Back to GetFilings.com
================================================================================
SECURITIES AND EXCHANGE COMMISSION
WASHINGTON, D.C. 20549
---------------------
FORM 10-K
[X] ANNUAL REPORT PURSUANT TO SECTION 13 OR 15(d) OF THE
SECURITIES EXCHANGE ACT OF 1934 (NO FEE REQUIRED)
FOR THE FISCAL YEAR ENDED DECEMBER 31, 2001
COMMISSION FILE NUMBER 1-10139
OR
[ ] TRANSITION REPORT PURSUANT TO SECTION 13 OR 15(d)
OF THE SECURITIES EXCHANGE ACT OF 1934
NETEGRITY, INC.
(Exact name of Registrant as specified in its charter)
DELAWARE 04-2911320
(State or other jurisdiction of (I.R.S. Employer
incorporation or organization) Identification No.)
52 SECOND AVENUE
WALTHAM, MASSACHUSETTS 02451
(Address of principal executive offices, including Zip Code)
(781) 890-1700
(Registrant's telephone number, including area code)
SECURITIES REGISTERED PURSUANT TO SECTION 12(b) OF THE ACT:
NONE
SECURITIES REGISTERED PURSUANT TO SECTION 12(g) OF THE ACT:
COMMON STOCK, PAR VALUE $.01 PER SHARE
(Title of Class)
Indicate by check mark whether the registrant (1) has filed all reports
required to be filed by Section 13 or 15(d) of the Securities Exchange Act of
1934 during the preceding 12 months (or for such shorter period that the
registrant was required to file such reports), and (2) has been subject to such
filing requirements for the past 90 days. Yes [X] No [ ]
Indicate by check mark if disclosure of delinquent filers pursuant to Item
405 of Regulation S-K is not contained herein, and will not be contained, to the
best of the registrant's knowledge, in definitive proxy or information
statements incorporated by reference in Part III of this Form 10-K or any
amendment to this Form 10-K. [ ]
The aggregate market value of the voting Common Stock held by
non-affiliates of the registrant was $374,689,662 based on the closing price of
the registrant's Common Stock on February 28, 2002 as reported by the NASDAQ
Over-the-Counter Interdealer Automated Quotation System ($12.34 per share). As
of February 28, 2002, there were 33,884,330 shares of Common Stock outstanding.
DOCUMENT INCORPORATED BY REFERENCE:
Part III incorporates information by reference from the definitive proxy
statement for the registrant's annual meeting to be held on May 22, 2002.
================================================================================
ANNUAL REPORT ON FORM 10-K
YEAR ENDED DECEMBER 31, 2001
TABLE OF CONTENTS
PART I
Item 1. Business.................................................... 2
Item 2. Properties.................................................. 23
Item 3. Legal Proceedings........................................... 23
Item 4. Submission of Matters to a Vote of Security Holders......... 24
PART II
Market for Registrant's Common Equity and Related
Item 5. Stockholder Matters......................................... 24
Item 6. Selected Financial Data..................................... 25
Management's Discussion and Analysis of Financial Condition
Item 7. and Results of Operations................................... 27
Item 7A Quantitative and Qualitative Disclosure About Market Risk... 36
Item 8. Financial Statements and Supplementary Data................. 37
Changes in and Disagreements with Accountants on Accounting
Item 9. and Financial Disclosure.................................... 61
PART III
Item 10. Directors and Executive Officers of the Registrant.......... 61
Item 11. Executive Compensation...................................... 61
Security Ownership of Certain Beneficial Owners and
Item 12. Management.................................................. 61
Item 13. Certain Relationships and Related Transactions.............. 61
PART IV
Exhibits, Financial Statement Schedules, and Reports on Form
Item 14. 8-K......................................................... 62
1
FORWARD-LOOKING STATEMENTS AND INDUSTRY DATA
This report and the documents incorporated in it by reference contain
forward-looking statements about our plans, objectives, expectations and
intentions. You can identify these statements by words such as "expect,"
"anticipate," "intend," "plan," "believe," "seek," "estimate," "may," "will" and
"continue" or similar words. You should read statements that contain these words
carefully. They discuss our future expectations, contain projections of our
future results of operations or our financial condition or state other
forward-looking information, and may involve known and unknown risks over which
we have no control. You should not place undue reliance on forward-looking
statements. We cannot guarantee any future results, levels of activity,
performance or achievements. Moreover, we assume no obligation to update
forward-looking statements or update the reasons actual results could differ
materially from those anticipated in forward-looking statements, except as
required by law. The factors discussed in the sections captioned "Business",
"Risk Factors," and "Management's Discussion and Analysis of Financial Condition
and Results of Operations" in this report and the documents incorporated in it
by reference identify important factors that may cause our actual results to
differ materially from the expectations we describe in our forward-looking
statements.
This report and the documents incorporated in it by reference contain data
related to the e-business market. These market data have been included in
studies published by the market research firms of International Data
Corporation, the META Group and The Gartner Group. These data include
projections that are based on a number of assumptions, including increasing
worldwide business use of the Internet, the growth in the number of web access
devices per user, the absence of any failure of the Internet, and the continued
improvement of security on the Internet. If any of these assumptions is
incorrect, actual results may differ from the projections based on those
assumptions.
PART I
ITEM 1. BUSINESS
Netegrity, Inc., a Delaware corporation, and its wholly-owned subsidiaries,
are referred to throughout this report as "Netegrity", the "Company", "we", and
"us" or through similar expressions. For financial information about our
business, see our consolidated financial statements and the related notes
thereto found in Item 8 of this report. Netegrity(R), SiteMinder(R), Delegated
Management Services(TM), Netegrity Interaction Server(TM),
TransactionMinder(TM), Affiliate Minder(TM), Netegrity Affiliate Services
Software(TM), Netegrity Secure Proxy Server(TM), Secure Relationship
Management(TM) and JSAML(TM) are trademarks or registered trademarks of
Netegrity, Inc. All other brand or product names may be trademarks or registered
trademarks of their respective companies.
COMPANY OVERVIEW
Netegrity is a leading e-business infrastructure company. Our customers use
Netegrity products to securely manage e-business relationships. Our Secure
Relationship Management (SRM) platform enables companies to cost-effectively
provide their customers, partners and employees with the secure, interactive
access to applications and content required by their business relationships. Our
SRM solutions offer shared services that centrally manage access control, single
sign-on, user management, and portal services. These shared services address
three key challenges presented by our customers' drive to achieve improved
productivity and competitive advantage by moving business relationships online:
(1) the need to provide consistent, secure access to an increasing number of
business applications; (2) the requirement to efficiently manage the rapidly
expanding user constituencies requiring access; and (3) the need to present
dynamic, interactive and personalized views of those applications, regardless of
which application or system platform may ultimately host or contain the data or
content.
Netegrity's SiteMinder (SiteMinder) software, Delegated Management Services
(DMS) software and Netegrity Interaction Server (NIS) software are part of the
software infrastructure that is used to build and manage interactive e-business
web sites.
2
Our objective is to become the market leader in Secure Relationship
Management by leveraging category leadership in access control, single sign-on,
user management and portal product markets. The key objectives of our strategy,
each of which is discussed in detail later in this document, include:
- Extending our technology leadership in the extranet access management
market to the SRM market;
- Ensuring best-of-breed status for individual products within their
respective categories;
- Expanding applications of products into new markets;
- Expanding strategic partnerships;
- Continuing international expansion;
- Continuously improving customer services; and,
- Making strategic acquisitions.
We offer various levels of consulting and support services that enable our
customers to successfully implement Netegrity's products into their
organizations. As of December 31, 2001 we had 533 SiteMinder software customers,
including 98 that also licensed our DMS software, and 36 NIS customers, many of
whom are the leaders in their respective industries.
We sell our products through a direct sales force and through our
distribution partners. We directly market our SiteMinder, DMS and NIS software
and services domestically through a field sales organization supported by inside
sales representatives. We also indirectly market through strategic partnerships
and other third-party relationships with vendors of Internet-related systems and
application software as well as through resellers and systems integrators. As of
December 31, 2001, our sales, marketing and customer support organizations
consisted of 236 individuals (including 20 from the DataChannel, Inc.
acquisition).
On December 14, 2001 the Company acquired, for aggregate consideration of
$70.2 million, all of the outstanding stock of DataChannel, Inc., a Washington
Corporation (DataChannel) whereupon DataChannel, a leading provider of
enterprise portal solutions, became a wholly-owned subsidiary of the Company.
See Note 3 to the consolidated financial statements for additional disclosure
concerning this acquisition.
INDUSTRY BACKGROUND
Growth in e-business is driving companies to continuously expand their
ability to respond immediately to the needs of their key constituencies'
(customers, business partners, and employees) for secure, interactive and
personalized access to information and applications. The ongoing effort to move
more and more transactions and interactions online is perceived as a critical
driver of productivity and operational efficiency for companies. Data and
content are increasingly presented to end-users through a browser-based portal.
To date, many of these interactive e-business portals have been targeted at
internal, departmental areas such as human resource or corporate information
portals. As companies replicate as many of their products and services as
possible on-line to serve the needs of business partner communities or their
customer constituency, complexity soars and the requirement for scalable access
control, single sign-on, user management and portal services will increase
dramatically.
Before the advent of e-business and the transition to web-based computing,
most large businesses deployed client/server architectures to support enterprise
computing. In the client/server model, applications are generally limited to
traditional enterprise resource planning functions such as accounting, human
resource and material resource planning. Defined groups limited to selected
employees access these applications through a company's internal computing
resources or dedicated remote access solutions. As a result of this limited
usage, controlling and securing access to these applications and administering
the associated users and their rights of usage, or privileges, can be adequately
handled by the organization's information technology, or IT, department. With
only a limited number of applications and a small number of defined, highly
trained users, the assignment of entitlements to these users is accomplished by
embedding the security and entitlement and presentation functions into each
application.
3
E-business, however, is fundamentally changing traditional business
processes because companies now need to conduct business online with their
customers and business partners. According to International Data Corporation,
Internet commerce, one element of e-business overall, is expected to grow to $5
trillion by 2005. Companies are developing new web-based applications that
support key revenue and relationship management aspects of the companies'
business processes. Companies are delivering these new services through portals
which are becoming the customer's new gateway to the enterprise. Companies are
also attempting to leverage their existing investments in traditional enterprise
applications by integrating them into their web sites. In this new e-business
business model, applications accessed through the portal are not just supporting
business operations, but, in many instances, become the focal point for
companies' interactions with their constituencies, including remote and mobile
employees, existing and potential customers, suppliers, distributors and other
business partners.
Current approaches to the challenge of maximizing the conduct of online
business have revealed three key bottlenecks. First, early projects aimed at
moving business online, such as commerce or customer support applications,
addressed the problem of ensuring secure user access by implementing
application-specific user directories, access control and presentation schemes.
As e-business initiatives expanded in scope, IT organizations have been faced
with managing multiple redundant access control solutions, each with its own
authentication and authorization logic. Furthermore, users are often burdened
with managing and remembering multiple user names and passwords, even when
accessing a single e-business web site. Recent published studies estimate that
the cost of resetting forgotten passwords alone can be between $25 and $200 per
incident. Large companies with high e-business web site traffic accessing
multiple applications can expect tens of thousands of reset requests per month.
Second, during the lifecycle of an online relationship, information about
users changes frequently. Employees may get promoted or change assignment,
requiring access to a different set of enterprise resources. Business partners
may change the terms of their relationship with a company, entitling them to
different product discounts or to advance product information. Customers may
sign up for a premium support option entitling them to response priority should
product problems arise. All of these changes require updates to user directories
or changes in resource entitlements according to corporate governance policies.
If the responsibility for management and implementation of this expanding class
of user changes lands in the IT department, productivity and responsiveness
diminishes and costs grow.
Finally, these expanding customer, employee and partner constituencies are
increasingly establishing their online connection with companies via corporate
portals. Theoretically, the corporate portal provides a single point of access
to all of the products and services these users require according to their
business relationships. Too often, however, portals are designed for a specific
application, like Enterprise Resource Planning (ERP), or Customer Relationship
Management (CRM), or they support a single system platform or application
server. As a result, users often need to deal with multiple portals and assume
the burden of assimilating multiple views of information. Alternatively, IT
departments can provide customer portal solutions that aggregate applications
across these boundaries usually at great expense and with fragile integrations.
In order for e-business to be successful, companies require a secure and
scalable relationship management infrastructure for conducting business. Portal
sites must be capable of managing large numbers of users and multiple user
transactions without jeopardizing the integrity of the company's security
policies. As companies seek to attract customers and partners to their portal
sites, and to increase the efficiency of their employees, they require a
solution providing a seamless and integrated view of the applications on their
web sites. The solution should provide single sign-on to personalized
information based on the profile of the particular user. As the number of
applications proliferates and the complexity of data increases, the solution
should reduce the burden of providing, and as necessary revoking, access rights
and privileges to these applications. Furthermore, the solution should address
the administrative and deployment issues created by this application
proliferation. Companies require a solution that easily and seamlessly
integrates with their existing investments in information technology
infrastructure, including web servers, application servers, directory servers
and various forms of user identification. They require e-business infrastructure
that acknowledges and supports heterogeneous and growing user constituencies and
application environments.
4
Finally, companies require an open and extensible architecture in order to
accommodate the introduction of new, evolving web technologies.
THE NETEGRITY SOLUTION
We are a leading provider of Secure Relationship Management (SRM) software
and services for interactive e-business applications. Key benefits of our
solution include:
- Improved responsiveness to customers, partners and employees. Netegrity's
SRM platform accelerates the creation and expansion of interactive
e-business applications by giving relationship managers the tools to
connect their staff, business partners, or customers to all of the
business applications and information required by their specific business
relationship.
- Extended e-business reach. Netegrity's SRM platform delivers secure,
scalable e-business infrastructure to meet customer needs as they grow
from portal projects of internal, departmental scope to extranet and
internet initiatives with user domains quantified in the millions.
- Reduced cost and complexity for e-business initiatives. Netegrity's SRM
platform reduces the cost, complexity, and risk associated with
e-business initiatives by providing unified, centralized administration
for critical e-business infrastructure services, including user creation
and identity management, resource entitlement, and presentation via
e-business portals.
Netegrity's product lines include SiteMinder software, Delegated Management
Services software and Netegrity Interaction Server software. Key product
benefits include:
- Centralized portal access and entitlement management. SiteMinder
software provides centralized control of users and entitlements that
extends across multiple web-based applications developed by multiple
vendors on a company's web site. SiteMinder manages the entitlements of
customers, business partners and employees accessing applications on a
company's portal. Our solution provides this centralized entitlement
management as a shared service that includes all of the e-business
applications deployed by our customers. This approach provides many
benefits. Security changes can be effected swiftly and efficiently across
all of a company's e-business applications. Moreover, application
developers become much more productive because they are free to focus on
business processes and leave security, privilege management and
personalization to SiteMinder.
- Personalized user experience through single sign-on and personalized
content. With SiteMinder, users sign-on to a web site once and gain
access to all relevant information as defined by their organizational
role and user entitlements. SiteMinder provides single sign-on across
multiple applications, platforms, and multiple internet domains. Single
sign-on provides access to a personalized view of content drawn from
multiple applications that run on multiple servers, multiple operating
systems, and across multiple Internet domains. This benefits end users by
providing them with a high-quality user experience, personalized to meet
their individual needs. By providing a superior user experience on its
web site, a company is able to protect its brand and build customer
loyalty.
- Controlled delegation of administrative responsibilities. DMS software
provides policy-based administration of security so that administrative
responsibilities can be easily delegated to individual business units,
remote trading partners or other administrators without jeopardizing
control. Delegated administrators control only the users and policies for
which they have been granted explicit responsibility. SiteMinder assigns
administrative responsibility where the knowledge resides, while still
maintaining the overall security of a site. DMS permits delegation of
user and management entitlement responsibility by organizational
administrators both within and outside the portal boundaries. As a
result, a company's administrative burdens and associated costs can be
dramatically reduced.
- Leveraged investments in enterprise applications, web applications, and
web content. The NIS platform provides a central web-based location for
the aggregation and presentation of content and data from existing
applications, developed by multiple vendors, encouraging further use and
extending the
5
life of existing systems. NIS improves organizational efficiency by
allowing any employee, partner or customer whose business relationship
requires it, to access information and applications.
- Accelerated deployment of portal solutions. SRM products enable
deployment of fully functional, secure and extensible portals in less
time, delivering a rapid return on investment.
- Leveraged investments in technology infrastructure. Our products support
most leading infrastructure components and existing systems currently
employed by companies and have been designed to easily accommodate
emerging Internet technologies. SiteMinder integrates with leading user
directories, web servers, application servers and authentication
technologies. SiteMinder also provides support for multiple web servers
and operating platforms involving Microsoft and Netscape web servers, and
Windows NT and UNIX platforms, which facilitates cross-platform
development, deployment and migration. SiteMinder integrates a customer's
existing directories, eliminating the need for duplicate user databases.
NIS is based on standard J2EE architecture that offers support for
multiple server platforms. Support for Java Server Pages (JSP), Java
Messaging Services (JMS), and Lightweight Directory Access Protocol
(LDAP) leverages existing tools and developer skill sets.
- Scaled platform and high-availability. Our customers require a platform
that scales as they deploy additional applications and as user traffic
grows, while providing the highest level of reliability. SiteMinder
provides a scalable high-availability platform to meet the requirements
of demanding portals. Based on independent third-party testing, published
data from other vendors and feedback from customers, we believe that
SiteMinder provides significantly higher transaction volume than other
competing solutions. NIS's advanced clustering provides for portal
scalability by enabling the distribution of portal functionality based on
actual or expected load.
STRATEGY
Our objective is to become the market leader in Secure Relationship
Management by leveraging category leadership in the access control, single sign
on, user management and portal product markets. Key objectives of our strategy
include:
- Extending technology leadership in the extranet access management market
to the SRM market. We believe that our integrated products enable us to
offer a more complete and cost-effective SRM solution for interactive
e-business. By building upon our core competencies in access control,
single sign-on, delegated user management, and our products' ability to
scale to support millions of users, we believe we can continue to derive
revenue from the extranet access management market, and extend our
leadership in that market to adjacent markets to which these shared
security services are frequently applied, namely the enterprise
information portal and provisioning markets. Furthermore, we believe that
our expanded product line, now including the NIS platform, will enable us
to offer a broader solution to customers. Our core SiteMinder and DMS
products address critical centralized information technology needs. With
NIS, which leverages SiteMinder software and DMS security capabilities,
we can now offer a secure portal solution to departments, lines of
businesses, and other e-business initiatives beyond central information
technology. Our goal is to expand our product line to include a
provisioning product. Also referred to as Enterprise User Administration
tools, provisioning software products automate and simplify the
deployment of user access rights on multiple platforms and applications.
Industry analysts such as IDC and The Gartner Group estimate that the
total addressable market for the software products that comprise SRM will
exceed $4 billion by 2005.
- Ensuring best-of-breed status for individual products within their
respective categories. As a technology leader in our key market
categories we will continue to develop and expand our product lines and
to respond to customer requirements. We will also address competitive
challenges by seeking recognition from industry analysts, journalists and
other influencers and thought leaders. SiteMinder software is currently a
clear leader in the access control and single sign-on category according
to industry analysts like The Gartner Group. NIS version 5.0 has earned
strong endorsement within its category by the META Group. These
independent third-party endorsements significantly influence customer
purchasing decisions and will remain high strategic priorities.
6
- Expanding applications of products into new markets. Our SiteMinder
solution will continue to add support for enterprise applications such
CRM and ERP, extending the domain of applications to which seamless
single sign-on can be provided. Furthermore, SiteMinder will continue to
incorporate support for Extensible Markup Language (XML) and XML-based
standards such as Security Assertion Markup Language (SAML), enabling
companies to ensure policy-based access to affiliates in their trading
networks.
- Expanding strategic partnerships. We have developed strategic
relationships in order to significantly increase market awareness and
distribution for our products. We have focused on system integrators,
alliance partners, technology partners and resellers. System integrators
play a major role in deploying the Company's products. Integrators also
recommend our products to prospective customers. Netegrity has
established significant partnerships with major global system integrators
including the "Big Five" firms and many specialty internet services
firms. Alliance partners, including leading software infrastructure and
e-business companies, have licensed versions of our software and bundle
our products into their product offerings. Technology partners integrate
their product offerings to insure that they interoperate with our
products, thus enabling our customers to easily deploy our products with
the many customer products incorporated into their e-business
environments. The Netegrity Technology Partner program includes over 120
leading independent software vendors as well as leading authentication
and security solution vendors. Resellers sell the Company's products and
have played a significant role in expanding our distribution network,
particularly in Europe and Asia. We believe that these relationships will
continue to expand our market, especially within Global 2000 customers,
and allow us to accelerate customer deployments of Netegrity products.
- Continuing international expansion. In 2001, we expanded our sales and
marketing efforts beyond the United States to Europe and Asia. We have
expanded our sales force and support organizations with the objective of
gaining broad international market acceptance of Netegrity's solutions.
In addition, we are developing products and services intended to address
the specific needs of our international markets. These include developing
localized versions of our products and local consulting services.
- Continuously improving customer service. We have learned that a
customer's decision to purchase our product is based, in part, on our
ability to provide a high level of customer service and implementation
support. As the worldwide demand for our product grows, it is critical
for us to build these capabilities globally. During 2001, the Company
opened a technical support center in Kuala Lumpur, Malaysia. We are
expanding our customer service capacity and building cooperative
relationships with integration partners. This capacity and these
relationships will collectively ensure that we have the product knowledge
and access to Netegrity resources necessary to ensure the timely and
reliable implementation of Netegrity's solutions.
- Making strategic acquisitions. We believe that there are significant
market opportunities that leverage our market position that can best be
met through a strategic acquisition program. Our intention is to leverage
Netegrity's valuation as well as our strong balance sheet position. We
intend to evaluate strategic opportunities and potential acquisitions
where the products are technologically complementary and that allow the
Company to broaden its product line, such as provisioning.
PRODUCTS AND SERVICES
Our SRM platform consists principally of our SiteMinder, DMS and NIS
products and services that combine identity management, single sign-on and
access control, with portal presentation and integration services. These
integrated services will be centrally managed from a policy-based management
dashboard enabling the administrator to define user roles and resources in order
to deliver dynamic business applications to the portal. Specifically,
Netegrity's major product offerings include:
- SITEMINDER SOFTWARE. This is our flagship product designed for
authentication and access management for web-enabled application and
content,
7
- DELEGATED MANAGEMENT SERVICES SOFTWARE. A product that is an add-on
solution to SiteMinder software, this allows customers to delegate the
management of all types of users accessing a company's e-business
systems, and
- NIS SOFTWARE. This product allows customers to customize and personalize
content delivered from back-end applications to web-users.
SITEMINDER SOFTWARE
SiteMinder software provides companies with the ability to control user
access to e-business web sites. SiteMinder centrally manages user identity and
entitlement information and shares this information across all of the
applications on a site, greatly reducing the cost and complexity of
administering web sites. SiteMinder software is a rules based policy engine that
enables administrators to define policies that the SiteMinder product will use
to deliver shared services such as single sign-on, authentication management,
entitlement management, reporting and auditing. SiteMinder provides a broad
range of benefits to Global 2000 customers, including:
- Centralized control. Centrally managing users and their entitlements
eliminates the need for managing redundant "silos" of application
security. This greatly reduces the complexity and cost of managing users
on e-business web sites.
- High quality user experience. Single sign-on enables users to log on
once to an e-business web site and access multiple applications thereby
increasing customer satisfaction by eliminating the need for multiple
log-ons.
- Personalization based on identity. SiteMinder enables web sites to be
personalized based on the users identity and entitlements.
- Enterprise scalability. SiteMinder software has been designed to provide
the performance needed for the most demanding web sites. Netegrity's
customers have deployed sites with millions of users secured by
SiteMinder.
- Open platform. SiteMinder is designed to run on all of the major
platforms used for e-business, including multiple versions of operating
systems, web servers, directories, application servers and databases.
SiteMinder software consists of three key components: Policy Server,
Agents and an Administration Console. Additionally, SiteMinder is delivered with
a developer kit that allows developers to construct web sites in both C++ and
Java applications. The following briefly describes each of the primary
components:
- Policy Server. The Policy Server is a generalized security policy engine
that includes processes for authentication, authorization, session
management, administration and auditing. The Policy Server, which handles
all requests for managing, and enforcing user entitlements, runs on
Windows NT and UNIX platforms.
- Agents. Agents are distributed components deployed on web servers,
application servers, and mainframes or as part of an application itself.
Agents communicate policies to the application governing user
entitlements. SiteMinder includes web agents compatible with most popular
web servers, including Microsoft IIS, Netscape Enterprise Server and
Apache. SiteMinder also supports application server agents compatible
with the current most popular application servers.
In the fourth quarter of 2001 the Company released the Netegrity Secure
Proxy Server platform. This SiteMinder add-on can be used in combination
with web agents or independently. The Secure Proxy Server platform is a
high performance, proxy gateway that is an alternative to Netegrity's
traditional agents for securing company's backend servers. The Secure
Proxy Server's patent pending technology offers a turnkey reverse proxy
solution built upon market-proven Java technologies and components. It is
an add-on solution to Netegrity SiteMinder that accepts HTTP and HTTP over
SSL (HTTPS) requests from web clients, passes those requests to enterprise
backend content servers, and
8
then returns resources to the requesting client. The Secure Proxy Server
solutions may be used singly or in combination with SiteMinder Agents to
provide the optimum security and administration environment for any site.
- Administration Console. The Administration Console is a secure Java
applet that allows administrators to create and manage user entitlement
policies from any Java-enabled web browser.
A SiteMinder protected e-business web site secures users and applications
as follows:
1. A user enters an e-business web site and attempts to access an
application. The web agent intercepts this request and checks with the
policy server to determine if the application is protected.
2. If the application is protected, the SiteMinder software policy
server will tell the web agent to authenticate the user with any number of
authentication techniques. SiteMinder supports most of the major
authentication approaches including user name and password, digital
certificates, basic authentication, forms, custom, tokens and biometric.
SiteMinder can also chain together different authentication methods for
different groups of users.
3. Once the user has been authenticated, the SiteMinder software
policy server delivers to a web agent the entitlements for this user.
SiteMinder provides very fine grained authorizations and can restrict
access based on any number of user attributes (group, role, location, etc.)
as well as based on time of day, IP address and more. These entitlements
are now delivered to the application.
4. Finally, the application uses the entitlements to process the user
requests and provide identity based personalization.
SiteMinder has been developed with a scalable, highly available
architecture. Key features of this robust architecture include:
- Load balancing. SiteMinder Agent components can easily be configured to
balance loads across multiple policy servers, as well as across multiple
user directories. The result is nearly linear scaling as additional
servers are deployed.
- Automatic fail-over. SiteMinder Agents are readily configured to
automatically communicate with a new policy server should their primary
policy server be taken off line or fail. Likewise, SiteMinder Policy
Servers can be configured to automatically utilize a new user directory
should their primary user directory be taken off line or fail. The result
is a fully redundant architecture that provides high availability.
- Local caching. Both Policy Server software and Agents can be configured
to cache appropriate data thereby minimizing unnecessary traffic and
processing requirements. SiteMinder's session management will
automatically update cached information should policies or user profiles
change.
We typically license SiteMinder software based on the following categories:
- Intranets, in which all the users are employees or contractors working
for our customer. Prices start at approximately $30 per user for small
sites and are discounted as volumes grow.
- Extranets, in which our customers conduct transactions with their
corporate customers, suppliers and partners. Prices start at
approximately $20 per user for small sites and are discounted as volumes
grow.
- Internet sites, in which consumer users are seeking products or
information from our customers. Prices start at approximately $4 per user
for volumes greater than 250,000 users and are discounted as volumes
grow.
Standard SiteMinder software licenses include a web Agent license and
Policy Server licenses. Essentially, our customers pay us for the size of the
web site they are building, as measured by the number and type of users of that
site. Our standard product license gives the customer the right to replicate and
install our SiteMinder software components throughout its web site
infrastructure as needed to meet scalability and redundancy requirements.
9
DELEGATED MANAGEMENT SERVICES SOFTWARE
Netegrity's Delegated Management Services version 2.0 (DMS2) is an add-on
solution to our SiteMinder software that enables e-businesses to greatly reduce
management time, complexity, and costs associated with managing large numbers of
distributed users accessing e-business web sites protected by SiteMinder.
DMS2 enables administrators to delegate to business unit or partner
administrators the creation and management of user accounts/profiles and the
assignment of users to roles that determine their access to the e-business
applications. Additionally, DMS2 provides the end user with the ability to
self-service their user data reducing costs and time frames for profile changes.
DMS2 works with SiteMinder to provide integration of identity management and
access control.
The DMS2 product runs on a range of different platforms and works with a
broad range of user directories. The product supports "N-level" delegation
allowing delegation of administration to any number of levels within a company
or a partner organization. The product is built with standard technology such as
HTML and JSP pages that enable fast customization and the ability to brand DMS2
for a company. DMS2 also includes workflow events enabling customers to
implement approval based workflow solutions. With DMS2, administrators can:
- Discover organizations, groups and users
- Create multiple levels of delegation authority
- Create, modify and delete groups and users
- Create and manage multiple sub-organizations and
- Assign organizational administrators
Key benefits of DMS2 software include:
- Enables companies to securely manage e-business directories
worldwide. DMS2 addresses the needs of businesses today to delegate
directory management to logically and physically distinct business
partners while ensuring the security of the supported e-business system.
DMS2 offers advanced identity management capabilities in diverse
languages, including mixed languages for multi-national corporate
environments.
- Reduces costs associated with managing large numbers of users. DMS2
leverages infrastructure by utilizing existing directories thereby
eliminating the need to create new directories or synchronize with
existing name spaces. It includes an easy to use configuration wizard
that quickly establishes the primary administrator and creates all the
needed delegated user management components to enable unlimited numbers
of organizational administrators thereby reducing IT workload and
staffing requirements.
- Offers the reliability, extensibility and scalability required by mission
critical e-business systems. DMS2 leverages SiteMinder's industry proven
scalability in support of multi-million user deployments. The DMS2 agent
architecture provides the same failover and load-balancing features
offered by SiteMinder web agent components. Presentation components are
comprised of easily extensible JSPs, Java Beans and text-based property
files.
We typically license DMS software within the same categories as SiteMinder
as follows:
- Intranets, in which all the users are employees or contractors working
for our customer.
- Extranets, in which our customers conduct transactions with their
corporate customers, suppliers and partners.
- Internet sites, in which consumer users are seeking products or
information from our customers.
10
SiteMinder Software Products in Development (as of March 1, 2002)
We are scheduled to release SiteMinder version 5.0 in the first quarter of
2002. This release will include:
- Real-time Transactional Security. SiteMinder version 5.0 will allow for
the separation of security specific business logic from the rest of the
application thereby binding contextual data to authorization policies and
evaluating security business policies in real time.
- A Reduction of Overall IT Administration Costs. SiteMinder version 5.0
will enhance site administration capabilities by providing network
monitoring, centralized agent management, tools for security life-cycle
management, and enhanced reporting to help customers to fine-tune their
e-business infrastructure. These enhancements are designed to reduce
overall IT administration costs.
- Improved Microsoft Windows Security Integration. SiteMinder version 5.0
will work seamlessly with Microsoft desktop applications, email and
departmental HTTP servers.
In addition, within the next twelve months, the Company intends to
introduce SiteMinder Affiliate Services software to enable customers to deliver
federated security across trusted e-business networks, and TransactionMinder
software, to enable customers to provide policy-based security for web services.
NETEGRITY INTERACTION SERVER SOFTWARE
NIS software version 5.0, which was released by DataChannel in the third
quarter of fiscal year 2001 prior to its acquisition by the Company, interacts
with four components of an enterprise IT infrastructure:
- Database Server. The NIS Platform is designed to support Microsoft SQL
Server 7.0/2000 and Oracle 8.1.7. The database server acts as the central
repository for storing essential configuration and run-time data needed
by NIS.
- Application Server. NIS version 5.0 is a portal framework of modular
components built with Java 2 Platform Enterprise Edition (J2EE)
technologies. It is deployable on J2EE-compliant application servers,
leveraging performance and scalability, through segmenting and
distributing functionality among clustered machines. Netegrity has
reached an agreement with BEA to package Weblogic Server with NIS.
- Search Server. NIS currently integrates the search capabilities of
Convera's RetrievalWare to provide search on both portal content and
meta-content. NIS has an extensible architecture that enables the
integration of other search engines as well.
- Directory Servers. NIS version 5.0 provides native integration with
iPlanet Directory Server and Microsoft Windows 2000 Active Directory
Service and utilizes them as repositories for user and entitlement data.
Key features of NIS include:
- Workspace Development. NIS delivers a browser based easy to use, visual
portal page development environment that enables the creation of complex
portal pages. The product also delivers a forms-based page development
tool.
- Interactive Knowledge Management. NIS provides integrated content
management capabilities including end-user publishing, workflow,
versioning, check-in/check-out, bulk publishing, and scheduled
availability/expiration for all portal resources as well as extending
these services to Integrated Content Management vendor-controlled
content. In addition, built-in taxonomy tools allow for personalized,
context-sensitive content delivery.
- Integrated Access. NIS portlet architecture provides over 100 pre-made
portlets for integrated, personalized access to common web-based and
application-based resources. A suite of portlet generation wizards
automate the creation of new portlets using various communication
technologies including JDBC, web Services (WSDL/SOAP) and Enterprise
Application Integration (EAI) products such as those from SeeBeyond and
Vitria. Application Portlet Wiring functionality allows
11
portlets to be "related" such that data from one portlet can drive the
content/presentation of other portlets.
- Search Features. NIS possesses fully integrated search and discovery
capability, including support for full-text searching, meta-data
searches, "fuzzy" logic, parametric and concept searches.
- Environmental Changes. NIS has subscription and notification services
throughout both the portal content and administrative facilities,
alerting users and/or administrators of changes in the environment either
via email or through a dedicated portal notifications page.
We typically license NIS based on the following categories:
- Intranets, in which all the users are employees or contractors working
for our customer. Prices start at approximately $243 per user for small
sites and are discounted as volumes grow.
- Extranets, in which our customers conduct transactions with their
corporate customers, suppliers and partners. Prices start at
approximately $136 per user for small sites and are discounted as volumes
grow.
- Internet Sites, in which users are consumers seeking products or
information from our customers. Prices start at less than $96 per user
for volumes up to 1,000 users and are discounted as volumes grow.
NIS Products in Development (as of March 1, 2002)
We are scheduled to release NIS version 5.1 in the first quarter of 2002.
This release will represent the first step in integrating SiteMinder
functionality into NIS and will include:
- Integration with SiteMinder Security Policies. All resources managed by
the NIS, including portlets, documents, folders and topics, will be
protected using SiteMinder. Administration costs are reduced by centrally
managing user access across all e-business applications. The
out-of-the-box integration also provides a seamless user experience with
single sign-on across all portal applications and a personalized
experience based on the user's profile.
- Integration of the Directory Server Services of SiteMinder. The
integration of the directory server services of SiteMinder will increase
the range of supported directory servers.
- Integration of SiteMinder Security with the Event Message System. The
integration of SiteMinder security with the event message system will
enable significant security among "wired" portlets.
- Creation of Self-Registration Portlets. Wizards will be provided for
creating portlets that allow users to create a customer registration
interface for SiteMinder.
NETEGRITY JSAML TOOLKIT AND SECURITY STANDARDS
The Organization for the Advancement of Structured Information Standards
(OASIS) is an international, not-for-profit consortium that designs and develops
industry standard specifications for interoperability based on XML. In December
2000, Netegrity created an OASIS industry-wide Technical Committee called
Security Services (www.oasis-open.org/committees/security), which is responsible
for submitting a draft specification of the Security Assertion Markup Language
(SAML) to the OASIS Board members. The SAML specification is primarily based on
Netegrity's pioneering XML security specification called S2ML. Netegrity
continues to work toward the completion of the SAML Oasis Standards and hopes
that this standard will be widely adopted in the industry allowing the
development and deployment of web services security solutions.
SERVICES
Our professional services organization provides consulting and integration
services that aid our customers in successfully implementing SiteMinder, DMS and
NIS products within their organizations. Our professional
12
services include application infrastructure planning, application prototyping
and integration, deployment, SiteMinder extensions and custom agents, and
training for developers and solutions architects.
The Netegrity Technical Services group is headquartered in Waltham,
Massachusetts. In order to ensure delivery of customer service around the world
on a 24 hour per day, seven day per week basis, during 2001 the Company also
opened a technical service center in Kuala Lumpur, Malaysia. We provide many
services as well as various levels of support for all customer environments,
based on their needs. Prompt response and a quality resolution are the hallmarks
of our service. The Netegrity Technical Service Centers offer email, fax, World
Wide Web (www) or telephone access for our customers. Netegrity Technical
Services also offers extended services such as on-site training, installation,
and customized service offerings. Netegrity Technical Services is committed to
resolving customer problems in a timely manner.
OTHER PRODUCTS AND SERVICES
In addition to the sales and marketing of Netegrity's SiteMinder, DMS and
NIS products, we are a non-exclusive distributor of Check Point Software
Technologies' FireWall-1 product. We sell this product directly to end users
through a small, dedicated sales organization throughout the United States.
SALES, MARKETING AND DISTRIBUTION
We directly market our SiteMinder, DMS and NIS software and services
domestically through a field sales organization supported by inside sales
representatives. We also indirectly market through strategic partnerships and
other third-party relationships with vendors of Internet-related systems and
application software as well as through resellers and systems integrators. As of
December 31, 2001, our sales, marketing and customer support organizations
consisted of 236 individuals (including 20 from the DataChannel acquisition).
Direct Sales Force. As of December 31, 2001, our direct sales force
consisted of 151 individuals, 42 of whom were field sales representatives
covering three domestic and two international regions. Our sales organization
identifies prospects that have e-business plans and requirements, and deploys a
solution-selling approach once customers are qualified. Our inside sales
representatives qualify, develop and pursue leads generated through a variety of
sources. Our field sales group conducts on-site meetings with accounts that have
substantial product and service requirements. We market SiteMinder and DMS
software and services to large, corporate customers and smaller firms that need
to protect access to mission-critical information while providing the users of
their applications with a personalized, seamless experience. We market NIS
software and services to similar profile companies, whose e-business application
plans include requirements for personalized portal workspaces that aggregate and
integrate content and application presentation. We generally sell to e-business
business managers, product managers, web application development managers,
Internet architects, security administrators, network/systems administrators and
other people responsible for analyzing and selecting e-business solutions. We
plan to continue to focus on building our direct sales force, especially our
field sales representatives, both internationally and domestically.
13
Indirect Distribution. We have signed partnership agreements with several
leading technology providers and systems integrators. We classify our partner
companies as follows:
- Systems integrators. Netegrity has established significant partnerships
with major global systems integrators which play a major role in
deploying the Company's products and also recommend our products to
prospective customers.
- Alliance Partners. Alliance partners have licensed versions of our
software and bundle our products into their product offerings.
- Technology Partners. Technology partners integrate their product
offerings to insure that they interoperate with our software and bundle
our products into their product offerings. We work together with these
vendors to provide technical integration of our product. In many cases we
also work together on sales and marketing initiatives.
- Resellers. Resellers sell the Company's products and have played a
significant role in expanding our distribution network, particularly in
Europe and Asia.
Product Marketing Programs. We engage in a broad range of product
marketing activities, including sponsorship of seminars for prospective
customers, exhibiting at targeted conferences for the technology and investment
communities, as well as providing paper and e-mail based direct mailings. We
also maintain an active public relations program through which we issue press
releases that highlight major customer additions, strategic partnerships and new
product releases, manage relationships with industry analysts, and promote
coverage of the Company in the trade and business press. We devote significant
resources to our web site to provide product and company information as well as
customer profiles. We continue to enhance our web site with features, including
presentations and seminar content online and customer application success
stories. Our product marketing programs are aimed at informing customers of the
capabilities and benefits of our solutions and increasing demand across all
industry segments. We plan to continue to devote significant resources to
marketing our products and brand.
CUSTOMERS
As of December 31, 2001, we licensed SiteMinder software to 533 customers,
including 98 customers who also license DMS software, and NIS software to 36
customers. Our customer base spans multiple industry segments, including
financial services, manufacturing, health care, high tech, governmental, banking
and service providers.
No single customer, including direct end users or resellers, accounted for
more than 10% of our total revenues during the years ended December 31, 2001,
2000 and 1999.
PURCHASING
The Company purchases 100% of its FireWall-1 product directly through Check
Point Software Technologies, Ltd. The Company also purchases firewall-related
accessory products through various third-party vendors. The Company has not
experienced any material difficulties or delays in acquiring any of the products
that it distributes.
DISTRIBUTION AND BACKLOG
The Company generally ships product within one to three days of the receipt
of an order from a customer. Consequently, backlog is currently not a material
factor.
COMPETITION
The market for SRM products and services is new, rapidly evolving and
highly competitive. We expect competition to continue to increase both from
existing competitors and new market entrants. We believe that our ability to
compete depends on many factors both within and beyond our control, including:
the performance, reliability, features, price and ease of use of our products as
compared to those of our
14
competitors; our ability to secure and maintain key strategic relationships with
distributors, resellers and other partners; our ability to expand both our
domestic and international sales operations; and the timing and market
acceptance of new solutions and enhancements to existing solutions developed by
us and our competitors.
Initially, our primary source of competition was from custom-built secure
portal management software developed in-house. Many of our potential customers
have the resources to establish in-house software development capabilities, and
some of them, from time to time, may choose to develop their own secure portal
management technology competitive with ours.
Our primary competitor for SiteMinder software is the Tivoli Division of
IBM. We also compete against traditional security companies such as Oblix,
RSA/Securant, Entrust and Open Network Technology. We compete against
traditional portal vendors such as Plumtree and EpiCentric with our NIS
software. In addition, a number of other security and software companies have
indicated that they plan to offer products that may compete with our SRM product
line in the future. Competition may also develop as the market matures and other
companies begin to offer similar products, and as our product offerings expand
to other segments of the marketplace. Current and potential competitors have
established, or may in the future establish, cooperative selling relationships
with third parties to increase the distribution of their products to the
marketplace. Accordingly, it is possible that new competitors may emerge and
acquire significant market share.
Today, many of our competitors have shorter operating histories, and less
financial and technical resources than we have. In addition, these smaller
competitors have smaller customer bases. Some of our newer competitors, however,
are larger companies who have large financial resources, well-established
development and support teams, and large customer bases. These larger
competitors may initiate pricing policies that would make it more difficult for
us to maintain our competitive position against these companies.
As new participants enter the SRM market, we will face increased
competition. Potential competitors may bundle their products in a manner that
discourages users from purchasing our products. It is also possible that current
and potential competitors may be able to respond more quickly to new or emerging
technologies or customer requirements, resulting in increased market share.
Our FireWall-1 reseller business experiences competition from companies
that offer products competing with Check Point Software Technologies' FireWall-1
product, including Symantec Technologies, Cisco Systems and Trusted Information
Systems. We also compete with other resellers of FireWall-1.
PRODUCT RESEARCH AND DEVELOPMENT
The market for e-business security products is characterized by rapid
technological change, changes in customer requirements, new product
introductions and enhancements, and emerging industry standards. We devote
significant time and resources to analyzing and responding to changes in the
industry, such as changes in operating systems, application software, security
standards, networking software and evolving customer requirements.
E-business applications have significant requirements for scalability,
reliability, sophisticated security and ease of administration. These increased
demands drive the need for a centralized access control model for administrators
and a single point of access for end-users. With the growing implementation of
standards-based user directories, such as LDAP, and the proliferation of
flexible and easy-to-use security products, businesses are able to take
advantage of best-of-breed solutions as they deploy e-business applications
across heterogeneous networks. We have made, and expect to continue to make, a
substantial investment in research and development. In the years ended December
31, 1999, 2000 and 2001, we spent approximately $3.7, $9.1 and $15.8 million,
respectively (exclusive of approximately $3.0 million of non-recurring acquired
in-process research and development in connection with the acquisition of
DataChannel) or 29%, 17% and 18% of total revenues on research and development.
We will continue our product development efforts for our current products, as
well as developing next generation products for new markets. As of December 31,
2001, we had 142 employees engaged in research and development activities
(including 40 from the DataChannel acquisition).
15
We believe our future success depends largely on our ability to enhance and
broaden our existing product line to meet the evolving needs of the market.
There can be no assurance that we will be able to respond effectively to
technological changes or new industry standards or developments. Our operating
results and business could be adversely affected if we were to incur significant
delays or be unsuccessful in developing new products or enhancing our existing
products, or if any such enhancements or new products do not gain market
acceptance. In addition, a number of factors may cause variations in our future
operating results including the timing of product introductions and enhancements
by us or our competitors, market acceptance of new products, or customer order
deferrals in anticipation of new products.
PROPRIETARY RIGHTS
Our success and ability to compete are dependent to a significant degree on
our ability to develop and maintain the proprietary aspects of our technology
and operate without infringing on the proprietary rights of others. We rely on a
combination of trademark, trade secret and copyright laws and licenses and
contractual restrictions to protect the proprietary aspects of our technology.
These legal protections afford only limited protection for our technology. We
seek to protect our source code for our software, documentation and other
written materials under trade secret and copyright laws. We license our software
pursuant to signed license agreements, which impose restrictions on the
licensee's ability to utilize the software. Finally, we seek to limit disclosure
of our intellectual property by requiring employees and consultants with access
to our proprietary information to execute confidentiality agreements with us and
by restricting access to our source code. Due to rapid technological change, we
believe that factors such as the technological and creative skills of our
personnel, new product developments and enhancements to existing products are
more important than the various legal protections of our technology to
establishing and maintaining a technology leadership position.
Despite our efforts to protect our proprietary rights, unauthorized parties
may attempt to copy aspects of our products or to obtain and use information
that we regard as proprietary. Policing unauthorized use of our products is
difficult and, while we are unable to determine the extent to which piracy of
our software exists, it can be expected to be a persistent problem. In addition,
the laws of many countries do not protect our proprietary rights to as great an
extent as do the laws of the United States. Litigation may be necessary in the
future to enforce our intellectual property rights, to protect our trade
secrets, to determine the validity and scope of the proprietary rights of others
or to defend against claims of infringement or invalidity. Any such litigation
could result in substantial costs and diversion of resources and could have a
material adverse effect on our business, operating results and financial
condition. There can be no assurance that our means of protecting our
proprietary rights will be adequate or that our competitors will not
independently develop similar technology. Any failure by us to meaningfully
protect our property could have a material adverse effect on our business,
operating results and financial condition.
There can be no assurance that other parties will not claim infringement
with respect to our current or future products. We expect that developers of
web-based application software products will increasingly be subject to
infringement claims as the number of products and competitors in our industry
segment grows and as the functionality of products in different segments of the
software industry increasingly overlaps. Any such claims, with or without merit,
could be time consuming to defend, result in costly litigation, divert
management's attention and resources, cause product shipment delays or require
us to enter into terms marginally acceptable to us or at all. A successful
infringement claim against us and our failure or inability to license the
infringed rights or develop or license technology with comparable functionality
could have a material adverse effect on our business, financial condition and
operating results.
We integrate third-party software into our products. This third-party
software may not continue to be available on commercially reasonable terms. We
believe, however, there are alternative sources for such technology. If we are
unable to maintain licenses to the third-party software included in our
products, however, distribution of our products could be delayed until
equivalent software could be developed or licensed and integrated into our
products. This delay could materially adversely affect our business, operating
results and financial condition.
16
EMPLOYEES
As of December 31, 2001, we had a total of 486 full-time employees
(including 95 from the acquisition of DataChannel), of which 142 were involved
in research and development, 226 in sales, marketing and customer support, 77 in
consulting and training and 41 in administration and finance. None of our
employees are represented by a labor union. We have not experienced any work
stoppages and believe that our relationships with employees are good. Our future
success will depend in part on our ability to attract, retain and motivate
highly qualified technical and management personnel, for whom competition is
intense.
17
RISK FACTORS
The Private Securities Litigation Reform Act of 1995 contains certain safe
harbors regarding forward-looking statements. In that context, the discussion in
this Item contains forward-looking statements that involve certain degrees of
risk and uncertainty, including statements relating to liquidity and capital
resources. Except for the historical information contained herein, the matters
discussed in this section are such forward-looking statements that involve risks
and uncertainties, including:
WE HAVE INCURRED SUBSTANTIAL LOSSES AND MAY NOT BE PROFITABLE IN THE FUTURE.
In recent years, we have incurred substantial operating losses. We cannot
predict if we will achieve profitability for any substantial period of time.
Failure to maintain levels of profitability as expected by investors may
adversely affect the market price of our common stock. In the year ended
December 31, 2001, we had net income of $1.6 million. As a result of historical
operating losses, including during the last two quarters of the year ended
December 31, 2001, as of December 31, 2001, we had an accumulated deficit of
approximately $20.4 million.
DISAPPOINTING QUARTERLY RESULTS COULD CAUSE THE MARKET PRICE OF OUR COMMON STOCK
TO FALL SUBSTANTIALLY.
Our quarterly revenues and operating results are difficult to predict and
may fluctuate significantly from quarter to quarter. If our quarterly revenues
or operating results fall below the expectations of investors, the price of our
common stock could fall substantially. Our quarterly revenues may fluctuate for
several reasons, including the following:
- customers choosing to delay their purchase commitments or purchase in
smaller than expected quantities due to a general slowdown in the
economy;
- market acceptance of our SiteMinder, DMS, NIS and related products;
- our success in obtaining follow-on sales to existing customers;
- the long sales and deployment cycle of our products;
- our ability to hire and retain personnel, particularly in development,
services and sales and marketing;
- the release of new versions of SiteMinder or other products; and
- the development of our direct and indirect sales channels.
In addition, because our revenues from services are largely correlated with
our software revenues, a decline in software revenues could also cause a decline
in our services revenues in the same quarter or in subsequent quarters. Other
factors, many of which are outside our control, could also cause variations in
our quarterly revenues and operating results.
Most of our expenses, such as employee compensation and rent, are
relatively fixed. Moreover, our expense levels are based, in part, on our
expectations regarding future revenue increases. We expect to continue to invest
in all areas, particularly in research and development and sales and marketing,
in order to execute our business plan. As a result, any shortfall in revenues in
relation to our expectations could cause significant changes in our operating
results from quarter to quarter and could result in future losses.
OUR FUTURE SUCCESS WILL DEPEND ON OUR ABILITY TO MARKET OUR PRODUCTS AND RELATED
SERVICES SUCCESSFULLY.
We currently derive a substantial majority of our total revenues from the
sale of SiteMinder software licenses and related products and services.
Commercial deployments of SiteMinder products have grown to include not only
business-to-business and e-business applications, but large intranet and
multi-million user business-to-consumer deployments, as well. Broad market
acceptance of our products will depend on the development of a market for access
control and identity management, including usage of our products for software
business-to-consumer applications, and customer demand for the specific
functionality of our
18
products. Market acceptance for our products, and customer demand for the
services they provide, may not develop.
Our ability to develop the market for our products depends in part on our
ability to provide support services on a 24 hour per day, seven day per week
basis. Any damage or disruptions to our service centers, including the recently
opened service center in Malaysia, whether as a result of terrorism or some
other cause, could seriously impact our ability to provide the necessary service
to our customers and fulfill our service contracts.
There are currently 36 commercial deployments of our NIS. Broad market
acceptance of NIS and related services will depend on continued development of
the enterprise portal market, and consequent customer demand for the specific
functionality of NIS. If we fail in marketing our products and services, for
whatever reason, our business will be harmed.
OUR SUCCESS IS DEPENDENT ON OUR ABILITY TO ENHANCE OUR PRODUCT LINES AND DEVELOP
NEW PRODUCTS.
We believe our success is dependent, in large part, on our ability to
enhance and broaden our product lines to meet the evolving needs of both the
business-to-business intranet and business-to-consumer market. We may be unable
to respond effectively to technological changes or new industry standards or
developments. In the past, we have been forced to delay introduction of several
new product versions. In the future, we could be adversely affected if we incur
significant delays or are unsuccessful in enhancing our product lines or
developing new products, or if any of our enhancements or new products do not
gain market acceptance.
OUR PERFORMANCE DEPENDS ON OUR ABILITY TO OBTAIN FOLLOW-ON SALES.
Customers typically place small initial orders for a Netegrity product
installation to allow them to evaluate its performance. Our strategy is to
pursue more significant follow-on sales after these initial installations. Our
financial performance depends on successful initial deployments of our products
that, in turn, lead to follow-on sales. If the initial deployments of our
products are not successful, we may be unable to obtain follow-on sales.
WE FACE SIGNIFICANT COMPETITION FROM OTHER TECHNOLOGY COMPANIES AND WE MAY NOT
BE ABLE TO COMPETE EFFECTIVELY.
The market for access control, identity management and portal products and
services is highly competitive. We expect the level of competition to increase
as a result of the anticipated growth of e-business. Our primary competitors
include IBM, RSA/Securant, Entrust, Open Network Technology, Plumtree,
Epicentric, BEA, Oblix and many early-stage companies. In addition, a number of
other security and software companies have indicated that they offer products
which may compete with ours. We also face competition from web development
professional services organizations. We expect that additional competitors will
emerge in the future. Current and potential competitors have established, or may
in the future establish, cooperative relationships with third parties to
increase the availability of their products to the marketplace. It is possible
that new competitors or alliances may emerge and rapidly acquire significant
market share. Potential competitors may have significantly greater financial,
marketing, technical and other competitive resources than we have. If, in the
future, a competitor chooses to bundle a competing secure user management
product with other e-commerce applications, the demand for our products might be
substantially reduced. Because of these factors, many of which are out of our
control, we may be unable to maintain or enhance our competitive position
against current and future competitors.
REGULATIONS OR CONSUMER CONCERNS REGARDING THE USE OF "COOKIES" ON THE INTERNET
COULD REDUCE THE EFFECTIVENESS OF OUR SITEMINDER SOFTWARE PRODUCTS.
Our SiteMinder products use cookies to support their single sign-on
functionality. A cookie is information keyed to a specific user that is stored
on the hard drive of the user's computer, typically without the user's
knowledge. Cookies are generally removable by the user, and can be refused by
the user at the point at which the information would be stored on the user's
hard drive. A number of governmental bodies and commentators
19
in the United States and abroad have urged passage of laws limiting or
abolishing the use of cookies. The passage of laws limiting or abolishing the
use of cookies, or the widespread deletion or refusal of cookies by web site
users, could reduce or eliminate the effectiveness of SiteMinder's single
sign-on functionality and could reduce market demand for our SiteMinder
products.
WE MAY BE UNABLE TO HIRE AND RETAIN SKILLED PERSONNEL.
Qualified personnel are in great demand throughout the software industry.
Our success depends, in large part, upon our ability to attract, train, motivate
and retain highly skilled employees, particularly software engineers,
professional services personnel, sales and marketing personnel and other senior
personnel. Our failure to attract and retain the highly trained technical
personnel that are integral to our product development, professional services
and direct sales teams may limit the rate at which we can generate sales and
develop new products or product enhancements. This could have a material adverse
effect on our business, operating results and financial condition.
OUR SUCCESS DEPENDS ON OUR ABILITY TO DEVELOP OUR DIRECT SALES AND INDIRECT
DISTRIBUTION CHANNELS.
To increase our revenues, we must develop our direct sales channel and
increase the number of our indirect channel partners. There is intense
competition for sales personnel in our business, and we cannot be sure that we
will be successful in attracting, integrating, motivating and retaining sales
personnel. In addition, we must increase the number of strategic partnerships
and other third-party relationships with system integrators, vendors of
Internet-related systems and application software and resellers. Our existing,
or future, channel partners may choose to devote greater resources to marketing
and supporting the products of other companies or conflicts may develop among
our sales force and channel partners. If we fail to develop these relationships
or these relationships do not result in successful partnerships, our revenue
could suffer.
WE RELY ON THIRD PARTY TECHNOLOGY TO ENHANCE OUR PRODUCTS.
We incorporate into our products software licensed from third-party
software developers that enhance and enable the functionality of our product.
Third-party software may not continue to be available on commercially reasonable
terms or with acceptable levels of support, or at all. Failure to maintain those
license arrangements or defects and errors in those third-party products could
delay or impair our ability to develop and sell our products.
OUR FAILURE TO EXPAND OUR PROFESSIONAL SERVICES RESOURCES COULD LIMIT OUR
ABILITY TO INCREASE OUR PRODUCT SALES.
Our professional services organization and our system integrators provide
critical support to our customers' installation and deployment of our products.
If we fail to expand our professional services resources and/or adequately
develop our system integrator relationships, our ability to increase products
sales may be limited. In addition, if we cannot adequately support product
installations, our customers' use of our products may fail which could harm our
reputation and hurt our business.
OUR LENGTHY SALES CYCLE MAKES IT DIFFICULT TO PREDICT OUR QUARTERLY OPERATING
RESULTS.
We have a long sales cycle because we generally need to educate potential
customers regarding the use and benefits of our products. The length of our
sales cycle varies depending on the size and type of customer contemplating a
purchase and whether we have conducted business with a potential customer in the
past. In addition, these potential customers frequently need to obtain approvals
from multiple decision makers prior to making purchase decisions. Our long sales
cycle, which can range from several weeks to several months or more, makes it
difficult to predict the quarter in which sales will occur. Delays in sales
could cause significant variability in our revenues and operating results for
any particular period.
20
OUR FAILURE TO MANAGE OUR RAPID GROWTH EFFECTIVELY COULD HURT OUR BUSINESS.
Our failure to manage our rapid growth effectively could have a material
adverse effect on the quality of our products, our ability to retain key
personnel and our business, operating results and financial condition. We have
been experiencing a period of rapid growth that has been placing a significant
strain on all of our resources. From December 31, 2000 to December 31, 2001, we
increased the number of our employees from 292 to 486 (including 95 from our
acquisition of DataChannel on December 14, 2001). We may experience similar
growth in the future. To manage recent and future growth effectively we must
maintain and enhance our financial and accounting systems and controls,
integrate new personnel and manage expanded operations.
IF WE LOSE THE SERVICES OF BARRY BYCOFF OR ANY OTHER MEMBER OF OUR MANAGEMENT
TEAM, OUR BUSINESS COULD SUFFER.
Our future success depends, to a significant degree, on the skill,
experience and efforts of Barry Bycoff, our chief executive officer, and the
rest of our management team. The loss of any member of our management team or
the inability of our officers and key employees to work effectively as a team
could have a material adverse effect on our business, operating results and
financial condition.
AS WE CONTINUE TO EXPAND OUR INTERNATIONAL OPERATIONS, WE WILL FACE CONTINUED
RISKS TO OUR SUCCESS.
We intend to continue to expand our international operations in the future.
This expansion will require additional resources and management attention, and
will subject us to increased regulatory, economic and political risks. We have
very little experience in international markets and we cannot be sure that our
continued expansion into global markets will be successful. In addition, we will
face increased risks in conducting business internationally. These risks could
reduce demand for our products and services, increase the prices at which we can
sell our products and services, or otherwise have an adverse effect on our
operating results. Among the risks we believe are most likely to affect us are:
- longer decision making cycles;
- longer payment cycles and problems in collecting accounts receivable;
- adverse changes in trade and tax regulations, including restrictions on
the import and export of sensitive technologies, such as encryption
technologies, that we use or may wish to use in our software products;
- the absence or significant lack of legal protection for intellectual
property rights;
- difficulties in managing an organization spread over several countries,
including complications arising from cultural, language and time
differences that may lengthen sales and implementation cycles;
- currency risks, including fluctuations in exchange rates;
- political and economic instability;
- increased use of contractors on a global basis for both professional
services and development works, as business requirements dictate that may
result in increased cost of services and/or less direct control; and
- disruption caused by terrorist activities in various regions around the
world.
OUR SUCCESS DEPENDS ON OUR ABILITY TO PROTECT OUR PROPRIETARY RIGHTS.
Our success depends to a significant degree upon the protection of our
software and other proprietary technology. The unauthorized reproduction or
other misappropriation of our proprietary technology could enable third parties
to benefit from our technology without paying us for it. This could have a
material adverse effect on our business, operating results and financial
condition. We depend upon a combination of patent, trademark, trade secret and
copyright laws, license agreements and non-disclosure and other contractual
provisions to protect proprietary and distribution rights in our products. In
addition, we attempt to protect our proprietary information and the proprietary
information of our vendors and partners through confidentiality
21
and/or license agreements with our employees and others. Although we have taken
steps to protect our proprietary technology, they may be inadequate. Existing
trade secret, copyright and trademark laws offer only limited protection.
Moreover, the laws of other countries in which we market our products may afford
little or no effective protection of our intellectual property. If we resort to
legal proceedings to enforce our intellectual property rights, the proceedings
could be burdensome and expensive, even if we were to prevail.
CLAIMS BY OTHER COMPANIES THAT WE INFRINGE THEIR PROPRIETARY TECHNOLOGY COULD
HURT OUR FINANCIAL CONDITION.
If we discover that any of our products violated third-party proprietary
rights, there can be no assurance that we would be able to reengineer our
product or to obtain a license on commercially reasonable terms to continue
offering the product without substantial reengineering. We do not conduct
comprehensive patent searches to determine whether the technology used in our
products infringes patents held by third parties. In addition, product
development is inherently uncertain in a rapidly evolving technology environment
in which there may be numerous patent applications pending for similar
technologies, many of which are confidential when filed. Any claim of
infringement, even if invalid, could cause us to incur substantial costs
defending against the claim and could distract our management from our business.
Furthermore, a party making such a claim could secure a judgment that requires
us to pay substantial damages. A judgment could also include an injunction or
other court order that could prevent us from selling our products. Any of these
events could have a material adverse effect on our business, operating results
and financial condition.
OUR BUSINESS COULD BE ADVERSELY AFFECTED IF OUR PRODUCTS CONTAIN ERRORS.
Software products as complex as ours may contain undetected errors or
"bugs" that result in product failures. The occurrence of errors could result in
loss of, or delay in, revenues, loss of market share, failure to achieve market
acceptance, diversion of development resources, injury to our reputation, or
damage to our efforts to build brand awareness, any of which could have a
material adverse effect on our business, operating results and financial
condition.
WE COULD INCUR SUBSTANTIAL COSTS RESULTING FROM PRODUCT LIABILITY CLAIMS
RELATING TO OUR CUSTOMERS' USE OF OUR PRODUCTS.
Many of the e-commerce applications supported by our products are critical
to the operations of our customers' businesses. Any failure in a customer's web
site or application caused or allegedly caused by our products could result in a
claim for substantial damages against us, regardless of our responsibility for
the failure. Although we maintain general liability insurance, including
coverage for errors and omissions, we cannot be sure that our existing coverage
will continue to be available on reasonable terms or will be available in
amounts sufficient to cover one or more large claims, or that the insurer will
not disclaim coverage as to any future claim.
OUR ACQUISITION OF OTHER COMPANIES MAY INCREASE THE RISKS WE FACE.
On December 14, 2001, we acquired the capital stock of DataChannel, Inc., a
privately held Washington corporation. In the future, we may pursue other
acquisitions to obtain complementary products, services and technologies.
DataChannel and any other such acquisition may not produce the revenues,
earnings or business synergies that we anticipated, and an acquired product,
service or technology might not perform as we expected. In pursuing any
acquisition, our management could spend a significant amount of time and effort
in identifying and completing the acquisition. If we complete an acquisition, we
would probably have to devote a significant amount of management resources to
integrate the acquired business with our existing business. To pay for an
acquisition, we might use our stock or cash. Alternatively, we might borrow
money from a bank or other lender. If we use our stock, our stockholders would
experience dilution of their ownership interests. If we use cash or debt
financing, our financial liquidity will be reduced.
22
THE MARKET PRICE OF OUR COMMON STOCK HAS BEEN AND MAY CONTINUE TO BE VOLATILE.
Our stock price, like that of other technology companies, has been
extremely volatile. The announcement of new products, services, technological
innovations or distribution partners by us or our competitors, quarterly
variations in our operating results, changes in revenues or earnings estimates
by securities analysts and speculation in the press or investment community are
among the factors affecting our stock price.
The stock market in general and the market prices for Internet-related
companies in particular, have experienced extreme volatility that often has been
unrelated to the operating performance of these companies. These broad market
and industry fluctuations may adversely affect the market price of our common
stock, regardless of our operating performance. Recently, when the market price
of a stock has been volatile, holders of that stock have often instituted
securities class action litigation against the company that issued the stock. If
any of our stockholders brought a lawsuit against us, we could incur substantial
costs defending the lawsuit. The lawsuit could also divert the time and
attention of our management.
The events of September 11, 2001 and their aftermath have also caused
significant volatility in the stock markets. The continued threat of terrorism
in the United States and abroad, the resulting military action and heightened
security measures undertaken in response to that threat can be expected to cause
continued volatility in securities markets.
WE MAY LOSE MONEY ON FIXED-PRICE CONSULTING CONTRACTS.
In the future, an increased portion of our services revenues may be derived
from fixed-price contracts. We work with complex technologies in compressed time
frames and it can be difficult to judge the time and resources necessary to
complete a project. If we miscalculate the resources or time we need to complete
work under fixed-price contracts, our operating results could be materially
harmed. As of December 31, 2001, the Company had no fixed-price contracts.
CERTAIN PROVISIONS OF OUR CHARTER AND OF DELAWARE LAW MAKE A TAKEOVER OF OUR
COMPANY MORE DIFFICULT.
Our corporate documents and Delaware law contain provisions that might
enable our management to resist a takeover of our company. These provisions
might discourage, delay or prevent a change in the control of Netegrity or a
change in our management. These provisions could also discourage proxy contests
and make it more difficult for you and other stockholders to elect directors and
take other corporate actions. The existence of these provisions could limit the
price that investors might be willing to pay in the future for shares of our
common stock.
ITEM 2. PROPERTIES
The Company's headquarters consist of a leased office suite located at 52
Second Avenue in Waltham, Massachusetts. We occupy 50,345 square feet of space
under a lease expiring in March 2003. Our wholly-owned subsidiary, DataChannel,
is located in Bellevue, Washington, where we occupy 50,665 square feet of space
under three separate leases expiring in April 2004. In addition, we lease 4,127
square feet of space to house our new technical service center in Kuala Lumpur,
Malaysia, under a lease expiring in June 2004.
In order to support our field sales and consulting staff, we lease office
space domestically in Los Angeles and San Jose, California; Littleton, Colorado;
Atlanta, Georgia; Chicago, Illinois; Methuen, Massachusetts; New York, New York;
Reston, Virginia; and Kirkland, Washington. Internationally, we lease office
space in Sydney and Melbourne, Australia; Toronto, Canada; London and Marlow,
England; Helsinki, Finland; Paris, France; Frankfurt, Germany; Hong Kong; Milan,
Italy; Tokyo, Japan; Seoul, Korea; Oslo, Norway; Ngee Ann City, Singapore; and
Stockholm, Sweden.
ITEM 3. LEGAL PROCEEDINGS
From time to time, the Company is involved in litigation relating to claims
arising out of its operations in the normal course of business. The Company is
not presently a party to any legal proceedings, the adverse outcome of which, in
management's opinion, would have a material adverse effect on the Company's
results of operations or financial position.
23
ITEM 4. SUBMISSION OF MATTERS TO A VOTE OF SECURITY HOLDERS
No matters were submitted to a vote of security holders, whether through
the solicitation of proxies or otherwise, during the quarter ended December 31,
2001.
PART II
ITEM 5. MARKET FOR REGISTRANT'S COMMON EQUITY AND RELATED STOCKHOLDER MATTERS
Our common stock is traded on the NASDAQ National Market under the symbol
"NETE." As of December 31, 2001, there were 164 holders of record of our common
stock, some of whom are holders in nominee name for the benefit of different
shareholders. The following table sets forth, for the periods indicated, the
range of high and low closing prices per share of our common stock, as reported
on the NASDAQ National Market during each of the quarters indicated.
PRICE RANGE OF
COMMON STOCK
-----------------
HIGH LOW
------- -------
2000 FISCAL YEAR
First Quarter............................................. $62.000 $30.042
Second Quarter............................................ $50.209 $18.000
Third Quarter............................................. $72.500 $49.209
Fourth Quarter............................................ $79.375 $40.000
2001 FISCAL YEAR
First Quarter............................................. $64.125 $24.625
Second Quarter............................................ $45.030 $17.266
Third Quarter............................................. $32.880 $ 8.570
Fourth Quarter............................................ $20.790 $ 8.200
In September 2000, the Company effected a three-for-two stock split in the
form of a stock dividend. All share and per share data has been adjusted to
reflect the split.
In September 2001, the Company announced that its Board of Directors had
approved the repurchase of up to $20.0 million of its currently outstanding
common stock. The repurchase program is expected to continue until September
2002 unless extended or curtailed by the Board of Directors. The repurchases
will be made from time to time on the open market at prevailing market prices or
in privately negotiated transactions. Whether any such repurchases will be made,
and the number of shares repurchased, will depend upon the availability of
shares at acceptable prices. Repurchased shares will become authorized but
unissued shares and will be used for general corporate purposes, including the
issuance of shares in connection with the Company's employee stock option plans
and other purposes. As of December 31, 2001 no shares of the Company's common
stock had been repurchased.
In December 2001, the Company issued 2,499,968 shares of its common stock
in connection with the Company's acquisition of DataChannel, pursuant to a
merger whereby DataChannel became a wholly owned subsidiary of the Company. The
shares were issued to stockholders of DataChannel pursuant to an exemption from
registration under Regulation D of the Securities Act of 1933. The resale of the
shares was registered on a Registration Statement on Form S-3 filed with the
Securities and Exchange Commission on February 13, 2002.
We have not paid dividends on the Company's common stock and do not
anticipate paying such dividends in the foreseeable future. We currently intend
to retain future earnings, if any, to finance our operations and expand our
business. Any future determination to pay cash dividends will be at the
discretion of the Board of Directors and will be dependent upon our financial
condition, operating results, capital requirements and other factors the Board
of Directors deems relevant.
24
ITEM 6. SELECTED FINANCIAL DATA
The selected financial data set forth below should be read in conjunction
with our consolidated financial statements and related notes and "Management's
Discussion and Analysis of Financial Condition and Results of Operations"
appearing elsewhere herein.
YEARS ENDED DECEMBER 31,
------------------------------------------------
1997 1998 1999 2000 2001
------- ------- -------- ------- -------
(IN THOUSANDS, EXCEPT PER SHARE DATA)
STATEMENT OF OPERATIONS DATA:
Revenues:
Software licenses......................... $ 237 $ 1,483 $ 7,527 $37,688 $55,314
Services.................................. 12 468 2,211 12,693 27,634
Other..................................... 4,484 2,840 3,008 3,655 3,633
------- ------- -------- ------- -------
Total revenues......................... 4,733 4,791 12,746 54,036 86,581
Cost of revenues:
Cost of software licenses................. 47 203 631 2,549 2,084
Cost of services.......................... -- 110 1,227 7,415 13,548
Cost of other............................. 2,423 1,451 1,620 2,169 2,221
------- ------- -------- ------- -------
Total cost of revenues................. 2,470 1,764 3,478 12,133 17,853
------- ------- -------- ------- -------
Gross profit................................ 2,263 3,027 9,268 41,903 68,728
Selling, general and administrative
expenses.................................. 5,509 6,630 16,294 36,094 51,989
Research and development expenses........... 1,028 1,991 3,744 9,103 15,791
Acquired in-process research and
development............................... -- -- -- -- 3,000
Non-recurring expenses...................... -- -- -- -- 529
------- ------- -------- ------- -------
Loss from operations........................ (4,274) (5,594) (10,770) (3,294) (2,581)
Other income, net........................... 203 130 824 6,103 4,831
Share of loss from investment in Encotone,
Inc....................................... (132) -- -- -- --
Write off of investment in Encotone LTD..... (1,049) -- -- -- --
------- ------- -------- ------- -------
Income (loss) before provision for income
taxes..................................... (5,252) (5,464) (9,946) 2,809 2,250
Provision for income taxes.................. -- -- -- 75 607
------- ------- -------- ------- -------
Net income (loss)........................... (5,252) (5,464) (9,946) 2,734 1,643
Recognition of beneficial conversion feature
and accretion of preferred stock.......... -- 2,784 413 -- --
------- ------- -------- ------- -------
Net income (loss) attributable to common
stockholders.............................. $(5,252) $(8,248) $(10,359) $ 2,734 $ 1,643
======= ======= ======== ======= =======
Earnings per share:
Basic..................................... $ (0.38) $ (0.59) $ (0.59) $ 0.09 $ 0.05
Diluted................................... $ (0.38) $ (0.59) $ (0.59) $ 0.08 $ 0.05
======= ======= ======== ======= =======
Weighted average shares outstanding:
Basic..................................... 13,919 14,043 17,472 29,010 31,076
Diluted................................... 13,919 14,043 17,472 33,407 32,936
25
DECEMBER 31,
-------------------------------------------------
1997 1998 1999 2000 2001
------ ------- -------- -------- --------
(IN THOUSANDS)
BALANCE SHEET DATA:
Cash and cash equivalents.................. $2,134 $ 1,175 $102,879 $115,747 $ 26,332
Marketable securities...................... -- -- -- -- 82,734
Working capital............................ 9 47 104,435 112,330 92,485
Intangible assets, net..................... -- -- -- -- 68,108
Total assets............................... 4,849 4,225 110,970 138,379 206,179
Total stockholders' equity (deficit)....... 1,016 (3,492) 106,434 117,899 176,141
26
ITEM 7. MANAGEMENT'S DISCUSSION AND ANALYSIS OF FINANCIAL CONDITION AND RESULTS
OF OPERATION
The following discussion and analysis of our financial condition and
results of operations should be read in conjunction with "Selected Financial
Data" appearing in Item 6 of this report and our consolidated financial
statements and related notes appearing under Item 8 of this report. This
discussion and analysis contains forward-looking statements that involve risks
and uncertainties. Our actual results may differ materially from those
anticipated in these forward-looking statements, as described under
"Forward-Looking Statements and Industry Data" above Item 1 of this report.
OVERVIEW
Netegrity is a leading e-business infrastructure company. Our customers use
Netegrity products to securely manage e-business relationships. Our Secure
Relationship Management (SRM) platform enables companies to cost-effectively
provide their customers, partners and employees with the secure, interactive
access to applications and content required by their business relationships. Our
SRM solutions offer shared services that centrally manage access control, single
sign-on, user management, and portal services. These shared services address
three key challenges presented by our customers' drive to achieve improved
productivity and competitive advantage by moving business relationships online:
(1) the need to provide consistent, secure access to an increasing number of
business applications; (2) the requirement to efficiently manage the rapidly
expanding user constituencies requiring access; and (3) the need to present
dynamic, interactive and personalized views of those applications, regardless of
which application or system platform may ultimately host or contain the data or
content.
On December 14, 2001 (the Acquisition Date), the Company acquired, for
aggregate consideration of $70.2 million, all of the outstanding stock of
DataChannel, Inc., a Washington Corporation (DataChannel). On the Acquisition
Date, DataChannel, a leading provider of enterprise portal solutions, became a
wholly-owned subsidiary of the Company (the Acquisition). The aggregate
consideration included approximately $17.5 million in cash (including assumed
debt of $1.4 million), $3.0 million of acquisition costs paid subsequent to the
Acquisition Date and 2,499,968 shares of the Company's Common stock valued at
approximately $49.7 million.
The Acquisition was accounted for using the purchase method of accounting.
Accordingly, the excess of the purchase price over the fair value of the assumed
tangible net liabilities of approximately $71.3 million was allocated to
acquired technology, in-process research and development, and goodwill in the
amounts of approximately $11.0 million, $3.0 million and $57.3 million,
respectively. Results of operations of DataChannel from the Acquisition Date are
included in the Company's consolidated results of operations.
CRITICAL ACCOUNTING POLICIES AND SIGNIFICANT JUDGMENTS AND ESTIMATES
Netegrity's discussion and analysis of its financial condition and results
of operations are based on the Company's consolidated financial statements,
which have been prepared in accordance with accounting principles generally
accepted in the United States. The preparation of these financial statements
requires management to make estimates and assumptions that affect the reported
amounts of assets and liabilities and the disclosure of contingent assets and
liabilities at the date of the financial statements and the reported revenues
and expenses during the reporting periods. On an ongoing basis, management
evaluates its estimates and judgments, including those related to revenue
recognition, bad debts, intangible assets, and income taxes. Management bases
its estimates on historical experience and on various other factors that are
believed to be reasonable under the circumstances, the results of which form the
basis for making judgments about the carrying value of assets and liabilities
that are not readily apparent from other sources. Actual results may differ from
these estimates under different assumptions or conditions.
27
The significant accounting policies that management believes are most
critical to aid in fully understanding and evaluating our reported financial
results include the following:
REVENUE RECOGNITION
The Company's revenues are primarily generated from the sale of perpetual
licenses to its proprietary SiteMinder, DMS and NIS products and services. The
Company generates its services revenue from consulting and training services
performed for customers and from maintenance and support. As described below,
significant management judgments and estimates must be made and used in
connection with the revenue recognized in any accounting period. Material
differences may result in the amount and timing of our revenue for any period if
management made different judgments or utilized different estimates.
We license our software products on a perpetual basis. We apply the
provisions of Statement of Position No. 97-2, "Software Revenue Recognition," as
amended by Statement of Position No. 98-9, "Software Revenue Recognition, with
Respect to Certain Transactions," to all transactions involving the sale of
software products. We recognize revenue from the sale of software licenses when
persuasive evidence of an arrangement exists, the product has been delivered,
the fees are fixed or determinable and collection of the resulting receivable is
reasonably assured. The Company does not offer a right of return on its
products.
For all sales, we use either a binding purchase order or signed license
agreement as evidence of an arrangement. For arrangements with multiple
obligations (for example, product, undelivered maintenance and support, and
training and consulting), we allocate revenue to each component of the
arrangement using the residual value method based on the fair value of the
undelivered elements. We defer revenue from the arrangement equivalent to the
fair value of the undelivered elements. Fair values for the ongoing maintenance
and support obligations are based upon separate sales of renewals to other
customers. Fair value of services, such as training or consulting, is based upon
separate sales of these services to other customers.
At the time of the transaction, we assess whether the fee associated with
the transaction is fixed or determinable based on the payment terms associated
with the transaction. If a significant portion of the fee is due after our
normal payment terms, which are 30 to 90 days from invoice date, we account for
the fee as not being fixed or determinable. In these cases, we recognize revenue
as the fees become due. In addition, we assess whether collection is probable or
not based on the credit worthiness of the customer. Initial credit worthiness is
assessed through Dun & Bradstreet or similar credit rating agencies. Credit
worthiness for follow-on transactions is assessed through a review of the
transaction history with the customer. We do not request collateral from our
customers. If we determine that collection of a fee is not reasonably assured,
we defer the fee and recognize revenue at the time collection becomes reasonably
assured, which is generally upon receipt of cash.
Revenues for maintenance and support are recognized ratably over the term
of the support period. Revenues from consulting and training services are
recognized as the services are performed.
ACCOUNTS RECEIVABLE
Accounts receivable are reduced by an allowance for amounts that may become
uncollectible in the future. The estimated allowance for uncollectible amounts
is based primarily on a specific analysis of accounts in the receivable
portfolio and historical write-off experience. While management believes the
allowance to be adequate, if the financial condition of the Company's customers
were to deteriorate, resulting in impairment of their ability to make payments,
additional allowances may be required.
GOODWILL AND INTANGIBLES
Purchase accounting requires extensive use of accounting estimates and
judgments to allocate the purchase price to the fair market value of the assets
purchased and liabilities assumed. In our recording of the acquisition of
DataChannel on December 14, 2001, values were assigned to in process research
and development (IPRD) and intangible assets for acquired technology and
goodwill based on management's forecasts and projections that include
assumptions related to future revenues and cash flows generated from the
acquired assets.
28
The allocation of purchase price to IPRD of $3.0 million represented the
estimated fair value based on risk-adjusted cash flows related to the incomplete
research and development projects. At the Acquisition Date, the development of
these projects had not reached technological feasibility and the research and
development in progress had no alternative uses. Accordingly, these costs were
expensed in the statement of operations for the year ended December 31, 2001. At
the Acquisition Date, DataChannel was conducting testing activities associated
with the development of next-generation technologies that were expected to
address emerging market demands for Enterprise Information Portal solutions. The
technologies under development were approximately 50% complete based on project
duration and costs. DataChannel had spent approximately $1.8 million on the IPRD
projects and expected to spend another $1.9 million to complete these specific
research and development activities.
IPRD was identified and valued through extensive interviews, analysis of
data concerning developmental products, their stage of development, the time and
resources needed to complete them, and, if applicable, their expected income
generating ability, target markets and associated risks. The Income Approach,
which includes an analysis of the markets, cash flows and risks associated with
achieving such cash flows, was the primary technique utilized in valuing the
IPRD. The projected incremental cash flows were discounted back to their present
value using a discount rate of 32.5% determined after consideration of various
factors including the Company's cost of capital and the risk associated with the
various technologies.
The acquired existing technology, which is comprised of products that are
already technologically feasible, relates primarily to the technology
incorporated in earlier versions of the DataChannel Server product. The Company
is amortizing the acquired existing technology of approximately $11.0 million on
a straight-line basis over an estimated remaining useful life of three years.
Useful lives are based on management's estimates of the period that the asset
will generate revenue.
Intangible assets are tested for impairment whenever events or changes in
circumstances indicate that the carrying amount of an asset may not be
recoverable.
ACCOUNTING FOR INCOME TAXES
The preparation of our consolidated financial statements require us to
estimate our income taxes in each of the jurisdictions in which we operate,
including those outside the United States which may be subject to certain risks
that ordinarily would not be expected in the United States. The income tax
accounting process involves our estimating our actual current exposure together
with assessing temporary differences resulting from differing treatment of
items, such as deferred revenue, for tax and accounting purposes. These
differences result in the recognition of deferred tax assets and liabilities.
The Company must then record a valuation allowance to reduce its deferred tax
assets to the amount that is more likely than not to be realized.
Significant management judgment is required in determining our provision
for income taxes, our deferred tax assets and liabilities and any valuation
allowance recorded against deferred tax assets. The Company has recorded a
valuation allowance of $65.8 million as of December 31, 2001, due to
uncertainties related to our ability to utilize some of our deferred tax assets,
primarily consisting of certain net operating losses carried forward before they
expire. The valuation allowance is based on our estimates of taxable income by
jurisdiction in which we operate and the period over which our deferred tax
assets will be recoverable. In the event that actual results differ from these
estimates or we adjust these estimates in future periods we may need to adjust
our valuation allowance which could materially impact our financial position and
results of operations.
29
RESULTS OF OPERATIONS
The following table presents statement of operations data as percentages of
total revenues for the periods indicated:
YEARS ENDED
DECEMBER 31,
------------------
1999 2000 2001
---- ---- ----
STATEMENT OF OPERATIONS DATA:
Revenues:
Software licenses..................