmailSecurity handles the message according to the policy defined by the system administrator. All email categorization and reporting details can be viewed in the CYREN EmailSecurity dashboard.
|
|
To protect customer privacy, emails are ‘fingerprinted’ and then only fingerprints are analyzed against the RPD database. In this way, no sensitive customer data is ever sent to the cloud. If the email is spam, or contains malware, it is processed according to the customer’s business rules, with options such as reject, tag and deliver, reroute, or send to quarantine.
|
Cyber Intelligence Suite
CYREN cloud analyzes over 17 billion transactions per day across multiple security domains to deliver an unmatched view of threats as they emerge. Every day, CYREN detects thousands of new malicious IPs, and zero-hour phishing and malware URLs.
CYREN’s data collection footprint and integrated, automated detection capability operates on a massive scale to deliver actionable security intelligence and indicators of compromise (IoCs), globally, on a near-real-time basis. Our intelligence platform automatically investigates IPs, domains, hosts and files associated with suspicious behavior and maintains risk scores enabling instantaneous reclassification of entities based on the most recent associated activity.
The CYREN Cyber Intelligence Suite bundles real-time threat intelligence into a single suite that delivers protection from Malicious IP’s, Phishing Attacks, and Malware outbreaks. This allows customers to apply this unique zero hour cyber threat intelligence to protect end users before they are exposed. CYREN’s Cyber Intelligence Suite delivers real-time intelligence to customers through one or more data feeds delivered on a subscription basis.
Embedded Antispam Solutions
CYREN Inbound AntiSpam delivers proven and industry-leading detection, allowing real-time blocking of spam and phishing in any language or format with virtually no false positives. Powered by CYREN’s patented Recurrent Pattern Detection technology (RPD), Inbound AntiSpam prevents attacks while allowing OEMs and their customers to maintain strict privacy for customers’ email contents. CYREN Embedded solutions are typically delivered as Software Development Kits (SDKs) which allow customers to connect to CYREN’s GlobalView™ cloud for continuous real-time protection from spam and phishing outbreaks anywhere in the world. CYREN Inbound AntiSpam:
|
·
|
Offers an exceptionally flexible engine, suitable as an antispam core or as a complementary layer.
|
|
·
|
Can be used in a wide range of hardware and software endpoints and offerings such as messaging gateways and mail transfer agents (MTA), unified threat management solutions (UTM) and firewalls, secure email gateways, other antivirus software, and desktop applications.
|
|
·
|
Includes multiple plugin options and is delivered via a comprehensive SDK (daemon or shared library).
|
|
·
|
Scales to hundreds of messages/sec per single processor.
|
CYREN Outbound AntiSpam is designed specifically to neutralize spam originating from within a customer’s infrastructure. Spam attacks emanating from within cause irreparable damage to business and network reputation, not to mention customer confidence. Because the problem differs significantly from spam that originates externally, CYREN has developed a unique solution, using its patented GlobalView™ Cloud technology, to detect outbound spam rapidly and accurately, blocking outbreaks as they start. CYREN Outbound AntiSpam:
|
·
|
Blocks, spam, malware, and phishing originating on internal infrastructure in real-time.
|
|
·
|
Blocks any type of attacker, including zombie computers, compromised accounts, spammer accounts, and webmail spam.
|
|
·
|
Identifies the source, alerts the abuse/fraud detection team, and provides samples of unwanted traffic.
|
|
·
|
Includes multiple plugin options and is delivered via a comprehensive SDK (daemon or shared library).
|
|
·
|
Integrates easily into existing platforms, minimizing costs and time-to-market.
|
|
·
|
Uses low resources—CYREN’s uniquely small footprint fits any hardware or software environment without affecting performance
|
Embedded Antimalware Solutions
CYREN Embedded Antimalware represents over 20 years of history, experience, and adaptive development by some of the industry’s most capable and well-known engineers. CYREN Antimalware technologies protect hundreds of millions of users, scan billions of emails per week, and are trusted by many of the world’s largest software, hardware and Internet services companies.
CYREN Embedded Antimalware provides broad protection against new and zero-hour threats. A modular design gives partners industry-leading detection performance with extremely low processing, memory, storage, and bandwidth consumption. Embedded Antimalware offers superior, efficient detection with a small footprint, appropriate for integration into a wide variety of products or services. This award-winning engine blocks malware of all types, including worms, Trojans and spyware.
With the embedded Antimalware integrated into a vendor device or application, objects (files, web scripts, emails, etc.) are scanned and classified by our antimalware engine. This enables partners to delete, block, or quarantine malicious objects before they can impact end users. CYREN Antimalware SDK can be deployed within software applications and hardware platforms as diverse as UTMs, Network Attached Storage, Network Routers, and Mobile platforms.
|
|
The CYREN embedded Antimalware engine uses a modular framework. Each Threat Protection Module within the framework scans specific objects, for example PDF files, or searches for specific virus types such as polymorphic viruses. This architecture is more flexible than the monolithic approach of competitors - new modules can be added quickly to combat new threats without having to change existing ones – delivering rapid response to evolving threats.
The modular architecture also means faster deployment for partners. Quality Assurance testing of the engine is can be completed rapidly after module updates or additions since existing modules are left untouched. We use a minimal number of function calls for integration of the engine, speeding integration time. Also, new features are exposed by adding parameters without changing the basic function call set; ensuring backward compatibility and easier management of deployed product.
Embedded URL Filtering Solutions
CYREN offers embedded URL filtering services, which can be deployed within partners’ hardware or software via an embedded software module. By embedding CYREN URL filtering (“URLF”), partners can build solutions to combat emerging web threats with a URL categorization service designed for maximum security, low-latency, and support for local browsing behaviors.
The scale of today’s Internet, coupled with the unique browsing habits of regional users dictates that to be effective, the traditional URL database must be “in the cloud”, thereby overcoming local storage limitations and allowing CYREN partners to tailor the information held to meet their specific needs.
Embedded URL Filtering works in this way:
1.
|
The embedded URLF software is installed on the partner device or platform (e.g. Web Security Gateway).
|
|
|
|
2.
|
The partner device receives an http/s browsing request from a connected user.
|
|
|
3.
|
The device uses the embedded software to establish the URL classification. The URLF Engine first checks its local cache for URL values; typically more than 99% of queries are resolved by the local cache.
|
|
|
4.
|
If necessary, the URLF Engine queries the CYREN GlobalView Cloud for the relevant data.
|
|
|
|
5.
|
One classification is obtained, the partner applies policy to block, allow, or strip content according to the rules defined for the URL classification.
|
|
The GlobalView Cloud provides broad, up-to-date coverage of URLs. CYREN is able to provide high categorization accuracy with our powerful cloud analysis engines and global data sources. Each copy of the embedded software that is installed can include a local cache that automatically customizes itself depending on usage patterns, enabling CYREN to deliver the most relevant data at high speed.
URL Filtering requests between the embedded software and the CYREN cloud infrastructure are satisfied in a few milliseconds or less, so latency is never an issue. We employ a combination of deep coverage and highly accurate categorization to ensure the best possible browsing experience for end users.
Sales and Marketing
For the embedded services business our goal is to gain new customers, and increase renewals, upgrades and other incremental business to existing customers, by expanding our offerings and increasing the number and productivity of the OEMs who sell our products to end user customers worldwide.
Previously, we have sold products and services internationally in approximately 200 countries primarily through third party distribution channels comprised of distributors and value-added resellers with substantial support from our internal sales team and sales engineers. The SDK products are provided to OEM and service provider customers, who in turn integrate these into their product or service offerings for sale or provision to their customers. We are then paid service fees under a variety of fee structures, including fixed fee and fee sharing arrangements.
Our legacy enterprise anti-spam and Zero-Hour virus outbreak detection gateway, CSAM antivirus and F-PROT antivirus services, are sold through resellers, who pay us pre-negotiated fees when a sale is closed with an end customer.
During 2014 we established new distributor and reseller channels in order to sell our CYREN WebSecurity platform to enterprise and SMB customers. These distributors and resellers sell CWS either under their own brand name, under the CYREN brand name, or as a co-branded web security product “powered by CYREN”. As part of our strategy to expand our business, we are now offering our CYREN WebSecurity product direct to enterprise customers. During 2015 we restructured our sales organization to focus the majority of resources on selling CWS solutions.
The CYREN global sales team is managed by Sales leaders who work closely with our sales teams in the Americas, Europe, Middle East and Africa (EMEA) and Asia Pacific (APAC).
Our marketing efforts are designed to increase awareness of CYREN as a leading provider of enterprise security solutions that deliver powerful protection through unmatched cyber intelligence. Branding and messaging for CYREN emphasizes how our unique cloud-based threat detection and cyber intelligence can be applied to provide up-to-date spam classifications, URL categorization and malware detection services.
For direct sales of CWS marketing activities are focused on security decision-makers within enterprises. For our legacy embedded products, we focus on business executives, including product and business development security professionals and, upper level management. We actively manage our public relations programs, communicating directly with security professionals, industry analysts and the media in executing our strategy to promote greater awareness of the growing problems caused by advanced malware attacks, viruses, spam, phishing and ransomware.
Our marketing initiatives include:
•
|
digital advertising promoting CYREN solutions, technologies, partnerships and benefits in security trade magazines and other business-oriented periodicals and online properties;
|
•
|
participating in and sponsoring trade shows and industry events;
|
•
|
providing access to a dashboard showing detections made by the CYREN Security Lab, which informs visitors of real-time security threats;
|
•
|
conducting webinars and training sessions for our sales organization, resellers and partners; and
|
•
|
utilizing our website and social media to provide product and company information to our customers and interested parties.
|
The Marketing team defines and directs the marketing strategy and initiatives from our California and Virginia offices with regionalization accomplished through marketing personnel in our international offices.
Intellectual Property
We regard our patented and patent pending anti-spam and antivirus technology, copyrights, service marks, trademarks, trade secrets and similar intellectual property as critical to our success, and rely on patent, trademark and copyright law, trade secret protection and confidentiality and/or license agreements with our employees, customers, partners and others to protect our proprietary rights.
In 2004, we purchased a United States patent, U.S. Patent No. 6,330,590. During 2005, we filed an anti-spam related patent application in the United States, claiming priority based on the filing of U.S. Provisional Patent Application. This application remains pending. During 2006, we filed in the United States a provisional patent application relating to the prevention of spam in streaming systems or, in other words, unwanted conversational media sessions (i.e., voice and video related). This provisional application was converted to a formal patent application and that application was then divided into three pending applications. The United States Patent and Trademark Office issued us a new patent under the original application – United States Patent No. 7,849,186. In 2011, a divisional patent was issued in connection with one of those split applications – United States Patent No. 7,991,919, which will have a term concurrent with US Patent No. 7,849,186. On May 29, 2012 and on June 5, 2012, two additional divisional patents were issued in connection with the final two split applications – United States Patent No. 8,190,737 and United States Patent No. 8,195,795, respectively, both of which also will have a term concurrent with U.S. Patent 7,849,186. In 2013, we filed in the United States a new application for a patent regarding a unified platform that leverages the various proprietary Internet security tools we employ to resolve security threats. In 2016, we filed in the United States a new application for a patent regarding a multi-sandbox array that utilizes unique intellectual property we developed in support of our cyber threat protection capabilities. We may seek to patent certain additional software or other technology in the future.
We filed trademark applications for “CYREN”. We are actively maintaining our registered trademark for “Commtouch”, which is registered in the U.S., Canada, Israel, European Union and China. Through acquisition, we also acquired registered trademarks in “FRISK”, “F-PROT”, “eleven”, “Expurgate”, “Command Antimalware” and “Galileo”. We allowed the registration of Command Interceptor to lapse, and may allow others of these trademarks to lapse over time. A previous registration of “PRONTO” in Canada is still in force, but we are not maintaining this registration and it lapsed in 2014. Since at least September 2003, we have claimed common law trademark rights in “RPD” and “Recurrent Pattern Detection”, as applicable to our messaging security solutions. We have also been claiming common law trademark rights in “Zero-Hour” in relation to our virus outbreak detection product (and more recently one of our web security products) and “GlobalView” in relation to our Internet Protocol, or IP, reputation and web security products, as well as our “cloud computing” network infrastructure.
It may be possible for unauthorized third parties to copy or reverse engineer certain portions of our products or obtain and use information that we regard as proprietary. In addition, the laws of some foreign countries do not protect proprietary rights to the same extent as do the laws of the United States. There can be no assurance that our means of protecting our proprietary rights in the United States or abroad will be adequate or that competing companies will not independently develop similar technology.
Other parties may assert infringement claims against us. We may also be subject to legal proceedings and claims from time to time in the ordinary course of our business, including claims of alleged infringement by us and/or our customers of the trademarks and other intellectual property rights of third parties. Our customer agreements typically include indemnity provisions so we may be obligated to defend against third party intellectual property rights infringement claims on behalf of our customers. Such claims, even if not meritorious, could result in the expenditure of significant financial and managerial resources.
Government Programs
Under the R&D Law, as in effect prior to the R&D Amendment, research and development programs approved by the Research Committee of the OCS (the “Research Committee”) were eligible for grants or loans if they met certain criteria, in return for the payment of royalties from the sale of the product developed in accordance with the program and subject to other restrictions. Once a project was approved, the OCS awarded grants of up to 50% of the project’s expenditures in return for royalties, usually at the rate of 3% to 6% of sales of products developed with such grants. For projects approved after January 1, 1999, the amount of royalties payable was up to a dollar-linked amount equal to 100% of such grants plus interest at LIBOR.
The terms of these grants, in accordance with the pre-R&D Amendment regime, prohibited the manufacture outside of Israel of the product developed in accordance with the program without the prior consent of the Research Committee. Such approval was generally subject to an increase in the total amount to be repaid to the OCS to between 120% and 300% of the amount granted, depending on the extent of the manufacturing that was conducted outside of Israel.
The R&D Law, as in effect prior to the R&D Amendment, also provided that know-how from the research and development, which was used to produce the product, could not be transferred to Israeli third parties without the approval of the Research Committee. Until 2005, the R&D Law stated that such know-how could not be transferred to non-Israeli third parties at all. An amendment to the R&D Law has set forth certain exceptions to this rule; however, the practical implications of such exceptions were quite limited. The R&D Law, as in effect prior to the R&D Amendment, stressed that it was not just transfer of know-how that was prohibited, but also transfer of any rights in such know-how. Such restriction did not apply to exports from Israel of final products developed with such technologies. Approval of the transfer could be granted only if the transferee undertook to abide by all of the provisions of the R&D Law and regulations promulgated thereunder, including the restrictions on the transfer of know-how and the obligation to pay royalties.
On July 29, 2015, the Israeli Parliament, the Knesset, enacted the R&D Amendment. Pursuant to the R&D Amendment, the OCS was replaced with the Authority, which is comprised of a Council body, the Chief Scientist, the Director General and a member of the Research Committee. According to the R&D Amendment, the Council will have broad discretion regarding material matters, including with respect to the new funding programs (“Tracks”), will be required to determine certain characteristics (which are mainly technical but also include the type of Benefit (“Benefit”, as defined under the R&D Amendment, includes grants, loans, exemptions, discounts, guarantees and additional means of assistance, but with the exclusion of purchase of shares) to be granted as well as its scope, conditions for receipt of approval for the Benefit and the identity of the party which is permitted to perform the approved activities, and may determine additional matters, including delay in payment of the Benefit and requests for provision of guarantees for its receipt, payment of an advance by the Authority, what know-how will be developed and requirements regarding its full or partial ownership, provisions regarding transfer, disclosure or exposure of know-how to third parties in Israel and abroad (including payment or non-payment for the same, as well as ceilings for such payments), requirements with respect to manufacture in Israel and transfer of manufacture abroad (including payment for such transfer), performance of innovative activities for the benefit of third parties, etc. In addition, while the pre-R&D Amendment regime provided base-line default terms and conditions with respect to the core issues relevant for OCS grant recipients, as provided above, these default provisions have been largely rescinded by the R&D Amendment. Many of these matters will now be decided separately for each Track by the Council, based on certain guidelines stipulated in the R&D Amendment. Such guidelines provide, for example, that considerable preference should be given to having ownership of Authority-funded know-how and rights vest with the Benefit recipient and/or with an Israeli company, with transfer of know-how and related rights abroad to be permitted only in exceptional circumstances. In addition, the R&D Amendment stipulates that the transfer of manufacturing rights abroad, whether under a license or otherwise, shall only be allowed in special circumstances. Nonetheless, these matters are merely guidelines, and the essential matters will be determined by the Council in its discretion. While the R&D Amendment is designated to provide flexibility in the rapidly changing business environment, leaving the above essential matters to the Council’s discretion currently causes much ambiguity as to the implementation of the R&D Amendment.
Government Regulation
Laws aimed at curtailing the spread of spam have been adopted by the United States federal government, i.e., the CAN-SPAM Act, and some individual U.S. states, with the CAN-SPAM Act superseding some state laws or certain elements thereof.
The propagation of email viruses, whether through email or websites, which are aimed at destroying or stealing third party data, is illegal under standard state and federal law outlawing theft, misappropriation, conversion, etc., without the need for special legislation prohibiting such activities on the Internet. Despite the existence of these laws, sources for Internet viruses continue to spread multi-variant viruses seemingly without much fear of recrimination. New laws providing for more stringent penalties could be adopted in various jurisdictions, but it is unclear what, if any, affect these would have on the antivirus industry in general and our Command Antivirus, F-PROT antivirus, Zero-Hour Virus Outbreak Detection and GlobalView URL filtering solutions in particular.
On October 6, 2015, the European Court of Justice invalidated the U.S.- EU Safe Harbor framework and the Swiss data protection authorities later invalidated the U.S.-Swiss Safe Harbor framework. We have invested heavily in data sovereignty features that ensure CYREN customer data remains in the EU as required by law. We will continue to monitor legal requirements and will follow additional legal requirements for customer data privacy as they evolve.
Geographic Information
The Company conducts its business on the basis of one reportable segment.
Revenues for Last Three Financial Years
See Item 5. Operating and Financial Review and Prospects – “Revenue Sources” and the financial statements included elsewhere in this Annual Report. Below is a breakdown of our revenues by location (in thousands):
|
|
Year Ended December 31,
|
|
|
|
2015
|
|
|
2014
|
|
|
2013
|
|
|
|
|
|
|
|
|
|
|
|
USA
|
|
$ |
11,424 |
|
|
$ |
11,712 |
|
|
$ |
12,726 |
|
Germany
|
|
|
7,326 |
|
|
|
9,191 |
|
|
|
10,321 |
|
Europe (other than Germany)
|
|
|
3,460 |
|
|
|
4,635 |
|
|
|
4,086 |
|
Asia
|
|
|
3,436 |
|
|
|
3,600 |
|
|
|
2,717 |
|
Israel
|
|
|
1,958 |
|
|
|
1,985 |
|
|
|
1,602 |
|
Other
|
|
|
158 |
|
|
|
802 |
|
|
|
796 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$ |
27,762 |
|
|
$ |
31,925 |
|
|
$ |
32,248 |
|
Competitive Landscape
The markets in which CYREN competes are intensely competitive and rapidly changing. However, we believe there are very few competitors that offer the complete package of anti-spam, antivirus (both traditional and complementary real-time offerings), IP reputation and web security protections that CYREN provides.
The principal competitive factors in our industry include price, product functionality, product integration, platform coverage and ability to scale, worldwide sales infrastructure and global technical support. Some of our competitors have greater financial, technical, sales, marketing and other resources than we do, as well as greater name recognition and a larger installed customer base. Additionally, some of these competitors have research and development capabilities that may allow them to develop new or improved products that may compete with product lines and services we market and distribute, possibly at a lower cost. Our success will depend on our ability to adapt to these competing forces, to develop more advanced products more rapidly and less expensively than our competitors and/or to purchase new products by way of strategic acquisitions, and to educate potential customers as to the benefits of using our products rather than developing their own products.
In the market for messaging security solutions, there are sophisticated offerings that compete with our solutions. Email defense security providers offering forms of Software-as-a-Service packaged software (gateway), multi-functional appliances and managed service solutions and which may be viewed as both competitors and potential customers to CYREN include Google, Symantec, TrendMicro, Intel (McAfee) and Cisco, Proofpoint, and Mimecast. Messaging security providers offering solutions on an OEM basis similar to CYREN’s business model, and which may be viewed as direct competitors, include Cloudmark, Mailshell and Vade Retro.
The market for real-time virus protection products is also constantly evolving, as those designing and proliferating viruses and other malware seek new vulnerabilities and distribution techniques, and also continue to leverage email distribution as a cost-effective medium for accurately targeting broad, numerous potential victims. CYREN’s real-time offering differs from traditional antivirus solutions (such as our Command Antimalware solution) by leveraging our global footprint and patented RPD technology to rapidly detect outbreaks, often hours or days before traditional antimalware solutions; it thereby offers a complementary solution to signature and heuristic-based antivirus engines. For this reason, our malware attack detection engine has been deployed by several security companies and service providers.
In the market for antimalware solutions, there are vendors offering fairly effective solutions using various technologies based on signatures, emulation and heuristics. CYREN has an exclusive OEM/service provider focus, plus an increasing focus on heuristics and zero day effectiveness. Most companies in this space provide end user products and in some cases make software development kits available on an OEM basis. Competitors to CYREN include Sophos, Bitdefender, Kaspersky, McAfee, Symantec and open source software such as Clam-AV.
In the market for web security solutions, there are advanced offerings that compete with our GlobalView URL filtering solution and CWS. Web security providers offering forms of software (gateway), multi-functional appliances and managed service solutions and which may be viewed as both competitors and potential customers to CYREN include Intel (McAfee), ForcePoint (formerly Websense), BlueCoat, Zscaler, Barracuda, and Cisco (OpenDNS). Web security providers offering solutions on an OEM basis similar to CYREN’s business model, and which may be viewed as direct competitors, include Webroot (BrightCloud) and Symantec (RuleSpace).
We expect that the markets for Internet security solutions will continue to become more consolidated, with companies increasing their presence in this market or entering ancillary markets by acquiring or forming strategic alliances with our competitors or business partners, such as Raytheon/ForcePoint’s acquisitions of Websense and Stonesoft, BlueCoat’s acquisitions of Solera, Perspecsys and Elastica, Proofpoint’s acquisitions of Marble Security and SocialWare, Cisco’s acquisitions of Lancope, OpenDNS and ThreatGrid, FireEye’s acquisitions of iSight and Invotas, and Splunk’s acquisitions of Caspida and Metafor. See also disclosure under “Item 3. Key Information– Risk Factors—Business Risks— we face intense competition and could lose market share to our competitors, which could adversely affect our business, financial condition and results of operations.”
C. Organizational Structure
The Company wholly owns the following main subsidiary companies, either directly or through holding companies:
|
a.
|
CYREN Inc., a Delaware corporation and a wholly owned subsidiary of the Company, which has its principal office located at 7925 Jones Branch Drive, Suite 5200, McLean, VA, 22102, tel: (703) 760-3320 where certain members of management and related personnel are located, plus one supporting office located at 1731 Embarcadero Road, Suite 230, Palo Alto, CA 94303, tel: (650) 864-2000.
|
|
b.
|
CYREN Iceland hf, a limited liability company organized and existing under the laws of Iceland and wholly owned by the Company, with an office at Thverholti 18, IS-105, Reykjavik, Iceland, tel: 354-540-7400.
|
|
c.
|
CYREN Gesellschaft mbH, a German limited liability company wholly owned by the Company through a holding company structure, with an office at Hardenbergplatz 2, 10623, Berlin, Germany, tel: 49 (0)30/52 0056–0.
|
D. Property, plants and equipment
Property and equipment costs recorded on our consolidated balance sheet as of December 31, 2015, 2014 and 2013 consisted of the following:
Property and equipment, net
|
|
Year Ended December 31,
|
|
|
|
2015
|
|
|
2014
|
|
|
2013
|
|
|
|
(in thousands)
|
|
Cost:
|
|
|
|
|
|
|
|
|
|
Computers and peripheral equipment
|
|
$ |
9,309 |
|
|
$ |
8,160 |
|
|
$ |
7,350 |
|
Office furniture and equipment
|
|
|
1,118 |
|
|
|
1,151 |
|
|
|
1,112 |
|
Motor vehicles
|
|
|
- |
|
|
|
- |
|
|
|
10 |
|
Leasehold improvements
|
|
|
1,619 |
|
|
|
1,587 |
|
|
|
1,581 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
12,046 |
|
|
|
10,898 |
|
|
|
10,053 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Less accumulated depreciation
|
|
|
(9,725 |
) |
|
|
(8,497 |
) |
|
|
(7,379 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
Property and equipment, net
|
|
$ |
2,321 |
|
|
$ |
2,401 |
|
|
$ |
2,674 |
|
All of our facilities are leased.
Our office in Herzilya, Israel, is approximately 12,217 square feet and houses research and development, sales, marketing, support and administrative personnel. Our U.S. subsidiary CYREN Inc. is headquartered in McLean, Virginia in an office of approximately 7,022 square feet and it houses senior management, marketing, sales, and administrative personnel; and its office in Palo Alto, California (approximately 3,332 square feet), is staffed by hosting (operations), sales and administrative personnel. Our subsidiary CYREN Iceland hf is located in Reykjavik, Iceland in an office of approximately 11,906 square feet, which houses antivirus operations, sales and some administrative personnel. Our subsidiary CYREN GmbH is based in Berlin, Germany, in an office of approximately 10,333 square feet, which houses research and development, operations, sales, marketing and administrative personnel. We anticipate possible office expansion or relocation of our offices in California, Iceland, and Israel during 2016.
Item 4A. Unresolved Staff Comments.
|
Not applicable.
Item 5. Operating and Financial Review and Prospects.
Overview
From 2003 through 2008, the sole focus of our business had been the development and selling, through reseller and OEM distribution channels, of anti-spam, Zero-Hour virus outbreak detection and IP reputation solutions to a wide array of customers. During late 2008, we expanded our focus by way of the release of our first URL filtering solutions for the web security market. In September 2010, we acquired certain assets comprising the Command Antivirus business unit of Authentium, Inc. On October 1, 2012, the Company completed the acquisition of the antivirus business of Frisk. The acquisition has enabled the Company to provide antivirus technology utilizing the combined resources of both organizations. On November 16, 2012, the Company completed the acquisition of eleven. The acquisition of eleven has enabled CYREN to accelerate delivery of private label cloud–based security solutions, specifically designed for the OEM and service provider markets. In January 2014, the Company rebranded itself from Commtouch to CYREN, and later that year launched CYREN WebSecurity version 1.0 which built on the Company’s SDK technology, as well as the acquisitions from eleven and FRISK, to deliver a cloud-based Security-as-a-Service platform. Since 2014 CWS has continued to mature and during Q1 2016 the Company launched CWS 3.0 that leverages CYREN’s deep technology and security data assets, as well as cyber threat and advanced malware detection.
Critical Accounting Policies and Estimates
This “Item 5. Operating and Financial Review and Prospects” section is based upon the Company’s consolidated financial statements, which have been prepared in accordance with accounting principles generally accepted in the United States (U.S. GAAP). The preparation of these financial statements requires management to make estimates and assumptions that affect the amounts reported in the consolidated financial statements and accompanying notes. Actual results could differ from those estimates. On an ongoing basis, the Company’s management evaluates estimates. Such estimates are based on historical experience and on various other assumptions that are believed to be reasonable, the results of which form the basis for making judgments about the carrying values of assets and liabilities.
Accounting for Stock–Based Compensation
ASC 718 - “Compensation-Stock Compensation” ASC 718, requires companies to estimate the fair value of equity-based payment awards on the date of grant using an option-pricing model. The value of the portion of the award that is ultimately expected to vest is recognized as an expense over the requisite service periods in the Company’s consolidated statements of operations.
The Company recognizes compensation expense for the value of its awards on a straight line basis over the requisite service period of each of the awards, net of estimated forfeitures. Estimated forfeitures are based on actual historical pre-vesting forfeitures. ASC 718 requires forfeitures to be estimated at the time of grant and revised, if necessary, in subsequent periods if actual forfeitures differ from those estimates.
The Company estimates the fair value of stock options granted using the Black-Scholes option-pricing model. The option-pricing model requires a number of assumptions, of which the most significant are the expected stock price volatility and the expected option term. Expected volatility was calculated based upon actual historical stock price movements. The expected term of options granted represents the period of time that options granted are expected to be outstanding, based on historical experience. The risk-free interest rate is based on the yield from U.S. treasury bonds with an equivalent term. The Company has historically not paid dividends and has no foreseeable plans to pay dividends.
The Company applies ASC 718, and ASC 505-50, “Equity Based Payments to Non Employees”, or ASC 505-50, with respect to options issued to non-employees.
The fair value for options granted in 2015, 2014 and 2013 is estimated at the date of grant using a Black-Scholes options pricing model with the following assumptions:
|
|
Year ended
December 31,
|
|
Stock options
|
|
2015
|
|
|
2014
|
|
|
2013
|
|
|
|
|
|
|
|
|
|
|
|
Volatility
|
|
|
42%-48 |
% |
|
|
38%-42 |
% |
|
|
37%-47 |
% |
Risk-free interest rate
|
|
|
1.1%-1.2 |
% |
|
|
1.0%-1.7 |
% |
|
|
0.5%-1.5 |
% |
Dividend yield
|
|
|
0 |
% |
|
|
0 |
% |
|
|
0 |
% |
Expected life (years)
|
|
|
3.4-3.9 |
|
|
|
3.3-4.9 |
|
|
|
3.5-4.9 |
|
Revenue Recognition
The Company derives its revenues from the sale of real-time cloud-based services for each of the email security, web security, and antimalware offerings. The Company sells its solutions primarily through OEMs which are considered end-users. The Company also sells certain solutions directly to enterprises.
Revenue is recognized when there is a persuasive evidence of an arrangement, the service has been rendered, the collection of the fee is probable and the amount of fees to be paid by the customer is fixed or determinable.
Revenues from such services are recognized ratably over the contractual service term, which generally includes a term period of one to three years.
Deferred revenues include unearned amounts received from customers, but not yet recognized as revenues. Such revenues are recognized ratably over the term of the related agreement.
Accounting for Income Tax
The Company accounts for income taxes in accordance with ASC 740, "Income Taxes" ("ASC 740"). ASC 740 prescribes the use of the liability method whereby deferred tax asset and liability account balances are determined based on differences between financial reporting and tax bases of assets and liabilities and are measured using the enacted tax rates and laws that will be in effect when the differences are expected to reverse. The Company provides a valuation allowance to reduce deferred tax assets to amounts more likely than not to be realized.
Deferred tax assets are classified as non-current in accordance with FASB ASU No. 2015-17. See section “recently issued accounting standards” below.
ASC 740 contains a two-step approach to recognizing and measuring a liability for uncertain tax positions. The first step is to evaluate the tax position taken or expected to be taken in a tax return by determining if the weight of available evidence indicates that it is more likely than not that, on an evaluation of the technical merits, the tax position will be sustained on audit, including resolution of any related appeals or litigation processes. The second step is to measure the tax benefit as the largest amount that is more than 50% (cumulative basis) likely to be realized upon ultimate settlement.
Intangible Assets
Intangible assets that are not considered to have an indefinite useful life are amortized over their estimated useful lives, which range from 2 to 14 years. Acquired customer contracts and relationships are amortized over their estimated useful lives in proportion to the economic benefits realized. This accounting policy results in accelerated amortization of such customer contracts and relationships arrangements as compared to the straight-line method. Technology, Intellectual Property and Trademark are amortized over their estimated useful lives on a straight-line basis.
Impairment of long-lived assets
The Company's long-lived assets and identifiable intangibles are reviewed for impairment in accordance with ASC 360 "Property, Plant and Equipment", whenever events or changes in circumstances indicate that the carrying amount of an asset may not be recoverable.
Recoverability of these assets is measured by comparison of the carrying amount of each asset group to the future undiscounted cash flows the asset group is expected to generate. If the asset is considered to be impaired, the amount of any impairment is measured as the difference between the carrying value and the fair value of the impaired asset.
The Company operates as one asset group. During the year ended December 31, 2015 the Company identified the decrease in the fair value of the earn-out consideration as an indicator that the carrying value of the asset group may not be recoverable. The Company performed a recoverability test during 2015 and the test resulted in no impairment.
During 2013 through 2015, no impairment losses had been identified.
Goodwill
Goodwill represents the excess of the purchase price in a business combination over the fair value of net tangible and intangible assets acquired. Goodwill is not amortized, but rather is subject to an impairment test.
The Company performs an annual impairment test at December 31, of each fiscal year, or more frequently if impairment indicators are present. The Company operates in one operating segment, and this segment comprises its only reporting unit.
ASC 350 prescribes a two-phase process for impairment testing of goodwill. The first phase screens for impairment, while the second phase (if necessary) measures impairment. Goodwill impairment is deemed to exist if the net book value of a reporting unit exceeds its estimated fair value determined using market capitalization. In such case, the second phase is then performed, and the Company measures impairment by comparing the carrying amount of the reporting unit's goodwill to the implied fair value of that goodwill. An impairment loss is recognized in an amount equal to the excess. ASC 350 allows an entity to first assess qualitative factors to determine whether it is necessary to perform the two-step quantitative goodwill impairment test. An entity is not required to calculate the fair value of a reporting unit unless the entity determines, based on a qualitative assessment, that it is more likely than not that its fair value is less than its carrying amount.
Alternatively, ASC 350 permits an entity to bypass the qualitative assessment for any reporting unit and proceed directly to performing the first step of the goodwill impairment test. Accordingly, the Company elected to proceed directly to the first step of the quantitative goodwill impairment test and compares the fair value of the reporting unit with its carrying value.
For each of the three years in the period ended December 31, 2015, no impairment losses have been identified.
Fair Value Measurements
The carrying amounts of cash and cash equivalents, trade receivables, prepaid expenses, other receivables and trade payables, approximate their fair values due to the short-term maturities of such financial instruments.
The Company measures its earn-out consideration at fair value. Fair value is an exit price, representing the amount that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants. As such, fair value is a market-based measurement that should be determined based on assumptions that market participants would use in pricing an asset or a liability. A three-tier fair value hierarchy is established as a basis for considering such assumptions and for inputs used in the valuation methodologies in measuring fair value:
|
•
|
Level 1 - Quoted prices (unadjusted) in active markets for identical assets or liabilities that the Company can access at the measurement date.
|
|
•
|
Level 2 - Inputs other than quoted prices included within Level 1 that are observable for the asset or liability, either directly or indirectly.
|
|
•
|
Level 3 - Unobservable inputs for the asset or liability.
|
The availability of observable inputs can vary from instrument to instrument and is affected by a wide variety of factors, including, for example, the type of instrument, the liquidity of markets and other characteristics particular to the transaction. To the extent that valuation is based on models or inputs that are less observable or unobservable in the market, the determination of fair value requires more judgment and the instruments are categorized as Level 3.
The fair value hierarchy also requires an entity to maximize the use of observable inputs and minimize the use of unobservable inputs when measuring fair value.
The Company’s earn-out considerations are classified within Level 3. The valuation methodology used by the Company to calculate the fair value of the earn-out considerations is the discounted cash-flow method. The assumptions used in the valuation of the earn-out considerations during the three year period ending December 31, 2015 included forecasted future revenues and a weighted average cost of capital of 14.32% - 18.45%.
As of December 31, 2015, there are no unobservable inputs remaining which are related to the liability as the period for determining the earn-out consideration value has ended. The value as of said date represents the remaining actual undiscounted cash-flow that is expected from the earn-out consideration.
Recently issued accounting standards
In May 2014, the Financial Accounting Standards Board (FASB) issued Accounting Standards Update No. 2014-09, Revenue from Contracts with Customers (Topic 606) (ASU 2014-09), which amends the existing accounting standards for revenue recognition. In August 2015, the FASB issued ASU No. 2015-14, Revenue from Contracts with Customers (Topic 606): Deferral of the Effective Date, which delays the effective date of ASU 2014-09 by one year. The FASB also agreed to allow entities to choose to adopt the standard as of the original effective date. As such, the updated standard will be effective for the Company in the first quarter of 2018, with the option to adopt it in the first quarter of 2017. The Company is still evaluating the effect that the updated standard will have on its consolidated financial statements and related disclosures.
In 2014, the FASB issued ASU 15-2014, Presentation of Financial Statements - Going Concern (Subtopic 205-40): Disclosure of Uncertainties about an Entity's Ability to Continue as a Going Concern, which defines management’s responsibility to assess an entity’s ability to continue as a going concern, and to provide related footnote disclosures if there is substantial doubt about its ability to continue as a going concern. The pronouncement is effective for annual reporting periods ending after December 15, 2016 with early adoption permitted. The Company is currently evaluating the effect, if any, that the adoption of this guidance will have on its consolidated financial statements.
In November 2015, the FASB issued ASU No. 2015-17 related to balance sheet classification of deferred taxes. The new guidance requires that deferred tax assets and liabilities be classified as noncurrent in a classified statement of financial position. The new guidance is effective for fiscal years, and interim periods within those fiscal years, beginning after December 15, 2016. Early adoption is permitted. The Company early adopted this guidance on a retrospective basis as of December 31, 2015. As a result, the Company’s current deferred tax liability as of December 31, 2014 in an amount of $120 thousand were reclassified to long-term liabilities to conform to the current year presentation.
In February 2016, the FASB issued ASU No. 2016-02, Leases (Topic 842) ("ASU 2016-02"). The main difference between the current requirement under GAAP and ASU 2016-02 is the recognition of lease assets and lease liabilities by lessees for those leases classified as operating leases. ASU 2016-02 requires that a lessee recognize in the statement of financial position a liability to make lease payments (the lease liability) and a right-of-use asset representing its right to use the underlying asset for the lease term (other than leases that meet the definition of a short-term lease). The liability will be equal to the present value of lease payments. The asset will be based on the liability, subject to adjustment, such as for initial direct costs. For income statement purposes, the FASB retained a dual model, requiring leases to be classified as either operating or finance. Operating leases will result in straight-line expense (similar to current operating leases) while finance leases will result in a front-loaded expense pattern (similar to current capital leases). Classification will be based on criteria that are largely similar to those applied in current lease accounting. For lessors, the guidance modifies the classification criteria and the accounting for sales-type and direct financing leases. ASU 2016-02 is effective for annual and interim periods beginning after December 15, 2018 and early adoption is permitted. ASU 2016-02 must be adopted using a modified retrospective transition, and provides for certain practical expedients. Transaction will require application of the new guidance at the beginning of the earliest comparative period presented. The Company is currently evaluating the effect that the adoption of this guidance will have on its consolidated financial statements.
Research and development costs
Research and development costs are charged to statements of operations as incurred.
The Company capitalizes development costs incurred during the application development stage which are related to internal-use technology that supports its security services. Costs related to preliminary project activities and post implementation activities are expensed as incurred as research and development costs on the statements of operations. Capitalized internal-use technology is included in intangible assets on the balance sheet and is amortized on a straight-line basis over its estimated useful life, which is generally two to three years. Management evaluates the useful lives of these assets on an annual basis and tests for impairment whenever events or changes in circumstances occur that could impact the recoverability of these assets.
A. Operating results
Results of Operations
The following table sets forth financial data for the years ended December 31, 2015, 2014 and 2013 (in thousands):
|
|
Year ended
December 31,
|
|
|
|
2015
|
|
|
2014
|
|
|
2013
|
|
Revenues
|
|
$ |
27,762 |
|
|
$ |
31,925 |
|
|
$ |
32,248 |
|
Cost of revenues
|
|
|
8,323 |
|
|
|
8,123 |
|
|
|
7,695 |
|
Gross profit
|
|
|
19,439 |
|
|
|
23,802 |
|
|
|
24,553 |
|
Operating expenses:
|
|
|
|
|
|
|
|
|
|
|
|
|
Research and development, net
|
|
|
8,930 |
|
|
|
11,222 |
|
|
|
9,270 |
|
Sales and marketing
|
|
|
8,718 |
|
|
|
11,802 |
|
|
|
10,278 |
|
General and administrative
|
|
|
6,326 |
|
|
|
8,047 |
|
|
|
10,388 |
|
Adjustment to earn-out consideration
|
|
|
(75 |
) |
|
|
(744 |
) |
|
|
(3,276 |
) |
Total operating expenses
|
|
|
23,899 |
|
|
|
30,327 |
|
|
|
26,660 |
|
Operating loss
|
|
|
(4,460 |
) |
|
|
(6,525 |
) |
|
|
(2,107 |
) |
Loss from sale of investment in affiliate
|
|
|
- |
|
|
|
- |
|
|
|
(1,289 |
) |
Other income
|
|
|
27 |
|
|
|
187 |
|
|
|
- |
|
Financial expense, net
|
|
|
(243 |
) |
|
|
(874 |
) |
|
|
(1,255 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss before taxes on income
|
|
|
(4,676 |
) |
|
|
(7,212 |
) |
|
|
(4,651 |
) |
Tax benefit (expense)
|
|
|
(123 |
) |
|
|
196 |
|
|
|
(5,220 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss
|
|
$ |
(4,799 |
) |
|
$ |
(7,016 |
) |
|
$ |
(9,871 |
) |
Comparison of Years Ended December 31, 2015 and 2014
Revenues. Revenues for 2015 of $27.8 million decreased by $4.1 million from $31.9 million in 2014, which represents a 13% decrease. The decrease was mainly driven by currency exchange rate fluctuations against the U.S. dollar which resulted in a decrease of approximately $2.2 million. Approximately 37% of CYREN revenues are generated in foreign currencies, with EURO denominated revenues representing approximately 35% of total CYREN revenues. The remainder of the decrease relates mainly to client contracts with the acquired CYREN GmbH that terminated during mid to the end of 2014.
Cost of Revenues. Cost of revenues of 8.3 million in 2015 increased by $0.2 million from $8.1 million in 2014, which represents a 2% increase. The increase in 2015 is mainly due to the increased data center expenses to support the growth and expansion of the Company’s WebSecurity service offering.
Research and Development, Net. Research and development expenses of $8.9 million in 2015 decreased by $2.3 million compared to $11.2 million in 2014. The decrease in 2015 is mainly due to the capitalization of some development expenses as well as a financial grant from the Israeli Office of the Chief Scientist which resulted in a net decrease of approximately $1.4 million compared to 2014, and also due to the effect of the increase in value of the U.S. dollar compared to other currencies. Research and development expenses consist mainly of payroll and related expenses which are almost entirely denominated in either Euro, Israeli Shekel or Icelandic Krona.
Sales and Marketing. Sales and marketing expenses of $8.7 million in 2015 decreased by $3.1 million, compared to $11.8 million in 2014. The decrease in 2015 is mainly due to decreased payroll and related expenses, primarily due to a temporary reduction in headcount during 2015 and the timing of filling positions in sales and marketing. In addition, part of the decrease is related to the effect of the strengthened U.S. dollar on salaries denominated in foreign currencies, and one-time rebranding efforts that took place in early 2014.
General and Administrative. General and administrative expenses of $6.3 million in 2015 decreased by $1.7 million, compared to $8.0 million in 2014. The decrease in 2015 is mainly due to a decrease in payroll and related expenses, primarily due to termination of two executive management positions during the first half of 2014 and several administrative positions during 2014 and 2015. The decrease is also due to the effect of the strengthened U.S. dollar on expenses denominated in currencies other than the USD (mainly Euro and Israeli Shekel), a decrease in stock-based compensation expenses of $0.1 million, and a decrease of $0.2 million in bad debt expense (a benefit of $0.3 million in 2015 compared to a benefit of $0.1 million in 2014).
Adjustment to earn-out consideration. Adjustment to the earn-out consideration of $0.1 million income in 2015 decreased from an income of $0.7 million in 2014. The income in 2015 and 2014 results from a decrease in revenue forecasts that are the basis for determining the fair value of the earn-out consideration.
Financial Expense, Net. Financial expenses, net, decreased by $0.6 million and amounted to $0.3 million in 2015 compared to $0.9 million in 2014. The decrease is mainly due to a $0.3 million decrease in the accretion of discount of the earn-out consideration and a $0.2 million decrease in interest expense.
Tax Benefit (Expense). Tax expense increased by $0.3 million and amounted to a tax expense of $0.1 million in 2015 compared to a tax benefit of $0.2 million in 2014. The increase is mainly due to an increase of $0.3 million in current tax expenses generated from the Company’s German subsidiary which amounted to $0.4 million in 2015 compared to $0.1 million in 2014.
Comparison of Years Ended December 31, 2014 and 2013
Revenues. Revenues for 2014 of $31.9 million decreased by $0.3 million from $32.2 million in 2013, which represents a 1% decrease. The decrease was mainly driven by currency exchange rate fluctuations, particularly the 11% decline of euro during the second half of 2014. Approximately 38% of CYREN revenues are generated in Euros.
Cost of Revenues. Cost of revenues of $8.1 million in 2014 increased by $0.4 million from $7.7 million in 2013, which represents a 5% increase. The increase in 2014 is mainly due to the increased data center expenses to support the growth and expansion of the Company’s new WebSecurity service offering.
Research and Development, Net. Research and development expenses of $11.2 million in 2014 increased by $1.9 million from $9.3 million in 2013. The increase in 2014 was mainly due to increased payroll and related expenses, primarily due to manpower investment required as the Company continued to expand its service offerings and develop its new advanced threat protection cybersecurity offerings.
Sales and Marketing. Sales and marketing expenses increased by $1.5 million and amounted to $11.8 million in 2014, compared to $10.3 million in 2013. The increase in 2014 is mainly due to increased payroll and related expenses, primarily due to manpower investment required as the Company continued to market and sell the new CYREN WebSecurity product, and due to an increase in commission expense.
General and Administrative. General and administrative expenses of $8.0 million in 2014 decreased by $2.4 million, from $10.4 million in 2013. The decrease in 2014 is mainly due to decrease in payroll and related expenses, primarily due to termination of two executive management positions during the first half of 2014 (President and Chief Financial Officer (“CFO”)) and several administrative positions in the second half of 2014. The President’s position was not filled and the CFO position was filled internally and merged with an existing position. The decrease is also due to a decrease in stock-based compensation expenses of $0.2 million, a decrease in director’s compensation of $0.2 million and a decrease of $0.8 million in bad debt expense (a benefit of $0.1 million in 2014 compared to bad debt expenses of $0.7 million in 2013), in addition to the effect of the exchange rate on expenses denominated in currencies other than the USD (mainly Euro and Israeli Shekel).
Adjustment to earn-out consideration. Adjustment to the earn-out consideration at an income of $0.7 million in 2014 decreased by $2.6 million from an income of $3.3 million in 2013. The income in 2013 and 2014 results from a decrease in revenue forecasts that are the basis for determining the fair value of the earn-out consideration. The decrease in the 2014 income compared to the 2013 income is mainly due to the shorter forecast period required for the fair value measurement of the earn-out considerations, which resulted in a less significant change in the revenue forecast. In addition, the majority of the effect of the delay in revenue buildup from new relevant products was incorporated within the fair value measurement performed as of December 31, 2013.
Financial Income (Expense), Net. Financial income (expenses), net, decreased by $0.4 million and amounted to $0.9 million in 2014 compared to $1.3 million in 2013. The decrease is mainly due to the decrease in the accretion of discount of the earn-out consideration.
Tax Benefit (Expense). Tax expense decreased by $5.4 million and amounted to a tax benefit of $0.2 million in 2014 compared to a tax expense of $5.2 million in 2013. In 2014 the Company maintained a full valuation allowance on the deferred tax assets regarding the loss carryforwards. The tax benefit is mainly due to net accretion of deferred tax liabilities on account of the Company’s German and Icelandic subsidiaries, offset by current tax expenses due to uncertain tax positions. In 2013, a full valuation allowance was provided to reduce the deferred tax assets to their realizable value based on management’s estimation that it is more likely than not that the deferred tax assets regarding the loss carryforwards will not be utilized in the foreseeable future. As a result, the Company recorded a deferred tax expense of $5.0 million along with $0.2 million of current taxes on account of the Company’s German subsidiary.
Quarterly Results of Operations (Unaudited).
The following table sets forth certain unaudited quarterly statements of operations data for the eight quarters ended December 31, 2015. This information has been derived from the Company’s consolidated unaudited financial statements, which, in management’s opinion, have been prepared on the same basis as the audited consolidated financial statements, and include all adjustments, consisting only of normal recurring adjustments, necessary for a fair presentation of the information for the quarters presented. This information should be read in conjunction with our audited consolidated financial statements and the notes thereto included elsewhere in this Annual Report. The operating results for any quarter are not necessarily indicative of the operating results for any future period.
|
|
Three Months Ended
|
|
|
|
Dec 31
|
|
|
Sep 30
|
|
|
Jun 30
|
|
|
Mar 31
|
|
|
Dec 31
|
|
|
Sep 30
|
|
|
Jun 30
|
|
|
Mar 31
|
|
|
|
2015
|
|
|
2015
|
|
|
2015
|
|
|
2015
|
|
|
2014
|
|
|
2014
|
|
|
2014
|
|
|
2014
|
|
(in thousands of U.S. dollars except per share data)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(unaudited)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Revenues
|
|
$ |
7,109 |
|
|
$ |
6,934 |
|
|
$ |
6,726 |
|
|
$ |
6,993 |
|
|
$ |
7,842 |
|
|
$ |
7,731 |
|
|
$ |
8,262 |
|
|
$ |
8,090 |
|
Cost of revenues
|
|
|
2,019 |
|
|
|
2,136 |
|
|
|
2,105 |
|
|
|
2,063 |
|
|
|
1,999 |
|
|
|
2,037 |
|
|
|
2,065 |
|
|
|
2,022 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Gross profit
|
|
|
5,090 |
|
|
|
4,798 |
|
|
|
4,621 |
|
|
|
4,930 |
|
|
|
5,843 |
|
|
|
5,694 |
|
|
|
6,197 |
|
|
|
6,068 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operating expenses:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Research and development, net
|
|
|
2,256 |
|
|
|
2,166 |
|
|
|
1,799 |
|
|
|
2,709 |
|
|
|
2,824 |
|
|
|
2,417 |
|
|
|
3,081 |
|
|
|
2,900 |
|
Sales and marketing
|
|
|
2,185 |
|
|
|
2,094 |
|
|
|
2,197 |
|
|
|
2,242 |
|
|
|
2,852 |
|
|
|
2,821 |
|
|
|
3,137 |
|
|
|
2,992 |
|
General and administrative
|
|
|
1,722 |
|
|
|
1,895 |
|
|
|
1,295 |
|
|
|
1,414 |
|
|
|
2,274 |
|
|
|
1,624 |
|
|
|
1,882 |
|
|
|
2,267 |
|
Adjustment to earn-out consideration
|
|
|
2 |
|
|
|
- |
|
|
|
(75 |
) |
|
|
(2 |
) |
|
|
(43 |
) |
|
|
(701 |
) |
|
|
- |
|
|
|
- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Total operating expenses
|
|
|
6,165 |
|
|
|
6,155 |
|
|
|
5,216 |
|
|
|
6,363 |
|
|
|
7,907 |
|
|
|
6,161 |
|
|
|
8,100 |
|
|
|
8,159 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Operating loss
|
|
|
(1,075 |
) |
|
|
(1,357 |
) |
|
|
(595 |
) |
|
|
(1,433 |
) |
|
|
(2,064 |
) |
|
|
(467 |
) |
|
|
(1,903 |
) |
|
|
(2,091 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Other income (expense)
|
|
|
29 |
|
|
|
(6 |
) |
|
|
4 |
|
|
|
- |
|
|
|
(13 |
) |
|
|
- |
|
|
|
- |
|
|
|
200 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Financial income (expense), net
|
|
|
132 |
|
|
|
(92 |
) |
|
|
(132 |
) |
|
|
(151 |
) |
|
|
(162 |
) |
|
|
(249 |
) |
|
|
(167 |
) |
|
|
(296 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss before taxes on income
|
|
|
(914 |
) |
|
|
(1,455 |
) |
|
|
(723 |
) |
|
|
(1,584 |
) |
|
|
(2,239 |
) |
|
|
(716 |
) |
|
|
(2,070 |
) |
|
|
(2,187 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Tax benefit (expense)
|
|
|
(237 |
) |
|
|
125 |
|
|
|
75 |
|
|
|
(86 |
) |
|
|
83 |
|
|
|
(7 |
) |
|
|
75 |
|
|
|
45 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Loss
|
|
$ |
(1,151 |
) |
|
$ |
(1,330 |
) |
|
$ |
(648 |
) |
|
$ |
(1,670 |
) |
|
$ |
(2,156 |
) |
|
$ |
(723 |
) |
|
$ |
(1,995 |
) |
|
$ |
(2,142 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Basic loss per share
|
|
$ |
(0.03 |
) |
|
$ |
(0.04 |
) |
|
$ |
(0.02 |
) |
|
$ |
(0.05 |
) |
|
$ |
(0.07 |
) |
|
$ |
(0.02 |
) |
|
$ |
(0.08 |
) |
|
$ |
(0.08 |
) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Diluted loss per share
|
|
$ |
(0.03 |
) |
|
$ |
(0.04 |
) |
|
$ |
(0.02 |
) |
|
$ |
(0.05 |
) |
|
$ |
(0.07 |
) |
|
$ |
(0.02 |
) |
|
$ |
(0.08 |
) |
|
$ |
(0.08 |
) |
Effective Corporate Tax Rates
The Israeli corporate tax rate was 26.5% in 2015 and 2014, and 25.0% in 2013.
On January 4, 2016, an amendment to the Israeli tax ordinance was enacted such that commencing January 1, 2016, the Israeli regular tax rate will be reduced from 26.5% to 25%. The effect of the change in tax rates will result in a decrease in deferred tax balances in immaterial amounts.
Non-Israeli subsidiaries are taxed according to the tax laws in their respective countries of residence.
The Company does not provide deferred tax liabilities when it intends to reinvest earnings of foreign subsidiaries indefinitely. Undistributed earnings of foreign subsidiaries that are considered to be permanently reinvested amounted to $2,599 thousand and unrecognized deferred tax liability related to such earnings amounted to $780 thousand as of December 31, 2015.
The Company may currently qualify as an “industrial company” within the definition of the Law for the Encouragement of Industry (Taxation). As such, it may be eligible for certain tax benefits, including, inter alia, special depreciation rates for machinery, equipment and buildings, amortization of patents, certain other intangible property rights and deduction of share issuance expenses.
Net operating loss carry-forwards
As of December 31, 2015, CYREN's net operating loss carryforwards for tax purposes amounted to $61,111 thousand and capital loss carryforwards of $15,658 thousand which may be carried forward and offset against taxable income in the future, for an indefinite period.
As of December 31, 2015, for federal income tax purposes, the U.S. subsidiary had net operating loss carryforwards of $97,433 thousand. These losses may offset any future U.S. taxable income of the U.S. subsidiary and will expire in the years 2018 through 2035.
Utilization of U.S. net operating losses may be subject to substantial annual limitation due to the "change in ownership" provisions of the Internal Revenue Code of 1986 and similar state provisions. The annual limitations may result in the expiration of net operating losses before utilization.
Management currently believes that based upon its estimations for future taxable income, it is more likely than not that the deferred tax assets regarding the loss carryforwards will not be utilized in the foreseeable future. Thus, a valuation allowance was provided to reduce deferred tax assets to their realizable value.
Tax assessments
The Company’s tax assessments in the U.S. and Israel are deemed final up to and including 2011 and the Company’s tax assessments in Germany are deemed final up to and including 2010.
Impact of Inflation and Currency Fluctuations
CYREN's revenues, and certain of its subsidiary's revenues, are generated mainly in U.S. dollars. In addition, most of the Company’s costs are incurred in U.S. dollars. The Company's management believes that the U.S. dollar is the primary currency of the economic environment in which CYREN and certain of its subsidiaries operate. Thus, the functional and reporting currency of CYREN and certain of its subsidiaries is the U.S. dollar.
CYREN and certain subsidiaries’ transactions and balances denominated in dollars are presented at their original amounts. Non-dollar transactions and balances have been re-measured to dollars in accordance with ASC 830, “Foreign Currency Matters”. All transaction gains and losses from re-measurement of monetary balance sheet items denominated in non-dollar currencies are reflected in the statements of operations as financial income or expenses, as appropriate.
For those subsidiaries whose functional currency has been determined to be their local currency, assets and liabilities are translated at year-end exchange rates and statement of operations items are translated at average exchange rates prevailing during the year. Such translation adjustments are recorded as a separate component of accumulated other comprehensive income (loss) in shareholders’ equity.
The vast majority of CYREN’s revenues in Israel are denominated in U.S. dollars and in Euros. However, a substantial portion of CYREN’s operating expenses in Israel, primarily its research and development expenses, are denominated in Israeli Shekel. Costs and revenues not denominated in U.S. dollars are re-measured to U.S. dollars, when recorded, at prevailing rates of exchange. This is done for the purposes of the Company’s financial statements and reporting. As a result, we are exposed to risk to the extent that the value of the U.S. dollar decreases against the Israeli Shekel or to the extent that the value of the U.S. dollar appreciates against the Euro. In those events, the U.S. dollar cost of CYREN’s operations will increase and the U.S. dollar value of CYREN’s revenues will decrease, respectively. In such events, the Company’s U.S. dollar-measured results of operations will be adversely affected. Consequently, we are and will be affected by changes in the prevailing ILS/U.S. dollar and Euro/U.S. dollar exchange rates and exchange rate fluctuations will have an impact on the period–to–period comparisons of the Company’s results.
The table below presents the change in the ILS/U.S. dollar and Euro/U.S. dollar exchange rates over the last three years:
Equivalent to 1 U.S. dollar
|
|
As of December 31, 2015
|
|
|
Change during 2015 (*)
|
|
|
As of December 31, 2014
|
|
|
Change during 2014 (*)
|
|
|
As of December 31, 2013
|
|
|
Change during 2013 (*)
|
|
ILS/U.S. Dollar
|
|
|
3.902 |
|
|
|
0.3 |
% |
|
|
3.889 |
|
|
|
12.0 |
% |
|
|
3.471 |
|
|
|
(7.0 |
)% |
Euro/U.S. Dollar
|
|
|
0.919 |
|
|
|
11.7 |
% |
|
|
0.823 |
|
|
|
13.4 |
% |
|
|
0.726 |
|
|
|
(4.3 |
)% |
(*) Positive change represents appreciation of the U.S. dollar vs the opposing currency and a negative percentage represents depreciation of the U.S. dollar vs the opposing currency.
During 2015, the U.S. dollar value of revenues denominated in Euro declined due to the appreciation of the U.S. dollar vs the Euro.
During 2014, the U.S. dollar value of operating costs denominated in Israeli Shekel declined due to the appreciation of the U.S. dollar vs the Israeli Shekel, and the U.S. dollar value of revenues denominated in Euro declined due to the appreciation of the U.S. dollar vs the Euro.
During 2013, the U.S. dollar value of operating costs denominated in Israeli Shekel increased due to the depreciation of the U.S. dollar vs the Israeli Shekel, and the U.S. dollar value of revenues denominated in Euro increased due to the depreciation of the U.S. dollar vs the Euro.
The inflation/deflation in the general price indexes in Israel and in the countries in which the Company’s subsidiaries are located, during 2015 and 2014, had an immaterial effect on the Company’s results and operations.
B. Liquidity and capital resources
As of December 31, 2015 and December 31, 2014, we had approximately $16.4 million and $11.1 million of cash and cash equivalents, respectively.
In 2015, net cash used in operating activities in the amount of $1.8 million consisted of a net loss of $4.8 million adjusted for non-cash activity of $1.5 million amortization of intangible assets, $1.3 million depreciation of property and equipment, $1.1 million stock-based compensation expenses and $0.7 million decrease in trade receivables, along with a decrease in deferred revenues of $1.1 million and a decrease in accrued expenses and other liabilities of $0.4 million. In 2014, net cash used in operating activities in the amount of $3.7 million consisted of a net loss of $7.0 million adjusted for non-cash activity of $1.7 million amortization of intangible assets, $1.3 million depreciation of property and equipment, and $1.2 million stock-based compensation expenses, along with a decrease in deferred revenues of $1.0 million. In 2013, we generated cash from operations of $0.1 million. Net cash from operations in 2013 consisted primarily of net loss of $9.9 million adjusted for non-cash activity of $5.0 million of deferred tax expense, $1.8 million amortization of intangible assets, $1.3 million stock-based compensation expenses, $1.3 million loss from sale of investment in affiliate, $1.2 million increase in deferred revenues, $1.1 million depreciation of property and equipment and offset by a $2.4 million change in earn-out liabilities
In 2015, net cash used in investing activities primarily consisted of $1.9 million capitalization of technology and $1.2 million purchase of property and equipment. In 2014, net cash used in investing activities primarily consisted of $0.8 million purchase of property and equipment. In 2013, net cash used in investing activities consisted primarily of $2.0 million purchase of property and equipment. Our capital expenditures over the last three years consisted primarily of purchases of property and equipment to expand our data centers and to invest in our infrastructure in order to support new business and the growth of the Company.
Net cash provided by financing activities was $10.4 million for 2015 and consisted of $11.5 million proceeds from a public offering, $4.4 million proceeds from credit line offset by repayment of credit line in the amount of $5.2 million and $0.5 million payment of earn-out consideration from the acquisition of Frisk. Net cash provided by financing activities was $11.8 million for 2014 and consisted of $10.2 million proceeds from a public offering, $6.8 million proceeds from credit line offset by repayment of credit line in the amount of $5.3 million. Net cash provided by financing activities was $0.4 million in 2013 and consisted primarily of $6.2 million proceeds from bank loans and credit line and $1.2 million proceeds from exercise of shares which were offset by the $3.0 million repayment of the bank loans and the $4.0 million payment of the earn-out considerations resulting from the acquisitions of Frisk and eleven.
On August 17, 2015, the Company completed an underwritten public offering of 7,666,665 ordinary shares, nominal value of ILS 0.15 per share at a price to the public of $1.65 per share, which includes the full exercise of the underwriter's overallotment option of 999,999 ordinary shares. The Company received total proceeds of $11.5 million, which is net of $1.1 million issuance expenses.
On July 30, 2014, the Company completed a public offering of 4,771,796 ordinary shares, nominal value ILS 0.15 per share, and warrants to purchase an aggregate of 1,670,128 ordinary shares in combinations consisting of one ordinary share and one warrant to purchase 0.35 of an ordinary share, at an offering price per fixed combination of $2.41. Each warrant has an exercise price of $3.08 per share, will be exercisable following the six-month anniversary of the date of its issuance and will expire ninety months following the date of its issuance. The Company received total proceeds of $10.2 million, which is net of $1.3 million issuance expenses.
On October 21, 2013, the Company entered into a credit line agreement with a U.S. bank which has been since amended with the most recent amendment signed as of July 21, 2015. According to the amended agreement, the bank provides the Company with a credit line of $6.0 million with a maturity date of March 20, 2016. The amounts drawn down from the credit line are subject to interest equal to the Prime Rate in effect from time to time, plus 2.75% per annum, provided that the interest rate in effect on any day shall not be less than 5.5% per annum, provided, however, that the Company pay a minimum aggregate amount of interest of no less than $18 thousand per month. In relation to this credit line, the Company is obliged by the bank to comply with certain financial covenants, as defined in the agreement and has agreed to grant security interests generally over all Company assets, and to refrain from encumbering its assets in favor of any other third parties. As of December 31, 2015, the Company had drawn down an amount of $4.0 million from the credit line and was in full compliance with the financial covenants. Subsequent to the reporting period, the Company decided not to extend the credit line as the funds were deemed unnecessary, and the credit line was paid down in full.
As of December 31, 2015, 2014 and 2013 the Company had positive working capital of $7.5 million, $0.4 million and negative working capital of $3.5 million, respectively. The increase in working capital in 2014 and in 2015 is primarily due to the net increase in cash generated from the two capital raises completed in 2014 and 2015 as described above.
Based on the cash balance at December 31, 2015, current projections of revenues and related expenses, the Company believes it has sufficient cash to continue operations into 2017. The Company has in excess of $25.9 million capacity remaining on its F-3 universal shelf registration filed in June 2014. Currently, the Company does not anticipate the need to utilize the F-3 universal shelf registration in the foreseeable future.
In connection with the contingent earn-out consideration which is related to the eleven acquisition, the Company recorded an estimated amount of $8.9 million as of the acquisition date. As of December 31, 2015 and December 31, 2014, the fair value of the contingent consideration of $2.3 million and $1.8 million respectively is presented in short term liabilities, and the fair value of the contingent consideration of $0.0 million and $0.8 million respectively is presented in long term liabilities.
In 2014, the Company entered into arbitral proceedings with the former shareholders of eleven regarding an escrow agreement. CYREN and the former eleven shareholders are disputing an amount of €740 thousand in the escrow account. In addition to the escrow dispute, CYREN has initiated claims for €1,466 thousand against the former eleven shareholders relating to the earn-out consideration of the eleven acquisition while the former shareholders claim payment of €1,553 thousand from CYREN with regards to the same liability. There have been no developments regarding these claims during 2015. Considering the preliminary stage of these arbitral proceedings, the Company has determined it is currently unable to predict the outcome of these disputes. The Company intends to defend vigorously against the claims raised by the former eleven shareholders.
C. Research and development, patents and licenses, etc.
We invest substantial resources in research and development to enhance our products and services, build add-on functionality and improve our core technology. We believe that both hardware and software are critical to expanding our leadership in the security industry. Therefore, we invest heavily in our cloud infrastructure and our new offerings such as CWS. Our engineering team has deep security expertise and works closely with customers to identify their current and future needs. In addition to our focus on hardware and software, our research and development team is focused on research into next-generation threats, which is required to respond to the rapidly changing threat landscape.
Research and development expenses, net, totaled $8.9 million, $11.2 million and $9.3 million for the years ended December 31, 2015, 2014 and 2013, respectively. The decrease in research and development expenses in 2015 compared to 2014 is mainly due to capitalization of some expenses and an increase in government grants received. Please refer to item 5A above. We plan to continue to significantly invest in resources to conduct our research and development effort.
Regarding Company patents and patents pending, please refer to item 4B section “Intellectual Property” in this document. The Company may seek to patent certain additional software or other technologies in the future.
D. Trend Information
Several key factors and trends affect the information security market and impact how CYREN conducts business.
Evolving Information Security Threats. These threats, against consumers and organizations of all sizes, drive demand for security offerings from service providers and hardware and software vendors. Examples include the well-publicized attacks on Target, Home Depot, Sony and Ashley Madison.
Advanced Malware Attacks. CYREN and other security vendors witnessed a dramatic rise in phishing attacks in 2015, with a 55% annual increase in mail-borne spearphishing attacks and a steady upswing in new malware, including ransomeware that seeks to extort money from its victims by encrypting users’ hard drives.
Cloud-Based Computing. Cloud-based computing, in which consumers or organizations remotely access and leverage computing infrastructure or complete information services via the Internet, continues to grow rapidly in today’s environment thanks to increased connectivity, mobility and the efficiencies offered by cloud based services. Cloud-based Security-as-a-Service includes many of the most rapidly growing sub-segments in the information security market.
E. Off-Balance Sheet Arrangements
Not applicable.
F. Tabular disclosure of contractual obligations
The following table summarizes our outstanding contractual obligations as of December 31, 2015 (in thousands):
Contractual Obligations
|
|
Payments due by period
(USD in thousands)
|
|
|
|
Total
|
|
|
Less than 1
year
|
|
|
1-3 years
|
|
|
3-5 years
|
|
|
More than
5 years
|
|
Operating lease obligation
|
|
$ |
2,901 |
|
|
$ |
1,153 |
|
|
$ |
1,461 |
|
|
$ |
245 |
|
|
$ |
42 |
|
Other long-term liabilities reflected on the Company’s Balance Sheet - accrued severance pay
|
|
|
824 |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Other long-term asset reflected on the Company’s Balance Sheet - severance pay fund
|
|
|
(700 |
) |
|
|
- |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Net - severance pay liability (*)
|
|
|
124 |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Earn-out obligation
|
|
|
2,346 |
|
|
|
2,346 |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Credit line
|
|
|
4,169 |
|
|
|
4,169 |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Uncertain income tax positions (**)
|
|
|
131 |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
|
|
- |
|
Total
|
|
$ |
9,671 |
|
|
$ |
7,668 |
|
|
$ |
1,461 |
|
|
$ |
245 |
|
|
$ |
42 |
|
(*)
|
Severance pay obligations to the Company’s Israeli employees, as required under Israeli labor law, are payable only upon termination, retirement or death of the respective employee.
|
(**)
|
Accrual for uncertain income tax position under ASC 740 “Income Taxes” is paid upon settlement and we are unable to reasonably estimate the ultimate amount or timing of settlement. See note 10h of the Company’s Consolidated Financial Statements for further information regarding the Company’s liability.
|
Item 6. Directors, Senior Management and Employees
A. Directors and senior management
The following table presents information with respect to our directors’ beneficial ownership of our ordinary shares as of February 29, 2016. Beneficial ownership is determined in accordance with the rules of the SEC and includes voting or investment power, with respect to shares. To our knowledge, except under applicable community property laws or as otherwise indicated, the persons named in the table have sole voting and sole investment control and rights to receive economic benefits with respect to all shares beneficially owned. The applicable percentage of ownership for each director is based on 40,941,613 ordinary shares outstanding as of February 29, 2016. Ordinary shares issuable upon the exercise of options and other rights, which are exercisable on or within sixty days of February 29, 2016, are deemed outstanding for the purpose of computing the percentage ownership of the director holding those options and other rights.
Name and Position
|
|
Age
|
|
Percentage of
Ordinary
Shares
Beneficially
Owned
|
|
Number of Ordinary Shares
Beneficially Owned
|
|
Number of Options included in Beneficial
Ownership
|
Lior Samuelson, CEO, Director and Chairman of the Board
|
|
67
|
|
|
1.8%
|
|
754,558
|
|
488,958 options, at exercise prices ranging from $1.44 to $3.47 per Ordinary Share. Expiration dates range from August 2, 2016 to February 10, 2022.
|
Aviv Raiz, Director (3)
|
|
57
|
|
|
12.7%
|
|
5,188,256
|
|
61,453 options, at exercise prices ranging from $1.44 to $3.47 per Ordinary Share. Expiration dates range from December 15, 2016 to February 10, 2022.
|
Hila Karah, Director (1)(3)
|
|
47
|
|
|
<1%
|
|
120,384
|
|
61,453 options, at exercise prices ranging from $1.44 to $3.47 per Ordinary Share. Expiration dates range from December 15, 2016 to February 10, 2022.
|
Yair Bar-Touv, Director (Outside Director) (1)(2)
|
|
55
|
|
|
<1%
|
|
61,453
|
|
61,453 options, at exercise prices ranging from $1.44 to $3.47 per Ordinary Share. Expiration dates range from December 15, 2016 to February 10, 2022.
|
Todd Thomson (Lead Director) (2)
|
|
55
|
|
|
<1%
|
|
78,119
|
|
78,119 options, at exercise prices ranging from $1.44 to $3.48 per Ordinary Share. Expiration dates range from November 7, 2017 to February 10, 2022.
|
James Hamilton (Director) (1)(2)(3)
|
|
52
|
|
|
<1%
|
|
78,119
|
|
78,119 options, at exercise prices ranging from $1.44 to $3.18 per Ordinary Share. Expiration dates range from February 16, 2018 to February 10, 2022.
|
David Earhart (Outside Director) (1)(2)(3)
|
|
54
|
|
|
<1%
|
|
45,828
|
|
45,828 options, at exercise prices ranging from $1.44 to $3.01 per Ordinary Share. Expiration dates range from August 1, 2019 to February 10, 2022.
|
(1) Member of the Compensation Committee
(2) Member of the Audit Committee
(3) Member of the Nominating Committee
Other Executive Officers:
The following table sets forth the names and positions of our senior management employees, with ownership data being as of February 29, 2016. These employees, along with Lior Samuelson, are included for purposes of the aggregation of compensation and share ownership of major shareholders, directors and executive officers, and appear elsewhere in this Annual Report.
Name
|
|
Age
|
|
Ownership
|
|
Position
|
|
|
|
|
|
|
|
Ben Carmi
|
|
38
|
|
<1%
|
|
Senior Vice President, Products
|
|
|
|
|
|
|
|
Einat Glik
|
|
36
|
|
<1%
|
|
Vice President & General Manager, Email Security
|
|
|
|
|
|
|
|
Eva Edwards Markowitz
|
|
41
|
|
<1%
|
|
Vice President, Human Resources
|
|
|
|
|
|
|
|
Lior Kohavi
|
|
45
|
|
1.0%
|
|
Chief Technology Officer
|
|
|
|
|
|
|
|
Sue Lee (1)
|
|
39
|
|
<1%
|
|
Vice President, General Counsel and Corporate Secretary
|
|
|
|
|
|
|
|
Dan Maier
|
|
52
|
|
<1%
|
|
Vice President, Marketing
|
|
|
|
|
|
|
|
Amit Monovich
|
|
40
|
|
<1%
|
|
Vice President, SaaS Platform Research and Development
|
|
|
|
|
|
|
|
J. Michael Myshrall
|
|
46
|
|
<1%
|
|
Chief Financial Officer
|
|
|
|
|
|
|
|
Pete Shah (2)
|
|
47
|
|
<1%
|
|
Senior Vice President, Worldwide Sales
|
|
|
|
|
|
|
|
Sigurdur Stefnisson
|
|
40
|
|
<1%
|
|
Vice President & General Manager, Malware
|
(1) Employment terminated March 2016
(2) Employment terminated April 2016
Lior Samuelson has been a member of the Board since August 2010 and has held the position of Chairman of the Board since December 2010. Mr. Samuelson became Chief Executive Officer at CYREN in 2013. During his extensive career, Mr. Samuelson has served as chairman, CEO and board member of companies in technology, telecommunications, financial services and management consulting, such as Deltathree (DDDC), PricewaterhouseCoopers Securities and The Barents Group. Mr. Samuelson was previously a managing partner with KPMG and a senior manager at Booz Allen Hamilton. Mr. Samuelson holds both a B.A. and a M.A. in economics from Virginia Tech.
Aviv Raiz has served as a Director since December 2005. Mr. Raiz has over 20 years of foreign exchange market and private equity investing experience. He founded and is the president of Eurotrust Ltd. and has been a private equity investor in several high-tech, bio-tech, and Internet companies over the last ten years. Mr. Raiz received his B.A. in Economics and Political Science as well as an MBA in Finance, from Tel Aviv University.
Hila Karah joined the Board of Directors in March 2008. Ms. Karah is the former CIO of Eurotrust Ltd. and is an investor in several high-tech, bio-tech and Internet companies. Prior to Eurotrust, she served as a partner financial analyst at Perceptive Life Sciences Ltd., a New York-based hedge fund, and was a research analyst at Oracle Partners Ltd., a health care-focused hedge fund based in Connecticut. Ms. Karah holds a B.A. in Molecular and Cell Biology from the University of California, Berkeley, and has studied at the UCB-UCSF JMP.
Yair Bar-Touv joined the Board of Directors as an Outside Director under the Companies Law in March 2008. Mr. Bar-Touv is an expert on business strategy and technology in the cyber security and intelligence sectors. Mr. Bar-Touv brings over 25 years of experience in the field of Information Technology, Information and Cyber Security. Mr. Bar-Touv held multiple executive roles, including Co-CEO of NCC, CIO and Director of Information Technology of a government organization and executive positions in the Information Systems Business Unit at Elbit Systems and at Elbit ElectroOptics Elop. Mr. Bar-Touv holds B.A. and M.A. degrees in Computer Engineering.
Todd Thomson joined the Board of Directors in November 2011 and has held the position of Lead Director since December 2015. Mr. Thomson is chairman of Dynasty Financial Partners, as well as the founder and CEO of Headwaters Capital. He served in top management positions at Citigroup, including CFO of the Company and CEO of the Global Wealth Management division. Prior to joining Citigroup, Todd Thomson held senior executive positions at GE Capital, Barents Group and Bain & Co. He is also a board member of Cordia Bancorp and Bank of Virginia as well as chairman of the Wharton Leadership Advisory Board. Todd Thomson received his MBA, with Distinction, from the Wharton School of Business and his bachelor's degree in economics from Davidson College.
James Hamilton joined the Board of Directors in February 2012. Mr. Hamilton is Chief Executive Officer of Wedge Networks. Mr. Hamilton has more than 25 years of leadership experience in senior executive roles across many highly successful high-tech companies. He brings proven success at building and leading high-potential, high growth companies from startup to IPO and often through acquisition. Mr. Hamilton was the CEO of Tipping Point, the renowned market leader in Intrusion Prevention Systems (IPS). Mr. Hamilton was also president of Click Security, and president of Efficient Networks, which also achieved a highly successful IPO and was later acquired by Siemens. He has also held various senior sales roles with multiple companies; most recently as SVP of worldwide sales and field operations at Cyan, Inc. Mr. Hamilton is also the president of Valletta Capital, LLC and is active in multiple venture capital, corporate, and charitable boards.
David Earhart joined the Board of Directors in July 2013. David Earhart is Chief Executive Officer at Courion, responsible for corporate strategy and execution across all business functions. David brings more than 20 years of security and systems management experience to his role. Previously, David was SVP of Worldwide Field Operations for Damballa, a leading provider of advanced threat protection. In this role, he was responsible for record, triple-digit growth. Before this, David was SVP of Security (IAM) Field Operations at CA Technologies, where his team delivered 300% growth in the security business. Prior to that, David held leadership and executive positions at BMC Software and venture-backed companies within the sales, support and services functions. He holds a B.B.A. in Finance from Texas Tech University.
Ben Carmi joined CYREN in December 2015 and is responsible for developing and delivering CYREN’s product vision, as well as overseeing the company’s global product management teams. He joins CYREN with more than 13 years of product leadership experience, most recently as vice president of product management at Radware. He has also held key product management roles at Check Point Software and RiT Technologies. Ben graduated from Tel Aviv University with a bachelor’s degree in industrial engineering and a master’s degree in public policy.
Einat Glik joined CYREN in 2012 and during 2014 became Vice President and General Manager, Email Security. Ms. Glik oversees activities related to CYREN's EmailSecurity business unit with particular attention to product development and go-to-market strategies. Upon joining CYREN in 2012, she has managed the product development of our WebSecurity and Anti-Malware services. Prior to joining CYREN, she oversaw product management and authentication with SafeNet and research and development activities with SanDisk. She holds a degree in Computer Science from the Academic College of Tel-Aviv-Yaffo.
Eva Edwards Markowitz, SPHR, SWP, joined CYREN as Vice President Human Resources in 2013. With her 14 years of Human Resource leadership, Ms. Markowitz orchestrates the management and development of CYREN’s most valuable asset: its employees. She previously worked as Human Resources Director for the Analysis Research Planning Corporation (ARPC). She has also held positions with Thomas & Herbert Consulting, LLC, and SteelCloud. Ms. Markowitz received her B.A. from the University of Maryland.
Lior Kohavi joined CYREN in 2013 as Chief Technology Officer. Mr. Kohavi brings over 25 years of vast experience as an engineer, product and technology executive. Previously, Mr. Kohavi held multiple leadership roles, including business strategy architect and partner group manager at Microsoft, VP and GM at Websense, VP Engineering and EVP product management and strategy at Whale Communications (Microsoft acquired). Mr. Kohavi also served as a GM at Cylink VPN Labs and led the development of cryptographic network security products at Algorithmic Research (Cylink acquired) and served as head of the Israel Air Force’s Network and Operations Systems Department. Mr. Kohavi holds a B.A. degree in computer science from Bar-Ilan University and an Executive MBA from Tel Aviv University.
Sue Lee joined CYREN in 2013 as Vice President, General Counsel and Corporate Secretary. Ms. Lee is responsible for all legal, regulatory, compliance and corporate governance functions for the Company. Prior to CYREN, Ms. Lee served as General Counsel for Harmonix Music Systems, Inc., Vice President Business & Legal Affairs for MTV Networks, worked at Genzyme Corporation as securities and corporate counsel, and counseled clients as an attorney at the law firm Cleary Gottlieb Steen & Hamilton LLP in New York City. Ms. Lee received her B.A. in East Asian Studies from Harvard University and her J.D. from Harvard Law School.
Dan Maier joined CYREN in October 2015 and is responsible for CYREN’s global marketing activities, including corporate marketing, product marketing, demand generation and public relations. He has more than two decades of experience in senior marketing roles in the technology sector, most recently serving as senior director of product marketing at Zscaler. He previously held vice president of marketing positions at Tumbleweed, Convirture and DecisionView, among others. Dan holds a bachelor’s degree in economics from Stanford University and an MBA from UCLA.
Amit Monovich joined CYREN in 2014. Mr. Monovich’s 16+ years of experience as a technology leader for global companies across a diverse set of enterprise and consumer products uniquely qualify Mr. Monovich to drive CYREN’s innovation in cybersecurity solutions. He brings with him 8 years of experience at RSA where he lead the Israeli Research & Development Center with focus on identity authentication and fraud prevention systems leveraging machine learning technology. Prior to RSA, Mr. Monovich worked in the U.S. for Amdocs and AT&T Labs. He holds a degree in Computer Science and Logistics from Bar-Ilan University.
J. Michael Myshrall joined CYREN in 2011 serving as Vice President of Corporate Development and subsequently served as Vice President of Financial Planning & Analysis. In March 2014, Mr. Myshrall was appointed Interim Chief Financial Officer and Chief Financial Officer in August 2014. Mr. Myshrall brings two decades of investment banking, business development and technology experience. Prior to joining CYREN, he focused on technology strategy, financial advisory and mergers and acquisitions, first with Mercator Capital and more recently with Trilos Ventures. Mr. Myshrall previously held various roles with Nortel, Newbridge Networks, Corvis, and Civcom. He holds a degree in electrical engineering from the University of New Brunswick and an MBA from Harvard Business School.
Pete Shah joined CYREN in 2012 as Senior Vice President, Worldwide Sales. He is responsible for leading CYREN’s global field organization in exceeding customer expectations and driving business in both new and existing markets. In addition, Mr. Shah serves as an advisor to Acceleprise, an enterprise technology accelerator focused on helping early stage technology companies. Before joining CYREN, Mr. Shah held senior executive leadership positions with InfoVista, as senior vice president of worldwide field operations and at Telarix, as vice president of worldwide sales. In years prior, he held various sales management positions with Portal Software/Oracle, Lawson Software/Infor and Automatic Data Processing (ADP). Mr. Shah holds a B.Sc degree in International Marketing from Penn State University.
Sigurdur Stefnisson joined CYREN in 2012 through the acquisition of FRISK, and serves as CYREN’s Vice President & General Manager, Malware. Mr. Stefnisson joined FRISK in 1996 and contributed to the development of numerous state-of-the-art cybersecurity innovations and has become an authority in the field of advanced threat protection. Mr. Stefnisson oversees all the Advanced Threat Lab and malware research, which is integral in our development of next-generation cybersecurity solutions. He is active in the global security community as a reporter for the Wildlist Organization and as a member of CARO (Computer Antivirus Research Organization) whose mission is to research and study malware.
To the best of our knowledge, there are no arrangements or understandings with major shareholders, customers, suppliers or others pursuant to which any person referred to above was selected as a director or executive officer. There are no family relationships among any of the directors, officers or key employees of CYREN.
B. Compensation
Compensation of Directors and Executive Officers
Under Amendment 20 of the Companies Law, the directors of CYREN can be remunerated by CYREN for their services as directors to the extent such remuneration is in accordance with the compensation policy to be adopted by the Company after approval by CYREN’s compensation committee, Board and shareholders.
The cash compensation paid to non-employee directors in 2015 (other than the CEO and Chairman) was $7,500 per quarter.
Directors also are reimbursed for their expenses for each Board of Directors meeting attended. See Item 6 - “Amended and Restated 1999 Non-employee Directors Stock Option Plan” for a discussion of director compensation in the form of option grants.
During 2015, options to purchase 530,000 ordinary shares were granted to executive officers (referred to in Item 6) under the Company’s stock option plans at a weighted average exercise price of $3.00 per share.
The aggregate direct remuneration paid by CYREN to directors and executive officers (17 persons) in 2015 was approximately $2.4 million. During the same period CYREN accrued or set aside approximately $0.2 million for the same group to provide pension, retirement or similar benefits. As of February 29, 2016, these directors and executive officers of CYREN (17 persons) had 3,820 thousand stock options to purchase a like number of ordinary shares, with 1,820 thousand of those options being vested and exercisable within sixty days of said date. Generally, unless exercised previously, options terminate within six years of their issuance. Additional information as of February 29, 2016 can be found in Item 6A “Directors and Senior Management”.
Options to Purchase Securities from Registrant
As of December 31, 2015, options to purchase 4,950 thousand ordinary shares were outstanding and held by 166 persons made up of then existing employees, consultants, executive officers, non–employee directors and ex-options holders within their post-termination period for exercise under the Company’s stock option plans. Of the number of options outstanding, 2,496 thousand were vested and exercisable. Additionally, these outstanding options had exercise prices ranging from $1.56 to $3.94 per share, a weighted average per share exercise price of $2.93 and expiration dates ranging from January 30, 2016 to October 25, 2021.
Employee Stock Option Plans
Employees, including executive officers and other management employees, participate in the Company’s employee option plans. The CYREN Ltd. 2006 U.S. Stock Option Plan, primarily covering option grants to employees and consultants based in the United States, was adopted on December 15, 2006 and has a term of ten years. The CYREN Ltd. Amended and Restated Israeli Share Options Plan, primarily covering option grants to employees, consultants and directors based in Israel, was adopted on June 22, 2003 and renewed on April 18, 2014 for an additional term of ten years. While Israeli based directors receive their grants under the Israeli-based plan, the principal terms of their grants are identical to those of non-Israeli based directors receiving their grants under the non-employee director plan (discussed below).
All employee stock option plans are administered by the compensation committee. Subject to the provisions of the employee stock plans and applicable law, the compensation committee has the authority to determine, among other things, to whom options may be granted; the number of ordinary shares to which an option may relate; the exercise price for each share; the vesting period of the option and the terms, conditions and restrictions thereof, including accelerated vesting on change of control provisions; to amend provisions relating to such plans; and to make all other determinations deemed necessary or advisable for the administration of such plans.
Amended and Restated 1999 Non–Employee Directors Stock Option Plan
New non-employee directors are currently entitled to an initial grant of 50,000 options pursuant to the Amended and Restated 1999 Non-Employee Directors Stock Option Plan, or the Non-Employee Directors Plan. Non-employee directors who are re-elected at the annual meeting of shareholders are entitled to additional grants of 16,667 options, though at the annual meeting held October 26, 2009 shareholders approved a one-time increase in the grants to re-elected directors to 30,000 options. During 2015, shareholders approved the substitution of 10,000 Restricted Stock Units (RSUs) in lieu of the annual option grants to non-employee directors.
The Non–Employee Directors Plan was extended by an additional ten years at the annual meeting of shareholders held on December 15, 2008. Under this plan, each option becomes exercisable at a rate of 1/16th of the option shares every three months, and has an exercise price equal to the fair market value of our ordinary shares on the grant date of such option. Options granted through 2004 had a maximum term of ten years, but would terminate earlier if the option holder ceased to be a member of the Board of Directors. Options granted to directors since 2006 generally have a maximum term of six years. At the annual meeting of shareholders of December 30, 2005, shareholders approved an amendment to the Non-Employee Directors Plan to allow for the acceleration of unvested options for any director who has served the Company for at least three years, unless the director resigned voluntarily or was removed from the Board of Directors due to a failure to perform any of his/her duties to the Company.
C. Board practices
Election of Directors
Directors (other than outside directors, as explained below) are elected by shareholders at the annual general meeting of the shareholders and hold office until the next annual general meeting following the general meeting at which such director is elected and until a successor is elected, or until the director is removed. An annual general meeting must be held at least once in every calendar year, but not more than 15 months after the preceding annual general meeting. Directors may be removed and other directors may be elected in their place or to fill vacancies in the Board of Directors at any time by the holders of a majority of the voting power at a general meeting of the shareholders. Until a vacancy is filled by the shareholders, the Board may appoint new directors temporarily to fill vacancies on the Board. The Articles of Association of CYREN authorize the shareholders to determine, from time to time, the number of directors. The maximum number of directors is currently fixed at ten directors, though only seven directors are currently serving on the Board. During 2015, shareholders approved the creation of a Lead Director position, which carries additional responsibilities and receives $15 thousand per quarter.
Alternate Directors
The Articles of Association of CYREN provide that any director may appoint another person to serve as an alternate director and may remove such alternate. Any alternate director possesses all the rights and obligations of the director who appointed him, except that the alternate has no standing at any meeting while the appointing director is present, the alternate may not in turn appoint an alternate for himself (unless the instrument appointing him otherwise expressly provides) and the alternate is not entitled to remuneration. A person who is not qualified to be appointed as a director may not be appointed as an alternate director, a person who is not qualified to be appointed as an outside director with professional or accounting and financial expertise as held by the outside director for whom he is appointed as an alternate may not be appointed as an alternate director for such outside director, and a person who is not qualified to be appointed as an independent director may not be appointed as an alternate director for an independent director. Unless the appointing director limits the time or scope of the appointment, the appointment is effective for all purposes until the appointing director ceases to be a director or terminates the appointment. The appointment of an alternate director does not in itself diminish the responsibility of the appointing director as a director. No director has appointed, and, to our knowledge, no director currently intends to appoint, any other person as an alternate director.
Chairman of the Board
Under the Companies Law, the Chief Executive Officer of a company (or a relative of the Chief Executive Officer) may not serve as the chairman of the board of directors, and the chairman of the board of directors (or a relative of the chairman of the board of directors) may not serve as the Chief Executive Officer, unless approved by the shareholders by a special majority vote, which includes (i) a majority of two thirds of the shares held by non–controlling shareholders and shareholders who have no personal interest in the election of the Chief Executive Officer or chairman of the board of directors (or the relatives thereof), as the case may be (excluding a personal interest that is not related to a relationship with the controlling shareholders) who are present and voting at the meeting (the “Special Majority Criteria”); or (ii) the total number of shares held by non–controlling shareholders and disinterested shareholders voting against the election of the Chief Executive Officer or chairman of the board of directors (or the relatives thereof) at the meeting does not exceed two percent of the aggregate voting rights in the company. Pursuant to Amendment 27 to the Companies Law (“Amendment 27”) which was recently enacted by the Israeli parliament, the Knesset, and which is scheduled to become effective upon publication in the official gazette, after the filing of this annual report, the Special Majority Criteria was amended such that the two-thirds majority of the shares held by non–controlling shareholders and shareholders who have no personal interest in the election of the Chief Executive Officer or chairman of the board of directors (or the relatives thereof), as the case may be (excluding a personal interest that is not related to a relationship with the controlling shareholders) who are present and voting at the meeting was reduced to a regular majority of the shares held by non–controlling shareholders and shareholders who have no personal interest in such election who are present and voting at the meeting. In any event, the shareholder vote cannot authorize the appointment for a period longer than three years, which period may be extended from time to time by the shareholders with a similar majority vote. The chairman of the board of directors shall not hold any other position with the company (except as general manager if approved in accordance with the above procedure) or in any entity controlled by the company, other than as chairman of the board of directors of a controlled entity, and the company shall not delegate to the chairman duties that, directly or indirectly, make him or her subordinate to the general manager.
Independent and Outside Directors
Israeli Companies Law: The Israel Companies Law requires Israeli companies with shares that have been offered to the public in or outside of Israel to appoint at least two outside directors (also referred to as “external directors”). No person may be appointed as an outside director if the person or the person’s relative, partner, employer or any entity under the person’s control has or had, on or within the two years preceding the date of the person’s appointment to serve as outside director, any affiliation with the company or any entity controlling, controlled by or under common control with the company. The term affiliation includes:
• an employment relationship;
• a business or professional relationship maintained on a regular basis;
• control; and
• service as an office holder.
The Israeli Minister of Justice, in consultation with the Israeli Securities Authority, may determine that certain matters will not constitute an affiliation, and has issued certain regulations with respect thereof. In addition, pursuant to Amendment 27, a business or professional relationship maintained on a regular basis will not constitute affiliation if the relationship commenced after the appointment of the outside director for office, the company and the outside director consider the relationship to be negligible and the audit committee approved, based on information presented to it, that the relationship is negligible, and the outside director declared that he did not know and could not have reasonably known about the formation of the relationship and has no control over their existence or termination.
If the company does not have a controlling shareholder or a shareholder who holds company shares entitling him to vote at least 25% of the votes in a shareholders meeting, then the company may not appoint as an outside director any person or such person’s relative, partner, employer or any entity under the person’s control, who has or had, on or within the two years preceding the date of the person’s appointment to serve as outside director, any affiliation with the Chairman of the Board, Chief Executive Officer, a substantial shareholder who holds at least 5% of the issued and outstanding shares of the company or voting rights which entitle him to vote at least 5% of the votes in a shareholders meeting, or the Chief Financial Officer.
No person may serve as an outside director if the person’s position or other business activities create, or may create, a conflict of interest with the person’s responsibilities as an outside director or may otherwise interfere with the person’s ability to serve as an outside director. Additionally, no person may serve as an outside director if the person, the person’s relative, spouse, employer or any entity controlling or controlled by the person, has a business or professional relationship with someone with whom affiliation is prohibited, even if such relationship is not maintained on a regular basis, excepting negligible relationships, or if such person received from the company any compensation as an outside director in excess of what is permitted by the Companies Law. If, at the time outside directors are to be appointed, all current members of the Board of Directors who are not controlling shareholders or relatives of such shareholders are of the same gender, then at least one outside director must be of the other gender. Under the Companies law, at least one of the outside directors is required to have “financial and accounting expertise,”, and the other outside director or directors are required to have either “professional expertise,” or “financial and accounting expertise”, all as defined under the Companies Law. However, if at least one of our other directors (i) meets the independence requirements under the Securities Exchange Act of 1934, as amended, or (ii) meets the standards of the NASDAQ Listing Rules for membership on the audit committee, and (iii) has accounting and financial expertise as defined under Israeli law, then neither of our outside directors is required to possess accounting and financial expertise as long as both possess other requisite “professional expertise”.
A director can satisfy the requirements of having “financial and accounting expertise” if due to his or her education, experience and qualifications he or she has acquired expertise and understanding in business and accounting matters and financial statements, in a manner that allows him or her to understand, in depth, the company’s financial statements and to spur a discussion regarding the manner in which the financial data is presented.
A public company’s board of directors must evaluate the proposed outside director’s expertise in finance and accounting, by considering, among other things, such candidate’s education, experience and knowledge in the following: (i) accounting and auditing issues typical to the field in which the company operates and to companies of a size and complexity similar to such company; (ii) the company’s independent public accountant’s duties and obligations; (iii) preparation of the company’s consolidated financial statements and their approval in accordance with the Companies Law and the Israeli Securities Law - 1961.
A director is deemed to have “professional expertise” if he or she meets any of the following criteria: (i) has an academic degree in any of the following professions: economics, business administration, accounting, law or public administration; (ii) has a different academic degree or has completed higher education in a field that is the company’s main field of operations, or a field relevant to his or her position; or (iii) has at least five years experience in any of the following, or has at least a cumulative total of at least five years experience in any two of the following: (A) a senior position in the business management of a corporation with a significant extent of business, (B) a senior public position or a senior position in public service, or (C) a senior position in the company’s main field of operations. As with a candidate’s 'expertise in finance and accounting, the board of directors here too must evaluate the proposed outside director’s “professional qualification” in accordance with the criteria set forth above.
The declaration required by law to be signed by a candidate to serve as outside director must include a statement by such candidate concerning his or her education and experience, if relevant, in order that the board of directors may properly evaluate whether such candidate meets the requirements of having “financial and accounting expertise” or having “professional expertise” as set forth in the regulations. Additionally, the candidate should submit documents and certificates that support the statements set forth in the declaration.
Outside directors are to be elected by a majority vote at a shareholders’ meeting, provided that either:
|
•
|
such majority includes a majority of the shares held by non–controlling shareholders and shareholders who have no personal interest in the election of the outside directors (excluding a personal interest that is not related to a relationship with the controlling shareholders) who are present and voting at the meeting; or
|
|
•
|
the total number of shares held by non–controlling shareholders and disinterested shareholders voting against the election of the director at the meeting does not exceed two percent of the aggregate voting rights in the company.
|
The initial term of an outside director is three years and may be extended for up to two additional periods of three years each. However, under regulations promulgated pursuant to the Companies law, companies whose shares are listed for trading on specified exchanges outside of Israel, including the NASDAQ Global Select, Global and Capital markets, may propose that an outside director to be reelected by the shareholders for such additional periods, beyond the initial three terms, of up to three years each only if (1) the audit committee and the Board of Directors, in nominating the outside director, confirms that, in light of the outside director’s expertise and special contribution to the work of the board of directors and its committees, the reelection for such additional period(s) is beneficial to the company, and the election was approved by the majority of shareholders required to appoint outside directors for their initial term with the term during which the nominee has served as an external director and the reasons given by the audit committee and board of directors for extending his or her term of office having been presented to the shareholders prior to their approval.
External directors may be re-elected for additional terms of three years each as set forth above, provided that with respect to the appointment for each such additional three-year term, one of the following has occurred: (i) the reappointment of the external director has been proposed by one or more shareholders holding together 1% or more of the aggregate voting rights in the company and the appointment was approved at the general meeting of the shareholders by a simple majority, provided that: (1)(x) in calculating the majority, votes of controlling shareholders or shareholders having a personal interest in the appointment as a result of an affiliation with a controlling shareholder and abstentions are disregarded and (y) the total number of shares of shareholders who do not have a personal interest in the appointment as a result of an affiliation with a controlling shareholder and/or who are not controlling shareholders, present and voting in favor of the appointment exceed 2% of the aggregate voting rights in the company, and (2) pursuant to Amendment 22 to the Companies Law (“Amendment 22”), effective as of January 10, 2014, the external director who has been nominated in such fashion is not a linked or competing shareholder, and does not have or has not had, on or within the two years preceding the date of such person’s appointment to serve as another term as external director, any affiliation with a linked or competing shareholder. The term “linked or competing shareholder” means the shareholder(s) who nominated the external director for reappointment or a material shareholder of the company holding more than 5% of the shares in the company, provided that at the time of the reappointment, such shareholder(s) of the company, the controlling shareholder of such shareholder(s) of the company, or a company under such shareholder(s) of the company’s control, has a business relationship with the company or are competitors of the company; the Israeli Minister of Justice, in consultation with the Israeli Securities Authority, may determine that certain matters will not constitute a business relationship or competition with the company; (ii) the reappointment of the external director has been proposed by the board of directors and the appointment was approved by the majority of shareholders required for the initial appointment of an external director or (iii) pursuant to Amendment 26 to the Companies Law, effective as of November 25, 2014, the external director has proposed himself for reappointment and the appointment was approved by the majority of shareholders required under Section (i) above.
Outside directors may be removed only by the same percentage of shareholders as is required for their election, or by a court, and then only if the outside director ceases to meet the statutory qualifications for their appointment or if they violate their fiduciary duty to the company. Each committee of a company’s Board of Directors which has been granted any authority normally reserved for the board of directors must include at least one outside director provided, however that each of the audit committee and the compensation committee, which are statutorily required under the Companies Law, must include all outside directors.
An outside director is entitled to compensation as provided in the regulations adopted under the Israel Companies Law and is otherwise prohibited from receiving any other compensation, directly or indirectly, in connection with service provided as an outside director.
CYREN’s outside directors are Yair Bar-Touv and David Earhart. At the 2015 Annual General Meeting held on December 24, 2015, Mr. Earhart was re-elected to a second three-year term, both expiring August 2019. Mr. Bar-Touv's second three-year term is due to expire in March 2017.
NASDAQ and SEC Rules and Regulations:
U.S. companies listed on the NASDAQ Capital Market are required to have a majority of directors qualify as independent under NASDAQ Listing Rule 5605. Pursuant to the Companies Law, an Israeli company, whose shares are publicly traded, may elect to adopt a provision in its articles of association pursuant to which a majority of its board of directors (or a third of its Board of Directors in case the company has a controlling shareholder) will constitute individuals complying with certain independence criteria prescribed by the Companies Law, as well as certain other recommended corporate governance provisions. We have not included such a provision in our Articles of Association. Our Board presently complies with the independence requirements of the NASDAQ and SEC regulations described above.
The Company has identified the following Board members as “independent directors” pursuant to NASDAQ Listing Rule 5605(a)(2):
In addition, the NASDAQ Listing Rules currently require CYREN to have at least a majority of independent directors, as defined under Listing Rule 5605(a)(2), on the Board to maintain an audit committee of at least three members, each of whom must:
|
(i)
|
be independent as defined under Listing Rule 5605(a)(2);
|
|
(ii)
|
meet the criteria for independence set forth in Rule 10A-3(b)(1) under the Exchange Act as set forth below (subject to the exemptions provided in Exchange Act Rule 10A-3(c));
|
|
(iii)
|
not have participated in the preparation of the financial statements of the Company or any current subsidiary of the Company at any time during the past three years; and
|
|
(iv)
|
be able to read and understand fundamental financial statements, including a company’s balance sheet, income statement and cash flow statement.
|
Under limited circumstances, the Company may have one audit committee member not independent in accordance with the above, but such a member would only be able to serve for a maximum of two years.
Exchange Act Rule 10A-3(b)(1) requires that members of the audit committee meet that rule’s definition of independence, which requires that an audit committee member may not, except in his or her capacity as a director or committee member, (i) accept directly or indirectly any consulting, advisory, or other compensatory fee from the Company or any of its subsidiaries (except for fixed amounts of compensation under a retirement plan for prior service with the Company, provided that such compensation is not contingent in any way on continued service), or (ii) be an “affiliated person” of the Company or any of its subsidiaries.
NASDAQ rules also require that the Company certify that it has, and will continue to have, at least one member of the audit committee who has past employment experience in finance or accounting, requisite professional certification in accounting, or any other comparable experience or background which results in the individual’s financial sophistication, including being or having been a chief executive officer, chief financial officer or other senior officer with financial oversight responsibilities. Also, the Company is required to disclose whether or not it has an “audit committee financial expert” on its audit committee, as defined under Item 16A to Form 20-F.
The four directors who serve on our audit committee, Mr. Bar-Touv, Mr. Thomson, Mr. Hamilton, and Mr. Earhart, qualify as independent directors under NASDAQ Listing Rules (including Exchange Act Rule 10A-3) and further qualify to act as members of our audit committee under the Israel Companies Law.
Audit Committee
As noted above in the discussion under “Independent and Outside Directors”, the Companies Law requires public companies to appoint an audit committee. The audit committee’s duties include providing assistance to the Board in fulfilling its legal and fiduciary obligations in matters involving our accounting, auditing, financial reporting, internal control and legal compliance functions. In this respect the audit committee approves the services performed by our independent registered public accounting firm and reviews their reports regarding our accounting practices and systems of internal accounting controls. The audit committee also oversees the audits conducted by our independent registered public accounting firm and takes those actions as it deems necessary to confirm that the accountants are independent of management. Under the Companies Law, the responsibilities of the audit committee include identifying irregularities in the management of our business and approving related party transactions as required by law, classifying company transactions as extraordinary transactions or non-extraordinary transactions and as material or non-material transactions in which an officer has an interest (which will have the effect of determining the kind of corporate approvals required for such transaction), assessing the proper function of the company’s internal audit regime and determining whether its internal auditor has the requisite tools and resources required to perform his role and to regulate the company’s rules on employee complaints, reviewing the scope of work of the company’s independent accountants and their fees, and implementing a whistleblower protection plan with respect to employee complaints of business irregularities. Pursuant to Amendment 22, effective as of January 10, 2014, the responsibilities of the audit committee under the Companies Law also include the following matters: (i) to establish procedures to be followed in respect of related party transactions with a controlling shareholder (where such are not extraordinary transactions), which may include, where applicable, the establishment of a competitive process for such transaction, under the supervision of the audit committee, or individual, or other committee or body selected by the audit committee, in accordance with criteria determined by the audit committee; and (ii) to determine procedures for approving certain related party transactions with a controlling shareholder, which were determined by the audit committee not to be extraordinary transactions, but which were also determined by the audit committee not to be negligible transactions.
Under the NASDAQ Listing Rules, an audit committee must consist of at least three directors meeting the independence standards under NASDAQ Listing Rules.
Under the Companies Law, all outside directors must serve on the audit committee, and in any case it must include a majority of independent directors. The Companies Law defines independent directors as either external directors or directors who: (1) meet the requirements of an external director, other than the requirement to possess accounting and financial expertise or professional qualifications, with audit committee confirmation of such; (2) have been directors in the company for an uninterrupted duration of less than nine years (and any interim period during which such person was not a director which is less than two years shall not be deemed to interrupt the duration); and, (3) were classified as such by the company. One of the outside directors must serve as the chair of the audit committee. Furthermore, under the Companies Law, the audit committee may not include the chairman of the board, or any director employed by the Company, by a controlling shareholder or by any entity controlled by a controlling shareholder, or any director providing services to us, to a controlling shareholder or to any entity controlled by a controlling shareholder on a regular basis, or any director whose income is primarily dependent on a controlling shareholder, and may not include a controlling shareholder or any relatives of a controlling shareholder. Under the Companies Law, a meeting of the audit committee is properly convened if a majority of the committee members attend the meeting, and of which the majority of members present must be independent and external directors. Individuals who are not permitted to be audit committee members may not participate in the committee’s meetings other than to make a presentation regarding a particular issue if the chairman of the audit committee determines that such person’s presence is necessary in order to present such matter. However, pursuant to Amendment 25 to the Companies Law, effective as of February 6, 2015, an employee who is not a controlling shareholder or a relative of such shareholder may be present in the committee’s meeting during discussions if such presence is requested by the committee, and an executive officer may be present in a meeting, if requested by the audit committee, to present his position with regard to a matter under his responsibility where substantial defects in the company’s business administration are discussed, but may not vote. Additionally, the company’s legal counsel and corporate secretary may participate in the committee’s discussions and votes if requested by the committee.
The audit committee consists of David Earhart, chairman, Todd Thomson, audit committee financial expert, Yair Bar-Touv and James Hamilton.
Compensation Committee
On December 12, 2012, Amendment 20 to the Companies Law, or “Amendment 20”, came into force, and its provisions are summarized below:
All public companies and bond companies are required to establish a compensation committee, with one outside director serving as chairman of the committee. The committee is to be made up of at least three directors, with a majority of outside directors. The remaining directors shall be directors who do not receive direct or indirect compensation for their role as directors (other than compensation paid or given in accordance with Companies Law regulations applicable to the compensation of external directors, or amounts paid pursuant to indemnification and/or exculpation contracts or commitments and insurance coverage). The compensation committee may not include the chairman of the board, any director employed by or otherwise providing services on a regular basis to the Company, to a controlling shareholder or to any entity controlled by a controlling shareholder, any director whose main livelihood is dependent on a controlling shareholder, or a controlling shareholder or a relative thereof. The committee is responsible for (i) proposing an office holder compensation policy to the Board of Directors, (ii) proposing necessary revisions to the compensation policy and examining its implementation, (iii) determining whether to approve transactions with respect to compensation of office holders, and (iv) determining, in accordance with our office holder compensation policy, whether to exempt the compensation terms with an unaffiliated nominee for the position of chief executive officer from requiring shareholders’ approval, provided such terms meet with the company’s compensation policy. Pursuant to Amendment 27, the audit committee may serve as the company’s compensation committee, provided that it meets the composition requirements of the compensation committee.
“Say before pay” rules: The compensation policy recommended by the compensation committee is to be approved by the Board and then, before it takes effect, by shareholders in a vote by the affirmative vote of a majority of the shares voting on the matter, provided that (i) such majority includes at least a majority of the shares of shareholders who are non-controlling shareholders and do not have a personal interest in the said resolution; or (ii) the total number of shares of shareholders specified in clause (i) who voted against this resolution does not exceed 2% of the voting rights in the Company. If the shareholders do not approve the policy, the policy may be returned for further deliberation by the Board, taking into account the rejection of the policy by the minority shareholders. The Board may ultimately approve the policy despite the minority’s disapproval, if it finds that the policy is in the company’s best interest. The compensation policy must be approved at least every three years. The Board is required to reevaluate the policy from time to time and if a material change occurs.
Under Section 267B(a) and Parts A and B of Annex 1A of the Companies Law, which were legislated as part of Amendment 20, a company’s compensation policy shall be determined based on, and take into account, the following parameters:
|
a.
|
advancement of the goals of the Company, its working plan and its long term policy;
|
|
b.
|
the creation of proper incentives for the office holders while taking into consideration, inter alia, the Company’s risk management policies;
|
|
c.
|
the Company’s size and nature of its operations;
|
|
d.
|
the contributions of the relevant office holders in achieving the goals of the Company and profit in the long term in light of their positions;
|
|
e.
|
the education, skills, expertise and achievements of the relevant office holders;
|
|
f.
|
the role of the office holders, areas of their responsibilities and previous agreements with them;
|
|
g.
|
the correlation of the proposed compensation with the compensation of other employees of the Company, and the effect of such differences in compensation on the employment relations in the company; and
|
|
h.
|
the long term performance of the office holder.
|
In addition, the compensation policy should take into account that if the compensation paid to office holders includes variable components, the policy should address the ability of the board of directors to reduce the value of the variable component from time to time or to set a cap on the exercise value of convertible securities components that are not paid out in cash. Additionally, in the event that the terms of office and employment include grants or payments made upon termination – such grants should take into consideration the length of the term of office or period of employment, the terms of employment of the office holder during such period, the company’s success during said period and the office holder’s contribution to obtaining the company’s goals and maximizing its profits as well as the circumstances and context of the termination.
The compensation policy must set forth standards and rules on the following issues: (a) with respect to variable components of compensation - basing the compensation on long term performance and measurable criteria (Though a non-material portion of the variable components can be discretionary awards taking into account the contribution of the officer holder to the company. Pursuant to Amendment 27, variable components equal to three month salaries of the relevant office holders, on an annual basis, shall be considered a non-material portion of the variable components.); (b) establishing the appropriate ratio between variable components and fixed components and placing a cap on such variable components (including a cap on the grant date value of convertible securities components that are not paid out in cash); (c) setting forth a rule requiring an office holder to return amounts paid, in the event that it is later revealed that such amounts were paid on the basis of data which prove to be erroneous and resulted in an amendment and restatement of the company’s financial statements; (d) determining minimum holding or vesting periods for equity based variable components of compensation, while taking into consideration appropriate long term incentives; and (e) setting a cap on grants or benefits paid upon termination
The compensation committee is also responsible for administering the Company’s various stock option plans, including the issuance of option grants to employees of the Company and its subsidiaries.
The compensation committee consists of Yair Bar-Touv, chair, Hila Karah, James Hamilton and David Earhart.
Executive Compensation Policy
On July 25, 2013, an Extraordinary General Meeting of the shareholders of the Company took place, approving the Executive Compensation Policy (the “Policy”), which had been recommended by the compensation committee and approved by the board of directors, for the Company’s directors and office holders, in accordance with the requirements of the Companies Law.
The Policy includes, among other issues prescribed by the Companies Law, a framework for establishing the terms of office and employment of the directors and office holders and guidelines with respect to the structure of the variable pay of office holders.
Our recoupment policy relating to office holder compensation allows for the recovery of any portion of the annual bonus paid based on financial measures that may in the future prove to be based on a mistake which will require a restatement of the financial reports occurring during the 8 quarterly reporting periods (2 years) following the mistaken report.
Our CEO and all of our office holders may be incentivized through cash bonuses and all of our office holders and directors may also be incentivized through long-term equity-based incentives to provide them with a stake in our success – thus linking their long-term financial interests with the interests of our shareholders. In accordance with the Policy, the cash bonuses incentives are developed through a program that sets performance targets based on each office holder’s role and scope. Actual payments are driven by the business and individual performance vis-à-vis the performance targets set at the beginning of the year. The cash bonuses will not exceed 60% of the actual annual base salary for the CEO, 30% of the actual annual base salary for office holders (other than VP Sales) and 90% of the actual annual base salary for the VP Sales. In years that the Company does not meet at least 60% of the annual Company’s measures target (as defined by the board of directors), no cash bonuses will be paid.
Equity based compensation may be granted in any form permitted under our equity incentive plans, as in effect from time to time (collectively, the “Equity Incentive Plans”), including stock options and restricted share units. Equity grants to office holders shall be made in accordance with the terms of the Equity Incentive Plans. All equity-based incentives granted to our directors and office holders shall be subject to vesting periods in order to promote long-term retention of the awarded office holders. Grants to our directors and office holders shall vest gradually over a period of not less than three years. The value of the equity based compensation (at the time of grant) per year, for each director and executive officer, shall not exceed the approved ratio between fixed pay and variable pay.
Our compensation committee will periodically review the Policy and monitor its implementation, and recommend to our board of directors and shareholders to amend the Policy as it deems necessary from time to time. The term of the Policy shall be three years as of the date of its adoption, during which, the board of directors is required to examine the Policy and revise it from time to time, if the circumstances under which it had been adopted have materially changed. Following such three year term, the Policy, including any revisions recommended by our compensation committee and approved by our board of directors, as applicable, will be brought once again to the shareholders for approval.
On December 18, 2014, the Annual General Meeting of the shareholders of the Company approved an amendment to the Policy, changing the ranges for fixed base salary and variable pay, in order to better reflect the Company’s characters, financial position, needs, prospects and strategic goals.
On December 8, 2015, the Annual General Meeting of the shareholders of the Company approved an additional amendment to the Policy, changing the ratios between the fixed base salary and the variable compensation of certain office holders to provide for the issuance of RSUs, and the annual base salary ranges of certain office holders.
Nominating Committee
The committee’s responsibilities include identifying individuals qualified to become board members and recommending director nominees to the board.
The nominating committee consists of Hila Karah, chair, Aviv Raiz, David Earhart and James Hamilton.
Internal Auditor
Under the Israel Companies Law, the Board of Directors must appoint an internal auditor, nominated by the audit committee. The role of the internal auditor is to examine, among other matters, whether a company’s actions comply with relevant law and orderly business procedure. Under the Israel Companies Law, the internal auditor must be an individual and may be an employee of the company but not an affiliate or office holder, or a relative of an affiliate or office holder, and he or she may not be the company’s independent accountant or its representative. The Company routinely engages an Internal Auditor who is an independent third party.
Approval of Certain Transactions; Obligations of Directors, Officers and Shareholders
The Companies Law codifies the fiduciary duties that office holders, including directors and executive officers, owe to a company. An office holder’s fiduciary duties consist of a duty of care and a duty of loyalty. Each person listed in the first table that appears above at the beginning of this Item 6 is an office holder.
The duty of loyalty requires an office holder to act in good faith and for the benefit of the company, including to avoid any conflict of interest between the office holder’s position in the company and such person’s personal affairs, avoiding any competition with the company, avoiding exploiting any corporate opportunity of the company in order to receive personal advantage for such person or others, and revealing to the company any information or documents relating to the company’s affairs which the office holder has received due to his or her position as an office holder. A company may approve any of the acts mentioned above provided that all the following conditions apply: the office holder acted in good faith and neither the act nor the approval of the act prejudices the good of the company, and the office holder disclosed the essence of his personal interest in the act, including any substantial fact or document, a reasonable time before the date for discussion of the approval. A director is required to exercise independent discretion in fulfilling his or her duties and may not be party to a voting agreement with respect to his or her vote as a director. A violation of these requirements is deemed a breach of the director’s duty of loyalty.
The duty of care requires an office holder to act with a level of care that a reasonable office holder in the same position would employ under the same circumstances. This includes the duty to use reasonable means to obtain information regarding the advisability of a given action submitted for his or her approval or performed by virtue of his or her position and all other relevant information material to these actions.
The Companies Law requires that an office holder promptly disclose any personal interest that he or she may have and all related material information known to him or her, in connection with any existing or proposed transaction by the company. “Personal interest,” as defined by the Companies Law, includes a personal interest of any person in an act or transaction of the company, including a personal interest of his relative or of a corporation in which that person or a relative of that person is a 5% or greater shareholder, a holder of 5% or more of the voting rights, a director or general manager, or in which he or she has the right to appoint at least one director or the general manager, and includes shares for which the person has the right to vote pursuant to a power-of-attorney. “Personal interest” does not apply to a personal interest stemming merely from holding shares in the company.
The office holder must make the disclosure of his personal interest no later than the first meeting of the company’s board of directors that discusses the particular transaction. This duty does not apply to the personal interest of a relative of the office holder in a transaction unless it is an “extraordinary transaction.” An “extraordinary transaction” is defined as a transaction not in the ordinary course of business, a transaction that is not on market terms, or a transaction that is likely to have a material impact on the company’s profitability, assets or liabilities, and a “relative” as a spouse, sibling, parent, grandparent or descendant, and the sibling, parent or descendant of a spouse, as well as the spouse of any of the foregoing.
In the case of a transaction that is not an extraordinary transaction and that does not relate to compensation or terms of employment, after the office holder complies with the above disclosure requirement, only Board approval is required unless the Articles of Association of the company provide otherwise. Pursuant to Amendment 27, extending or renewing the company’s engagement with its CEO also requires only Board approval (after compensation committee approval) if (i) the compensation terms are similar to the ones in effect prior to the extension or renewal, (ii) the compensation terms are compliant with the company’s compensation policy, and (iii) the CEO’s previous engagement with the company was approved by a majority vote of the shareholders of the company which either included a majority of the non-controlling and disinterested shareholders who were present, in person or by proxy, at the meeting or, alternatively, the total shareholdings of the non-controlling and disinterested shareholders who voted against the transaction did not represent more than two percent of the voting rights in the company). Our Articles of Association do not provide otherwise. Such approvals must determine that the transaction is in the company’s interest. If the transaction is an extraordinary transaction, then in addition to any approval required by the Articles of Association, it also must be approved by the audit committee and by the Board and, under specified circumstances, by a meeting of the shareholders. An individual who has a personal interest in a matter that is considered at a meeting of the Board or the audit committee generally may not be present at this meeting or vote on this matter unless a majority of the board of directors or the audit committee has a personal interest in the matter, or if such person is invited by the Chairman of the Board or audit committee, as applicable, to present the matter being considered. If a majority of the board of directors or the audit committee has a personal interest in the transaction, shareholder approval also would be required.
The Companies Law applies the same disclosure requirements set forth above to a controlling shareholder of a public company The term “controlling shareholder” is defined as a shareholder who has the ability to direct the activities of a company, other than if this power derives solely from the shareholder’s position on the board of directors or any other position with the company, and the definition of “controlling shareholder” in connection with matters governing: (i) extraordinary transactions with a controlling shareholder or in which a controlling shareholder has a personal interest, (ii) certain private placements in which the controlling shareholder has a personal interest, (iii) certain transactions with a controlling shareholder or relative with respect to services provided to or employment by the company, (iv) the terms of employment and compensation of the general manager, and (v) the terms of employment and compensation of office holders of the company when such terms deviate from the compensation policy previously approved by the company’s shareholders, also includes shareholders that hold 25% or more of the voting rights if no other shareholder owns more than 50% of the voting rights in the company (and the holdings of two or more shareholders which each have a personal interest in such matter will be aggregated for the purposes of determining such threshold). Extraordinary transactions, including a private placement with a controlling shareholder or in which a controlling shareholder has a personal interest (including for the provision of services to the company through a company controlled by a controlling shareholder, but not including transactions covering the terms of compensation of a controlling shareholder who is an office holder), require the approval of the audit committee, the Board and the shareholders of the company. Extraordinary transactions covering the terms of compensation of a controlling shareholder who is an office holder, require the approval of the compensation committee, the Board and the shareholders of the company. The shareholder approval must either include a majority of the non-controlling and disinterested shareholders who are present, in person or by proxy, at the meeting or, alternatively, the total shareholdings of the non-controlling and disinterested shareholders who vote against the transaction must not represent more than two percent of the voting rights in the company. Generally, the approval of such a transaction may not extend for more than three years, except that in the case of an extraordinary transaction with a controlling shareholder or in which a controlling shareholder has a personal interest that does not concern terms of compensation for service as an office holder, or as a service provider to the company, the transaction may be approved for a longer period if the audit committee determines that the approval of the transaction for a period longer than three years is reasonable under the circumstances.
Under the Companies Law, a shareholder has a duty to act in good faith towards the company and other shareholders and refrain from abusing his or her power in the company, including, among other things, in respect to his or her voting at the general meeting of shareholders on the following matters:
• any amendment to the Articles of Association;
• an increase of the company’s authorized share capital;
• a merger; or
• approval of interested party transactions that require shareholder approval.
In addition, any controlling shareholder, any shareholder who can determine the outcome of a shareholder vote and any shareholder who, under the company’s Articles of Association, can appoint or prevent the appointment of an office holder, are under a duty to act with fairness towards the company. The Companies Law provides that a breach of the duty of fairness will be governed by the laws governing breach of contract. The Companies Law does not describe the substance of this duty.
Insurance, Indemnification and Exculpation of Directors and Officers; Limitations on Liability
The Companies Law permits a company to insure an office holder in respect of liabilities incurred by him or her as a result of the breach of his or her duty of care to the company or to another person, or as a result of the breach of his or her duty of loyalty to the company, to the extent that he or she acted in good faith and had reasonable cause to believe that the act would not prejudice the company. A company can also insure an office holder for monetary liabilities as a result of an act or omission that he or she committed in connection with his or her serving as an office holder. Moreover, in accordance with the Companies Law and the Israeli Securities Law, a company can indemnify an office holder for (a) any monetary liability imposed upon such an office holder for the benefit of a third party pursuant to a court judgment, including a settlement or an arbitrator’s decision, confirmed by a court, (b) reasonable legal costs, including attorney’s fees, expended by an office holder as a result of an investigation or proceeding instituted against the office holder by a competent authority, provided that such investigation or proceeding concludes without the filing of an indictment against the office holder and either i) no financial liability was imposed on the office holder in lieu of criminal proceedings or ii) financial liability was imposed on the office holder in lieu of criminal proceedings but the alleged criminal offense does not require proof of criminal intent, (c) legal expenses (including attorneys’ fees) incurred by an office holder in an administrative enforcement proceeding and certain compensation payable to injured parties for damages suffered by them as determined in the proceeding and (d) reasonable litigation expenses, including legal fees, actually incurred by such an office holder or imposed upon the office holder by a court order, in a proceeding brought against the office holder by or on behalf of the company or by others, or in a criminal action in which he was acquitted, or in a criminal action which does not require proof of criminal intent in which he was convicted. The Companies Law further provides that the indemnification provision in a company’s articles of association (i) may be an obligation to indemnify in advance, provided that, other than litigation expenses, it is limited to events the board of directors can foresee in light of the company’s actual activities when providing the obligation and that it is limited to a sum or standards the board of directors determines is reasonable in the circumstances, and (ii) may permit the company to indemnify an officer or a director after the fact.
Furthermore, a company can, with one limited exception, exculpate an office holder in advance, in whole or in part, from liability for damages sustained by a breach of duty of care to the company.
All of these provisions are specifically limited in their scope by the Companies Law, which provides that a company may not indemnify or exculpate an officer or director nor enter into an insurance contract that would provide coverage for any monetary liability incurred as a result of (i) a breach by the officer or director of the duty of loyalty, unless the officer or director acted in good faith and had a reasonable basis to believe that the act would not prejudice the company, in which case the company is permitted to indemnify and provide insurance to but not to exculpate; (ii) an intentional or reckless breach by the officer or director of the duty of care, other than if solely done in negligence; (iii) any act or omission done with the intent to derive an illegal personal benefit; or (iv) any fine levied or forfeit against the director or officer.
Under the Companies Law and the Israeli Securities Law, the aforesaid provisions to indemnify or exculpate an office holder, or entering into an insurance contract with respect to the provision of coverage for such matters is subject to the inclusion of provisions in the company’s articles of association permitting the company to do so. Our Articles of Association allow us to insure, exculpate and indemnify office holders to the fullest extent permitted by law provided such insurance, exculpation or indemnification is approved in accordance with the Companies Law and Israeli Securities Law. We have acquired directors’ and officers’ liability insurance covering the officers and directors of CYREN and its subsidiary for certain claims. At the annual meeting of shareholders held on November 18, 2002, the shareholders approved a form of indemnification, exculpation and insurance agreement that is applicable to all our directors. The form of this agreement, as well as related provisions in our Articles of Association, were last amended at the annual meeting of shareholders held on December 15, 2011, and provisions with respect to such indemnification and office holder liability insurance were included in our Compensation Policy.
D. Employees
As of December 31, 2015, 2014 and 2013, we had 193, 189, and 192 employees, respectively, with such employees being located in our offices in the Israel, United States, Iceland and Germany. As of December 31, 2015, our employees were categorized as follows:
Location
|
|
General &
Administrative
|
|
Sales &
Marketing
|
|
Research &
Development
|
|
Hosting & Support
(Operations)
|
|
TOTAL:
|
|
ISRAEL OFFICE
|
|
|
5
|
|
3
|
|
|
67
|
|
4
|
|
|
79
|
|
U.S. OFFICE:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
California
|
|
|
-
|
|
5
|
|
|
-
|
|
7
|
|
|
12
|
|
Virginia
|
|
|
11
|
|
14
|
|
|
3
|
|
2
|
|
|
30
|
|
ICELAND OFFICE
|
|
|
4
|
|
1
|
|
|
16
|
|
4
|
|
|
25
|
|
GERMANY OFFICE
|
|
|
5
|
|
14
|
|
|
19
|
|
9
|
|
|
47
|
|
TOTALS
|
|
|
26
|
|
33
|
|
|
109
|
|
25
|
|
|
193
|
|
While employment-related issues occasionally arise in the normal course, we believe that, on the whole, relations with our employees are good.
None of our U.S. employees are covered by a collective bargaining agreement, rather they sign individual offer letters of employment that, along with relevant Company policies and an employee handbook, formalize employees’ relationship with our U.S. subsidiary.
In Israel we are subject to certain labor statutes and national labor court precedent rulings, as well as to certain provisions of the collective bargaining agreements between the Histadrut (General Federation of Labor in Israel) and the Coordination Bureau of Economic Organizations including the Industrialists’ Associations. These provisions of collective bargaining agreements are applicable to our Israeli employees by virtue of expansion orders issued in accordance with relevant labor laws by the Israeli Ministry of Labor and Welfare, and which apply such agreement provisions to our employees even though they are not directly part of a union that has signed a collective bargaining agreement. The laws and labor court rulings that apply to our employees principally concern the minimum wage laws, procedures for dismissing employees, determination of severance pay, leaves of absence (such as annual vacation or maternity leave), sick pay and other conditions for employment. The expansion orders which apply to our employees principally concern the requirement for length of the work day and workweek, mandatory contributions to a pension fund, annual recreation allowance, travel expenses payment and other conditions of employment. Furthermore, the wages of most of CYREN’s Israeli employees are subject to cost of living adjustments, based on changes in the Israeli Consumer Price Index. The amounts and frequency of such adjustments are modified from time to time. Also, all Israeli employees employed for at least a year commencing in 2009 are entitled to the funding of pension benefits by preset monthly contributions of the employee and the employer. Israeli law generally requires the payment of severance pay upon the retirement or death of an employee or upon termination of employment by the employer or, in certain circumstances, by the employee. We currently fund our ongoing severance obligations by making monthly payments for insurance policies and by an accrual. Effective October, 2014, the Company's agreements with new employees in Israel, are under Section 14 of the Severance Pay Law, 1963. The Company’s contributions for severance pay have replaced its severance obligation. Upon contribution of the full amount of the employee’s monthly salary for each year of service, no additional calculations is conducted between the parties regarding the matter of severance pay and no additional payment is made by the Company to the employee. Further, the related obligation and amounts deposited on behalf of the employee for such obligation are not stated on the balance sheet, as the Company is legally released from the obligation to employees once the deposit amounts have been paid. A general practice in Israel followed by CYREN, although not legally required, is the contribution of funds on behalf of certain employees to an individual insurance policy known as “Managers’ Insurance.” This policy provides a combination of savings plan, insurance and severance pay benefits to the insured employee. It provides for payments to the employee upon retirement or death and secures a substantial portion of the severance pay, if any, to which the employee is legally entitled upon termination of employment. Each participating employee contributes an amount equal to 5% of such employee’s base salary, and the employer contributes between 13.3% and 15.8% of the employee’s base salary. We also provide certain Israeli employees with an Education Fund, to which each participating employee contributes an amount equal to 2.5% of such employee’s base salary, and the employer contributes an amount equal to 7.5% of the employee’s base salary, up to a certain maximum base salary set by law.
E. Share ownership
Employees, including executive officers and other management employees, participate in the Company’s employee option plan.
The table in Item 6, Section A above sets forth the directors’ beneficial ownership of our ordinary shares as of February 29, 2016. Other than our CEO, Lior Samuelson, no executive officer beneficially owns more than 1% of our ordinary shares as of February 29, 2015.
Item 7. Major Shareholders and Related Party Transactions.
A. Major shareholders
The following table presents information with respect to beneficial ownership of our ordinary shares as of February 29, 2016, including:
|
•
|
each person or entity known to CYREN to own beneficially 5% or more of CYREN’s ordinary shares, and
|
|
•
|
all executive officers and directors as a group.
|
Beneficial ownership is determined in accordance with the rules of the SEC and includes voting or investment power, with respect to ordinary shares. To our knowledge, except under applicable community property laws or as otherwise indicated, the persons named in the table have sole voting and sole investment control and rights to receive economic benefits with respect to all shares beneficially owned. The applicable percentage of ownership for each shareholder is based on 40,941,613 ordinary shares outstanding as of February 29, 2016. Ordinary shares issuable upon exercise of options and warrants, which are exercisable on or within sixty days of February 29, 2016, are deemed outstanding for the purpose of computing the percentage ownership of the person holding those options or warrants and for all directors and executive officers as a group, but are not deemed outstanding for computing the percentage ownership of any other person. Major shareholders in the Company have the same voting rights as all other shareholders.
Major shareholders of ordinary shares
|
|
Number of Shares Beneficially Owned
|
|
|
Percent
|
|
Aviv Raiz (1)(2)
|
|
|
5,188,256 |
|
|
|
12.7 |
% |
Unterberg Capital, LLC (3)
|
|
|
5,083,940 |
|
|
|
12.4 |
% |
Yelin Lapidot Holdings
|
|
|
3,011,569 |
|
|
|
7.4 |
% |
LHF Wealth Advisory Services
|
|
|
2,266,850 |
|
|
|
5.5 |
% |
Goldman Capital Management
|
|
|
2,092,131 |
|
|
|
5.1 |
% |
All other directors and executive officers as a group (16 persons) (4)
|
|
|
2,335,139 |
|
|
|
5.7 |
% |
(1) This shareholder of record resides in Israel.
(2) Includes 61,453 options, exercisable into a like number of ordinary shares.
(3) Includes 290,456 warrants, exercisable into a like number of ordinary shares.
(4) Includes 1,758,962 options exercisable into a like number of ordinary shares.
Based on a review of the information provided to us by third parties, including our transfer agent, as of December 31, 2015, there were 35 holders of record of our ordinary shares. One of such holders is the nominee company known as CEDE & Co., which held 34,927,766 ordinary shares on behalf of approximately 75 brokers and banks, or approximately 89.3% of the aggregate 39,121,198 ordinary shares outstanding as of such date.
Out of the 34,927,766 ordinary shares held through CEDE, approximately 28.5 million are managed by Broadridge Financial Solutions, Inc. on behalf of certain banks and brokers, and Broadridge recently provided to us reports on the geographical location of shareholders holding through such banks and brokers. According to these reports, plus our transfer agent reports, we were able to identify at least 10.6 million ordinary shares held by Israeli shareholders, approximately 15.5 million shares held by U.S. based shareholders and 6.6 million held by non-Israeli and non-U.S. shareholders.
Significant Changes in Percentage Ownership of Major Shareholders During the Past Three Years
On February 22, 2016 Goldman Capital Management filed a schedule 13G indicating that it had accumulated 2,092,131 shares of CYREN representing 5.3% of the outstanding shares of CYREN.
On February 2, 2016, Dov Yelin, Yair Lapidot, Yelin Lapidot Holdings Management Ltd. and Yelin Lapidot Mutual Funds Management Ltd. filed a schedule 13G indicating that it had accumulated 3,011,569 shares of CYREN representing 7.7% of the outstanding shares of CYREN.
On January 29, 2016, LHF Wealth Advisory Services, LLC. filed a schedule 13G indicating that it had accumulated 2,266,850 shares of CYREN representing 5.8% of the outstanding shares of CYREN.
On January 14, 2016, Unterberg Capital, LLC filed a schedule 13G indicating that it had accumulated 5,083,940 shares of CYREN representing 13.0% of the outstanding shares of CYREN.
On August 17, 2015 CYREN closed a registered underwritten public offering of 7,666,665 ordinary shares at a price to the public of $1.65 per share, which included the full exercise of the underwriter's overallotment option of 999,999 ordinary shares. As a result of this offering, total outstanding shares increased from 31.4 million to 39.1 million shares resulting in a decrease in ownership percentage for all previous shareholders.
On July 30, 2014 CYREN closed a registered direct offering of 4,771,796 ordinary shares and warrants to purchase 1,670,128 ordinary shares in combinations consisting of one ordinary share and one warrant to purchase 0.35 of an ordinary share at an offering price per fixed combination of $2.41. Each warrant has an exercise price of $3.08 per share and is exercisable following the six-month anniversary of the date of its issuance. As a result of this offering, total outstanding shares increased from 26.6 million to 31.4 million shares resulting in a decrease in ownership percentage for all previous shareholders.
Control
To the knowledge of the Company, the Company is not directly or indirectly owned or controlled by another corporation, by any foreign government or by any other natural or legal persons severally or jointly and the Company is not aware of any arrangements that may at a subsequent date result in a change in control of the Company.
B. Related party transactions
There were no related party transactions with office holders or major shareholders as detailed above, during 2015 or through the date of filing of this Annual Report.
Item 8. Financial Information.
A. Consolidated Statements and Other Financial Information
Our consolidated financial statements and other financial information are included herein on item 18 pages F-1 through F-32.
Legal Proceedings
In 2014, the Company entered into arbitral proceedings with the former shareholders of eleven regarding an escrow agreement. CYREN and the former eleven shareholders are disputing an amount of €740 thousand in the escrow account. In addition to the escrow dispute, CYREN has initiated claims for €1,466 thousand against the former eleven shareholders relating to the earn-out liability of the eleven acquisition while the former shareholders claim payment of €1,553 thousand from CYREN with regards to the same liability. Considering the preliminary stage of these arbitral proceedings, the Company has determined it is currently unable to predict the outcome of these disputes. The Company intends to defend these litigations vigorously.
In 2015, the Company petitioned the Kawasaki Branch of Yokohama District Court in Japan to determine the share valuation of the Company’s shares in imatrix Corporation. The Company and imatrix Corporation are in discussions to determine the value of the Company’s minority interest in imatrix Corporation, a private company in Japan.
Other than the above, the Company is not a direct party to any litigation, and it is not aware of any threatened litigation which, in the aggregate, would be material to the business of the Company.
Dividend Policy
If the Company decides to distribute a cash dividend out of income that has been tax exempt due to an “approved enterprise” status under the Law for the Encouragement of Capital Investments, 5719-1959, the amount of cash dividend will be subject to corporate tax at the rate then in effect under Israeli law. The Company has never declared or paid cash dividends on its ordinary shares. However, the Company has not adopted a policy not to pay cash dividends and therefore may declare a dividend in the future. The Company’s current plans are to retain future earnings primarily to finance the development of its business and for other corporate purposes.
B. Significant changes
Except as otherwise disclosed in this Annual Report, there are no other significant changes since December 31, 2015.
Item 9. The Offer and Listing.
Offering and listing details
The Company’s ordinary shares have been traded publicly on NASDAQ as follows:
From July 13, 1999 through June 29, 2004, under the symbol “CTCH” (up to June 7, 2002 on the National Market, and subsequently on the Small Cap Market, which during 2005 was renamed the “Capital Market”);
From June 30, 2004 through June 26, 2005, under the symbol “CTCHC”;
From June 27, 2005 through January 1, 2008, under the symbol “CTCH”;
From January 2, 2008 through January 29, 2008, under the symbol “CTCHD”;
From January 30, 2008 through February 23, 2014, under the symbol “CTCH”; and.
From February 24, 2014, under the symbol “CYRN”.
Since December 16, 2009, the Company’s ordinary shares have also been traded on the Tel Aviv Stock Exchange, or TASE, under the symbol “CTCH” until February 24, 2014, and under the symbol “CYRN” since that date.
The following table lists the high and low closing sales prices for the Company’s ordinary shares on the NASDAQ Capital Market for the periods indicated:
|
|
High
|
|
|
Low
|
|
2011:
|
|
$ |
3.98 |
|
|
$ |
2.93 |
|
2012:
|
|
$ |
3.40 |
|
|
$ |
2.42 |
|
2013:
|
|
$ |
3.99 |
|
|
$ |
2.02 |
|
2014:
|
|
$ |
4.09 |
|
|
$ |
1.45 |
|
2015:
|
|
$ |
3.43 |
|
|
$ |
1.57 |
|
|
|
|
|
|
|
|
|
|
2014:
|
|
|
|
|
|
|
|
|
First Quarter
|
|
$ |
4.09 |
|
|
$ |
2.90 |
|
Second Quarter
|
|
$ |
3.64 |
|
|
$ |
2.88 |
|
Third Quarter
|
|
$ |
2.98 |
|
|
$ |
2.18 |
|
Fourth Quarter
|
|
$ |
2.11 |
|
|
$ |
1.45 |
|
|
|
|
|
|
|
|
|
|
2015:
|
|
|